ocsp.pki.goog/gts1c3
471 B IP
Hash 17d4dac18fa2e921b6142e9a6e7638e9
3e4d5337720590d6a2b8941baf90fa8dfd9d752b
f367bf987bcfb690ef53baf4cca8970b83fe522c820de2babb8cb3c943fa84c6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 24 Sep 2023 04:55:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
beritakampoeng.blogspot.com/2012/02?target=twitter/&m=1
200 OK 28 kB URL User Request GET HTTP/2 beritakampoeng.blogspot.com/2012/02?target=twitter/&m=1
IP
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (802)
Hash 3a1cd636117c84f21cd28a3424e942c5
73afca00007013f4ae84c33110f75aa27e2bb278
b92f4d7f08e199164ee91154834994b3530990ee4911dc12bc9d06860c8fb239
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /2012/02?target=twitter/&m=1 HTTP/1.1
Host: beritakampoeng.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
expires: Sun, 24 Sep 2023 04:55:25 GMT
date: Sun, 24 Sep 2023 04:55:25 GMT
cache-control: private, max-age=0
last-modified: Fri, 10 Dec 2021 00:33:30 GMT
etag: W/"f0575d23f51028a5d14fa29b19ebdfd0960e78cc50737c128f4c090ba0d80170"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 28032
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
471 B IP
Hash 17d4dac18fa2e921b6142e9a6e7638e9
3e4d5337720590d6a2b8941baf90fa8dfd9d752b
f367bf987bcfb690ef53baf4cca8970b83fe522c820de2babb8cb3c943fa84c6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 24 Sep 2023 04:55:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
471 B IP
Hash a5f5467555eddaec1c42dc5e77af601a
47c172dac1e914c8962b8ad8684ef16ad8742ce2
2e1982a8d405cc85b00953f293a893a61dc1d08977d3cef226054c33ba3c3f1a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 24 Sep 2023 04:55:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
beritakampoeng.blogspot.com/js/cookienotice.js
200 OK 2.0 kB URL GET HTTP/3 beritakampoeng.blogspot.com/js/cookienotice.js
IP
Requested by https://beritakampoeng.blogspot.com/2012/02?target=twitter/&m=1
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
Hash a705132a2174f88e196ec3610d68faa8
3bad57a48d973a678fec600d45933010f6edc659
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /js/cookienotice.js HTTP/1.1
Host: beritakampoeng.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://beritakampoeng.blogspot.com/2012/02?target=twitter/&m=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 2026
date: Sun, 24 Sep 2023 04:55:26 GMT
expires: Sun, 01 Oct 2023 04:55:26 GMT
cache-control: public, max-age=604800
last-modified: Sat, 23 Sep 2023 20:50:35 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.blogger.com/static/v1/widgets/1539816172-widget_css_mobile_2_bundle.css
200 OK 4.9 kB URL GET HTTP/2 www.blogger.com/static/v1/widgets/1539816172-widget_css_mobile_2_bundle.css
IP
Requested by https://beritakampoeng.blogspot.com/2012/02?target=twitter/&m=1
Certificate IssuerGoogle Trust Services LLC
Subject*.blogger.com
FingerprintCB:2E:4E:04:8F:48:B1:A1:1A:F4:F6:E1:8A:18:2F:F9:B5:A6:DD:60
ValidityMon, 04 Sep 2023 08:16:44 GMT - Mon, 27 Nov 2023 08:16:43 GMT
File type ASCII text, with very long lines (20429)
Hash 3530457ff5686a9eb40a5b14522ed0c7
c1f07552b1d3120ab83dcd6787ab8f43482268b9
fd47e1c7c5792d78bb2849ce121d3b574e2057042d5f803dfc593b7ff5d5763a
GET /static/v1/widgets/1539816172-widget_css_mobile_2_bundle.css HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://beritakampoeng.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 4934
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 18 Sep 2023 19:03:30 GMT
expires: Tue, 17 Sep 2024 19:03:30 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 18 Sep 2023 05:51:50 GMT
content-type: text/css
vary: Accept-Encoding
age: 467516
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
471 B IP
Hash a5f5467555eddaec1c42dc5e77af601a
47c172dac1e914c8962b8ad8684ef16ad8742ce2
2e1982a8d405cc85b00953f293a893a61dc1d08977d3cef226054c33ba3c3f1a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 24 Sep 2023 04:55:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
4.bp.blogspot.com/-h22reGCKroU/Tzwtvl8ASdI/AAAAAAAAARU/qHppooDiKxY/s280/ac-mila-+vs-arsenal-champions.jpg
200 OK 25 kB URL GET HTTP/2 4.bp.blogspot.com/-h22reGCKroU/Tzwtvl8ASdI/AAAAAAAAARU/qHppooDiKxY/s280/ac-mila-+vs-arsenal-champions.jpg
IP
Requested by https://beritakampoeng.blogspot.com/2012/02?target=twitter/&m=1
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 280x198, components 3\012- data
Hash 516e1f26df51a44b1b1d6eae68180d00
ffd6ea7e6a8932c4bce0da01c50e978327f17752
856acd69f3e9778661ad237b885664e283aa70865518464a3eca93e5bb8e338c
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-h22reGCKroU/Tzwtvl8ASdI/AAAAAAAAARU/qHppooDiKxY/s280/ac-mila-+vs-arsenal-champions.jpg HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://beritakampoeng.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v16f2"
expires: Mon, 25 Sep 2023 04:55:26 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="ac-mila- vs-arsenal-champions.jpg"
x-content-type-options: nosniff
date: Sun, 24 Sep 2023 04:55:26 GMT
server: fife
content-length: 24696
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
4.bp.blogspot.com/-QxQ2bGYxxgE/TzwuQj-wK6I/AAAAAAAAARc/HTnkZXQGRVI/s280/Zlatan+Ibrahimovic.jpg
200 OK 17 kB URL GET HTTP/2 4.bp.blogspot.com/-QxQ2bGYxxgE/TzwuQj-wK6I/AAAAAAAAARc/HTnkZXQGRVI/s280/Zlatan+Ibrahimovic.jpg
IP
Requested by https://beritakampoeng.blogspot.com/2012/02?target=twitter/&m=1
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 280x174, components 3\012- data
Hash def31671f8cd281cfb5efcb5d9312de7
f6d491976e21853dc10b67aab0afb426d5485d55
9d0b80567d57d026b5bf443dd787d09392c3353a65b96cfb396bbbea93392247
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-QxQ2bGYxxgE/TzwuQj-wK6I/AAAAAAAAARc/HTnkZXQGRVI/s280/Zlatan+Ibrahimovic.jpg HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://beritakampoeng.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v117"
expires: Mon, 25 Sep 2023 04:55:26 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Zlatan Ibrahimovic.jpg"
x-content-type-options: nosniff
date: Sun, 24 Sep 2023 04:55:26 GMT
server: fife
content-length: 17034
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
1.bp.blogspot.com/-ouLXb505BSk/TzEZPNkIMsI/AAAAAAAAAN8/qErsDyuZa3E/s280/Jembatan+Selat+Malaka.png
200 OK 117 kB URL GET HTTP/2 1.bp.blogspot.com/-ouLXb505BSk/TzEZPNkIMsI/AAAAAAAAAN8/qErsDyuZa3E/s280/Jembatan+Selat+Malaka.png
IP
Requested by https://beritakampoeng.blogspot.com/2012/02?target=twitter/&m=1
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type PNG image data, 280 x 199, 8-bit/color RGB, non-interlaced\012- data
Size 117 kB (116609 bytes)
Hash c8805042683d82bda4ecb2cd77b6dd46
f64d9f282b35647bae1b842e74d01e1ef7e92ad3
3fcf78f0f342374c263d319a501336cba4bdb65a33c0cd6807303051ef1f6f5e
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-ouLXb505BSk/TzEZPNkIMsI/AAAAAAAAAN8/qErsDyuZa3E/s280/Jembatan+Selat+Malaka.png HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://beritakampoeng.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/png
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v16f2"
expires: Mon, 25 Sep 2023 04:55:26 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Jembatan Selat Malaka.png"
x-content-type-options: nosniff
date: Sun, 24 Sep 2023 04:55:26 GMT
server: fife
content-length: 116609
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
1.bp.blogspot.com/-gTWg4olaw0g/TzwZZmUnw5I/AAAAAAAAARE/tJkWf0Iyft4/s280/Alessandro-del-piero.jpg
200 OK 20 kB URL GET HTTP/2 1.bp.blogspot.com/-gTWg4olaw0g/TzwZZmUnw5I/AAAAAAAAARE/tJkWf0Iyft4/s280/Alessandro-del-piero.jpg
IP
Requested by https://beritakampoeng.blogspot.com/2012/02?target=twitter/&m=1
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 280x210, components 3\012- data
Hash 776dbbbb95331f22d2f05e155fcc5b78
80555db8df465d7fc3c3026e364df94469613799
15c984bb2603730990e5ea3259b36cc95b9d7a2380c4271f2d33dfb891de5ab4
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-gTWg4olaw0g/TzwZZmUnw5I/AAAAAAAAARE/tJkWf0Iyft4/s280/Alessandro-del-piero.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://beritakampoeng.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v111"
expires: Mon, 25 Sep 2023 04:55:26 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Alessandro-del-piero.jpg"
x-content-type-options: nosniff
date: Sun, 24 Sep 2023 04:55:26 GMT
server: fife
content-length: 20331
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.blogger.com/static/v1/widgets/562952797-widgets.js
200 OK 160 kB URL GET HTTP/2 www.blogger.com/static/v1/widgets/562952797-widgets.js
IP
Requested by https://beritakampoeng.blogspot.com/2012/02?target=twitter/&m=1
