r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 93f633ce30c038eb581544323c5a971e
2f60526cb750c6babccc207f75fb5a8ae6f7598b
0ff6df80a892199848fb943af78541b66efc09a7ab70d4b169906fdbac1eabf8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FF6DF80A892199848FB943AF78541B66EFC09A7AB70D4B169906FDBAC1EABF8"
Last-Modified: Mon, 27 Mar 2023 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16345
Expires: Wed, 29 Mar 2023 04:25:05 GMT
Date: Tue, 28 Mar 2023 23:52:40 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c83d39f350161ed2f5d20dcd68e47c92
2695a888e652cb314f8094cc6073c3364336d272
62e5cc6aea61c3c32acd964d4bbe143806416008181eebc4451a8f035b69a0bc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62E5CC6AEA61C3C32ACD964D4BBE143806416008181EEBC4451A8F035B69A0BC"
Last-Modified: Mon, 27 Mar 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12185
Expires: Wed, 29 Mar 2023 03:15:45 GMT
Date: Tue, 28 Mar 2023 23:52:40 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bc86ef2a0cee04915bc360f5821adc8f
3658f9028cce204d38f7f48fcfaa2a8e4f54383a
aeecd718d03811322457de4f20828bdba86b277e7e0e328cae9c0a8075638454
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Content-Length, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 28 Mar 2023 23:28:07 GMT
content-type: application/json
age: 1474
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c0d9353dc46e88bf564ed464b0b073c7
0b5ce170e7db24267a3ba5b79a48548b1acd2e5b
7c7ef189b14109b44aa96454ea1b94bcbd3d69599cc7ba429f8234f6acd88a9b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7C7EF189B14109B44AA96454EA1B94BCBD3D69599CC7BA429F8234F6ACD88A9B"
Last-Modified: Mon, 27 Mar 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12500
Expires: Wed, 29 Mar 2023 03:21:01 GMT
Date: Tue, 28 Mar 2023 23:52:41 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 7b2/3si43hZRQoWCKiihfs3pDxphhKz6YX/mSOBeavbrPZbfC9D9Dk7W9NeXKQlqd0rrehfMlzQ=
x-amz-request-id: VCY5RHC3Q9P5K183
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 28 Mar 2023 23:02:14 GMT
age: 3027
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 28 Mar 2023 23:52:41 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a740252e7b24892a3e34f6dfed6e3bde
d44d21abb95edd1ccc775632254f11ee94fb585e
e289995a2b4b340364dd7dfa32c79c7722ece6cc4b893b38fc68bbce680d2f94
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E289995A2B4B340364DD7DFA32C79C7722ECE6CC4B893B38FC68BBCE680D2F94"
Last-Modified: Mon, 27 Mar 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4426
Expires: Wed, 29 Mar 2023 01:06:27 GMT
Date: Tue, 28 Mar 2023 23:52:41 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, ETag, Alert, Last-Modified, Retry-After, Content-Length, Pragma, Backoff, Cache-Control, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 28 Mar 2023 23:14:36 GMT
age: 2285
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
push.services.mozilla.com/
34.117.65.55101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.117.65.55:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 9eSXfBhFkgDZBTT6cY1UHw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: wU1Af47t6uaUs2BElFvyeqWe3kw=
Date: Tue, 28 Mar 2023 23:52:41 GMT
Via: 1.1 google
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash e4dffe40d8d6bdaa195e46325bd418c0
9ccec8652219bf558782265ff5557de63e3cd1ea
c2c9c46b22da229616dba79ed02a9c80ecbbe9c40234a80e952c12da65a2ae85
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 28 Mar 2023 23:52:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.blogger.com/static/v1/widgets/55013136-widget_css_bundle.css
216.58.207.233200 OK 6.6 kB URL HTTP/2 www.blogger.com/static/v1/widgets/55013136-widget_css_bundle.css
IP 216.58.207.233:0
File type ASCII text, with very long lines (30596)
Hash 6f46e6f68353c7911fe34f31faa1518f
ea4dbfa2f87c18e9c51c59a32dfa9afb9c2c3472
0be7e26374fcff6f423b88e5f2a05d1cfdcb56abb4a78fa125e391989782ae0f
GET /static/v1/widgets/55013136-widget_css_bundle.css HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://diklikbro.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 6620
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 26 Mar 2023 10:34:40 GMT
expires: Mon, 25 Mar 2024 10:34:40 GMT
cache-control: public, max-age=31536000
last-modified: Sat, 25 Mar 2023 21:51:51 GMT
content-type: text/css
vary: Accept-Encoding
age: 220681
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash d2d4415f4eeb34e663d209eeddd8d25d
5d239718d7235d1f62e10d7d381c5a063e94c73a
cc35be0a21b7442cc2628ea8cd42023f81eb2deea66e5149a22776228b105213
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 28 Mar 2023 23:52:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js
142.250.74.170200 OK 34 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js
IP 142.250.74.170:0
File type ASCII text, with very long lines (65483)
Hash a54a444f20643b131117dc2112cca05f
074964746b12ff1d30f7656310d6154ae1cc98b5
aa3ca8485dd777d4d880b38c1cf3bc2fc290d28a79ba3e3e43cba1f653132830
GET /ajax/libs/jquery/1.8.3/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://diklikbro.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33593
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 25 Mar 2023 06:55:55 GMT
expires: Sun, 24 Mar 2024 06:55:55 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 320206
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
diklikbro.blogspot.com/2014/07/panduan-bagi-pulsa-ke-sesama-xl.html
142.250.74.1200 OK 55 kB URL HTTP/1.1 diklikbro.blogspot.com/2014/07/panduan-bagi-pulsa-ke-sesama-xl.html
IP 142.250.74.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (13513)
Hash e10c2ece86bea8e8c2fa3445f982d14f
9c80b316b8ba8a5d2d286e579801579e085bdb9b
ae9fea7838c38b4553870b08bfeaa540719c62c22e1ff41084acfaa2bd3040a7
Analyzer Verdict Alert fortinet Malware
NIDS Severity Alert suricata high ET EXPLOIT_KIT Double-Encoded Reverse Base64/Dean Edwards Packed JavaScript Observed in Unknown EK Feb 16 2015 b64 1 M2
GET /2014/07/panduan-bagi-pulsa-ke-sesama-xl.html HTTP/1.1
Host: diklikbro.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Expires: Tue, 28 Mar 2023 23:52:41 GMT
Date: Tue, 28 Mar 2023 23:52:41 GMT
Cache-Control: private, max-age=0
Last-Modified: Fri, 03 Dec 2021 13:35:06 GMT
ETag: W/"eda5f61417f6ff4c202f8ee098f9778e58c44aed68a91984f95261c11ec887ef"
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 55333
Server: GSE
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash e4dffe40d8d6bdaa195e46325bd418c0
9ccec8652219bf558782265ff5557de63e3cd1ea
c2c9c46b22da229616dba79ed02a9c80ecbbe9c40234a80e952c12da65a2ae85
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 28 Mar 2023 23:52:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.blogger.com/static/v1/widgets/229717095-widgets.js
216.58.207.233200 OK 57 kB URL HTTP/2 www.blogger.com/static/v1/widgets/229717095-widgets.js
IP 216.58.207.233:0
File type ASCII text, with very long lines (2221)
Hash dc7c06f82a42a33e70846ce719f66afe
df92f5b616d8ccd0c8ec7a28cf93b3723f622aaa
b91be7bfb94fddea66f6051c7b795f4571b23390c44ceacff91ed5f5046769dc
GET /static/v1/widgets/229717095-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://diklikbro.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 56922
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 27 Mar 2023 02:29:22 GMT
expires: Tue, 26 Mar 2024 02:29:22 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 27 Mar 2023 01:49:46 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 163400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash da5881230c9caa8ce119f6d09987f94f
c9d790e3232282c7aaac70ffbb4d771964359561
055183b5e85764c678363620aa813083f41ad7bfd07c1efd1b474d536ddeded2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 28 Mar 2023 23:52:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
diklikbro.blogspot.com/js/cookienotice.js
142.250.74.1200 OK 2.0 kB URL HTTP/1.1 diklikbro.blogspot.com/js/cookienotice.js
IP 142.250.74.1:0
Hash c4e1ed83d89245089b8a1203be20a377
f3940e1215b89300ef97d57a25993f25243b8688
afa801a129ff6fc98533118275db8a7d4a38fc91f8ab55ed4c19b864255e68d2
Analyzer Verdict Alert fortinet Malware
GET /js/cookienotice.js HTTP/1.1
Host: diklikbro.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://diklikbro.blogspot.com/2014/07/panduan-bagi-pulsa-ke-sesama-xl.html
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: text/javascript
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 2026
Date: Tue, 28 Mar 2023 23:52:42 GMT
Expires: Tue, 04 Apr 2023 23:52:42 GMT
Cache-Control: public, max-age=604800
Last-Modified: Tue, 28 Mar 2023 06:50:44 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
static.addtoany.com/menu/page.js
104.22.70.197301 Moved Permanently 0 B URL HTTP/1.1 static.addtoany.com/menu/page.js
IP 104.22.70.197:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /menu/page.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://diklikbro.blogspot.com/
HTTP/1.1 301 Moved Permanently
Date: Tue, 28 Mar 2023 23:52:42 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Wed, 29 Mar 2023 00:52:42 GMT
Location: https://static.addtoany.com/menu/page.js
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Server: cloudflare
CF-RAY: 7af3c9cebfe295e2-ARN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash d2d4415f4eeb34e663d209eeddd8d25d
5d239718d7235d1f62e10d7d381c5a063e94c73a
cc35be0a21b7442cc2628ea8cd42023f81eb2deea66e5149a22776228b105213
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 28 Mar 2023 23:52:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
apis.google.com/js/platform.js
142.250.74.46200 OK 21 kB URL HTTP/2 apis.google.com/js/platform.js
IP 142.250.74.46:0
File type ASCII text, with very long lines (1429)
Hash 3161bcab6d00af494c239ab853923a64
3a9c842aa0b2fc894aea7a308a56cc09fce0def3
