thedailyberkasedu.blogspot.com/2021/09/kunci-jawaban-auditing-dan-jasa.html
301 Moved Permanently 220 B URL HTTP/1.1 thedailyberkasedu.blogspot.com/2021/09/kunci-jawaban-auditing-dan-jasa.html
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash ea2efd4c24bed53ce82102f1dcd0cd98
16db4b06ffc2e34ff513123c9e237591112707d0
b01db9f4b0f3332fa156c72e1b740896a0178c9e9588c894e27836e932265285
GET /2021/09/kunci-jawaban-auditing-dan-jasa.html HTTP/1.1
Host: thedailyberkasedu.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Location: https://thedailyberkasedu.blogspot.com/2021/09/kunci-jawaban-auditing-dan-jasa.html
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Tue, 04 Oct 2022 15:21:00 GMT
Expires: Tue, 04 Oct 2022 15:21:00 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 220
Server: GSE
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 9955bda9c9ef64bc5700a14af0bae25e
8de7b7469e905af0374bdfcc3006bbb844f13e94
1f611155394fac39439b8ec8217d8cd493d6b588d372d264e0d66c03129c50c6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1F611155394FAC39439B8EC8217D8CD493D6B588D372D264E0D66C03129C50C6"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6281
Expires: Tue, 04 Oct 2022 17:05:41 GMT
Date: Tue, 04 Oct 2022 15:21:00 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 1b3053fa528e28810f8a2cc9284cc921
cca9eb471d941881a6b9a1793aecb6c281908f6a
a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 04 Oct 2022 14:47:04 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: RofeHcaTrc6_oLHupjc3FPvn9JipjrxanD1cPyrZlE0TDlvM6_KQkw==
Age: 2036
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 04 Oct 2022 05:28:28 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 e49f22f18c16784c0f42291e768d1daa.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: fqd53rEqyZIudFE5yjHtG7L6sSYsCPDVmfa434CVRkqJOl1D2JOHFg==
age: 35553
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 938ca8d04dae51b68f67cb6b99851772
8a3956985c77128a745c8b50bf63ba9a1085d195
f5e23e685fda24bd65f31a39291ab9006074bf8c0b946de073297129515fe571
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 15:21:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 15:21:00 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Tue, 04 Oct 2022 14:29:33 GMT
Expires: Tue, 04 Oct 2022 14:31:25 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: tL8uOLcr1hlo7VEqWFOJX8DtSa6iwWjYWxeDDkEiu4IlDlWTnZibyA==
Age: 3088
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash e45a15b8f4ade20c2f7758793ac687a0
18a09d32833eeb8b3eee52e5337d523fc56eb585
e0316144eb64aa34788d9621b02a2500f963480bf6e774d5fb4cd9249a0ec591
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 15:21:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
thedailyberkasedu.blogspot.com/2021/09/kunci-jawaban-auditing-dan-jasa.html
200 OK 44 kB URL HTTP/2 thedailyberkasedu.blogspot.com/2021/09/kunci-jawaban-auditing-dan-jasa.html
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (11231)
Hash 70ea4b4368fe4bca1c0352142d08cd59
da56a6a35378bf332a8d5243f09a432b4e8f7cc8
c694808afc0f028a2a7d896843f24ee3b94ccece4df8c12b3b282c1aecb4147d
GET /2021/09/kunci-jawaban-auditing-dan-jasa.html HTTP/1.1
Host: thedailyberkasedu.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
expires: Tue, 04 Oct 2022 15:21:01 GMT
date: Tue, 04 Oct 2022 15:21:01 GMT
cache-control: private, max-age=0
last-modified: Mon, 01 Aug 2022 23:32:22 GMT
etag: W/"755d4e0d5402e872025bda40047f1bf8f8ef77c51ed37425b99bc6ece8c024dc"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 43551
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
i1.wp.com/lh3.googleusercontent.com/proxy/k-dyZaGV2AG1DJahOdw8FKVIYGA5XJ44dfCZFWUCqj-uFXmjn8vK_BJQ0XzolZxTXJewGP8bx2EfXtE9xBamvLebRH1FzMI6Ww=w1200-h630-p-k-no-nu
302 Found 138 B URL HTTP/2 i1.wp.com/lh3.googleusercontent.com/proxy/k-dyZaGV2AG1DJahOdw8FKVIYGA5XJ44dfCZFWUCqj-uFXmjn8vK_BJQ0XzolZxTXJewGP8bx2EfXtE9xBamvLebRH1FzMI6Ww=w1200-h630-p-k-no-nu