Certificate IssuerGoogle Trust Services LLC
Subject*.blogger.com
FingerprintCB:2E:4E:04:8F:48:B1:A1:1A:F4:F6:E1:8A:18:2F:F9:B5:A6:DD:60
ValidityMon, 04 Sep 2023 08:16:44 GMT - Mon, 27 Nov 2023 08:16:43 GMT
File type ASCII text, with very long lines (2215)
Size 160 kB (160393 bytes)
Hash 0804e4c7fd72aea2ce34a04d9ec9686c
9f46bef1076230a1271d151a506fd1d91ae7df93
5ea4b0b19c5f030a3b42b570c07cbea89a7899f1d824a95b53ad2c4ca18a2b5c
GET /static/v1/widgets/562952797-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://beritakampoeng.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 160393
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 20 Sep 2023 02:21:50 GMT
expires: Thu, 19 Sep 2024 02:21:50 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 20 Sep 2023 00:55:53 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 354816
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
4.bp.blogspot.com/-RUeEutdfYF4/Tz4PMsmEHkI/AAAAAAAAAR8/3u8U3H5M_FY/s280/Gubri-yang-didampingi-Staff-Ahli-dan-Kadispora-meninjau-kesiapan-pembangunan-Main-Stadium-PON-XVIII-2012.jpg
200 OK 30 kB URL GET HTTP/2 4.bp.blogspot.com/-RUeEutdfYF4/Tz4PMsmEHkI/AAAAAAAAAR8/3u8U3H5M_FY/s280/Gubri-yang-didampingi-Staff-Ahli-dan-Kadispora-meninjau-kesiapan-pembangunan-Main-Stadium-PON-XVIII-2012.jpg
IP
Requested by https://beritakampoeng.blogspot.com/2012/02?target=twitter/&m=1
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, software=Google], baseline, precision 8, 280x186, components 3\012- data
Hash e288abe1381ea5aa89bfda786b8015db
8721f0d4034aca1959e4f0d4685fdfa511b36695
3fbe41026e467e00efe73c78fe0ec42f3ed5a9e597144dc452c990f638127433
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-RUeEutdfYF4/Tz4PMsmEHkI/AAAAAAAAAR8/3u8U3H5M_FY/s280/Gubri-yang-didampingi-Staff-Ahli-dan-Kadispora-meninjau-kesiapan-pembangunan-Main-Stadium-PON-XVIII-2012.jpg HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://beritakampoeng.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v11f"
expires: Mon, 25 Sep 2023 04:55:26 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Gubri-yang-didampingi-Staff-Ahli-dan-Kadispora-meninjau-kesiapan-pembangunan-Main-Stadium-PON-XVIII-2012.jpg"
x-content-type-options: nosniff
date: Sun, 24 Sep 2023 04:55:26 GMT
server: fife
content-length: 29723
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
471 B IP
Hash a5f5467555eddaec1c42dc5e77af601a
47c172dac1e914c8962b8ad8684ef16ad8742ce2
2e1982a8d405cc85b00953f293a893a61dc1d08977d3cef226054c33ba3c3f1a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 24 Sep 2023 04:55:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
4.bp.blogspot.com/-lCMmOTAXU_g/TzlHcDxS9PI/AAAAAAAAAQE/GUxLMynXEsU/s280/standard-chartered.jpg
200 OK 7.9 kB URL GET HTTP/2 4.bp.blogspot.com/-lCMmOTAXU_g/TzlHcDxS9PI/AAAAAAAAAQE/GUxLMynXEsU/s280/standard-chartered.jpg
IP
Requested by https://beritakampoeng.blogspot.com/2012/02?target=twitter/&m=1
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 280x210, components 3\012- data
Hash 51ee8b044aec3a782dd357c3cf22008b
eb468a21a2f9f019ba0bdafdba96335bccdc1bfd
d7707d7ca80544cff1d927bdf2d0bf52b8170bd795baadfcdcfd204f3d8e098a
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-lCMmOTAXU_g/TzlHcDxS9PI/AAAAAAAAAQE/GUxLMynXEsU/s280/standard-chartered.jpg HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://beritakampoeng.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v101"
expires: Mon, 25 Sep 2023 04:55:26 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="standard-chartered.jpg"
x-content-type-options: nosniff
date: Sun, 24 Sep 2023 04:55:26 GMT
server: fife
content-length: 7915
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
4.bp.blogspot.com/-ZPsgl6_OGdA/TznnsEp_rkI/AAAAAAAAAQU/1VXL_0Dr-Xg/s320/Galaxy-Tab-2-android-4.0.jpeg
200 OK 23 kB URL GET HTTP/2 4.bp.blogspot.com/-ZPsgl6_OGdA/TznnsEp_rkI/AAAAAAAAAQU/1VXL_0Dr-Xg/s320/Galaxy-Tab-2-android-4.0.jpeg
IP
Requested by https://beritakampoeng.blogspot.com/2012/02?target=twitter/&m=1
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 208x320, components 3\012- data
Hash 0e207cda20ad0c4c2efb04515f109feb
46d554712d161166bb88ffec8ed43d5badf6d903
6265afb7aa6937f80a582b11d80062773bc8855dd4edfb2a50e1d763fb04292e
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-ZPsgl6_OGdA/TznnsEp_rkI/AAAAAAAAAQU/1VXL_0Dr-Xg/s320/Galaxy-Tab-2-android-4.0.jpeg HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://beritakampoeng.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v105"
expires: Mon, 25 Sep 2023 04:55:26 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Galaxy-Tab-2-android-4.0.jpeg"
x-content-type-options: nosniff
date: Sun, 24 Sep 2023 04:55:26 GMT
server: fife
content-length: 22556
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
4.bp.blogspot.com/-5KWVaiZ8xQY/TzwZd6XpMII/AAAAAAAAARM/dIWG2M-E2JE/s280/Tommaso-Ghirardi.jpg
200 OK 18 kB URL GET HTTP/2 4.bp.blogspot.com/-5KWVaiZ8xQY/TzwZd6XpMII/AAAAAAAAARM/dIWG2M-E2JE/s280/Tommaso-Ghirardi.jpg
IP
Requested by https://beritakampoeng.blogspot.com/2012/02?target=twitter/&m=1
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 280x185, components 3\012- data
Hash 0ff9bd5343163fb7c2d4e14a03d0394c
b474b0b94b48c41244eb696932e3f80517d03a16
218937f3dec07352daecb4db53d379d7103ebbd8c24a467c1cd30ac82261f542
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-5KWVaiZ8xQY/TzwZd6XpMII/AAAAAAAAARM/dIWG2M-E2JE/s280/Tommaso-Ghirardi.jpg HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://beritakampoeng.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v113"
expires: Mon, 25 Sep 2023 04:55:26 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Tommaso-Ghirardi.jpg"
x-content-type-options: nosniff
date: Sun, 24 Sep 2023 04:55:26 GMT
server: fife
content-length: 18484
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
1.bp.blogspot.com/-RMzy_2uEXu8/TzoiSuIbElI/AAAAAAAAAQc/oJBnh00kPvU/s200/CN-235-militer-PT-DI.jpg
200 OK 8.2 kB URL GET HTTP/2 1.bp.blogspot.com/-RMzy_2uEXu8/TzoiSuIbElI/AAAAAAAAAQc/oJBnh00kPvU/s200/CN-235-militer-PT-DI.jpg
IP
Requested by https://beritakampoeng.blogspot.com/2012/02?target=twitter/&m=1
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 200x89, components 3\012- data
Hash 0f36b0286caafeca77d71832f7db68dd
c5c867ce0a943bad299a00dcb9210249017b9ff6
0bb70aa76277ecddac40e24167b02039b70e6c37393b2c07323e960f5cd15ee1
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-RMzy_2uEXu8/TzoiSuIbElI/AAAAAAAAAQc/oJBnh00kPvU/s200/CN-235-militer-PT-DI.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://beritakampoeng.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v107"
expires: Mon, 25 Sep 2023 04:55:26 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="CN-235-militer-PT-DI.jpg"
x-content-type-options: nosniff
date: Sun, 24 Sep 2023 04:55:26 GMT
server: fife
content-length: 8205
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
4.bp.blogspot.com/-iK5p2NvPFzc/TzYAfDdiA-I/AAAAAAAAAPg/-W7RRGdBej0/s280/Foto-bugil-Zumi-Zola-dan-Peny-Fernita.jpg
200 OK 15 kB URL GET HTTP/2 4.bp.blogspot.com/-iK5p2NvPFzc/TzYAfDdiA-I/AAAAAAAAAPg/-W7RRGdBej0/s280/Foto-bugil-Zumi-Zola-dan-Peny-Fernita.jpg
IP
Requested by https://beritakampoeng.blogspot.com/2012/02?target=twitter/&m=1
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 280x143, components 3\012- data
Hash df3c8bf58ee8ba43c952c40b0b69fa2b
e5b06ac8fd2e1f92505140069914592c1acacdf0
f30b3d5eae5b264e53b149b20a008cc69fd89ca731f99ea3eed8318b0041e536
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-iK5p2NvPFzc/TzYAfDdiA-I/AAAAAAAAAPg/-W7RRGdBej0/s280/Foto-bugil-Zumi-Zola-dan-Peny-Fernita.jpg HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://beritakampoeng.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "vf8"
expires: Mon, 25 Sep 2023 04:55:26 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Foto-bugil-Zumi-Zola-dan-Peny-Fernita.jpg"
x-content-type-options: nosniff
date: Sun, 24 Sep 2023 04:55:26 GMT
server: fife
content-length: 15309
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
1.bp.blogspot.com/-_kxwzbunZEY/TzItj6EYZRI/AAAAAAAAAOk/xsUpsW6G4EU/s280/Barcelona+vs+Valencia.jpg
200 OK 22 kB URL GET HTTP/2 1.bp.blogspot.com/-_kxwzbunZEY/TzItj6EYZRI/AAAAAAAAAOk/xsUpsW6G4EU/s280/Barcelona+vs+Valencia.jpg
IP
Requested by https://beritakampoeng.blogspot.com/2012/02?target=twitter/&m=1
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 280x146, components 3\012- data
Hash 0da6a3a9143653cb3047a379559219d4
61415d3e97eff4fd69d92c6b5934c652c6009a81
9e30ee8466a6697ddd6f159d813800949ae176ff826e72870b865bf893684657