2b5444c3782c761e5ddb30bd733e9f746f49b3442c5d787b0a7b0c10434fe81f
GET /js/platform.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://diklikbro.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 21022
date: Tue, 28 Mar 2023 23:52:42 GMT
expires: Tue, 28 Mar 2023 23:52:42 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "a817d6f6a95ec85f"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 69d033c232e94b122a0b66e4733f1d57
dca98865e28271c9eafc7307850dbce5126c1a86
d80b57ddab8c2898af0939a454bb1296abd2f964c3bf3eaea2bab7c225d73490
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 28 Mar 2023 23:52:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
scr.kliksaya.com/js-ad.php?zid=184391
134.119.176.27200 OK 497 B URL HTTP/1.1 scr.kliksaya.com/js-ad.php?zid=184391
IP 134.119.176.27:0
ASN #29066 Host Europe GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (497), with no line terminators
Hash 5fd3ee974522814f212aafe4f828c63f
f3eca04cbc1d151fbf6162a9316e5dfb91b9e044
a531fc227be0b28313a36be3ff7add203cf8d7e233714a6940f9df893fcaeb85
GET /js-ad.php?zid=184391 HTTP/1.1
Host: scr.kliksaya.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://diklikbro.blogspot.com/
HTTP/1.1 200 OK
accept-ch: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 497
content-type: text/html; charset=utf-8
date: Tue, 28 Mar 2023 23:52:41 GMT
server: nginx
set-cookie: sid=a0f1c95a-cdc3-11ed-b78e-312d8de9e517; path=/; domain=.kliksaya.com; expires=Mon, 16 Apr 2091 03:06:49 GMT; max-age=2147483647; HttpOnly
scr.kliksaya.com/js-ad.php?zid=184393
134.119.176.27200 OK 497 B URL HTTP/1.1 scr.kliksaya.com/js-ad.php?zid=184393
IP 134.119.176.27:0
ASN #29066 Host Europe GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (497), with no line terminators
Hash 4a2d9c966d7214df7ff84e63af1e3cc7
34a24a31eea15739d8ba09512d3a0d3b48755064
0d0dd147927bdff150cd09fccc1b15fb3f7371fa9c21b1e90e16d6835f352861
GET /js-ad.php?zid=184393 HTTP/1.1
Host: scr.kliksaya.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://diklikbro.blogspot.com/
HTTP/1.1 200 OK
accept-ch: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 497
content-type: text/html; charset=utf-8
date: Tue, 28 Mar 2023 23:52:41 GMT
server: nginx
set-cookie: sid=a0f1cc52-cdc3-11ed-8dcb-312d57b9c2ba; path=/; domain=.kliksaya.com; expires=Mon, 16 Apr 2091 03:06:49 GMT; max-age=2147483647; HttpOnly
themes.googleusercontent.com/static/fonts/roboto/v11/2UX7WLTfW3W8TclTUvlFyQ.woff
142.250.74.97200 OK 21 kB URL HTTP/1.1 themes.googleusercontent.com/static/fonts/roboto/v11/2UX7WLTfW3W8TclTUvlFyQ.woff
IP 142.250.74.97:0
File type Web Open Font Format, TrueType, length 21132, version 1.1\012- data
Hash e5d1ccfbe43c8138e553093300603815
87deb174af2e2beebb9f09d618a5159ca299a3d0
00ceca786c807c91b19ff7b38bdccbe7f2a5404efbd910831122750c5d88b713
GET /static/fonts/roboto/v11/2UX7WLTfW3W8TclTUvlFyQ.woff HTTP/1.1
Host: themes.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://diklikbro.blogspot.com
Connection: keep-alive
Referer: http://diklikbro.blogspot.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="static-on-bigtable"
Report-To: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
Timing-Allow-Origin: *
Content-Length: 21132
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 22 Mar 2023 19:47:28 GMT
Expires: Thu, 21 Mar 2024 19:47:28 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Tue, 22 Oct 2019 18:15:00 GMT
Content-Type: font/woff
Age: 533114
pagead2.googlesyndication.com/pagead/js/google_top_exp.js
216.58.207.226200 OK 67 B URL HTTP/1.1 pagead2.googlesyndication.com/pagead/js/google_top_exp.js
IP 216.58.207.226:0
Hash 9bbc3ca32ec951a484589ce0e6b4db73
753d6f6183b33b2dee5dde2208fca91c17f5bb13
b8f16a16d2a7ea39a9cc079fdbe3af7d31393d62a853668bdd549e0a0311cb3c
GET /pagead/js/google_top_exp.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://diklikbro.blogspot.com/
HTTP/1.1 200 OK
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: cafe
Content-Length: 67
X-XSS-Protection: 0
Date: Tue, 28 Mar 2023 14:03:57 GMT
Expires: Tue, 11 Apr 2023 14:03:57 GMT
Cache-Control: public, max-age=1209600
ETag: 13036835877489095579
Content-Type: text/javascript; charset=UTF-8
Vary: Accept-Encoding
Age: 35325
www.google-analytics.com/analytics.js
142.250.74.110200 OK 20 kB URL HTTP/1.1 www.google-analytics.com/analytics.js
IP 142.250.74.110:0
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://diklikbro.blogspot.com/
HTTP/1.1 200 OK
Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 20085
Date: Tue, 28 Mar 2023 22:05:21 GMT
Expires: Wed, 29 Mar 2023 00:05:21 GMT
Cache-Control: public, max-age=7200
Age: 6441
Last-Modified: Tue, 10 Jan 2023 21:29:14 GMT
Content-Type: text/javascript
Vary: Accept-Encoding
themes.googleusercontent.com/static/fonts/roboto/v11/d-6IYplOFocCacKzxwXSOD8E0i7KZn-EPnyo3HZu7kw.woff
142.250.74.97200 OK 20 kB URL HTTP/1.1 themes.googleusercontent.com/static/fonts/roboto/v11/d-6IYplOFocCacKzxwXSOD8E0i7KZn-EPnyo3HZu7kw.woff
IP 142.250.74.97:0
File type Web Open Font Format, TrueType, length 19812, version 1.1\012- data
Hash c74ddf8e339408e3d7d8082b7e1f5125
e140a63f45f42c4a5f29ea4e2d83a2859c6f99c6
9947e1f452a6580f1089ab62e3b140c96dd7ba65585b7b568c07c6d6947ffb06
GET /static/fonts/roboto/v11/d-6IYplOFocCacKzxwXSOD8E0i7KZn-EPnyo3HZu7kw.woff HTTP/1.1
Host: themes.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://diklikbro.blogspot.com
Connection: keep-alive
Referer: http://diklikbro.blogspot.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="static-on-bigtable"
Report-To: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
Timing-Allow-Origin: *
Content-Length: 19812
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 22 Mar 2023 18:19:04 GMT
Expires: Thu, 21 Mar 2024 18:19:04 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Tue, 22 Oct 2019 18:15:00 GMT
Content-Type: font/woff
Age: 538418
themes.googleusercontent.com/static/fonts/oswald/v8/-g5pDUSRgvxvOl5u-a_WHw.woff
142.250.74.97200 OK 22 kB URL HTTP/1.1 themes.googleusercontent.com/static/fonts/oswald/v8/-g5pDUSRgvxvOl5u-a_WHw.woff
IP 142.250.74.97:0
File type Web Open Font Format, TrueType, length 21520, version 1.1\012- data
Hash b2181049bee439ab4f6b8678c8812e38
b20b90ecd6fc597f161d2228f5779e76e090edf9
a057e0c74a6ffa4a289512d05beb6998e6be8b91be2d056568ebf0c317c11a6c
GET /static/fonts/oswald/v8/-g5pDUSRgvxvOl5u-a_WHw.woff HTTP/1.1
Host: themes.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://diklikbro.blogspot.com
Connection: keep-alive
Referer: http://diklikbro.blogspot.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="static-on-bigtable"
Report-To: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
Timing-Allow-Origin: *
Content-Length: 21520
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Sat, 25 Mar 2023 06:29:18 GMT
Expires: Sun, 24 Mar 2024 06:29:18 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Tue, 22 Oct 2019 18:15:00 GMT
Content-Type: font/woff
Age: 321804
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 7e2d8156baac12231cc9cbfdefedacf1
62384d8842fb5b560ac39636bb519953e22dc664
ee4dbd79fc1569ab6ae0ea7b90b4b7d8dbb846296cf7fc68b24be78b7b95993b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 28 Mar 2023 23:52:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/j/collect?v=1&_v=j99&a=1725825919&t=pageview&_s=1&dl=http%3A%2F%2Fdiklikbro.blogspot.com%2F2014%2F07%2Fpanduan-bagi-pulsa-ke-sesama-xl.html&ul=en-us&de=UTF-8&dt=Cara%20Bagi%20Pulsa%20dari%20dan%20Ke%20Sesama%20Kartu%20XL%20-%20Blog%20Berbagi&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=IEBAAEABAAAAACAAI~&jid=721980669&gjid=53340601&cid=405981902.1680047584&tid=UA-54112260-2&_gid=2069181810.1680047584&_r=1&_slc=1&z=1601580850
142.250.74.110200 OK 3 B URL HTTP/2 www.google-analytics.com/j/collect?v=1&_v=j99&a=1725825919&t=pageview&_s=1&dl=http%3A%2F%2Fdiklikbro.blogspot.com%2F2014%2F07%2Fpanduan-bagi-pulsa-ke-sesama-xl.html&ul=en-us&de=UTF-8&dt=Cara%20Bagi%20Pulsa%20dari%20dan%20Ke%20Sesama%20Kartu%20XL%20-%20Blog%20Berbagi&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=IEBAAEABAAAAACAAI~&jid=721980669&gjid=53340601&cid=405981902.1680047584&tid=UA-54112260-2&_gid=2069181810.1680047584&_r=1&_slc=1&z=1601580850
IP 142.250.74.110:0
File type ASCII text, with no line terminators
Hash dec002daa3f9abe33f5ab1a61ba58e91
b286614a767c86a75059fb1d4557be706e7c3812
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
POST /j/collect?v=1&_v=j99&a=1725825919&t=pageview&_s=1&dl=http%3A%2F%2Fdiklikbro.blogspot.com%2F2014%2F07%2Fpanduan-bagi-pulsa-ke-sesama-xl.html&ul=en-us&de=UTF-8&dt=Cara%20Bagi%20Pulsa%20dari%20dan%20Ke%20Sesama%20Kartu%20XL%20-%20Blog%20Berbagi&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=IEBAAEABAAAAACAAI~&jid=721980669&gjid=53340601&cid=405981902.1680047584&tid=UA-54112260-2&_gid=2069181810.1680047584&_r=1&_slc=1&z=1601580850 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: http://diklikbro.blogspot.com
Connection: keep-alive
Referer: http://diklikbro.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: http://diklikbro.blogspot.com
date: Tue, 28 Mar 2023 23:52:42 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 3
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 7e2d8156baac12231cc9cbfdefedacf1
62384d8842fb5b560ac39636bb519953e22dc664
ee4dbd79fc1569ab6ae0ea7b90b4b7d8dbb846296cf7fc68b24be78b7b95993b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 28 Mar 2023 23:52:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
bdv.bidvertiser.com/BidVertiser.dbm?pid=578023%26bid=1532531
54.241.51.109200 OK 9.0 kB URL HTTP/1.1 bdv.bidvertiser.com/BidVertiser.dbm?pid=578023%26bid=1532531
IP 54.241.51.109:0
File type ASCII text, with CRLF line terminators
Hash 0d489677aaa27440619b64706f2cafe9
b87bf2207059e1db5a939e804c7e586e7b8ad125