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash aff950cab4c0265e21d401db15f1026d
f03e18461817f7a6546c8bf8fa8d686d7e30aca0
753e0dd54f28c4f7009b9c0b18a68aed175416bd8b7d134858264586eaac56f0
GET /lh3.googleusercontent.com/proxy/k-dyZaGV2AG1DJahOdw8FKVIYGA5XJ44dfCZFWUCqj-uFXmjn8vK_BJQ0XzolZxTXJewGP8bx2EfXtE9xBamvLebRH1FzMI6Ww=w1200-h630-p-k-no-nu HTTP/1.1
Host: i1.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thedailyberkasedu.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Tue, 04 Oct 2022 15:21:01 GMT
content-type: text/html
content-length: 138
location: https://lh3.googleusercontent.com/proxy/k-dyZaGV2AG1DJahOdw8FKVIYGA5XJ44dfCZFWUCqj-uFXmjn8vK_BJQ0XzolZxTXJewGP8bx2EfXtE9xBamvLebRH1FzMI6Ww=w1200-h630-p-k-no-nu
X-Firefox-Spdy: h2
i0.wp.com/img.youtube.com/vi/7kzJV_wUSCQ/hqdefault.jpg
302 Found 138 B URL HTTP/2 i0.wp.com/img.youtube.com/vi/7kzJV_wUSCQ/hqdefault.jpg
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash aff950cab4c0265e21d401db15f1026d
f03e18461817f7a6546c8bf8fa8d686d7e30aca0
753e0dd54f28c4f7009b9c0b18a68aed175416bd8b7d134858264586eaac56f0
GET /img.youtube.com/vi/7kzJV_wUSCQ/hqdefault.jpg HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thedailyberkasedu.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Tue, 04 Oct 2022 15:21:01 GMT
content-type: text/html
content-length: 138
location: https://img.youtube.com/vi/7kzJV_wUSCQ/hqdefault.jpg
x-nc: MISS arn 4
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 16ebfb2aa621547ecf581e26fc828a7d
f78993331f6f5b8af6409a9ad2fc50b77070f68a
0f81fd1d6be9ccc04b74f0348aafe642c7b9ab7dffb7e8a679b5d67cc2e5fac3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1895
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 15:21:01 GMT
Last-Modified: Tue, 04 Oct 2022 14:49:26 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 0ac04f7c449093fff4f846a7ae56cd4f
50aeb5664545a0dec4173920a274e906bcbcdf6f
18eff2566317aba7b70ee558e8cba42231eb4eae31e903501dc122c751d6993b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 15:21:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
200 OK 11 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 11016, version 1.0\012- data
Hash 15fa3062f8929bd3b05fdca5259db412
6ff06a34f68ad0324ddec1bbe4d453c959178b36
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
GET /s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://thedailyberkasedu.blogspot.com
Connection: keep-alive
Referer: https://thedailyberkasedu.blogspot.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11016
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 29 Sep 2022 16:44:01 GMT
expires: Fri, 29 Sep 2023 16:44:01 GMT
cache-control: public, max-age=31536000
age: 427020
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 0ac04f7c449093fff4f846a7ae56cd4f
50aeb5664545a0dec4173920a274e906bcbcdf6f
18eff2566317aba7b70ee558e8cba42231eb4eae31e903501dc122c751d6993b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 15:21:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 589d830dbd20c3dcf601bf7a2fe7fd29
e6fc4f0062189aee4c8616949f86571db0a92ff5
10137bb52117be557fae9e1cf90fdf106786da04f6d799b19e2c3100aeafdd61
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 15:21:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 589d830dbd20c3dcf601bf7a2fe7fd29
e6fc4f0062189aee4c8616949f86571db0a92ff5
10137bb52117be557fae9e1cf90fdf106786da04f6d799b19e2c3100aeafdd61
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 15:21:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
200 OK 11 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 11020, version 1.0\012- data
Hash a59072f933169d3f2db497f44ca4cbbe
5789e81a66958aabc7590c1ddd41058335636027
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
GET /s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://thedailyberkasedu.blogspot.com
Connection: keep-alive
Referer: https://thedailyberkasedu.blogspot.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11020