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-_kxwzbunZEY/TzItj6EYZRI/AAAAAAAAAOk/xsUpsW6G4EU/s280/Barcelona+vs+Valencia.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://beritakampoeng.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v16f2"
expires: Mon, 25 Sep 2023 04:55:26 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Barcelona vs Valencia.jpg"
x-content-type-options: nosniff
date: Sun, 24 Sep 2023 04:55:26 GMT
server: fife
content-length: 21740
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
1.bp.blogspot.com/-bNMMKR6P25I/TzojQgeSSeI/AAAAAAAAAQk/FE3JQvYuqfk/s1600/Boeing-737-800.jpg
200 OK 8.9 kB URL GET HTTP/2 1.bp.blogspot.com/-bNMMKR6P25I/TzojQgeSSeI/AAAAAAAAAQk/FE3JQvYuqfk/s1600/Boeing-737-800.jpg
IP
Requested by https://beritakampoeng.blogspot.com/2012/02?target=twitter/&m=1
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Google], baseline, precision 8, 285x177, components 3\012- data
Hash eb864eb2c6cdf453fd386a47a501e43e
ebbcb59b71e5ed2df99dfb68e980d9f0eb0b9a2e
2d3621700ea94e25de851e3572249ca2b828fabcce9b1a55e5ded1d958546468
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-bNMMKR6P25I/TzojQgeSSeI/AAAAAAAAAQk/FE3JQvYuqfk/s1600/Boeing-737-800.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://beritakampoeng.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v1625"
expires: Mon, 25 Sep 2023 04:55:26 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Boeing-737-800.jpg"
x-content-type-options: nosniff
date: Sun, 24 Sep 2023 04:55:26 GMT
server: fife
content-length: 8863
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
3.bp.blogspot.com/-2UuJFIRPGQY/Tz4PQGMk4yI/AAAAAAAAASE/N2xgxyaPuOs/s200/Stadion-Utama-Riau-Riau-Main-Stadium.jpg
200 OK 9.2 kB URL GET HTTP/2 3.bp.blogspot.com/-2UuJFIRPGQY/Tz4PQGMk4yI/AAAAAAAAASE/N2xgxyaPuOs/s200/Stadion-Utama-Riau-Riau-Main-Stadium.jpg
IP
Requested by https://beritakampoeng.blogspot.com/2012/02?target=twitter/&m=1
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Google, copyright= ], baseline, precision 8, 200x133, components 3\012- data
Hash 7abe3a1c0ea86e235e69837d3aa7c1ed
90de59f07f35a1ada96e8d448d243a29bc81e8d5
a2fb72b2c72b5bb158a9f2ac82e0d3c038d0e3f937316363463ef47830d8d8ec
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-2UuJFIRPGQY/Tz4PQGMk4yI/AAAAAAAAASE/N2xgxyaPuOs/s200/Stadion-Utama-Riau-Riau-Main-Stadium.jpg HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://beritakampoeng.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v121"
expires: Mon, 25 Sep 2023 04:55:26 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Stadion-Utama-Riau-Riau-Main-Stadium.jpg"
x-content-type-options: nosniff
date: Sun, 24 Sep 2023 04:55:26 GMT
server: fife
content-length: 9188
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
3.bp.blogspot.com/-4L54MELVXXc/TzTUgfZQ-YI/AAAAAAAAAPI/n54hDVBWgIo/s1600/Galau.jpg
200 OK 8.0 kB URL GET HTTP/2 3.bp.blogspot.com/-4L54MELVXXc/TzTUgfZQ-YI/AAAAAAAAAPI/n54hDVBWgIo/s1600/Galau.jpg
IP
Requested by https://beritakampoeng.blogspot.com/2012/02?target=twitter/&m=1
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Google], baseline, precision 8, 200x200, components 3\012- data
Hash c0a79e32d30489b2b8b42781cfab2f35
ff5d48c424d61b0533604608a7edab531cae4fea
ec0e8a227f65bc534e59dc1348955f647304d34a5493220f358024145e4a81ad
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-4L54MELVXXc/TzTUgfZQ-YI/AAAAAAAAAPI/n54hDVBWgIo/s1600/Galau.jpg HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://beritakampoeng.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "vf2"
expires: Mon, 25 Sep 2023 04:55:26 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Galau.jpg"
x-content-type-options: nosniff
date: Sun, 24 Sep 2023 04:55:26 GMT
server: fife
content-length: 8004
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
3.bp.blogspot.com/-03_bE246o58/T0CR4MATI8I/AAAAAAAAASo/SGcVPVTrbdo/s280/Perbedaan-mata-normal-dan-katarak.jpg
200 OK 12 kB URL GET HTTP/2 3.bp.blogspot.com/-03_bE246o58/T0CR4MATI8I/AAAAAAAAASo/SGcVPVTrbdo/s280/Perbedaan-mata-normal-dan-katarak.jpg
IP
Requested by https://beritakampoeng.blogspot.com/2012/02?target=twitter/&m=1
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 280x141, components 3\012- data
Hash bf750e47c3e959968a2187c6a872b574
c65bc091bc3ea6c5df9c2584d47b7653c8c555b2
5650e7119a0a715aaa52a7ca49fe0306ff90d1570abba1392dce05004702e5bd
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-03_bE246o58/T0CR4MATI8I/AAAAAAAAASo/SGcVPVTrbdo/s280/Perbedaan-mata-normal-dan-katarak.jpg HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://beritakampoeng.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v12a"
expires: Mon, 25 Sep 2023 04:55:26 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Perbedaan-mata-normal-dan-katarak.jpg"
x-content-type-options: nosniff
date: Sun, 24 Sep 2023 04:55:26 GMT
server: fife
content-length: 11951
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
2.bp.blogspot.com/-C1Ssy77xMEc/TzILtw5lrvI/AAAAAAAAAOc/X6BD7kzZIok/s1600/The-Avengers.jpg
200 OK 12 kB URL GET HTTP/2 2.bp.blogspot.com/-C1Ssy77xMEc/TzILtw5lrvI/AAAAAAAAAOc/X6BD7kzZIok/s1600/The-Avengers.jpg
IP
Requested by https://beritakampoeng.blogspot.com/2012/02?target=twitter/&m=1
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Google], baseline, precision 8, 187x270, components 3\012- data
Hash 9ec7dbe04189992040475f13e44767da
0dc0bcf9ebea2196b5bf76c1cdf312315ff5733e
37bce622160db71ed6ddb17ad4ac63f31cd31836cdb8efbd841829163f7a0cc0
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-C1Ssy77xMEc/TzILtw5lrvI/AAAAAAAAAOc/X6BD7kzZIok/s1600/The-Avengers.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://beritakampoeng.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "ve7"
expires: Mon, 25 Sep 2023 04:55:26 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="The-Avengers.jpg"
x-content-type-options: nosniff
date: Sun, 24 Sep 2023 04:55:26 GMT
server: fife
content-length: 12054
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
4.bp.blogspot.com/-GVmHKQT-Nyk/TzoqtUnkDPI/AAAAAAAAAQs/0bgZxWnAtR4/s280/beli-coklat-hadiah-kondom.jpg
200 OK 30 kB URL GET HTTP/2 4.bp.blogspot.com/-GVmHKQT-Nyk/TzoqtUnkDPI/AAAAAAAAAQs/0bgZxWnAtR4/s280/beli-coklat-hadiah-kondom.jpg
IP
Requested by https://beritakampoeng.blogspot.com/2012/02?target=twitter/&m=1
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 280x210, components 3\012- data
Hash b1ecdfec21b68eae675861809b978111
bbfd4a361a0884ef276a4423e47a4811e794116c
c37669d8e95d46689c9600012e0ea8bea2e89c7e76add74c7bce2edf4ade7f84
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-GVmHKQT-Nyk/TzoqtUnkDPI/AAAAAAAAAQs/0bgZxWnAtR4/s280/beli-coklat-hadiah-kondom.jpg HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://beritakampoeng.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v10b"
expires: Mon, 25 Sep 2023 04:55:26 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="beli-coklat-hadiah-kondom.jpg"
x-content-type-options: nosniff
date: Sun, 24 Sep 2023 04:55:26 GMT
server: fife
content-length: 30267
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
1.bp.blogspot.com/-yT52uaiZ_EY/TzTlVF0nBqI/AAAAAAAAAPQ/zxsvqTheqsE/s1600/Pon-XVIII-Riau-2012.jpg
200 OK 20 kB URL GET HTTP/2 1.bp.blogspot.com/-yT52uaiZ_EY/TzTlVF0nBqI/AAAAAAAAAPQ/zxsvqTheqsE/s1600/Pon-XVIII-Riau-2012.jpg
IP
Requested by https://beritakampoeng.blogspot.com/2012/02?target=twitter/&m=1
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=4, orientation=upper-left, software=Google], baseline, precision 8, 300x250, components 3\012- data
Hash 27516f50b92b1577d87d36bce158b4cd
ae495296a3d618b843ffc54af202c91de2bb1e90
ff04a0194fc41696103c40593ea39fb1fb70fe7e45308da687b3007322bdb23a
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-yT52uaiZ_EY/TzTlVF0nBqI/AAAAAAAAAPQ/zxsvqTheqsE/s1600/Pon-XVIII-Riau-2012.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://beritakampoeng.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "vf4"
expires: Mon, 25 Sep 2023 04:55:26 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Pon-XVIII-Riau-2012.jpg"
x-content-type-options: nosniff
date: Sun, 24 Sep 2023 04:55:26 GMT
server: fife
content-length: 19552
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
1.bp.blogspot.com/-mQMm2zDn6-Y/Tzbf6XiIfNI/AAAAAAAAAP8/svE5EHAosl8/s280/Osasuna-vs-Barcelona.jpg
200 OK 21 kB URL GET HTTP/2 1.bp.blogspot.com/-mQMm2zDn6-Y/Tzbf6XiIfNI/AAAAAAAAAP8/svE5EHAosl8/s280/Osasuna-vs-Barcelona.jpg
IP
Requested by https://beritakampoeng.blogspot.com/2012/02?target=twitter/&m=1
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 280x140, components 3\012- data
Hash 3ff55593844f755a75e1dc0b5d2cf1de
58ac0364f217b7647a056f6ccb7437b0d7c90968