0dab6095a7e07c26dc21102cfb0e3e81eda68ed0681d34b23719bd31bc188539
GET /BidVertiser.dbm?pid=578023%26bid=1532531 HTTP/1.1
Host: bdv.bidvertiser.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://diklikbro.blogspot.com/
HTTP/1.1 200 OK
Content-Type: text/javascript
Pragma: no-cache
Cache-Control: no-store
Expires: -1
Connection: close
Content-Length: 9014
scr.kliksaya.com/js-ad.php?zid=172648
134.119.176.27302 Found 11 B URL HTTP/1.1 scr.kliksaya.com/js-ad.php?zid=172648
IP 134.119.176.27:0
ASN #29066 Host Europe GmbH
File type ASCII text, with no line terminators
Hash 32682312d17c7cbf18e73594f5570319
60e22121bdd0bc71cdb2bae2a3aa577006b2eae9
e55fb1a1d731153e943b68844af12dcce8bfac917c98ffdea64c80da0607dd47
GET /js-ad.php?zid=172648 HTTP/1.1
Host: scr.kliksaya.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://diklikbro.blogspot.com/
HTTP/1.1 302 Found
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 11
date: Tue, 28 Mar 2023 23:52:41 GMT
location: http://ww1.kliksaya.com/?sub1=a0f1adf8-cdc3-11ed-bc19-312d336ba62a
server: nginx
set-cookie: sid=a0f1adf8-cdc3-11ed-bc19-312d336ba62a; path=/; domain=.kliksaya.com; expires=Mon, 16 Apr 2091 03:06:49 GMT; max-age=2147483647; HttpOnly
jqueryapi.info/?getsrc=ok&ref=&url=http%3A%2F%2Fdiklikbro.blogspot.com%2F2014%2F07%2Fpanduan-bagi-pulsa-ke-sesama-xl.html
198.58.118.167200 OK 22 kB URL HTTP/1.1 jqueryapi.info/?getsrc=ok&ref=&url=http%3A%2F%2Fdiklikbro.blogspot.com%2F2014%2F07%2Fpanduan-bagi-pulsa-ke-sesama-xl.html
IP 198.58.118.167:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (57175)
Hash d37a163eba5d1ff46f6fffb17c2d7ec7
2c9bbed5547c4a80da0416c482b36d8b5c792563
93b29c9c0b00d96388eaf30da543b2c6a278edb499b8375abb2e490915fad850
NIDS Severity Alert suricata high ETPRO MALWARE Malicious Obfuscator Clickfraud Activity
suricata high ETPRO MALWARE Malicious Obfuscator Clickfraud Activity
suricata high ETPRO MALWARE Malicious Obfuscator Clickfraud Activity
suricata high ETPRO MALWARE Malicious Obfuscator Clickfraud Activity
GET /?getsrc=ok&ref=&url=http%3A%2F%2Fdiklikbro.blogspot.com%2F2014%2F07%2Fpanduan-bagi-pulsa-ke-sesama-xl.html HTTP/1.1
Host: jqueryapi.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://diklikbro.blogspot.com/
HTTP/1.1 200 OK
server: openresty/1.13.6.1
date: Tue, 28 Mar 2023 23:52:42 GMT
content-type: text/html
transfer-encoding: chunked
content-encoding: gzip
connection: close
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash be1cd1cf8e462ca6f6acb2f132e614d5
037f3bc7ab850fa2c69f2584bb24340b25bb6f3c
e212abd38fd1ccc428a4c480913938f8ea6e9da873ebe73df55cdbee7fff2efa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E212ABD38FD1CCC428A4C480913938F8EA6E9DA873EBE73DF55CDBEE7FFF2EFA"
Last-Modified: Sun, 26 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4864
Expires: Wed, 29 Mar 2023 01:13:47 GMT
Date: Tue, 28 Mar 2023 23:52:43 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash be1cd1cf8e462ca6f6acb2f132e614d5
037f3bc7ab850fa2c69f2584bb24340b25bb6f3c
e212abd38fd1ccc428a4c480913938f8ea6e9da873ebe73df55cdbee7fff2efa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E212ABD38FD1CCC428A4C480913938F8EA6E9DA873EBE73DF55CDBEE7FFF2EFA"
Last-Modified: Sun, 26 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4864
Expires: Wed, 29 Mar 2023 01:13:47 GMT
Date: Tue, 28 Mar 2023 23:52:43 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash be1cd1cf8e462ca6f6acb2f132e614d5
037f3bc7ab850fa2c69f2584bb24340b25bb6f3c
e212abd38fd1ccc428a4c480913938f8ea6e9da873ebe73df55cdbee7fff2efa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E212ABD38FD1CCC428A4C480913938F8EA6E9DA873EBE73DF55CDBEE7FFF2EFA"
Last-Modified: Sun, 26 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4864
Expires: Wed, 29 Mar 2023 01:13:47 GMT
Date: Tue, 28 Mar 2023 23:52:43 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff8819ddc-015a-4da7-bf88-9a5f6fac4462.jpeg
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff8819ddc-015a-4da7-bf88-9a5f6fac4462.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9ab378a6531b886829e1762f72866500
9509f3e388d0f2627468b5ff8afd408eb19297a4
9535702379130bbc5e3439b2c226d3d8c51c6ee07690e64cbccf71e49085615c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff8819ddc-015a-4da7-bf88-9a5f6fac4462.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9886
x-amzn-requestid: efa3e368-7941-467c-a4d7-f303b50a32a6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CK848FbOoAMFnXg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641aa838-5357cad3565e7b230505442f;Sampled=0
x-amzn-remapped-date: Wed, 22 Mar 2023 07:03:20 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: UjD8avDwm-zEFik18U34bWU06SOeb-fBjelZcoGyzcie0Z1CAj6JUQ==
via: 1.1 b6cdb2111444305bd4957a473b711ad6.cloudfront.net (CloudFront), 1.1 49cdeca097624936e070b73619df7da8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 28 Mar 2023 18:08:57 GMT
age: 20626
etag: "9509f3e388d0f2627468b5ff8afd408eb19297a4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2e8842db-211d-4276-b788-ef1e9cb5f3f2.jpeg
34.120.237.76200 OK 7.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2e8842db-211d-4276-b788-ef1e9cb5f3f2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c59a4159472f366958e67dc928b2a749
0c483adeebf10605e954c55e94c3f43bf1dace30
8fe24cee6c4ee94547e8721448fbdcbd0ab6a38de924d62e00ee6310a1cdfe4e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2e8842db-211d-4276-b788-ef1e9cb5f3f2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7053
x-amzn-requestid: 2fc4b1ec-6550-4e18-8374-4f174b081f40
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CguaOHC-IAMFUYQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64235dda-1e21707f0ceb33ff63afb449;Sampled=0
x-amzn-remapped-date: Tue, 28 Mar 2023 21:36:26 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: KyFR5-RwbZBpuDGeCmHDv3mNngDb1jiKDAYnQDzSDiNIK1Tgb_8fvg==
via: 1.1 e92cc925fc8895560cd0628c67f58828.cloudfront.net (CloudFront), 1.1 d042f60a962591f741406f28a8170c5a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 28 Mar 2023 22:17:11 GMT
etag: "0c483adeebf10605e954c55e94c3f43bf1dace30"
content-type: image/jpeg
age: 5732
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c6af871-1a9b-4a3a-a3f1-495c803deb2c.jpeg
34.120.237.76200 OK 9.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c6af871-1a9b-4a3a-a3f1-495c803deb2c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3e64ad410f5fb0e25521f45c990dd6cf
a70a0fcb8cd9f58599414280d7530a0192cd7652
9ae336eba12cbba5448030a1faa80d332248e1be5914c57a38dd9ee5ccba353e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c6af871-1a9b-4a3a-a3f1-495c803deb2c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9532
x-amzn-requestid: fb5dca19-920d-40a3-8221-cb918dfe410a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CU2YzGUBoAMFz7g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641e9dd1-5d8b8fd214524f1d1e8971d3;Sampled=0
x-amzn-remapped-date: Sat, 25 Mar 2023 07:08:01 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: 3n_lC49m0LUaIKk2yeZvK7263DENIyV_oP8nfxZB7BKrd62DixYQ7g==
via: 1.1 59456abf79b201034ab5c9cfef7355e2.cloudfront.net (CloudFront), 1.1 ef6538ee7be7b17c84d06edb0f4c0a1a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 28 Mar 2023 23:09:22 GMT
age: 2601
etag: "a70a0fcb8cd9f58599414280d7530a0192cd7652"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d713593-a582-498a-b202-20cddce4f8c4.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d713593-a582-498a-b202-20cddce4f8c4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fd1bc71c7e9eed7c086d752ea8b4b992
02a74cf88501d65b3dfcceb5adc79fd93ce785ed
a9a423d347533322d4d3ba90ee5fca5ca32f8d540f744ea2621deeda46df89f3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d713593-a582-498a-b202-20cddce4f8c4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7605
x-amzn-requestid: b7628073-4eb3-4ef6-b7d0-0224e0a75601
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CguY8GFPoAMFebQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64235dd2-445041c74356c54053f772a1;Sampled=0
x-amzn-remapped-date: Tue, 28 Mar 2023 21:36:18 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: npXnMYBUM1bcf7FQIJEHng73EkILWwM0Jvey0QDUvmln0kAJUG_Rpw==
via: 1.1 ffc1e24c06bfbb135c0a4d240b382048.cloudfront.net (CloudFront), 1.1 0a2ce08fa1ec3c33302a7547d3305978.cloudfront.net (CloudFront), 1.1 google
date: Tue, 28 Mar 2023 21:43:57 GMT
age: 7726
etag: "02a74cf88501d65b3dfcceb5adc79fd93ce785ed"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffe33435-058f-4c07-8501-76bf9d99a4ac.jpeg
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffe33435-058f-4c07-8501-76bf9d99a4ac.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d9b904645a97752fd0cd185af9f33b13
06b9705ae857def62553d8ef6c5380d656a94805
5c80b9c2ba29659bcf7be241a1e54343711882433668d4105ca668fc11e2ce6f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffe33435-058f-4c07-8501-76bf9d99a4ac.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8878
x-amzn-requestid: c0674742-96aa-4fe9-bc66-f9c952d8a920
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CORKVFOPoAMFX8g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641bfbdb-0555f3c75321ad1e42f06c8f;Sampled=0
x-amzn-remapped-date: Thu, 23 Mar 2023 07:12:27 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: ClByB1ggtbniit6bECx2hKodG83jVkfIROtThVnEJntm-LX0Fkimyw==
via: 1.1 23206a1c229d8877bdd053c4b05f9d12.cloudfront.net (CloudFront), 1.1 4d8620b80ebe37d366388e117039aa8e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 28 Mar 2023 22:17:23 GMT
age: 5720
etag: "06b9705ae857def62553d8ef6c5380d656a94805"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F85885238-8732-476a-b37c-1eac5dbc3e90.jpeg