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 30 Sep 2022 00:19:16 GMT
expires: Sat, 30 Sep 2023 00:19:16 GMT
cache-control: public, max-age=31536000
age: 399705
last-modified: Wed, 24 Jul 2019 01:18:58 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 589d830dbd20c3dcf601bf7a2fe7fd29
e6fc4f0062189aee4c8616949f86571db0a92ff5
10137bb52117be557fae9e1cf90fdf106786da04f6d799b19e2c3100aeafdd61
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 15:21:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i0.wp.com/kUOlODhYAIINoM
400 Bad Request 521 B IP
Hash a81ae2c914fee2cbff2483a47c0edcac
a7d2c474fcf0eaef7f9fc66da1215e1d72fdca4b
4b51a388c61df77c515f1b41a72da513ff65ebc962a50584d764f83ae3b610e6
GET /kUOlODhYAIINoM HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thedailyberkasedu.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 400 Bad Request
server: nginx
date: Tue, 04 Oct 2022 15:21:01 GMT
content-type: text/html; charset=utf-8
x-nc: MISS arn 1
X-Firefox-Spdy: h2
www.blogger.com/static/v1/widgets/792789798-widgets.js
200 OK 57 kB URL HTTP/2 www.blogger.com/static/v1/widgets/792789798-widgets.js
IP
File type ASCII text, with very long lines (2221)
Hash 02e6bf311e18828a522b4d3a4079084f
a63cd373fa23b4fe11f938d57737e6bfa1ebe789
25d469843aa09be2473931d33aaa37b65ac371874bd98ca84ec780bead3e33e4
GET /static/v1/widgets/792789798-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thedailyberkasedu.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 56804
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 03 Oct 2022 02:15:20 GMT
expires: Tue, 03 Oct 2023 02:15:20 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 03 Oct 2022 00:49:27 GMT
content-type: text/javascript
age: 133541
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.blogger.com/static/v1/jsbin/3469866930-comment_from_post_iframe.js
200 OK 6.6 kB URL HTTP/2 www.blogger.com/static/v1/jsbin/3469866930-comment_from_post_iframe.js
IP
File type ASCII text, with very long lines (1441)
Hash f60e5037324bf7fd2256c16929886f09
aae4b1aea3737e0268e3578dd1d0e7cfe6c6d66b
71846da8d45274b77549b110389ab3dbcb8ce042051b5c39547909c1c343dfde
GET /static/v1/jsbin/3469866930-comment_from_post_iframe.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thedailyberkasedu.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 6573
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 30 Sep 2022 02:06:45 GMT
expires: Sat, 30 Sep 2023 02:06:45 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 29 Sep 2022 23:51:35 GMT
content-type: text/javascript
age: 393256
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 0ac04f7c449093fff4f846a7ae56cd4f
50aeb5664545a0dec4173920a274e906bcbcdf6f
18eff2566317aba7b70ee558e8cba42231eb4eae31e903501dc122c751d6993b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 15:21:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 129fe858bf2aa7291fd2c6dd4cf9d226
e3e048b964b851ebbdcfb5bd80ebdbad13720cf6
addc7e4ddab73c8c7ee50f6d33fc1e4ff73b71cc014e481049a393c3b87b0924
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 15:21:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
apis.google.com/js/platform.js
200 OK 20 kB URL HTTP/2 apis.google.com/js/platform.js
IP
File type ASCII text, with very long lines (1277)
Hash b5a31516be83fe4f962609045d824f88
939a49a9858bf23561279f9ca2d1941d3256c66f
edb661aa461800e97e3847608a8b2d81cfe345f69a6f84abaa001d8a60500328
GET /js/platform.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thedailyberkasedu.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 20361
date: Tue, 04 Oct 2022 15:21:01 GMT
expires: Tue, 04 Oct 2022 15:21:01 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "40c22a9ccbd70870"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 589d830dbd20c3dcf601bf7a2fe7fd29
e6fc4f0062189aee4c8616949f86571db0a92ff5
10137bb52117be557fae9e1cf90fdf106786da04f6d799b19e2c3100aeafdd61