05a0b4f457b05b4aed1f4832eca0af5822e3501dd427e2ce47fefee0351a8de2
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-mQMm2zDn6-Y/Tzbf6XiIfNI/AAAAAAAAAP8/svE5EHAosl8/s280/Osasuna-vs-Barcelona.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://beritakampoeng.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "vff"
expires: Mon, 25 Sep 2023 04:55:26 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Osasuna-vs-Barcelona.jpg"
x-content-type-options: nosniff
date: Sun, 24 Sep 2023 04:55:26 GMT
server: fife
content-length: 21204
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
2.bp.blogspot.com/-UCpCbpFdybs/TzZQ-bxWwPI/AAAAAAAAAP0/u5vT9bTTs88/s1600/jembatan-siak-3-pekanbaru.jpg
200 OK 72 kB URL GET HTTP/2 2.bp.blogspot.com/-UCpCbpFdybs/TzZQ-bxWwPI/AAAAAAAAAP0/u5vT9bTTs88/s1600/jembatan-siak-3-pekanbaru.jpg
IP
Requested by https://beritakampoeng.blogspot.com/2012/02?target=twitter/&m=1
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=4, orientation=upper-left, software=Google], baseline, precision 8, 601x240, components 3\012- data
Hash 90507200ed1d6288db100038202b0299
660f52791ff076dc145c78a5cbb4817396e25f96
4e7535b87a2d66d15c1f32a165ab5d61d9956f0fe5efc2c4d707358c70ec3972
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-UCpCbpFdybs/TzZQ-bxWwPI/AAAAAAAAAP0/u5vT9bTTs88/s1600/jembatan-siak-3-pekanbaru.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://beritakampoeng.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "vfd"
expires: Mon, 25 Sep 2023 04:55:26 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="jembatan-siak-3-pekanbaru.jpg"
x-content-type-options: nosniff
date: Sun, 24 Sep 2023 04:55:26 GMT
server: fife
content-length: 72512
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
1.bp.blogspot.com/-IyAvL0yILAM/Tz4PnyySy_I/AAAAAAAAASc/TJId7gaEHUU/s280/tribun-utama-dengan-tulisan-Stadion-Utama-Riau.jpg
200 OK 23 kB URL GET HTTP/2 1.bp.blogspot.com/-IyAvL0yILAM/Tz4PnyySy_I/AAAAAAAAASc/TJId7gaEHUU/s280/tribun-utama-dengan-tulisan-Stadion-Utama-Riau.jpg
IP
Requested by https://beritakampoeng.blogspot.com/2012/02?target=twitter/&m=1
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Google, copyright= ], baseline, precision 8, 280x186, components 3\012- data
Hash 43ef6478d9795059ddf682629f930f51
4927b88f37be6219d4b1e383f9538a8cac77f137
cd46089b0550ae540aeec80a8c0622efaabb35772ee43fed7f53577dec77d504
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-IyAvL0yILAM/Tz4PnyySy_I/AAAAAAAAASc/TJId7gaEHUU/s280/tribun-utama-dengan-tulisan-Stadion-Utama-Riau.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://beritakampoeng.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v127"
expires: Mon, 25 Sep 2023 04:55:26 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="tribun-utama-dengan-tulisan-Stadion-Utama-Riau.jpg"
x-content-type-options: nosniff
date: Sun, 24 Sep 2023 04:55:26 GMT
server: fife
content-length: 22874
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
2.bp.blogspot.com/-0eLBO5ab3i4/Tz4PbqrIsII/AAAAAAAAASU/z1PzJL35h7Q/s280/tribun-penonton-Stadion-Utama-Riau-dengan-motif-melayu.jpg
200 OK 25 kB URL GET HTTP/2 2.bp.blogspot.com/-0eLBO5ab3i4/Tz4PbqrIsII/AAAAAAAAASU/z1PzJL35h7Q/s280/tribun-penonton-Stadion-Utama-Riau-dengan-motif-melayu.jpg
IP
Requested by https://beritakampoeng.blogspot.com/2012/02?target=twitter/&m=1
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Google, copyright= ], baseline, precision 8, 280x186, components 3\012- data
Hash 1dc27394370620f7a02114866304c363
85a6fb11775367c5d871d917fedafa614189e396
abbf5ae9f0aecea89305b9c97e35b3c44367f6f5f9abd9c714f11ea6798041e3
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-0eLBO5ab3i4/Tz4PbqrIsII/AAAAAAAAASU/z1PzJL35h7Q/s280/tribun-penonton-Stadion-Utama-Riau-dengan-motif-melayu.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://beritakampoeng.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v125"
expires: Mon, 25 Sep 2023 04:55:26 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="tribun-penonton-Stadion-Utama-Riau-dengan-motif-melayu.jpg"
x-content-type-options: nosniff
date: Sun, 24 Sep 2023 04:55:26 GMT
server: fife
content-length: 24553
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
3.bp.blogspot.com/-m3dTcR8Lfa0/T03zxQSkrqI/AAAAAAAAASw/eHw85C0ui1M/s280/iPad3.jpg
200 OK 17 kB URL GET HTTP/2 3.bp.blogspot.com/-m3dTcR8Lfa0/T03zxQSkrqI/AAAAAAAAASw/eHw85C0ui1M/s280/iPad3.jpg
IP
Requested by https://beritakampoeng.blogspot.com/2012/02?target=twitter/&m=1
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 280x234, components 3\012- data
Hash b0535400d426af8f3542659def8df862
231b49b9a65978b0f58e0a2704c2f974b4820a7c
f3de1abef99d099c41e4eb8ade85f767c5f7688cf3ae2f3df858d162c129234b
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-m3dTcR8Lfa0/T03zxQSkrqI/AAAAAAAAASw/eHw85C0ui1M/s280/iPad3.jpg HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://beritakampoeng.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v12c"
expires: Mon, 25 Sep 2023 04:55:26 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="iPad3.jpg"
x-content-type-options: nosniff
date: Sun, 24 Sep 2023 04:55:26 GMT
server: fife
content-length: 16878
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
4.bp.blogspot.com/-Rb4kvWdmJlQ/Tz4PCJr8tMI/AAAAAAAAAR0/m7CKmfuCa6A/s200/Digital-Score-Board-papan-score-Stadion-Utama-Riau-terbaik-di-Indonesia.jpg
200 OK 17 kB URL GET HTTP/2 4.bp.blogspot.com/-Rb4kvWdmJlQ/Tz4PCJr8tMI/AAAAAAAAAR0/m7CKmfuCa6A/s200/Digital-Score-Board-papan-score-Stadion-Utama-Riau-terbaik-di-Indonesia.jpg
IP
Requested by https://beritakampoeng.blogspot.com/2012/02?target=twitter/&m=1
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Google, copyright= ], baseline, precision 8, 200x133, components 3\012- data
Hash b0a060c1d657e9d23314edc62c1de80b
207bcc8b4b4413f8f6ca955cffe5ec93dc7b2e2c
9e089d92a52f5f2fecbbde999d79e8b330c13b759c658f4f0a22123da0aa022f
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-Rb4kvWdmJlQ/Tz4PCJr8tMI/AAAAAAAAAR0/m7CKmfuCa6A/s200/Digital-Score-Board-papan-score-Stadion-Utama-Riau-terbaik-di-Indonesia.jpg HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://beritakampoeng.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v11d"
expires: Mon, 25 Sep 2023 04:55:26 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Digital-Score-Board-papan-score-Stadion-Utama-Riau-terbaik-di-Indonesia.jpg"
x-content-type-options: nosniff
date: Sun, 24 Sep 2023 04:55:26 GMT
server: fife
content-length: 17232
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
4.bp.blogspot.com/-43UvREW2MPo/TzNH1d8l_JI/AAAAAAAAAOw/vvWSl1vfY9w/s280/fabio-capello-pelatih-inggris.jpg
200 OK 13 kB URL GET HTTP/2 4.bp.blogspot.com/-43UvREW2MPo/TzNH1d8l_JI/AAAAAAAAAOw/vvWSl1vfY9w/s280/fabio-capello-pelatih-inggris.jpg
IP
Requested by https://beritakampoeng.blogspot.com/2012/02?target=twitter/&m=1
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 280x197, components 3\012- data
Hash 4e09668f499557d8b2377d8f3f04909c
553348d16c8125279abc91787668fcb2cc63884d
15f73bda67b4c89473a1cd2fc0eaa1d463372dbb9306d90276f7ea4080e6e5e8
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-43UvREW2MPo/TzNH1d8l_JI/AAAAAAAAAOw/vvWSl1vfY9w/s280/fabio-capello-pelatih-inggris.jpg HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://beritakampoeng.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "vec"
expires: Mon, 25 Sep 2023 04:55:26 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="fabio-capello-pelatih-inggris.jpg"
x-content-type-options: nosniff
date: Sun, 24 Sep 2023 04:55:26 GMT
server: fife
content-length: 13370
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
2.bp.blogspot.com/-Af9qgY0pZiU/TzrdJhE8ibI/AAAAAAAAAQ8/E8867RzV88g/s1600/film-Safe-2012.jpg
200 OK 32 kB URL GET HTTP/2 2.bp.blogspot.com/-Af9qgY0pZiU/TzrdJhE8ibI/AAAAAAAAAQ8/E8867RzV88g/s1600/film-Safe-2012.jpg
IP
Requested by https://beritakampoeng.blogspot.com/2012/02?target=twitter/&m=1
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=4, orientation=upper-left, software=Google], baseline, precision 8, 197x276, components 3\012- data
Hash 7a4206b1353aebda600da643799fceef
d6581465c588b2a8ca2c3428fa53936f6136ad9f
59dca4bed3460a8742eee306421e7a1ea989276a4c5d8b8692c857da47b39f66
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-Af9qgY0pZiU/TzrdJhE8ibI/AAAAAAAAAQ8/E8867RzV88g/s1600/film-Safe-2012.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://beritakampoeng.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v10f"
expires: Mon, 25 Sep 2023 04:55:26 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="film-Safe-2012.jpg"
x-content-type-options: nosniff