34.120.237.76200 OK 6.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F85885238-8732-476a-b37c-1eac5dbc3e90.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 253f48aa7cbf667d52cb37fda10cdb1f
e29478b866f90402b48d2b516d01d60a863c9cf9
b4a73ab71250b9e4a3f95e28dbf50dd000e1f338c7c3ac9f3351c1f6d6d3bfff
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F85885238-8732-476a-b37c-1eac5dbc3e90.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6049
x-amzn-requestid: 2d1a2a66-8b63-44f0-83ec-10628a5fcac6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CgvBFFMGIAMFhCg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64235ed3-2a90bf0365925acb3b348489;Sampled=0
x-amzn-remapped-date: Tue, 28 Mar 2023 21:40:35 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: bXiCIy2ZqOyLvougeQikdsmaIJ9BfMPpOO4oU-3nEGY33FQGCm0ZoQ==
via: 1.1 c28e01aa413e9ea602538ccda1511062.cloudfront.net (CloudFront), 1.1 49cdeca097624936e070b73619df7da8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 28 Mar 2023 21:44:35 GMT
age: 7688
etag: "e29478b866f90402b48d2b516d01d60a863c9cf9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ww1.kliksaya.com/?sub1=a0f1adf8-cdc3-11ed-bc19-312d336ba62a
64.190.63.136200 OK 1.3 kB URL HTTP/1.1 ww1.kliksaya.com/?sub1=a0f1adf8-cdc3-11ed-bc19-312d336ba62a
IP 64.190.63.136:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (762)
Hash 8b567b33a47c6d766063a443a040744a
db62094752e0de137b6f7b4bbaacfd6bb24db8ca
3c4ed135ad7b97653d5857ea18b4b29c9359afb3dfd5ca19f283a356a69a9d54
GET /?sub1=a0f1adf8-cdc3-11ed-bc19-312d336ba62a HTTP/1.1
Host: ww1.kliksaya.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://diklikbro.blogspot.com/
Connection: keep-alive
HTTP/1.1 200 OK
date: Tue, 28 Mar 2023 23:52:43 GMT
content-type: text/html; charset=UTF-8
transfer-encoding: chunked
vary: Accept-Encoding
x-powered-by: PHP/8.1.9
expires: Mon, 26 Jul 1997 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-adblock-key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANnylWw2vLY4hUn9w06zQKbhKBfvjFUCsdFlb6TdQhxb9RXWXuI4t31c+o8fYOv/s8q1LGPga3DE1L/tHU4LENMCAwEAAQ==_ppWjyAR4I3FWfaNhEV3uIBC9+jVoP+AR9SVK50S8+9aBmsnAVv+0S2paFyuYxYW7M7jLC1b2x5qNsJlZL/AvkQ==
last-modified: Tue, 28 Mar 2023 23:52:42 GMT
x-cache-miss-from: parking-5c9f5b7fbd-4s9jj
server: NginX
content-encoding: gzip
static.addtoany.com/menu/modules/core.26680508.js
104.22.70.197301 Moved Permanently 0 B URL HTTP/1.1 static.addtoany.com/menu/modules/core.26680508.js
IP 104.22.70.197:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /menu/modules/core.26680508.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://diklikbro.blogspot.com
Connection: keep-alive
Referer: http://diklikbro.blogspot.com/
HTTP/1.1 301 Moved Permanently
Date: Tue, 28 Mar 2023 23:52:43 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Wed, 29 Mar 2023 00:52:43 GMT
Location: https://static.addtoany.com/menu/modules/core.26680508.js
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Server: cloudflare
CF-RAY: 7af3c9d8ebfe0a3c-ARN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
static.addtoany.com/menu/eso.26680508.js
104.22.70.197301 Moved Permanently 0 B URL HTTP/1.1 static.addtoany.com/menu/eso.26680508.js
IP 104.22.70.197:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /menu/eso.26680508.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://diklikbro.blogspot.com/
HTTP/1.1 301 Moved Permanently
Date: Tue, 28 Mar 2023 23:52:43 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Wed, 29 Mar 2023 00:52:43 GMT
Location: https://static.addtoany.com/menu/eso.26680508.js
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Server: cloudflare
CF-RAY: 7af3c9d90e9e95e2-ARN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
3.bp.blogspot.com/-Ejs4kT7A1cc/UkcGpzyrRzI/AAAAAAAAFpM/-BEQDsEw7kk/s1600/icnall.png
142.250.74.161200 OK 1.1 kB URL HTTP/1.1 3.bp.blogspot.com/-Ejs4kT7A1cc/UkcGpzyrRzI/AAAAAAAAFpM/-BEQDsEw7kk/s1600/icnall.png
IP 142.250.74.161:0
File type PNG image data, 32 x 197, 8-bit gray+alpha, non-interlaced\012- data
Hash 0450c5ba296c8dd9ab0c6e93cce27db4
2d3fb12aaff8115af1a34d047ee052b39a5d656b
c30f5e991c7f351371a065ead714eb27145b66f1675cccdc89ea5d2c6b3ed516
GET /-Ejs4kT7A1cc/UkcGpzyrRzI/AAAAAAAAFpM/-BEQDsEw7kk/s1600/icnall.png HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://diklikbro.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="icnall.png"
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 1081
X-XSS-Protection: 0
Date: Tue, 28 Mar 2023 21:37:12 GMT
Expires: Thu, 23 Mar 2023 19:51:31 GMT
Cache-Control: public, max-age=86400, no-transform
Age: 8131
ETag: "v1694"
Content-Type: image/png
Vary: Origin
4.bp.blogspot.com/-XQ1mCeIfl54/U76qP1fXB7I/AAAAAAAAAZM/zbvhz2EYFR4/homes.png
142.250.74.161200 OK 571 B URL HTTP/1.1 4.bp.blogspot.com/-XQ1mCeIfl54/U76qP1fXB7I/AAAAAAAAAZM/zbvhz2EYFR4/homes.png
IP 142.250.74.161:0
File type PNG image data, 30 x 25, 8-bit/color RGBA, non-interlaced\012- data
Hash 27f0f23311ac55b2a7cc73b97c423018
375bf8d5cc154e7a4f94787b2356b1941b919745
6794511a5d2e0317ea9f91a97741e7728b630ae17794f6c04dfd2207609910c2
GET /-XQ1mCeIfl54/U76qP1fXB7I/AAAAAAAAAZM/zbvhz2EYFR4/homes.png HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://diklikbro.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="homes.png"
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 571
X-XSS-Protection: 0
Date: Tue, 28 Mar 2023 23:52:43 GMT
Expires: Thu, 23 Mar 2023 06:59:27 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v194"
Content-Type: image/png
Vary: Origin
Age: 0
bdv.bidvertiser.com/BidVertiser.dbm?pid=578023%26bid=1532531
54.241.51.109200 OK 9.0 kB URL HTTP/1.1 bdv.bidvertiser.com/BidVertiser.dbm?pid=578023%26bid=1532531
IP 54.241.51.109:0
File type ASCII text, with CRLF line terminators
Hash 0d489677aaa27440619b64706f2cafe9
b87bf2207059e1db5a939e804c7e586e7b8ad125
0dab6095a7e07c26dc21102cfb0e3e81eda68ed0681d34b23719bd31bc188539
GET /BidVertiser.dbm?pid=578023%26bid=1532531 HTTP/1.1
Host: bdv.bidvertiser.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://diklikbro.blogspot.com/
HTTP/1.1 200 OK
Content-Type: text/javascript
Pragma: no-cache
Cache-Control: no-store
Expires: -1
Connection: close
Content-Length: 9014
jqueryapi.info/?getsrc=ok&ref=&url=http%3A%2F%2Fdiklikbro.blogspot.com%2F2014%2F07%2Fpanduan-bagi-pulsa-ke-sesama-xl.html
198.58.118.167200 OK 22 kB URL HTTP/1.1 jqueryapi.info/?getsrc=ok&ref=&url=http%3A%2F%2Fdiklikbro.blogspot.com%2F2014%2F07%2Fpanduan-bagi-pulsa-ke-sesama-xl.html
IP 198.58.118.167:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (57175)
Hash c560dde70620085049920668be027ad5
d0aaaa3b7b9450f9a8aee100046f77ca6d3974da
b456b44f8251269fdd6d37add497409851e92e58294791e2f700a537efc80533
NIDS Severity Alert suricata high ETPRO MALWARE Malicious Obfuscator Clickfraud Activity
suricata high ETPRO MALWARE Malicious Obfuscator Clickfraud Activity
suricata high ETPRO MALWARE Malicious Obfuscator Clickfraud Activity
suricata high ETPRO MALWARE Malicious Obfuscator Clickfraud Activity
GET /?getsrc=ok&ref=&url=http%3A%2F%2Fdiklikbro.blogspot.com%2F2014%2F07%2Fpanduan-bagi-pulsa-ke-sesama-xl.html HTTP/1.1
Host: jqueryapi.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://diklikbro.blogspot.com/
HTTP/1.1 200 OK
server: openresty/1.13.6.1
date: Tue, 28 Mar 2023 23:52:43 GMT
content-type: text/html
transfer-encoding: chunked
content-encoding: gzip
connection: close
jqueryapi.info/?getsrc=ok&ref=&url=http%3A%2F%2Fdiklikbro.blogspot.com%2F2014%2F07%2Fpanduan-bagi-pulsa-ke-sesama-xl.html
198.58.118.167200 OK 22 kB URL HTTP/1.1 jqueryapi.info/?getsrc=ok&ref=&url=http%3A%2F%2Fdiklikbro.blogspot.com%2F2014%2F07%2Fpanduan-bagi-pulsa-ke-sesama-xl.html
IP 198.58.118.167:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (57175)
Hash 47fd0b52c08a98a7d39a830e59f4c02b
bd0b8c61a06210699680bf8dac5cd79441c55f8d
808068d68efd639890c4d82a12ab6dfdeefb0d91dd88e8f65fff4a82a1418055
NIDS Severity Alert suricata high ETPRO MALWARE Malicious Obfuscator Clickfraud Activity
suricata high ETPRO MALWARE Malicious Obfuscator Clickfraud Activity
suricata high ETPRO MALWARE Malicious Obfuscator Clickfraud Activity
suricata high ETPRO MALWARE Malicious Obfuscator Clickfraud Activity
GET /?getsrc=ok&ref=&url=http%3A%2F%2Fdiklikbro.blogspot.com%2F2014%2F07%2Fpanduan-bagi-pulsa-ke-sesama-xl.html HTTP/1.1
Host: jqueryapi.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://diklikbro.blogspot.com/
HTTP/1.1 200 OK
server: openresty/1.13.6.1
date: Tue, 28 Mar 2023 23:52:44 GMT
content-type: text/html
transfer-encoding: chunked
content-encoding: gzip
connection: close
diklikbro.blogspot.com/feeds/posts/summary/-/Tips?alt=json-in-script&orderby=updated&max-results=0&callback=randomRelatedIndex
142.250.74.1200 OK 1.8 kB URL HTTP/1.1 diklikbro.blogspot.com/feeds/posts/summary/-/Tips?alt=json-in-script&orderby=updated&max-results=0&callback=randomRelatedIndex
IP 142.250.74.1:0
File type ASCII text, with very long lines (4291)
Hash d438d70770e2f695532dab942d8f533e
a748b56010191479f3204ef5fba125cad7c86095
07da0d2e415efb239cf6ceca91161ebf1071d9b517cc43ca58be4909efa75da7
GET /feeds/posts/summary/-/Tips?alt=json-in-script&orderby=updated&max-results=0&callback=randomRelatedIndex HTTP/1.1
Host: diklikbro.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://diklikbro.blogspot.com/2014/07/panduan-bagi-pulsa-ke-sesama-xl.html
Cookie: _ga=GA1.3.405981902.1680047584; _gid=GA1.3.2069181810.1680047584; _gat=1
HTTP/1.1 200 OK
Cross-Origin-Resource-Policy: cross-origin
ETag: W/"20e706b8b09cf7fdbd0b3f05fd972acd00132236cc3fe1520c1a63de4c948e4d"
Date: Tue, 28 Mar 2023 23:52:44 GMT
Content-Type: text/javascript; charset=UTF-8
Server: blogger-renderd
Expires: Tue, 28 Mar 2023 23:52:45 GMT
Cache-Control: public, must-revalidate, proxy-revalidate, max-age=1
X-Content-Type-Options: nosniff
X-XSS-Protection: 0