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 15:21:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img.youtube.com/vi/7kzJV_wUSCQ/hqdefault.jpg
404 Not Found 1.1 kB URL HTTP/2 img.youtube.com/vi/7kzJV_wUSCQ/hqdefault.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 120x90, components 3\012- data
Hash e2ddfee11ae7edcae257da47f3a78a70
6e902fa6302eb30cd204579bca6a59b37233e262
20e9aab22032d85684d7d916a1013f7c577a132a5b10ea3fd3578e8d0b28a711
GET /vi/7kzJV_wUSCQ/hqdefault.jpg HTTP/1.1
Host: img.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://thedailyberkasedu.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
vary: Origin
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: image/jpeg
date: Tue, 04 Oct 2022 15:21:01 GMT
expires: Tue, 04 Oct 2022 15:21:31 GMT
cache-control: public, max-age=30
x-content-type-options: nosniff
server: sffe
content-length: 1097
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash f936b953fdf91692463e6745f5151375
9f94b177ba59497086040cbec72f9e26e22a54c3
21c4c1a25e3f41ea5d0262216d19cb081023a79500eae7dab8b8c1f5022ad18e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 15:21:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i0.wp.com/image.slidesharecdn.com/presentbab13auditing-160523032021/95/present-bab-13-auditing-21-638.jpg?cb=1463973641
200 OK 32 kB URL HTTP/2 i0.wp.com/image.slidesharecdn.com/presentbab13auditing-160523032021/95/present-bab-13-auditing-21-638.jpg?cb=1463973641
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 638x479, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 7b23704851b0fe45b2e1c6ef0ac4001e
87b0daeff028b6cba3761782875dddfbdb402751
edccb196d179cd6b43ba1d95c85716ba51a3a6d85017c3bed66af2cf724478e8
GET /image.slidesharecdn.com/presentbab13auditing-160523032021/95/present-bab-13-auditing-21-638.jpg?cb=1463973641 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thedailyberkasedu.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 15:21:01 GMT
content-type: image/webp
content-length: 32276
last-modified: Tue, 04 Oct 2022 15:21:01 GMT
expires: Fri, 04 Oct 2024 03:21:01 GMT
cache-control: public, max-age=63115200
link: <http://image.slidesharecdn.com/presentbab13auditing-160523032021/95/present-bab-13-auditing-21-638.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "4067f4df4e3a3024"
vary: Accept
x-nc: MISS arn 2
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: iDoXIV2tAMlyP3C+1fYu5A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: POckGer7R4iottULrw5is0/xUGY=
i0.wp.com/cf.shopee.co.id/file/6ac96f8f09280b3b0a05b6f5a19f518b
200 OK 40 kB URL HTTP/2 i0.wp.com/cf.shopee.co.id/file/6ac96f8f09280b3b0a05b6f5a19f518b
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 486x486, components 3\012- data
Hash 190182112a5128c721f5a12a99d2178e
92bd8c8e79202d7ee3f4c8356666a1f1655baacb
665060d0512aca1fa67e90a6bf3a83dbb558f3a9d92f4bc9babec29d5e7eeb61
GET /cf.shopee.co.id/file/6ac96f8f09280b3b0a05b6f5a19f518b HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thedailyberkasedu.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 15:21:01 GMT
content-type: image/jpeg
content-length: 40032
last-modified: Tue, 04 Oct 2022 15:21:01 GMT
expires: Fri, 04 Oct 2024 03:21:01 GMT
cache-control: public, max-age=63115200
link: <http://cf.shopee.co.id/file/6ac96f8f09280b3b0a05b6f5a19f518b>; rel="canonical"
x-content-type-options: nosniff
etag: "c1cce91dc8c1a583"
x-bytes-saved: 6831
vary: Accept
x-nc: MISS arn 2
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i1.wp.com/imgv2-1-f.scribdassets.com/img/document/413804324/original/f6466a19c9/1627959657?v=1
200 OK 97 kB URL HTTP/2 i1.wp.com/imgv2-1-f.scribdassets.com/img/document/413804324/original/f6466a19c9/1627959657?v=1
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 768x1024, components 3\012- data
Hash 1a0b9f27e4fe0033bd08ad1c67c6cd91
fe542f068d1e7876d0d2212eac7948d1e2a711db
3d1e636e59944cb6800f79e0bbbe34b280693ac82537e9713abe9aa5307c7449
GET /imgv2-1-f.scribdassets.com/img/document/413804324/original/f6466a19c9/1627959657?v=1 HTTP/1.1