date: Sun, 24 Sep 2023 04:55:26 GMT
server: fife
content-length: 31684
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
2.bp.blogspot.com/-vkDRD0xyQ4k/TzF3KUpNBHI/AAAAAAAAAOU/Qodi6WlO56Y/s280/Foto-bugil-Zumi-Zola-dan-Peny-Fernita.jpg
200 OK 15 kB URL GET HTTP/2 2.bp.blogspot.com/-vkDRD0xyQ4k/TzF3KUpNBHI/AAAAAAAAAOU/Qodi6WlO56Y/s280/Foto-bugil-Zumi-Zola-dan-Peny-Fernita.jpg
IP
Requested by https://beritakampoeng.blogspot.com/2012/02?target=twitter/&m=1
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 280x143, components 3\012- data
Hash df3c8bf58ee8ba43c952c40b0b69fa2b
e5b06ac8fd2e1f92505140069914592c1acacdf0
f30b3d5eae5b264e53b149b20a008cc69fd89ca731f99ea3eed8318b0041e536
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-vkDRD0xyQ4k/TzF3KUpNBHI/AAAAAAAAAOU/Qodi6WlO56Y/s280/Foto-bugil-Zumi-Zola-dan-Peny-Fernita.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://beritakampoeng.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "ve5"
expires: Mon, 25 Sep 2023 04:55:26 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Foto-bugil-Zumi-Zola-dan-Peny-Fernita.jpg"
x-content-type-options: nosniff
date: Sun, 24 Sep 2023 04:55:26 GMT
server: fife
content-length: 15309
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
1.bp.blogspot.com/-0_PV8OXiyjc/TzYAcIAsxaI/AAAAAAAAAPY/JSjd_1LoO0U/s280/Arist-Merdeka-Sirait-Ketua-Komnas-Perlindungan-Anak.jpg
200 OK 15 kB URL GET HTTP/2 1.bp.blogspot.com/-0_PV8OXiyjc/TzYAcIAsxaI/AAAAAAAAAPY/JSjd_1LoO0U/s280/Arist-Merdeka-Sirait-Ketua-Komnas-Perlindungan-Anak.jpg
IP
Requested by https://beritakampoeng.blogspot.com/2012/02?target=twitter/&m=1
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, software=Google], baseline, precision 8, 280x168, components 3\012- data
Hash bd57efd2c645157f9934bc286ac56e42
9c38fdaaa6f54d79497631a4307b28df6742db0c
918a31aca9377839d20c27cd8c1c208cde3a10b95dd3ed5c36f7c9e5e7b68959
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-0_PV8OXiyjc/TzYAcIAsxaI/AAAAAAAAAPY/JSjd_1LoO0U/s280/Arist-Merdeka-Sirait-Ketua-Komnas-Perlindungan-Anak.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://beritakampoeng.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "vf6"
expires: Mon, 25 Sep 2023 04:55:26 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Arist-Merdeka-Sirait-Ketua-Komnas-Perlindungan-Anak.jpg"
x-content-type-options: nosniff
date: Sun, 24 Sep 2023 04:55:26 GMT
server: fife
content-length: 15014
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
1.bp.blogspot.com/-k9Y8hAKUA-I/TzlPe-L6nEI/AAAAAAAAAQM/58g2YvaR0t0/s1600/facebook.png
200 OK 44 kB URL GET HTTP/2 1.bp.blogspot.com/-k9Y8hAKUA-I/TzlPe-L6nEI/AAAAAAAAAQM/58g2YvaR0t0/s1600/facebook.png
IP
Requested by https://beritakampoeng.blogspot.com/2012/02?target=twitter/&m=1
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced\012- data
Hash 4bdc72a97407283ab71691783b885cad
dea5071a497caa5995de9d16c49c004c246cdd0e
ba6c1fdef1a9a93864885b8dac90e5009badd258b3c67326120f9579b24171dd
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-k9Y8hAKUA-I/TzlPe-L6nEI/AAAAAAAAAQM/58g2YvaR0t0/s1600/facebook.png HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://beritakampoeng.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/png
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v103"
expires: Mon, 25 Sep 2023 04:55:26 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="facebook.png"
x-content-type-options: nosniff
date: Sun, 24 Sep 2023 04:55:26 GMT
server: fife
content-length: 44008
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
4.bp.blogspot.com/-2eWwXHhGPlI/TzYUDWV3jSI/AAAAAAAAAPo/lJLWwrQIqyA/s1600/ac-milan-vs-arsenal.jpg
200 OK 83 kB URL GET HTTP/2 4.bp.blogspot.com/-2eWwXHhGPlI/TzYUDWV3jSI/AAAAAAAAAPo/lJLWwrQIqyA/s1600/ac-milan-vs-arsenal.jpg
IP
Requested by https://beritakampoeng.blogspot.com/2012/02?target=twitter/&m=1
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Google], baseline, precision 8, 450x318, components 3\012- data
Hash 1ef038e1d0f52ca1236e730f269407f4
7700dc1f686b926688dd0fe7431c9b3e209b5ad3
1e1b8610b5c2345b7e82ac33dd7874084acf0bff2df516ecff8e82475f5621ff
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-2eWwXHhGPlI/TzYUDWV3jSI/AAAAAAAAAPo/lJLWwrQIqyA/s1600/ac-milan-vs-arsenal.jpg HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://beritakampoeng.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v16f2"
expires: Mon, 25 Sep 2023 04:55:26 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="ac-milan-vs-arsenal.jpg"
x-content-type-options: nosniff
date: Sun, 24 Sep 2023 04:55:26 GMT
server: fife
content-length: 83051
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
3.bp.blogspot.com/-fUUxDfd82bs/TzFv3Ylay_I/AAAAAAAAAOM/QvcS7U5ocrU/s280/Google-Adsense.jpg
200 OK 14 kB URL GET HTTP/2 3.bp.blogspot.com/-fUUxDfd82bs/TzFv3Ylay_I/AAAAAAAAAOM/QvcS7U5ocrU/s280/Google-Adsense.jpg
IP
Requested by https://beritakampoeng.blogspot.com/2012/02?target=twitter/&m=1
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 280x116, components 3\012- data
Hash ff7498f89380ba0f2a3e3a619398847d
6a46d53e07f28a50deb8ee61163b29c815f4a598
edb2311ad443e54c548a186da638eedf0135bb1f2e313ec7ddcbdb6d83834def
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-fUUxDfd82bs/TzFv3Ylay_I/AAAAAAAAAOM/QvcS7U5ocrU/s280/Google-Adsense.jpg HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://beritakampoeng.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "ve3"
expires: Mon, 25 Sep 2023 04:55:26 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Google-Adsense.jpg"
x-content-type-options: nosniff
date: Sun, 24 Sep 2023 04:55:26 GMT
server: fife
content-length: 13520
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
2.bp.blogspot.com/-ZsLvNY7OQ4M/TzStu0xgOsI/AAAAAAAAAPA/NZGR0ELlorY/s1600/Julia-Perez-Bra-Semangka2.jpg
200 OK 18 kB URL GET HTTP/2 2.bp.blogspot.com/-ZsLvNY7OQ4M/TzStu0xgOsI/AAAAAAAAAPA/NZGR0ELlorY/s1600/Julia-Perez-Bra-Semangka2.jpg
IP
Requested by https://beritakampoeng.blogspot.com/2012/02?target=twitter/&m=1
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Google], baseline, precision 8, 238x300, components 3\012- data
Hash 7f09144b38b55301f216571a6d5e423a
6c3404b5e2db3a14f5524390ae1e3e31ce05b649
c610247908af38d88e21d72eeea435dccc76558c5a63878247796a641a8947c9
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-ZsLvNY7OQ4M/TzStu0xgOsI/AAAAAAAAAPA/NZGR0ELlorY/s1600/Julia-Perez-Bra-Semangka2.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://beritakampoeng.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "vf0"
expires: Mon, 25 Sep 2023 04:55:26 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Julia-Perez-Bra-Semangka2.jpg"
x-content-type-options: nosniff
date: Sun, 24 Sep 2023 04:55:26 GMT
server: fife
content-length: 17696
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
1.bp.blogspot.com/-p5H0QGND2xo/Tzwu3ANakoI/AAAAAAAAARk/Igkjiu8Pjv0/s280/Kevin-prince-boateng-dan-seedorf.jpg
200 OK 19 kB URL GET HTTP/2 1.bp.blogspot.com/-p5H0QGND2xo/Tzwu3ANakoI/AAAAAAAAARk/Igkjiu8Pjv0/s280/Kevin-prince-boateng-dan-seedorf.jpg
IP
Requested by https://beritakampoeng.blogspot.com/2012/02?target=twitter/&m=1
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 280x174, components 3\012- data
Hash ed5ad0fc214e01c0f0e0c52639225f9f
ab7a316a904bd8c37e6a563f09201aa7c59921d3
92eda12bac72caeceed5121724683ed5dee7127edbc11f00b71fc3419ce25793
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-p5H0QGND2xo/Tzwu3ANakoI/AAAAAAAAARk/Igkjiu8Pjv0/s280/Kevin-prince-boateng-dan-seedorf.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://beritakampoeng.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v119"
expires: Mon, 25 Sep 2023 04:55:26 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Kevin-prince-boateng-dan-seedorf.jpg"
x-content-type-options: nosniff
date: Sun, 24 Sep 2023 04:55:26 GMT
server: fife
content-length: 18601
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
3.bp.blogspot.com/-FvOWrIGn88E/TzStFidpc2I/AAAAAAAAAO4/zaJlkjHHtOk/s280/Julia-Perez-Bra-Semangka.jpg
200 OK 13 kB URL GET HTTP/2 3.bp.blogspot.com/-FvOWrIGn88E/TzStFidpc2I/AAAAAAAAAO4/zaJlkjHHtOk/s280/Julia-Perez-Bra-Semangka.jpg
IP
Requested by https://beritakampoeng.blogspot.com/2012/02?target=twitter/&m=1
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 280x180, components 3\012- data
Hash a553d3227548593ebbe6f0da67bd545d
043305bfdb64c6890c8c6c576736ffc3d88df1f5
5fe2f3beb868a47f911966b13dd4e2606f6dfe915376fe44197c592184a10b4c
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-FvOWrIGn88E/TzStFidpc2I/AAAAAAAAAO4/zaJlkjHHtOk/s280/Julia-Perez-Bra-Semangka.jpg HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://beritakampoeng.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "vee"