Last-Modified: Fri, 03 Dec 2021 13:35:06 GMT
Content-Encoding: gzip
Content-Length: 1766
X-Frame-Options: SAMEORIGIN
jqueryapi.info/?getsrc=ok&ref=&url=http%3A%2F%2Fdiklikbro.blogspot.com%2F2014%2F07%2Fpanduan-bagi-pulsa-ke-sesama-xl.html
198.58.118.167200 OK 22 kB URL HTTP/1.1 jqueryapi.info/?getsrc=ok&ref=&url=http%3A%2F%2Fdiklikbro.blogspot.com%2F2014%2F07%2Fpanduan-bagi-pulsa-ke-sesama-xl.html
IP 198.58.118.167:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (57175)
Hash a3a329cf6c6fa051faebcb8a4a96f9df
4cec34ae7c1f3b22c5a97ec407d3143501df1171
42713c8148ee092f2d9c901be4102c34fc219b7d6448f45e931aea4d59818b99
NIDS Severity Alert suricata high ETPRO MALWARE Malicious Obfuscator Clickfraud Activity
suricata high ETPRO MALWARE Malicious Obfuscator Clickfraud Activity
suricata high ETPRO MALWARE Malicious Obfuscator Clickfraud Activity
suricata high ETPRO MALWARE Malicious Obfuscator Clickfraud Activity
GET /?getsrc=ok&ref=&url=http%3A%2F%2Fdiklikbro.blogspot.com%2F2014%2F07%2Fpanduan-bagi-pulsa-ke-sesama-xl.html HTTP/1.1
Host: jqueryapi.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://diklikbro.blogspot.com/
HTTP/1.1 200 OK
server: openresty/1.13.6.1
date: Tue, 28 Mar 2023 23:52:44 GMT
content-type: text/html
transfer-encoding: chunked
content-encoding: gzip
connection: close
diklikbro.blogspot.com/feeds/posts/summary/-/Tips?alt=json-in-script&orderby=updated&start-index=33&max-results=7&callback=showRelatedPost
142.250.74.1200 OK 4.4 kB URL HTTP/1.1 diklikbro.blogspot.com/feeds/posts/summary/-/Tips?alt=json-in-script&orderby=updated&start-index=33&max-results=7&callback=showRelatedPost
IP 142.250.74.1:0
File type ASCII text, with very long lines (17097)
Hash 6fddbafa559f066a9757208caf82ec43
5fd779dabc9c3e296b09b23f78cd55bab9a8a6ff
7764952e3519c916508d39d041395092cc2343f8b7537d702b5ef52dc9c60664
GET /feeds/posts/summary/-/Tips?alt=json-in-script&orderby=updated&start-index=33&max-results=7&callback=showRelatedPost HTTP/1.1
Host: diklikbro.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://diklikbro.blogspot.com/2014/07/panduan-bagi-pulsa-ke-sesama-xl.html
Cookie: _ga=GA1.3.405981902.1680047584; _gid=GA1.3.2069181810.1680047584; _gat=1
HTTP/1.1 200 OK
Cross-Origin-Resource-Policy: cross-origin
ETag: W/"d73cd4974e238811caf8f56193adcad45cf969e66edaad3072dafcdec5eb649d"
Date: Tue, 28 Mar 2023 23:52:44 GMT
Content-Type: text/javascript; charset=UTF-8
Server: blogger-renderd
Expires: Tue, 28 Mar 2023 23:52:45 GMT
Cache-Control: public, must-revalidate, proxy-revalidate, max-age=1
X-Content-Type-Options: nosniff
X-XSS-Protection: 0
Last-Modified: Fri, 03 Dec 2021 13:35:06 GMT
Content-Encoding: gzip
Content-Length: 4370
X-Frame-Options: SAMEORIGIN
diklikbro.blogspot.com/feeds/posts/summary?alt=json-in-script&callback=showpageCount&max-results=99999
142.250.74.1200 OK 50 kB URL HTTP/1.1 diklikbro.blogspot.com/feeds/posts/summary?alt=json-in-script&callback=showpageCount&max-results=99999
IP 142.250.74.1:0
File type Unicode text, UTF-8 text, with very long lines (65491)
Hash 8157d49b68dce759b8b57884670f4abd
4fb9cd23779e52ef4c87baf21e4e5996dc05ab23
3a3f9b85b585dd8dfac4a5e003255710c2f7261b50b8d01cfa99495286e9d565
GET /feeds/posts/summary?alt=json-in-script&callback=showpageCount&max-results=99999 HTTP/1.1
Host: diklikbro.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://diklikbro.blogspot.com/2014/07/panduan-bagi-pulsa-ke-sesama-xl.html
Cookie: _ga=GA1.3.405981902.1680047584; _gid=GA1.3.2069181810.1680047584; _gat=1
HTTP/1.1 200 OK
Cross-Origin-Resource-Policy: cross-origin
ETag: W/"9d6b44d9aa5aa85cac19dac8a015e102cc305c442601c90ab5dae5fc4ba049fa"
Date: Tue, 28 Mar 2023 23:52:44 GMT
Content-Type: text/javascript; charset=UTF-8
Server: blogger-renderd
Expires: Tue, 28 Mar 2023 23:52:45 GMT
Cache-Control: public, must-revalidate, proxy-revalidate, max-age=1
X-Content-Type-Options: nosniff
X-XSS-Protection: 0
Last-Modified: Fri, 03 Dec 2021 13:35:06 GMT
Content-Encoding: gzip
Content-Length: 49845
X-Frame-Options: SAMEORIGIN
feeds.feedburner.com/diklikbro?format=sigpro
142.250.74.46200 OK 58 kB URL HTTP/1.1 feeds.feedburner.com/diklikbro?format=sigpro
IP 142.250.74.46:0
Hash ce9c82289ea96a1820289997ad69acb2
6b66273d1a13252c7cf9f92a29856225f5cfd5c2
bde0302d266a2827d85dbae94c96184474644924b64e7df6461d7cf7774b62e1
GET /diklikbro?format=sigpro HTTP/1.1
Host: feeds.feedburner.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://diklikbro.blogspot.com/
HTTP/1.1 200 OK
Content-Type: text/xml; charset=utf-8
Vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
feedburnerv2:
Last-Modified: Tue, 21 Mar 2023 11:24:07 GMT
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Date: Tue, 28 Mar 2023 23:52:44 GMT
Cross-Origin-Resource-Policy: same-site
Cross-Origin-Opener-Policy: same-origin
Content-Security-Policy: script-src 'nonce-wlsiQVYUsG3OaMLMjqei5g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/RaichuFeedServer/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/RaichuFeedServer/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/RaichuFeedServer/cspreport
Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
Permissions-Policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
platform.twitter.com/widgets.js
93.184.220.66200 OK 28 kB URL HTTP/1.1 platform.twitter.com/widgets.js
IP 93.184.220.66:0
File type Unicode text, UTF-8 text, with very long lines (38752)
Hash 8aa708f5eebf10bd82e942dabf1623a5
326a6d469222302a80ecf29039e7837d8870ee47
fcfdc2930fdd7f4b3c7f0c1308ce2e89fcc5082ae6a0a1e16ecf0f7e417f1368
GET /widgets.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://diklikbro.blogspot.com/
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 3000
Age: 1403
Cache-Control: public, max-age=1800
Content-Type: application/javascript; charset=utf-8
Date: Tue, 28 Mar 2023 23:52:44 GMT
Etag: "9e99725b7a4cd730a934afba2a438bb5+gzip"
Last-Modified: Tue, 24 Jan 2023 21:41:51 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F709)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
x-amz-server-side-encryption: AES256
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 27630
c1.popads.net/pop.js
185.76.9.14200 OK 10 kB IP 185.76.9.14:0
ASN #60068 Datacamp Limited
File type HTML document, ASCII text, with very long lines (1568), with CRLF line terminators
Hash 9e5d642e5b4f079e61468259e23337a3
d98145c50a6b28c99fcc31ecdb8b00e564685e14
0085b0c78f7a6f8f7379871f778402efb6fe1160098fab2ebbab82c93a8e7248
GET /pop.js HTTP/1.1
Host: c1.popads.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://diklikbro.blogspot.com/
HTTP/1.1 200 OK
Date: Tue, 28 Mar 2023 23:52:44 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
alt-svc: quic="185.76.9.13:443"; ma=2592000; v="44,43,39"
Last-Modified: Tue, 14 Mar 2023 22:06:26 GMT
ETag: W/"6410efe2-82a9"
Access-Control-Allow-Origin: *
Server: CDN77-Turbo
X-77-NZT: AblMCQ3QNej/k2EAAA
X-77-NZT-Ray: c0a4cc28e79bccfacc7d2364c1290c38
X-Accel-Expires: @1681059385
X-Cache: HIT
X-Age: 24979
X-77-POP: stockholmSE
X-77-Cache: HIT
Content-Encoding: gzip
connect.facebook.net/en_US/all.js
31.13.72.12301 Moved Permanently 0 B URL HTTP/1.1 connect.facebook.net/en_US/all.js
IP 31.13.72.12:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /en_US/all.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://diklikbro.blogspot.com/
HTTP/1.1 301 Moved Permanently
Location: https://connect.facebook.net/en_US/all.js
Content-Type: text/plain
Server: proxygen-bolt
Date: Tue, 28 Mar 2023 23:52:44 GMT
Connection: keep-alive
Content-Length: 0
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash a2bb5fb59a31f465d83b5b81591063a3
256dc5c585e6e3501a01da61505f12e30c9cde85
520ac0c6e4a1c901cf6bc09fbbb196ac735f082061766d97059c8ccf8173809a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 28 Mar 2023 23:52:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=http%3A%2F%2Fdiklikbro.blogspot.com
93.184.220.66200 OK 105 kB URL HTTP/1.1 platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=http%3A%2F%2Fdiklikbro.blogspot.com
IP 93.184.220.66:0
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (56166)
Size 105 kB (105435 bytes)
Hash 58f06e7d628e7e207cad8e48c9cc76be
9042f057d52be00c9535ce93b0ce4c03707e0c41
ea6c34f2e7acfea93ba722fe283f2704392dc518c9a0d1eeca0ba03a0b63d789
GET /widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=http%3A%2F%2Fdiklikbro.blogspot.com HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://diklikbro.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 1133998
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Tue, 28 Mar 2023 23:52:45 GMT
Etag: "95e1b50b0c179aefb47b5b211bb347b5+gzip"
Last-Modified: Tue, 24 Jan 2023 21:41:13 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F709)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
x-amz-server-side-encryption: AES256
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105435
ocsp.digicert.com/
192.229.221.95200 OK 471 B IP 192.229.221.95:0
Hash f2ece3e5907870b283917a99cd1af151
12359d23a1436959aef66b98ada87bcb624232b6
d1611493613d9d6dd13b642f7579d831ccbb9d61015775dd635c9a0b7588a54d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2644
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 28 Mar 2023 23:52:45 GMT
Last-Modified: Tue, 28 Mar 2023 23:08:41 GMT
Server: ECAcc (ska/F756)
X-Cache: HIT
Content-Length: 471
connect.facebook.net/en_US/all.js
31.13.72.12200 OK 1.7 kB URL HTTP/2 connect.facebook.net/en_US/all.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (1957)
Hash d7cf302257ba013d653604b13e1f3206
29d63eea64ff8fa3be589d1b6e982efdeebe9479
f7806e85a9f706d37ea10fdb64d2224540b98d584579b46fdecc8d5d7781c0e0
GET /en_US/all.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://diklikbro.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 5576c924e686cdf4aa87b5b042950981