Host: i1.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thedailyberkasedu.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 15:21:01 GMT
content-type: image/jpeg
content-length: 96653
last-modified: Tue, 04 Oct 2022 15:21:01 GMT
expires: Fri, 04 Oct 2024 03:21:01 GMT
cache-control: public, max-age=63115200
link: <http://imgv2-1-f.scribdassets.com/img/document/413804324/original/f6466a19c9/1627959657>; rel="canonical"
x-content-type-options: nosniff
etag: "c006be70854bd7fc"
x-bytes-saved: 17189
vary: Accept
x-nc: MISS arn 7
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/imgv2-2-f.scribdassets.com/img/document/391928503/298x396/6840063cb6/1591175644?v=1
200 OK 47 kB URL HTTP/2 i0.wp.com/imgv2-2-f.scribdassets.com/img/document/391928503/298x396/6840063cb6/1591175644?v=1
IP
File type PNG image data, 298 x 396, 8-bit colormap, non-interlaced\012- data
Hash ec87c495d6e0f3ffbe5c534950fa3276
a9d6fec9218b0ff820054fa69e9849e09a05518f
841e2e22a4362f0eaf05da29e16934bb27d36d93f987472855a8c74af78e3ce5
GET /imgv2-2-f.scribdassets.com/img/document/391928503/298x396/6840063cb6/1591175644?v=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thedailyberkasedu.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 15:21:01 GMT
content-type: image/png
content-length: 46892
last-modified: Tue, 04 Oct 2022 15:21:01 GMT
expires: Fri, 04 Oct 2024 03:21:01 GMT
cache-control: public, max-age=63115200
link: <http://imgv2-2-f.scribdassets.com/img/document/391928503/298x396/6840063cb6/1591175644>; rel="canonical"
x-content-type-options: nosniff
etag: "47ce115909774908"
x-bytes-saved: 66580
vary: Accept
x-nc: MISS arn 7
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i1.wp.com/0.academia-photos.com/attachment_thumbnails/32734427/mini_magick20180817-1177-h0mxno.png?1534542034
200 OK 20 kB URL HTTP/2 i1.wp.com/0.academia-photos.com/attachment_thumbnails/32734427/mini_magick20180817-1177-h0mxno.png?1534542034
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash 1a3a0f1b970e6ada54f325748478da31
32d673c9435f9f80f0b903fda4d65cf5e2e69a73
5b2831dd10ea59ab8d456260f83442672139938ddc9006f486360a86dc0769a9
GET /0.academia-photos.com/attachment_thumbnails/32734427/mini_magick20180817-1177-h0mxno.png?1534542034 HTTP/1.1
Host: i1.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thedailyberkasedu.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 15:21:01 GMT
content-type: image/webp
content-length: 20496
last-modified: Tue, 04 Oct 2022 15:21:01 GMT
expires: Fri, 04 Oct 2024 03:21:01 GMT
cache-control: public, max-age=63115200
link: <http://0.academia-photos.com/attachment_thumbnails/32734427/mini_magick20180817-1177-h0mxno.png>; rel="canonical"
x-content-type-options: nosniff
etag: "5aa5cff3bfff7af5"
vary: Accept
x-nc: MISS arn 8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 53cc9d17a38debf41a79763eeb2addc6
f435c37cc4f77e9f304bd6cc5446c0a45ca502c7
a9879f2c4346b7ba1e181a95732b16af4278173017cc2f501bfee0c45f0538b0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A9879F2C4346B7BA1E181A95732B16AF4278173017CC2F501BFEE0C45F0538B0"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Tue, 04 Oct 2022 21:21:02 GMT
Date: Tue, 04 Oct 2022 15:21:02 GMT
Connection: keep-alive
i0.wp.com/0.academia-photos.com/attachment_thumbnails/38100847/mini_magick20180815-12930-1ii9a6j.png?1534369970
200 OK 38 kB URL HTTP/2 i0.wp.com/0.academia-photos.com/attachment_thumbnails/38100847/mini_magick20180815-12930-1ii9a6j.png?1534369970
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash c3709c47f1cb20e80d25b665b8331ed5
e621e0221ee02b0a0fd3039cb592181bfad2c09f
f419400f6a0ebaee080f87331ad3f12c438a568540649dc6cffc1fb69f55c7ef
GET /0.academia-photos.com/attachment_thumbnails/38100847/mini_magick20180815-12930-1ii9a6j.png?1534369970 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thedailyberkasedu.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 15:21:02 GMT
content-type: image/webp