expires: Mon, 25 Sep 2023 04:55:27 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Julia-Perez-Bra-Semangka.jpg"
x-content-type-options: nosniff
date: Sun, 24 Sep 2023 04:55:27 GMT
server: fife
content-length: 12694
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
2.bp.blogspot.com/-C71o5vDquzA/TzE9PSJ-iPI/AAAAAAAAAOE/CwoXJ7Jb9II/s280/Ibrahimovic-Tampar-Salvatore-Aronica.jpg
200 OK 28 kB URL GET HTTP/2 2.bp.blogspot.com/-C71o5vDquzA/TzE9PSJ-iPI/AAAAAAAAAOE/CwoXJ7Jb9II/s280/Ibrahimovic-Tampar-Salvatore-Aronica.jpg
IP
Requested by https://beritakampoeng.blogspot.com/2012/02?target=twitter/&m=1
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 280x174, components 3\012- data
Hash 6297240e936dce1fe0caf4b86f47b95b
d477e537d06860dcda5871af40aeeb3a6b93acc7
00ee7f342e3d8ab4d00ac8727b0046c6cbdefba386eea7318496ddcbd73c1abd
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-C71o5vDquzA/TzE9PSJ-iPI/AAAAAAAAAOE/CwoXJ7Jb9II/s280/Ibrahimovic-Tampar-Salvatore-Aronica.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://beritakampoeng.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "ve1"
expires: Mon, 25 Sep 2023 04:55:27 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Ibrahimovic-Tampar-Salvatore-Aronica.jpg"
x-content-type-options: nosniff
date: Sun, 24 Sep 2023 04:55:27 GMT
server: fife
content-length: 27518
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
4.bp.blogspot.com/-PGFGzwbjUjI/TzCyZ2tQt2I/AAAAAAAAAN0/OJBhIFMOmvE/s280/green_city_shopping_mall_and_arcade.jpg
200 OK 21 kB URL GET HTTP/2 4.bp.blogspot.com/-PGFGzwbjUjI/TzCyZ2tQt2I/AAAAAAAAAN0/OJBhIFMOmvE/s280/green_city_shopping_mall_and_arcade.jpg
IP
Requested by https://beritakampoeng.blogspot.com/2012/02?target=twitter/&m=1
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 280x147, components 3\012- data
Hash 881157376fe725e038496f106a584e25
d3d8e9df01cd849f8d5017c0e4f093bc2d02c63f
157054516a6fa22e6bd2bbad6ec9d519a22cd9b4774231f85f32f17503743fe7
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-PGFGzwbjUjI/TzCyZ2tQt2I/AAAAAAAAAN0/OJBhIFMOmvE/s280/green_city_shopping_mall_and_arcade.jpg HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://beritakampoeng.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "vdd"
expires: Mon, 25 Sep 2023 04:55:27 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="green_city_shopping_mall_and_arcade.jpg"
x-content-type-options: nosniff
date: Sun, 24 Sep 2023 04:55:27 GMT
server: fife
content-length: 20813
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
4.bp.blogspot.com/-VKEb-60lFsA/Tz4PS_O9Q8I/AAAAAAAAASM/hL6_P97t8dA/s1600/main-stadium-riau.jpg
200 OK 11 kB URL GET HTTP/2 4.bp.blogspot.com/-VKEb-60lFsA/Tz4PS_O9Q8I/AAAAAAAAASM/hL6_P97t8dA/s1600/main-stadium-riau.jpg
IP
Requested by https://beritakampoeng.blogspot.com/2012/02?target=twitter/&m=1
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Google], baseline, precision 8, 308x164, components 3\012- data
Hash 2643e49e913f17a0ca1575e985a46c67
98c53ff03737b9841bf8c432b3a4d8aab5137daf
49aae4ea3bb2089ba983a3067f5e3b39cd8b3f5ac0c707d56833141a6933b927
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /-VKEb-60lFsA/Tz4PS_O9Q8I/AAAAAAAAASM/hL6_P97t8dA/s1600/main-stadium-riau.jpg HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://beritakampoeng.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v123"
expires: Mon, 25 Sep 2023 04:55:27 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="main-stadium-riau.jpg"
x-content-type-options: nosniff
date: Sun, 24 Sep 2023 04:55:27 GMT
server: fife
content-length: 10565
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
472 B IP
Hash 126b0a9f06e2940180b9f3d7bf846ee3
837d11e1daeabaeb84b17ab34e3668d5f654f5bd
0f4e2ec6b04e2bbfec447077213cb23fe5008094a636f4de026a9534a0edb691
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 24 Sep 2023 04:55:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
472 B IP
Hash f5e8c4f8f278f9efbee06f1da6ca6afa
07cea281d3989868b6a516d85d886f223231c690
207b4b722f6e6827f867905eb8f9d07bb251106fd318bba1b063d0127920444a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 24 Sep 2023 04:55:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pagead2.googlesyndication.com/pagead/js/google_top_exp.js
200 OK 42 B URL GET HTTP/2 pagead2.googlesyndication.com/pagead/js/google_top_exp.js
IP
Requested by https://beritakampoeng.blogspot.com/2012/02?target=twitter/&m=1
Certificate IssuerGoogle Trust Services LLC
Subject*.g.doubleclick.net
Fingerprint67:E1:F2:5D:6B:29:01:55:36:48:B9:44:27:87:2A:0A:C4:DD:B7:B7
ValidityMon, 04 Sep 2023 08:17:04 GMT - Mon, 27 Nov 2023 08:17:03 GMT
Hash 7f5f2be159837d73b72a4b37616bce44
c93d7f25b530b05c26440d3352213b683d03dcc3
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
GET /pagead/js/google_top_exp.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://beritakampoeng.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 42
x-xss-protection: 0
date: Sat, 23 Sep 2023 14:42:49 GMT
expires: Sat, 07 Oct 2023 14:42:49 GMT
cache-control: public, max-age=1209600
age: 51158
etag: 13036835877489095579
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
472 B IP
Hash 126b0a9f06e2940180b9f3d7bf846ee3
837d11e1daeabaeb84b17ab34e3668d5f654f5bd
0f4e2ec6b04e2bbfec447077213cb23fe5008094a636f4de026a9534a0edb691
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 24 Sep 2023 04:55:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.blogger.com/dyn-css/authorization.css?targetBlogID=9201351503703120842&zx=ba019cfb-c2e1-4378-b60b-f798ec24cf22
200 OK 21 B URL GET HTTP/3 www.blogger.com/dyn-css/authorization.css?targetBlogID=9201351503703120842&zx=ba019cfb-c2e1-4378-b60b-f798ec24cf22
IP
Requested by https://beritakampoeng.blogspot.com/2012/02?target=twitter/&m=1
Certificate IssuerGoogle Trust Services LLC
Subject*.blogger.com
FingerprintCB:2E:4E:04:8F:48:B1:A1:1A:F4:F6:E1:8A:18:2F:F9:B5:A6:DD:60
ValidityMon, 04 Sep 2023 08:16:44 GMT - Mon, 27 Nov 2023 08:16:43 GMT
File type very short file (no magic)
Hash 68b329da9893e34099c7d8ad5cb9c940
adc83b19e793491b1c6ea0fd8b46cd9f32e592fc
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
GET /dyn-css/authorization.css?targetBlogID=9201351503703120842&zx=ba019cfb-c2e1-4378-b60b-f798ec24cf22 HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://beritakampoeng.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 24 Sep 2023 04:55:27 GMT
last-modified: Sun, 24 Sep 2023 04:55:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-length: 21
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ocsp.pki.goog/gts1c3
472 B IP
Hash f5e8c4f8f278f9efbee06f1da6ca6afa
07cea281d3989868b6a516d85d886f223231c690
207b4b722f6e6827f867905eb8f9d07bb251106fd318bba1b063d0127920444a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 24 Sep 2023 04:55:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.youtube.com/s/player/9cbb6b90/player_ias.vflset/en_US/embed.js
200 OK 17 kB URL GET HTTP/3 www.youtube.com/s/player/9cbb6b90/player_ias.vflset/en_US/embed.js
IP
Requested by https://www.youtube.com/embed/FmbfBpXrY14
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintBB:B9:27:FB:7D:F3:A7:1A:57:CC:23:F8:42:E9:10:BE:59:7E:1F:D4
ValidityMon, 04 Sep 2023 08:17:06 GMT - Mon, 27 Nov 2023 08:17:05 GMT
File type ASCII text, with very long lines (3391)
Hash 0634fe0bbd81dee2f78ea73905699a32
60f070925b24a488529e44998702b761940bfc12
0e0790121ab615b8a885f11bf9b05c0c9f961bc0c5ba748e18d0ac1168ee6583
GET /s/player/9cbb6b90/player_ias.vflset/en_US/embed.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/FmbfBpXrY14
Cookie: YSC=Pr29oFsTfVY; VISITOR_INFO1_LIVE=3_brcwR7XXs
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 17138
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 23 Sep 2023 19:47:35 GMT
expires: Sun, 22 Sep 2024 19:47:35 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 18 Sep 2023 01:51:09 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 32873
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.youtube.com/s/player/9cbb6b90/www-player.css
200 OK 49 kB URL GET HTTP/3 www.youtube.com/s/player/9cbb6b90/www-player.css
IP
Requested by https://www.youtube.com/embed/FmbfBpXrY14
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintBB:B9:27:FB:7D:F3:A7:1A:57:CC:23:F8:42:E9:10:BE:59:7E:1F:D4
ValidityMon, 04 Sep 2023 08:17:06 GMT - Mon, 27 Nov 2023 08:17:05 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash ee113c2fd024ac56f71eaecd779226c4
a6c0f0f28ee8924ffdaccb46516c88093459376f
184f263c8a0cf32ae43d5a71874448ee748057dae78d16b189355f20856d1571