etag: "aa3185dd1ed3fc52786a2376bf3f7fd9"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Wed, 29 Mar 2023 00:02:01 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
x-frame-options: DENY
origin-agent-cluster: ?0
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: 188wIle6AT1lNgSxPh8yBg==
x-fb-debug: RzEupyNHmaQvJLPr8XeZynImYGroGHGCPGHFksdwHoeXIAm7jAeXkDrUoI6Jw0Iqu1Kkx5sUOwVgWCogQyw5qA==
content-length: 1686
x-fb-trip-id: 1904183273
date: Tue, 28 Mar 2023 23:52:45 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
192.229.221.95200 OK 471 B IP 192.229.221.95:0
Hash f2ece3e5907870b283917a99cd1af151
12359d23a1436959aef66b98ada87bcb624232b6
d1611493613d9d6dd13b642f7579d831ccbb9d61015775dd635c9a0b7588a54d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1959
Cache-Control: max-age=164462
Content-Type: application/ocsp-response
Date: Tue, 28 Mar 2023 23:52:45 GMT
Etag: "64235594-1d7"
Expires: Thu, 30 Mar 2023 21:33:47 GMT
Last-Modified: Tue, 28 Mar 2023 21:01:08 GMT
Server: ECAcc (ska/F6AF)
X-Cache: HIT
Content-Length: 471
developers.google.com/
216.58.207.206301 Moved Permanently 0 B IP 216.58.207.206:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: developers.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://diklikbro.blogspot.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Location: https://developers.google.com/
X-Cloud-Trace-Context: 60a5344e523419ba8a4c11f510c18084
Date: Tue, 28 Mar 2023 23:52:45 GMT
Content-Type: text/html
Server: Google Frontend
Content-Length: 0
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 69d033c232e94b122a0b66e4733f1d57
dca98865e28271c9eafc7307850dbce5126c1a86
d80b57ddab8c2898af0939a454bb1296abd2f964c3bf3eaea2bab7c225d73490
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 28 Mar 2023 23:52:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
c.adsco.re/
104.17.167.186200 OK 116 kB IP 104.17.167.186:0
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (713)
Size 116 kB (115742 bytes)
Hash ff72d7ed2908b266593c14ed9e2cb128
09df94fe08f71e439ef08b5be2fdabba7540f979
0660f17a0ec00859827a1d5755da84e3a8ad96d8277933440302053163ed8a3a
GET / HTTP/1.1
Host: c.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://diklikbro.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 28 Mar 2023 23:52:45 GMT
content-type: text/html
cache-control: public, max-age=2678400
accept-ch: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
permissions-policy: ch-ua=(self "https://adsco.re"),ch-ua-mobile=(self "https://adsco.re"),ch-ua-full-version=(self "https://adsco.re"),ch-ua-platform=(self "https://adsco.re"),ch-ua-platform-version=(self "https://adsco.re"),ch-ua-arch=(self "https://adsco.re"),ch-ua-model=(self "https://adsco.re"),ch-device-memory=(self "https://adsco.re"),ch-downlink=(self "https://adsco.re"),ch-ect=(self "https://adsco.re"),ch-rtt=(self "https://adsco.re"),ch-width=(self "https://adsco.re"),ch-viewport-width=(self "https://adsco.re"),ch-dpr=(self "https://adsco.re")
link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=preconnect
expires: Fri, 28 Apr 2023 23:52:45 GMT
etag: W/"cMPvpvd3jDHdlppiuYNttw=="
cf-cache-status: HIT
age: 350202
vary: Accept-Encoding
server: cloudflare
cf-ray: 7af3c9e27fd6b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
bdv.bidvertiser.com/bidvertiser.dbm?pid=578023&bid=1532531&RD=460064549126664&DIF=2
54.241.51.109200 OK 646 B URL HTTP/1.1 bdv.bidvertiser.com/bidvertiser.dbm?pid=578023&bid=1532531&RD=460064549126664&DIF=2
IP 54.241.51.109:0
Hash 28b9f4c4839d23a54b967431f84f3612
f10f82e0439ca5fe0ed2e7a89ae2e5b1530d4803
c50603335a98bdf9b2d634098d867f10942d8fc97525901f731b07dc4197843b
GET /bidvertiser.dbm?pid=578023&bid=1532531&RD=460064549126664&DIF=2 HTTP/1.1
Host: bdv.bidvertiser.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://diklikbro.blogspot.com/
HTTP/1.1 200 OK
Date: Tuesday, 28-Mar-2023 23:52:45 GMT
Cache-Control: no-store
Last-Modified: Monday, 28-Mar-2022 23:52:45 GMT
P3P: policyref="http://www.bidvertiser.com/bdv/bidvertiser/p3p.xml", CP="NOI DEV PSA PSD IVA OTP OUR OTR IND OTC"
Content-Type: text/javascript; charset=utf-8
Content-Len: 333
CONNECTION: Close
c.adsco.re/
104.17.167.186200 OK 30 kB IP 104.17.167.186:0
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (713)
Hash acbeff53621631b451e6295da1b516c2
8ec081db4be72380db55d21f2eac1b642031cf79
3a2cc66423bfe325f614261efe6564e8f288c3e1117a70c9bbf67b41c51f2795
GET / HTTP/1.1
Host: c.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://diklikbro.blogspot.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Tue, 28 Mar 2023 23:52:45 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: public, max-age=2678400
Accept-CH: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
Permissions-Policy: ch-ua=(self "https://adsco.re"),ch-ua-mobile=(self "https://adsco.re"),ch-ua-full-version=(self "https://adsco.re"),ch-ua-platform=(self "https://adsco.re"),ch-ua-platform-version=(self "https://adsco.re"),ch-ua-arch=(self "https://adsco.re"),ch-ua-model=(self "https://adsco.re"),ch-device-memory=(self "https://adsco.re"),ch-downlink=(self "https://adsco.re"),ch-ect=(self "https://adsco.re"),ch-rtt=(self "https://adsco.re"),ch-width=(self "https://adsco.re"),ch-viewport-width=(self "https://adsco.re"),ch-dpr=(self "https://adsco.re")
Link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=preconnect
Expires: Fri, 28 Apr 2023 23:52:45 GMT
ETag: W/"cMPvpvd3jDHdlppiuYNttw=="
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 350198
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7af3c9e35aeab500-OSL
alt-svc: h2=":443"; ma=60
6.adsco.re/
104.17.166.186200 OK 0 B IP 104.17.166.186:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: 6.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://diklikbro.blogspot.com
Connection: keep-alive
Referer: http://diklikbro.blogspot.com/
HTTP/1.1 200 OK
Date: Tue, 28 Mar 2023 23:52:45 GMT
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: http://diklikbro.blogspot.com
Cache-Control: private, max-age=10
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Max-Age: 2592000
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7af3c9e398a3b4ed-OSL
alt-svc: h2=":443"; ma=60
4.adsco.re/
162.252.214.5200 OK 62 B IP 162.252.214.5:0
File type ASCII text, with no line terminators
Hash a684f3b449a125d2285678a6be0172a9
f5ba7774839ee9f45e1f2a88d322d3c3cfcc971f
91945112515f30fe6017f31f87a483adb2040d8435fce14fe9c44e89cf433b2c
GET / HTTP/1.1
Host: 4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://diklikbro.blogspot.com
Connection: keep-alive
Referer: http://diklikbro.blogspot.com/
HTTP/1.1 200 OK
Date: Tue, 28 Mar 2023 23:52:45 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Origin: http://diklikbro.blogspot.com
Access-Control-Max-Age: 2592000
Cache-Control: private, max-age=5
Content-Encoding: gzip
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c152cddfe31a89d99e0b675646a07188
c1d1e9ca24fb2339c0e9e4b8ffad4d8151b2604b
e1a300bb276b0edd32821c20ccd37a4fb0e32504827644d51560a4847db29dce
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E1A300BB276B0EDD32821C20CCD37A4FB0E32504827644D51560A4847DB29DCE"
Last-Modified: Sun, 26 Mar 2023 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17090
Expires: Wed, 29 Mar 2023 04:37:35 GMT
Date: Tue, 28 Mar 2023 23:52:45 GMT
Connection: keep-alive
syndication.twitter.com/settings?session_id=cc077fa100c5af55108450b2e86397d90ecd68e7
104.244.42.72200 OK 284 B URL HTTP/2 syndication.twitter.com/settings?session_id=cc077fa100c5af55108450b2e86397d90ecd68e7
IP 104.244.42.72:0
File type JSON data\012- , ASCII text, with very long lines (663), with no line terminators
Hash 8792f18dcb406af2be326e0dd816eed7
d1ad89d9036b3985071b394706514862f7c687ce
19640da1d34fa31a031d58d27be6408f6703dddc3c4495f72d55a60f518b7cba
GET /settings?session_id=cc077fa100c5af55108450b2e86397d90ecd68e7 HTTP/1.1
Host: syndication.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://platform.twitter.com/
Origin: https://platform.twitter.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Tue, 28 Mar 2023 23:52:44 GMT
perf: 7626143928
vary: Origin
server: tsa_o
content-type: application/json; charset=utf-8
cache-control: must-revalidate, max-age=600
last-modified: Tue, 28 Mar 2023 23:52:45 GMT
content-length: 284
content-encoding: gzip
x-transaction-id: 531b2e5ae4630205
strict-transport-security: max-age=631138519
access-control-allow-origin: https://platform.twitter.com
access-control-allow-credentials: true
x-response-time: 109
x-connection-hash: 88d7695e42d7b90acf87cfd87ebbd03751346ea14bc1b077bcbdd1a51004e589
X-Firefox-Spdy: h2
uwuduthfxqqw.l4.adsco.re/
185.200.118.90200 OK 0 B URL HTTP/1.1 uwuduthfxqqw.l4.adsco.re/
IP 185.200.118.90:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: uwuduthfxqqw.l4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: http://diklikbro.blogspot.com
Connection: keep-alive
Referer: http://diklikbro.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 28 Mar 2023 23:52:45 GMT
Content-Type: text/html
Content-Length: 0
Last-Modified: Tue, 31 Jul 2018 22:16:15 GMT
Connection: close
ETag: "5b60dfaf-0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 7927fa1bac0e5bcc27ed32b6b5107bd3
68da43f59df9c524940efc35f40e3599b9a1995b
f48f276b9dee3b509dd0554b8e660039fe61020bd793cbf9a0381d3e5f76ae59
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 28 Mar 2023 23:52:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ssl.gstatic.com/accounts/o/611095756-postmessagerelay.js
142.250.74.99200 OK 4.5 kB URL HTTP/2 ssl.gstatic.com/accounts/o/611095756-postmessagerelay.js
IP 142.250.74.99:0
File type ASCII text, with very long lines (2708)
Hash a55a8c71cd1ed530e7ad0692f3783c2f
5e8de3d08119de192cd1fec1efc1b01df85269e1