content-length: 37584
last-modified: Tue, 04 Oct 2022 15:21:02 GMT
expires: Fri, 04 Oct 2024 03:21:02 GMT
cache-control: public, max-age=63115200
link: <http://0.academia-photos.com/attachment_thumbnails/38100847/mini_magick20180815-12930-1ii9a6j.png>; rel="canonical"
x-content-type-options: nosniff
etag: "23b758c23465a94b"
vary: Accept
x-nc: MISS arn 4
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash b45b15bb651cc185ea82d91a51f06b5a
44987727be72bb12b4e4fc4fac50145835512750
f0b61426de169cf2efde87ac98d5123ea785004ad05c05932a099b644b2fdf64
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 15:21:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu
200 OK 667 B URL HTTP/2 www.google.com/recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu
IP
File type ASCII text, with very long lines (1034), with no line terminators
Hash 82b8f5bab5ac40a212da17a4b0d35e37
e7e689b272a7857e19c6eee1e8ccdab4e41bbe23
56a0c27e76fceab964c875719ffdff753bcb13e9d48c8692f71605707c843d7d
GET /recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Tue, 04 Oct 2022 15:21:02 GMT
date: Tue, 04 Oct 2022 15:21:02 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 667
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.blogger.com/dyn-css/authorization.css?targetBlogID=5458410572178732081&zx=6555bc6f-e27d-4dd4-b9d2-1b325cc30eff
200 OK 21 B URL HTTP/2 www.blogger.com/dyn-css/authorization.css?targetBlogID=5458410572178732081&zx=6555bc6f-e27d-4dd4-b9d2-1b325cc30eff
IP
File type very short file (no magic)
Hash a62e4d501434033d5d177e67d3aafdd0
34f7300c9ed47334cf10826d57af785321e3138b
b0cabcbfed4b1830ab1956efbd2eec32289a968323cb854a47ef98360ed0f522
GET /dyn-css/authorization.css?targetBlogID=5458410572178732081&zx=6555bc6f-e27d-4dd4-b9d2-1b325cc30eff HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thedailyberkasedu.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 04 Oct 2022 15:21:02 GMT
last-modified: Tue, 04 Oct 2022 15:21:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-length: 21
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jd3j7g5z1fqs.com/96/78/7a/96787a1945876b1a9c10f79941441964.js
200 OK 13 kB URL HTTP/1.1 jd3j7g5z1fqs.com/96/78/7a/96787a1945876b1a9c10f79941441964.js
IP
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with very long lines (37171), with no line terminators
Hash 5d3a32a3567a771be6fb94309c1392d8
b390a88ad099a2823c5aec4edc82aba263d05ff9
00d72285e95ecdae76b9a5ffa0582bb027dc028afb2d3c1acdbb175aa80b7303
GET /96/78/7a/96787a1945876b1a9c10f79941441964.js HTTP/1.1
Host: jd3j7g5z1fqs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thedailyberkasedu.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Tue, 04 Oct 2022 15:21:02 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d18b580216bcdef32ede1565f1db47d1
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/recaptcha__en.js
200 OK 159 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/recaptcha__en.js
IP
File type ASCII text, with very long lines (711)
Size 159 kB (158844 bytes)
Hash b4ed95d4318e3b78b936c9c0f1ffa96e
b53c9376b1459afb07fb4b5c2e8d8dad776d3a02
3c21880cb7be6bec40f9d40c23ad39c9758999cf950cec07b86c83b21fde175f
GET /recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
Origin: https://www.blogger.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 158844
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 01 Oct 2022 01:05:31 GMT
expires: Sun, 01 Oct 2023 01:05:31 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 26 Sep 2022 04:02:34 GMT
content-type: text/javascript
age: 310531
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/proxy/k-dyZaGV2AG1DJahOdw8FKVIYGA5XJ44dfCZFWUCqj-uFXmjn8vK_BJQ0XzolZxTXJewGP8bx2EfXtE9xBamvLebRH1FzMI6Ww=w1200-h630-p-k-no-nu
200 OK 13 kB URL HTTP/2 lh3.googleusercontent.com/proxy/k-dyZaGV2AG1DJahOdw8FKVIYGA5XJ44dfCZFWUCqj-uFXmjn8vK_BJQ0XzolZxTXJewGP8bx2EfXtE9xBamvLebRH1FzMI6Ww=w1200-h630-p-k-no-nu
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 288x450, components 3\012- data