GET /s/player/9cbb6b90/www-player.css HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/FmbfBpXrY14
Cookie: YSC=Pr29oFsTfVY; VISITOR_INFO1_LIVE=3_brcwR7XXs
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 48765
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 18 Sep 2023 07:28:24 GMT
expires: Tue, 17 Sep 2024 07:28:24 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 18 Sep 2023 01:51:09 GMT
content-type: text/css
vary: Accept-Encoding, Origin
age: 509224
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.youtube.com/s/player/9cbb6b90/www-embed-player.vflset/www-embed-player.js
200 OK 96 kB URL GET HTTP/3 www.youtube.com/s/player/9cbb6b90/www-embed-player.vflset/www-embed-player.js
IP
Requested by https://www.youtube.com/embed/FmbfBpXrY14
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintBB:B9:27:FB:7D:F3:A7:1A:57:CC:23:F8:42:E9:10:BE:59:7E:1F:D4
ValidityMon, 04 Sep 2023 08:17:06 GMT - Mon, 27 Nov 2023 08:17:05 GMT
File type ASCII text, with very long lines (682)
Hash 116a5fe46325d930c09e12813c4179bb
5dddd872b57e06b4e5f2406a4259c3bece6d46c9
ba96780d2ab1b1efe09f18d20459cbc7d0aeda172548a23ea7dc1274aad29c98
GET /s/player/9cbb6b90/www-embed-player.vflset/www-embed-player.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/FmbfBpXrY14
Cookie: YSC=Pr29oFsTfVY; VISITOR_INFO1_LIVE=3_brcwR7XXs
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 96160
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 22 Sep 2023 14:40:19 GMT
expires: Sat, 21 Sep 2024 14:40:19 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 18 Sep 2023 01:51:09 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 137709
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.youtube.com/s/player/9cbb6b90/player_ias.vflset/en_US/base.js
200 OK 800 kB URL GET HTTP/3 www.youtube.com/s/player/9cbb6b90/player_ias.vflset/en_US/base.js
IP
Requested by https://www.youtube.com/embed/FmbfBpXrY14
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintBB:B9:27:FB:7D:F3:A7:1A:57:CC:23:F8:42:E9:10:BE:59:7E:1F:D4
ValidityMon, 04 Sep 2023 08:17:06 GMT - Mon, 27 Nov 2023 08:17:05 GMT
File type ASCII text, with very long lines (555)
Size 800 kB (800489 bytes)
Hash 2481b078c6cd818dd2e0a27147582742
d5095185d9c7651d67d53ba909d9d88c435dd31f
ef166dff9ddce661455b889b8362db440760288974073aac303c188196c9c7b8
GET /s/player/9cbb6b90/player_ias.vflset/en_US/base.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/FmbfBpXrY14
Cookie: YSC=Pr29oFsTfVY; VISITOR_INFO1_LIVE=3_brcwR7XXs
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-encoding: gzip
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 800489
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 18 Sep 2023 07:39:35 GMT
expires: Tue, 17 Sep 2024 07:39:35 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 18 Sep 2023 01:51:09 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 508553
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ocsp.pki.goog/gts1c3
471 B IP
Hash 23ee71f34a80feec27e23d99ecada83e
62f4c8dcc03187e2bdcdfa76dc732d4eebde5cc1
429bd03ec19810ed389955d166c98e62d9850e52160fbec3dd27da2cc30200fe
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 24 Sep 2023 04:55:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
471 B IP
Hash 23ee71f34a80feec27e23d99ecada83e
62f4c8dcc03187e2bdcdfa76dc732d4eebde5cc1
429bd03ec19810ed389955d166c98e62d9850e52160fbec3dd27da2cc30200fe
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 24 Sep 2023 04:55:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
200 OK 16 kB URL GET HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
Requested by https://www.youtube.com/embed/FmbfBpXrY14
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint3D:35:56:30:C0:0F:0C:7F:20:BA:7D:A8:48:DB:24:1B:15:F5:48:27
ValidityMon, 04 Sep 2023 08:23:09 GMT - Mon, 27 Nov 2023 08:23:08 GMT
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 19 Sep 2023 05:45:56 GMT
expires: Wed, 18 Sep 2024 05:45:56 GMT
cache-control: public, max-age=31536000
age: 428972
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
200 OK 15 kB URL GET HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
Requested by https://www.youtube.com/embed/FmbfBpXrY14
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint3D:35:56:30:C0:0F:0C:7F:20:BA:7D:A8:48:DB:24:1B:15:F5:48:27
ValidityMon, 04 Sep 2023 08:23:09 GMT - Mon, 27 Nov 2023 08:23:08 GMT
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 21 Sep 2023 15:24:26 GMT
expires: Fri, 20 Sep 2024 15:24:26 GMT
cache-control: public, max-age=31536000
age: 221462
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
471 B IP
Hash 23ee71f34a80feec27e23d99ecada83e
62f4c8dcc03187e2bdcdfa76dc732d4eebde5cc1
429bd03ec19810ed389955d166c98e62d9850e52160fbec3dd27da2cc30200fe
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 24 Sep 2023 04:55:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
beritakampoeng.blogspot.com/favicon.ico
200 OK 412 B URL GET HTTP/3 beritakampoeng.blogspot.com/favicon.ico
IP
Requested by https://beritakampoeng.blogspot.com/2012/02?target=twitter/&m=1
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type MS Windows icon resource - 2 icons, 32x32, 8 bits/pixel, 16x16, 8 bits/pixel\012- data
Hash 59a0c7b6e4848ccdabcea0636efda02b
30ef5c54b8bbc3487ea2b4c45cd11ea2932e4340
a1495da3cf3db37bf105a12658636ff628fee7b73975b9200049af7747e60b1f
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /favicon.ico HTTP/1.1
Host: beritakampoeng.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://beritakampoeng.blogspot.com/2012/02?target=twitter/&m=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: image/x-icon; charset=UTF-8
expires: Sun, 24 Sep 2023 04:55:28 GMT
date: Sun, 24 Sep 2023 04:55:28 GMT
cache-control: private, max-age=86400
last-modified: Fri, 10 Dec 2021 00:33:30 GMT
etag: W/"f0575d23f51028a5d14fa29b19ebdfd0960e78cc50737c128f4c090ba0d80170"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 412
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.youtube.com/api/stats/qoe?cpn=FOD_IBhywi_Jsx5I&el=embedded&ns=yt&fexp=v1%2C23983296%2C21348%2C2602%2C73492%2C54572%2C73455%2C160066%2C15958%2C31501%2C23071%2C84737%2C23258%2C2129%2C300%2C9542%2C1089%2C5949%2C322%2C3200%2C26436294%2C171%2C136%2C3211%2C536%2C1253%2C677%2C612%2C243%2C13695&cl=566147822&seq=1&event=streamingstats&docid=FmbfBpXrY14&qclc=ChBGT0RfSUJoeXdpX0pzeDVJEAE&embargoed=0&cbr=Firefox&cbrver=111.0&c=WEB_EMBEDDED_PLAYER&cver=1.20230917.00.00&cplayer=UNIPLAYER&cos=X11&cplatform=DESKTOP&vps=0.000:N,0.001:ER&cmt=0.001:0.000,0.001:0.000&error=0.001:auth::0.000:0;a6s.0&vis=0.001:0&bh=0.001:0.000
204 No Content 0 B URL POST HTTP/3 www.youtube.com/api/stats/qoe?cpn=FOD_IBhywi_Jsx5I&el=embedded&ns=yt&fexp=v1%2C23983296%2C21348%2C2602%2C73492%2C54572%2C73455%2C160066%2C15958%2C31501%2C23071%2C84737%2C23258%2C2129%2C300%2C9542%2C1089%2C5949%2C322%2C3200%2C26436294%2C171%2C136%2C3211%2C536%2C1253%2C677%2C612%2C243%2C13695&cl=566147822&seq=1&event=streamingstats&docid=FmbfBpXrY14&qclc=ChBGT0RfSUJoeXdpX0pzeDVJEAE&embargoed=0&cbr=Firefox&cbrver=111.0&c=WEB_EMBEDDED_PLAYER&cver=1.20230917.00.00&cplayer=UNIPLAYER&cos=X11&cplatform=DESKTOP&vps=0.000:N,0.001:ER&cmt=0.001:0.000,0.001:0.000&error=0.001:auth::0.000:0;a6s.0&vis=0.001:0&bh=0.001:0.000
IP
Requested by https://www.youtube.com/embed/FmbfBpXrY14
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintBB:B9:27:FB:7D:F3:A7:1A:57:CC:23:F8:42:E9:10:BE:59:7E:1F:D4
ValidityMon, 04 Sep 2023 08:17:06 GMT - Mon, 27 Nov 2023 08:17:05 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /api/stats/qoe?cpn=FOD_IBhywi_Jsx5I&el=embedded&ns=yt&fexp=v1%2C23983296%2C21348%2C2602%2C73492%2C54572%2C73455%2C160066%2C15958%2C31501%2C23071%2C84737%2C23258%2C2129%2C300%2C9542%2C1089%2C5949%2C322%2C3200%2C26436294%2C171%2C136%2C3211%2C536%2C1253%2C677%2C612%2C243%2C13695&cl=566147822&seq=1&event=streamingstats&docid=FmbfBpXrY14&qclc=ChBGT0RfSUJoeXdpX0pzeDVJEAE&embargoed=0&cbr=Firefox&cbrver=111.0&c=WEB_EMBEDDED_PLAYER&cver=1.20230917.00.00&cplayer=UNIPLAYER&cos=X11&cplatform=DESKTOP&vps=0.000:N,0.001:ER&cmt=0.001:0.000,0.001:0.000&error=0.001:auth::0.000:0;a6s.0&vis=0.001:0&bh=0.001:0.000 HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Visitor-Id: CgszX2JyY3dSN1hYcyi_gr-oBjIGCgJOTxIA
X-YouTube-Client-Name: 56
X-YouTube-Client-Version: 1.20230917.00.00
X-YouTube-Utc-Offset: 0
X-YouTube-Time-Zone: UTC
X-YouTube-Ad-Signals: dt=1695531329319&flash=0&frm=2&u_tz&u_his=2&u_h=1024&u_w=1280&u_ah=1024&u_aw=1280&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C280%2C210&vis=1&wgl=true&ca_type=image
Content-Type: application/x-www-form-urlencoded
Content-Length: 226