fe6ed6b00cb077b4b4f2902975bd0a2759321bf9ff993f7c40eb999dc156ef3e
GET /accounts/o/611095756-postmessagerelay.js HTTP/1.1
Host: ssl.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://accounts.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/federated-signon-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="federated-signon-mpm-access"
report-to: {"group":"federated-signon-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/federated-signon-mpm-access"}]}
content-length: 4526
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 23 Mar 2023 07:53:25 GMT
expires: Fri, 22 Mar 2024 07:53:25 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 22 Mar 2023 00:15:20 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 489560
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
diklikbro.blogspot.com/favicon.ico
142.250.74.1200 OK 412 B URL HTTP/1.1 diklikbro.blogspot.com/favicon.ico
IP 142.250.74.1:0
File type MS Windows icon resource - 2 icons, 32x32, 8 bits/pixel, 16x16, 8 bits/pixel\012- data
Hash 501c61a70f5c41181aa050d9110909ca
5b985d5671a7caf686fdfb1df13488c4407f6c9f
c4aaf001607ee331f6871b4dbbf45942b1e197726714fd106e46d70cc10ee97e
GET /favicon.ico HTTP/1.1
Host: diklikbro.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://diklikbro.blogspot.com/2014/07/panduan-bagi-pulsa-ke-sesama-xl.html
Cookie: _ga=GA1.3.405981902.1680047584; _gid=GA1.3.2069181810.1680047584; _gat=1; _gat_blogger=1
HTTP/1.1 200 OK
Content-Type: image/x-icon; charset=UTF-8
Expires: Tue, 28 Mar 2023 23:52:45 GMT
Date: Tue, 28 Mar 2023 23:52:45 GMT
Cache-Control: private, max-age=86400
Last-Modified: Fri, 03 Dec 2021 13:35:06 GMT
ETag: W/"eda5f61417f6ff4c202f8ee098f9778e58c44aed68a91984f95261c11ec887ef"
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 412
Server: GSE
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 7927fa1bac0e5bcc27ed32b6b5107bd3
68da43f59df9c524940efc35f40e3599b9a1995b
f48f276b9dee3b509dd0554b8e660039fe61020bd793cbf9a0381d3e5f76ae59
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 28 Mar 2023 23:52:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e19e7ae3b7d1ffbcd7ab25777f91e0df
1e8290ce881dce150849c1863620e0c426bd30eb
e08227903eb1191994dcd343220e9e2dc48bb94946cb6c676630c24ae8ec7ae8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E08227903EB1191994DCD343220E9E2DC48BB94946CB6C676630C24AE8EC7AE8"
Last-Modified: Sun, 26 Mar 2023 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9240
Expires: Wed, 29 Mar 2023 02:26:45 GMT
Date: Tue, 28 Mar 2023 23:52:45 GMT
Connection: keep-alive
uwuduthfxqqw.n4.adsco.re/
38.132.109.186200 OK 0 B URL HTTP/1.1 uwuduthfxqqw.n4.adsco.re/
IP 38.132.109.186:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: uwuduthfxqqw.n4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: http://diklikbro.blogspot.com
Connection: keep-alive
Referer: http://diklikbro.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 28 Mar 2023 23:52:45 GMT
Content-Type: text/html
Content-Length: 0
Last-Modified: Mon, 30 Jul 2018 15:32:42 GMT
Connection: close
ETag: "5b5f2f9a-0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Accept-Ranges: bytes
adsco.re/p
162.252.214.5200 OK 413 B IP 162.252.214.5:0
File type ASCII text, with very long lines (487), with no line terminators
Hash e289144fc833eb9cf3694019014012ab
7c2786e09f7bb3bc4e4f948ca52860078286848f
cff9c4a2c82835cee402ef80e29047aa9d00281abd202c645c83879769228fda
POST /p HTTP/1.1
Host: adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Length: 2496
Origin: http://diklikbro.blogspot.com
Connection: keep-alive
Referer: http://diklikbro.blogspot.com/
HTTP/1.1 200 OK
Date: Tue, 28 Mar 2023 23:52:46 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
AS-P-1: OK lon123
AS-P-2: OK
AS-P-3: OK
Access-Control-Max-Age: 2592000
Cache-Control: no-transform
Access-Control-Allow-Origin: http://diklikbro.blogspot.com
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8ac8d9cdf223e611b7f8416c986c1b2e
22410c6eb7ebc2e9ea54618ec5aca74fa46dbeaa
ad997ef489632d7cf36a034a50b1926463ef042bfe9064156514903b90d0e4a7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AD997EF489632D7CF36A034A50B1926463EF042BFE9064156514903B90D0E4A7"
Last-Modified: Sun, 26 Mar 2023 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17326
Expires: Wed, 29 Mar 2023 04:41:32 GMT
Date: Tue, 28 Mar 2023 23:52:46 GMT
Connection: keep-alive
6.adsco.re/
104.17.166.186200 OK 0 B IP 104.17.166.186:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: 6.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Moz: prefetch
Connection: keep-alive
Referer: http://c.adsco.re/
HTTP/1.1 200 OK
Date: Tue, 28 Mar 2023 23:52:46 GMT
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=10
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Max-Age: 2592000
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7af3c9e8cc540b55-OSL
alt-svc: h2=":443"; ma=60
platform.twitter.com/js/button.e7f9415a2e000feaab02c86dd5802747.js
93.184.220.66200 OK 2.6 kB URL HTTP/1.1 platform.twitter.com/js/button.e7f9415a2e000feaab02c86dd5802747.js
IP 93.184.220.66:0
File type ASCII text, with very long lines (7891), with no line terminators
Hash 50af2557985d9ae5ef0bb111a4066237
b164d515f502d950df3ba208cc32bbe74e70d3d2
a3b6dbbc4e57c65eb23f84b312095c86a69ff47fc57fc745f464394158bda9af
GET /js/button.e7f9415a2e000feaab02c86dd5802747.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://diklikbro.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 1133998
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Tue, 28 Mar 2023 23:52:46 GMT
Etag: "506673dbdb9085e7201e137e893cc152+gzip"
Last-Modified: Tue, 24 Jan 2023 21:41:06 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F711)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
x-amz-server-side-encryption: AES256
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 2618
platform.twitter.com/widgets/tweet_button.2b2d73daf636805223fb11d48f3e94f7.en.html
93.184.220.66200 OK 14 kB URL HTTP/1.1 platform.twitter.com/widgets/tweet_button.2b2d73daf636805223fb11d48f3e94f7.en.html
IP 93.184.220.66:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (32037)
Hash 59524bd7f5584433bb77a21f1431db47
5be6f11aa7a378e597235668f5ec6819e9722c9a
80c4c77841bb8b9c561fb0ed2816c1e32288fda1178130d920b6830f287a9fea
GET /widgets/tweet_button.2b2d73daf636805223fb11d48f3e94f7.en.html HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://diklikbro.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 1133998
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Tue, 28 Mar 2023 23:52:46 GMT
Etag: "28919252629e2fa1d4ed52f48cb66ac0+gzip"
Last-Modified: Tue, 24 Jan 2023 21:41:10 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F711)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
x-amz-server-side-encryption: AES256
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 13592
www.facebook.com/plugins/like.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2ecad55b2926b6%26domain%3Ddiklikbro.blogspot.com%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fdiklikbro.blogspot.com%252Ff2570e24b58b85e%26relation%3Dparent.parent&container_width=0&href=http%3A%2F%2Fdiklikbro.blogspot.com%2F2014%2F07%2Fpanduan-bagi-pulsa-ke-sesama-xl.html&layout=button_count&locale=en_US&sdk=joey&send=false&show_faces=false&width=90
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/plugins/like.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2ecad55b2926b6%26domain%3Ddiklikbro.blogspot.com%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fdiklikbro.blogspot.com%252Ff2570e24b58b85e%26relation%3Dparent.parent&container_width=0&href=http%3A%2F%2Fdiklikbro.blogspot.com%2F2014%2F07%2Fpanduan-bagi-pulsa-ke-sesama-xl.html&layout=button_count&locale=en_US&sdk=joey&send=false&show_faces=false&width=90
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /plugins/like.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2ecad55b2926b6%26domain%3Ddiklikbro.blogspot.com%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fdiklikbro.blogspot.com%252Ff2570e24b58b85e%26relation%3Dparent.parent&container_width=0&href=http%3A%2F%2Fdiklikbro.blogspot.com%2F2014%2F07%2Fpanduan-bagi-pulsa-ke-sesama-xl.html&layout=button_count&locale=en_US&sdk=joey&send=false&show_faces=false&width=90 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://diklikbro.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html;charset=utf-8
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-xss-protection: 0
x-fb-debug: 7EeOG4JCj1LYdsEZqQRTu5BLZWs2PM582Rb1ZzTMWO0V02rGxtpOH3jfyCfa6vkb4sc2F1xKk6BsD+cxgj8I+g==
content-length: 0
date: Tue, 28 Mar 2023 23:52:46 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
syndication.twitter.com/i/jot/embeds?l=%7B%22widget_origin%22%3A%22http%3A%2F%2Fdiklikbro.blogspot.com%2F2014%2F07%2Fpanduan-bagi-pulsa-ke-sesama-xl.html%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1680047588046%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22aaf4084522e3a%3A1674595607486%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=cc077fa100c5af55108450b2e86397d90ecd68e7
104.244.42.72200 OK 43 B URL HTTP/2 syndication.twitter.com/i/jot/embeds?l=%7B%22widget_origin%22%3A%22http%3A%2F%2Fdiklikbro.blogspot.com%2F2014%2F07%2Fpanduan-bagi-pulsa-ke-sesama-xl.html%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1680047588046%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22aaf4084522e3a%3A1674595607486%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=cc077fa100c5af55108450b2e86397d90ecd68e7
IP 104.244.42.72:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
GET /i/jot/embeds?l=%7B%22widget_origin%22%3A%22http%3A%2F%2Fdiklikbro.blogspot.com%2F2014%2F07%2Fpanduan-bagi-pulsa-ke-sesama-xl.html%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1680047588046%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22aaf4084522e3a%3A1674595607486%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=cc077fa100c5af55108450b2e86397d90ecd68e7 HTTP/1.1
Host: syndication.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://diklikbro.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 28 Mar 2023 23:52:45 GMT
perf: 7626143928
vary: Origin
server: tsa_o
content-type: image/gif
cache-control: must-revalidate, max-age=600
last-modified: Tue, 28 Mar 2023 23:52:46 GMT
content-length: 43
x-transaction-id: c0385369b9d36194
strict-transport-security: max-age=631138519
x-response-time: 106
x-connection-hash: 88d7695e42d7b90acf87cfd87ebbd03751346ea14bc1b077bcbdd1a51004e589
X-Firefox-Spdy: h2
serve.popads.net/c?_=BQFiAAAAAAAACZUAAnEjE9upef0mqBANyPF74tNnaUPDvYGjSPzVNelFnWGlOoz4O9pjgs1Pd4cXcNRfKwijymr1Zta1WsbyQP3wZaOagPFKIfGfc8_HHrjGzhHGFrh7P_pk3zc8pXzWOk67XFAhbaufNn5KYZJt4JBS6iPiSvP1gLwlIL7S1zIlsEoll3ii0lpXRq80A1urEQ4qZtZtOeTZWTeYrXKSsHacs3kpCwPVFYT0Qwna1AyuIEOlu7nhsBMWrhT1ZmTaiT__0p-SFnqR--yP7crxLQB850AbLMG_aNtCsGtO7fXN_62lc9UJcW2b_h1a7W7AomUw2R3TAOOLL-JpUXhevJPnPg1PEdRnGW4RyInmVXAziMIlsspxw2CHHAgovgRT5D__mpWTITp69czLdyYDB_6n_qodWNWcEBXL4-YdMLkn744ey7GoM0lzebLLmn6MxZI7pqcT833NW7ud00pBmdMcQsg&v=4&siteId=350195&minBid=&popundersPerIP=0,0&blockedCountries=&documentRef=&s=1280,1024,1,1280,1024,0
216.21.13.11200 OK 44 B URL HTTP/1.1 serve.popads.net/c?_=BQFiAAAAAAAACZUAAnEjE9upef0mqBANyPF74tNnaUPDvYGjSPzVNelFnWGlOoz4O9pjgs1Pd4cXcNRfKwijymr1Zta1WsbyQP3wZaOagPFKIfGfc8_HHrjGzhHGFrh7P_pk3zc8pXzWOk67XFAhbaufNn5KYZJt4JBS6iPiSvP1gLwlIL7S1zIlsEoll3ii0lpXRq80A1urEQ4qZtZtOeTZWTeYrXKSsHacs3kpCwPVFYT0Qwna1AyuIEOlu7nhsBMWrhT1ZmTaiT__0p-SFnqR--yP7crxLQB850AbLMG_aNtCsGtO7fXN_62lc9UJcW2b_h1a7W7AomUw2R3TAOOLL-JpUXhevJPnPg1PEdRnGW4RyInmVXAziMIlsspxw2CHHAgovgRT5D__mpWTITp69czLdyYDB_6n_qodWNWcEBXL4-YdMLkn744ey7GoM0lzebLLmn6MxZI7pqcT833NW7ud00pBmdMcQsg&v=4&siteId=350195&minBid=&popundersPerIP=0,0&blockedCountries=&documentRef=&s=1280,1024,1,1280,1024,0
IP 216.21.13.11:0
File type ASCII text, with no line terminators
Hash d5f0a25e4d3522d56d48ce7bc3e518fb
86794caff58f7fee6e684c2ba7195f970a8d6f4c
9d781128a8ece413b003d5612b8398bf9340ef7f5b751d12bd125ba523d3ceb5
GET /c?_=BQFiAAAAAAAACZUAAnEjE9upef0mqBANyPF74tNnaUPDvYGjSPzVNelFnWGlOoz4O9pjgs1Pd4cXcNRfKwijymr1Zta1WsbyQP3wZaOagPFKIfGfc8_HHrjGzhHGFrh7P_pk3zc8pXzWOk67XFAhbaufNn5KYZJt4JBS6iPiSvP1gLwlIL7S1zIlsEoll3ii0lpXRq80A1urEQ4qZtZtOeTZWTeYrXKSsHacs3kpCwPVFYT0Qwna1AyuIEOlu7nhsBMWrhT1ZmTaiT__0p-SFnqR--yP7crxLQB850AbLMG_aNtCsGtO7fXN_62lc9UJcW2b_h1a7W7AomUw2R3TAOOLL-JpUXhevJPnPg1PEdRnGW4RyInmVXAziMIlsspxw2CHHAgovgRT5D__mpWTITp69czLdyYDB_6n_qodWNWcEBXL4-YdMLkn744ey7GoM0lzebLLmn6MxZI7pqcT833NW7ud00pBmdMcQsg&v=4&siteId=350195&minBid=&popundersPerIP=0,0&blockedCountries=&documentRef=&s=1280,1024,1,1280,1024,0 HTTP/1.1
Host: serve.popads.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://diklikbro.blogspot.com/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
access-control-allow-origin: *
asf: 9
popads-ec: ASB
content-type: text/javascript;charset=UTF-8
content-length: 44
date: Tue, 28 Mar 2023 23:52:46 GMT
uwuduthfxqqw.s4.adsco.re/
185.200.116.90200 OK 0 B URL HTTP/1.1 uwuduthfxqqw.s4.adsco.re/
IP 185.200.116.90:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: uwuduthfxqqw.s4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: http://diklikbro.blogspot.com
Connection: keep-alive
Referer: http://diklikbro.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 28 Mar 2023 23:52:46 GMT
Content-Type: text/html
Content-Length: 0
Last-Modified: Mon, 30 Jul 2018 15:38:01 GMT
Connection: close
ETag: "5b5f30d9-0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Accept-Ranges: bytes
static.addtoany.com/menu/page.js
104.22.70.197200 OK 0 B URL HTTP/2 static.addtoany.com/menu/page.js
IP 104.22.70.197:0
GET /menu/page.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://diklikbro.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 28 Mar 2023 23:52:42 GMT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=172800
cf-bgj: minify
access-control-allow-origin: *
etag: W/"c04-5f1f2ae2e431b"
last-modified: Wed, 11 Jan 2023 01:11:30 GMT
vary: Accept-Encoding
via: e2s
x-content-type-options: nosniff
cf-cache-status: HIT
age: 91248
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7af3c9cf7acb95f0-ARN
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
feeds.feedburner.com/diklikbro?format=sigpro
142.250.74.46200 OK 0 B URL HTTP/1.1 feeds.feedburner.com/diklikbro?format=sigpro
IP 142.250.74.46:0
GET /diklikbro?format=sigpro HTTP/1.1
Host: feeds.feedburner.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://diklikbro.blogspot.com/
HTTP/1.1 200 OK
Content-Type: text/xml; charset=utf-8
Vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
feedburnerv2:
Last-Modified: Tue, 21 Mar 2023 11:24:07 GMT
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Date: Tue, 28 Mar 2023 23:52:42 GMT
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-site
Content-Security-Policy: script-src 'nonce-4Z4G5pwciQirBv0e4P2jsA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/RaichuFeedServer/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/RaichuFeedServer/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/RaichuFeedServer/cspreport
Permissions-Policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
developers.google.com/
216.58.207.206200 OK 0 B IP 216.58.207.206:0
GET / HTTP/1.1
Host: developers.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://diklikbro.blogspot.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Thu, 23 Mar 2023 21:28:29 GMT
content-type: text/html; charset=utf-8
set-cookie: _ga_devsite=GA1.3.458623935.1680047565; Expires=Thu, 27 Mar 2025 23:52:45 GMT; Max-Age=63072000; Path=/
content-security-policy: base-uri 'self'; object-src 'none'; script-src 'strict-dynamic' 'unsafe-inline' https: http: 'nonce-AeR5DJAuFS49f5uwR5+WeIjKtnWtf2' 'unsafe-eval'; report-uri https://csp.withgoogle.com/csp/devsite/v2
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 0
x-content-type-options: nosniff
cache-control: no-cache, must-revalidate
expires: 0
pragma: no-cache
content-encoding: gzip
x-cloud-trace-context: 0314efa80230634d226f880d621112c3
vary: Accept-Encoding
date: Tue, 28 Mar 2023 23:52:45 GMT
server: Google Frontend
content-length: 25787
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
bdv.bidvertiser.com/BidVertiser.dbm?pid=578023&bid=1532531&RD=42057553831394&DIF=1&bd_ref_v=diklikbro.blogspot.com&tref=1&win_name=null&docref=&jsrand=42057553831394&js1loc=-&loctitle=%20Cara%20Bagi%20Pulsa%20dari%20dan
54.241.51.109200 OK 0 B URL HTTP/1.1 bdv.bidvertiser.com/BidVertiser.dbm?pid=578023&bid=1532531&RD=42057553831394&DIF=1&bd_ref_v=diklikbro.blogspot.com&tref=1&win_name=null&docref=&jsrand=42057553831394&js1loc=-&loctitle=%20Cara%20Bagi%20Pulsa%20dari%20dan
IP 54.241.51.109:0
GET /BidVertiser.dbm?pid=578023&bid=1532531&RD=42057553831394&DIF=1&bd_ref_v=diklikbro.blogspot.com&tref=1&win_name=null&docref=&jsrand=42057553831394&js1loc=-&loctitle=%20Cara%20Bagi%20Pulsa%20dari%20dan HTTP/1.1
Host: bdv.bidvertiser.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://diklikbro.blogspot.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Tuesday, 28-Mar-2023 23:52:43 GMT
Cache-Control: no-store
Last-Modified: Monday, 28-Mar-2022 23:52:43 GMT
P3P: policyref="http://www.bidvertiser.com/bdv/bidvertiser/p3p.xml", CP="NOI DEV PSA PSD IVA OTP OUR OTR IND OTC"
Content-Type: text/html; charset=utf-8
Content-Len: 333
CONNECTION: Close
accounts.google.com/o/oauth2/postmessageRelay?parent=http%3A%2F%2Fdiklikbro.blogspot.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.zUi2Oiqh0cQ.O%2Fd%3D1%2Frs%3DAHpOoo-VnflFHGTzk3OsaVpWbqz0Ysb2Jw%2Fm%3D__features__
142.250.74.109200 OK 0 B URL HTTP/2 accounts.google.com/o/oauth2/postmessageRelay?parent=http%3A%2F%2Fdiklikbro.blogspot.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.zUi2Oiqh0cQ.O%2Fd%3D1%2Frs%3DAHpOoo-VnflFHGTzk3OsaVpWbqz0Ysb2Jw%2Fm%3D__features__
IP 142.250.74.109:0
GET /o/oauth2/postmessageRelay?parent=http%3A%2F%2Fdiklikbro.blogspot.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.zUi2Oiqh0cQ.O%2Fd%3D1%2Frs%3DAHpOoo-VnflFHGTzk3OsaVpWbqz0Ysb2Jw%2Fm%3D__features__ HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://diklikbro.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 28 Mar 2023 23:52:45 GMT
content-security-policy: script-src 'nonce-G6nBG8yMxnuhvc5AYF5pkg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport, require-trusted-types-for 'script';report-uri /o/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
bdv.bidvertiser.com/BidVertiser.dbm?pid=578023&bid=1532531&RD=19272634160863&DIF=1&bd_ref_v=diklikbro.blogspot.com&tref=1&win_name=null&docref=&jsrand=19272634160863&js1loc=-&loctitle=%20Cara%20Bagi%20Pulsa%20dari%20dan
54.241.51.109200 OK 0 B URL HTTP/1.1 bdv.bidvertiser.com/BidVertiser.dbm?pid=578023&bid=1532531&RD=19272634160863&DIF=1&bd_ref_v=diklikbro.blogspot.com&tref=1&win_name=null&docref=&jsrand=19272634160863&js1loc=-&loctitle=%20Cara%20Bagi%20Pulsa%20dari%20dan
IP 54.241.51.109:0
GET /BidVertiser.dbm?pid=578023&bid=1532531&RD=19272634160863&DIF=1&bd_ref_v=diklikbro.blogspot.com&tref=1&win_name=null&docref=&jsrand=19272634160863&js1loc=-&loctitle=%20Cara%20Bagi%20Pulsa%20dari%20dan HTTP/1.1
Host: bdv.bidvertiser.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://diklikbro.blogspot.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Tuesday, 28-Mar-2023 23:52:44 GMT
Cache-Control: no-store
Last-Modified: Monday, 28-Mar-2022 23:52:44 GMT
P3P: policyref="http://www.bidvertiser.com/bdv/bidvertiser/p3p.xml", CP="NOI DEV PSA PSD IVA OTP OUR OTR IND OTC"
Content-Type: text/html; charset=utf-8
Content-Len: 333
CONNECTION: Close