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/FmbfBpXrY14
Cookie: YSC=Pr29oFsTfVY; VISITOR_INFO1_LIVE=3_brcwR7XXs
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
content-type: text/html; charset=UTF-8
date: Sun, 24 Sep 2023 04:55:29 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
x-content-type-options: nosniff
server: Video Stats Server
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ocsp.pki.goog/gts1c3
471 B IP
Hash 99734170fcdad2d52884412f61321bf8
25163901dbdc047070a12d8afadcaa7009d8b595
f2a2590ac5fa2bcc9db8c46b3b4ad45f0a03b03193f601a2636e900fe851cf59
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 24 Sep 2023 04:55:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
471 B IP
Hash 99734170fcdad2d52884412f61321bf8
25163901dbdc047070a12d8afadcaa7009d8b595
f2a2590ac5fa2bcc9db8c46b3b4ad45f0a03b03193f601a2636e900fe851cf59
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 24 Sep 2023 04:55:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
200 OK 0 B URL OPTIONS HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP
Requested by https://www.youtube.com/embed/FmbfBpXrY14
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintBE:40:3A:A6:DE:CC:A7:8B:75:43:68:F2:F9:56:63:71:49:61:06:49
ValidityMon, 04 Sep 2023 08:23:18 GMT - Mon, 27 Nov 2023 08:23:17 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Sun, 24 Sep 2023 04:55:29 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
200 OK 32 kB URL OPTIONS HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP
Requested by https://www.youtube.com/embed/FmbfBpXrY14
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintBE:40:3A:A6:DE:CC:A7:8B:75:43:68:F2:F9:56:63:71:49:61:06:49
ValidityMon, 04 Sep 2023 08:23:18 GMT - Mon, 27 Nov 2023 08:23:17 GMT
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 3113abcdb7bbfd2844532acad4e6f764
fadfdb038c906f85a658192a83df8bdbae52aeb1
3bd53973c5ff021ee9c3e4e63804ea2767e0edbcc834b1cbdb6005b01b11bb36
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sun, 24 Sep 2023 04:55:29 GMT
server: ESF
cache-control: private
content-length: 32111
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
471 B IP
Hash 99734170fcdad2d52884412f61321bf8
25163901dbdc047070a12d8afadcaa7009d8b595
f2a2590ac5fa2bcc9db8c46b3b4ad45f0a03b03193f601a2636e900fe851cf59
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 24 Sep 2023 04:55:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
200 OK 0 B URL OPTIONS HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP
Requested by https://www.youtube.com/embed/FmbfBpXrY14
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintBE:40:3A:A6:DE:CC:A7:8B:75:43:68:F2:F9:56:63:71:49:61:06:49
ValidityMon, 04 Sep 2023 08:23:18 GMT - Mon, 27 Nov 2023 08:23:17 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Sun, 24 Sep 2023 04:55:29 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
200 OK 110 B URL OPTIONS HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP
Requested by https://www.youtube.com/embed/FmbfBpXrY14
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintBE:40:3A:A6:DE:CC:A7:8B:75:43:68:F2:F9:56:63:71:49:61:06:49
ValidityMon, 04 Sep 2023 08:23:18 GMT - Mon, 27 Nov 2023 08:23:17 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash fb673b70f7313141833953c543e78df1
64d62378bd3749e4dc20db29cf96992c2f88894b
d57ae5ca6f91a88397b2c8b9417ec9f44f6e04157e5f1937295ec5d8d2aacf5c
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 1118
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sun, 24 Sep 2023 04:55:29 GMT
server: ESF
cache-control: private
content-length: 110
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
200 OK 31 B URL POST HTTP/3 www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
IP
Requested by https://www.youtube.com/embed/FmbfBpXrY14
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintBB:B9:27:FB:7D:F3:A7:1A:57:CC:23:F8:42:E9:10:BE:59:7E:1F:D4
ValidityMon, 04 Sep 2023 08:17:06 GMT - Mon, 27 Nov 2023 08:17:05 GMT
File type JSON data\012- , ASCII text
Hash 5e1fa6fd9abd549a576f3f24b1d3c8d4
d5335d7f7d33be6a0b663f03b2df4df2521c4a87
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
POST /youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8 HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Request-Time: 1695531332455
Content-Type: application/json
X-Goog-Visitor-Id: CgszX2JyY3dSN1hYcyi_gr-oBjIGCgJOTxIA
X-YouTube-Client-Name: 56
X-YouTube-Client-Version: 1.20230917.00.00
X-YouTube-Utc-Offset: 0
X-YouTube-Time-Zone: UTC
X-YouTube-Ad-Signals: dt=1695531328775&flash=0&frm=2&u_tz&u_his=2&u_h=1024&u_w=1280&u_ah=1024&u_aw=1280&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C280%2C210&vis=1&wgl=true&ca_type=image
Content-Length: 15752
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/FmbfBpXrY14
Cookie: YSC=Pr29oFsTfVY; VISITOR_INFO1_LIVE=3_brcwR7XXs
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/json; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: br
date: Sun, 24 Sep 2023 04:55:32 GMT
server: scaffolding on HTTPServer2
content-length: 31
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: CONSENT=PENDING+342; expires=Tue, 23-Sep-2025 04:55:32 GMT; path=/; domain=.youtube.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 24 Sep 2023 04:55:32 GMT
cache-control: private
www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
200 OK 31 B URL POST HTTP/3 www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
IP
Requested by https://www.youtube.com/embed/FmbfBpXrY14
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintBB:B9:27:FB:7D:F3:A7:1A:57:CC:23:F8:42:E9:10:BE:59:7E:1F:D4
ValidityMon, 04 Sep 2023 08:17:06 GMT - Mon, 27 Nov 2023 08:17:05 GMT
File type JSON data\012- , ASCII text
Hash 5e1fa6fd9abd549a576f3f24b1d3c8d4
d5335d7f7d33be6a0b663f03b2df4df2521c4a87
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
POST /youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8 HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Request-Time: 1695531341351
Content-Type: application/json
X-Goog-Visitor-Id: CgszX2JyY3dSN1hYcyi_gr-oBjIGCgJOTxIA
X-YouTube-Client-Name: 56
X-YouTube-Client-Version: 1.20230917.00.00
X-YouTube-Utc-Offset: 0
X-YouTube-Time-Zone: UTC
X-YouTube-Ad-Signals: dt=1695531328775&flash=0&frm=2&u_tz&u_his=2&u_h=1024&u_w=1280&u_ah=1024&u_aw=1280&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C280%2C210&vis=1&wgl=true&ca_type=image
Content-Length: 754
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/FmbfBpXrY14
Cookie: YSC=Pr29oFsTfVY; VISITOR_INFO1_LIVE=3_brcwR7XXs
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/json; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: br
date: Sun, 24 Sep 2023 04:55:41 GMT
server: scaffolding on HTTPServer2
content-length: 31
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: CONSENT=PENDING+821; expires=Tue, 23-Sep-2025 04:55:41 GMT; path=/; domain=.youtube.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 24 Sep 2023 04:55:41 GMT
cache-control: private
www.youtube.com/embed/FmbfBpXrY14
200 OK 84 kB URL GET HTTP/2 www.youtube.com/embed/FmbfBpXrY14
IP
Requested by https://beritakampoeng.blogspot.com/2012/02?target=twitter/&m=1
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintBB:B9:27:FB:7D:F3:A7:1A:57:CC:23:F8:42:E9:10:BE:59:7E:1F:D4
ValidityMon, 04 Sep 2023 08:17:06 GMT - Mon, 27 Nov 2023 08:17:05 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (58254)
Hash a7170461ed80a5a2a4f23b551ed46da0
a8adb718714764a573a5259e1a1b5276894b9374
160463ebe162c6c5b9f8f0ad365456cd4329ed218c2190ee6fc570aa1b675dc7
GET /embed/FmbfBpXrY14 HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://beritakampoeng.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 24 Sep 2023 04:55:27 GMT
strict-transport-security: max-age=31536000
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: base-uri 'self';default-src 'self' https: blob:;font-src https: data:;img-src https: data: android-webview-video-poster:;media-src blob: https:;object-src 'none';script-src 'nonce-lBXT6Pe6o5vk1-GULcVf2A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';style-src https: 'unsafe-inline';report-uri /cspreport
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=Pr29oFsTfVY; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=3_brcwR7XXs; Domain=.youtube.com; Expires=Fri, 22-Mar-2024 04:55:27 GMT; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_PRIVACY_METADATA=CgJOTxIA; Domain=.youtube.com; Expires=Fri, 22-Mar-2024 04:55:27 GMT; Path=/; Secure; HttpOnly; SameSite=lax
CONSENT=PENDING+394; expires=Tue, 23-Sep-2025 04:55:27 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
216.58.207.193