Hash 7da62432e3b45a1f8fa02cf13309dddf
c9561a1d90e0bac7f5ae636238ce6a6552905a44
e9bf312d72b8a0db54e3f665961b968df6ed884583bc9e9531f577553574e3c5
GET /proxy/k-dyZaGV2AG1DJahOdw8FKVIYGA5XJ44dfCZFWUCqj-uFXmjn8vK_BJQ0XzolZxTXJewGP8bx2EfXtE9xBamvLebRH1FzMI6Ww=w1200-h630-p-k-no-nu HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://thedailyberkasedu.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
expires: Wed, 05 Oct 2022 15:21:02 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Tue, 04 Oct 2022 15:21:02 GMT
server: fife
content-length: 12869
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 53e0e5a2455fedae0d6308f91d41e445
237c2856f8a89ae3673ea909164557d65268c463
ddba9b3842f879168185b6607551069b312c44de4ec015ca4b43ad154d190bc8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 15:21:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pagead2.googlesyndication.com/pagead/js/google_top_exp.js
200 OK 67 B URL HTTP/2 pagead2.googlesyndication.com/pagead/js/google_top_exp.js
IP
Hash 9bbc3ca32ec951a484589ce0e6b4db73
753d6f6183b33b2dee5dde2208fca91c17f5bb13
b8f16a16d2a7ea39a9cc079fdbe3af7d31393d62a853668bdd549e0a0311cb3c
GET /pagead/js/google_top_exp.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thedailyberkasedu.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 67
x-xss-protection: 0
date: Mon, 03 Oct 2022 20:43:01 GMT
expires: Mon, 17 Oct 2022 20:43:01 GMT
cache-control: public, max-age=1209600
age: 67081
etag: 13036835877489095579
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 330a54973c6803084afff8e22fdc650d
59986d6e103903fe988a943c2e97189a0adac1ce
bcc948b36dad8f333fa6454a13d4df6f940d5b2d2ddbca330a3848831b81a576
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 15:21:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 53e0e5a2455fedae0d6308f91d41e445
237c2856f8a89ae3673ea909164557d65268c463
ddba9b3842f879168185b6607551069b312c44de4ec015ca4b43ad154d190bc8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 15:21:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i0.wp.com/cdn.player.fm/images/26331139/series/1IU2WNJVJVoOvSqW/512.png
200 OK 38 kB URL HTTP/2 i0.wp.com/cdn.player.fm/images/26331139/series/1IU2WNJVJVoOvSqW/512.png
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash b1ce91439e0eed97d20262db021186e7
24fd10c1a13d041e1fd5c0a99a69245bca1fcf96
0fe3dfa50c879c66b916d86c105a6abc7bb20c7279176793fe4dd02afaee5855
GET /cdn.player.fm/images/26331139/series/1IU2WNJVJVoOvSqW/512.png HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thedailyberkasedu.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 15:21:02 GMT
content-type: image/webp
content-length: 37968
last-modified: Tue, 04 Oct 2022 15:21:02 GMT
expires: Fri, 04 Oct 2024 03:21:02 GMT
cache-control: public, max-age=63115200
link: <http://cdn.player.fm/images/26331139/series/1IU2WNJVJVoOvSqW/512.png>; rel="canonical"
x-content-type-options: nosniff
etag: "8cda7c6dadd3c838"
vary: Accept
x-nc: MISS arn 1
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash e01a9c3ae0c56e2a9a98e02c1ff404cf
b42412aa7fdd35c1b62cf58e0da237d3b0bde179
84b019815e38b6eba0ad7fb7827be8e49f0c69221901c92ef298776d750c3e9d
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 04 Oct 2022 15:21:02 GMT
Last-Modified: Tue, 04 Oct 2022 13:42:28 GMT
Server: ECS (nyb/1D1D)
X-Cache: Miss from cloudfront
Via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 4eOUe2htXOcn7ThPHvNc2oLsfPYudWCCjhuCUjU-O41wwlwK-GZPxA==
Age: 5914
play.google.com/log?format=json&hasfast=true&authuser=0
200 OK 0 B URL HTTP/2 play.google.com/log?format=json&hasfast=true&authuser=0
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Referer: https://www.blogger.com/
Origin: https://www.blogger.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.blogger.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Tue, 04 Oct 2022 15:21:02 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: CONSENT=PENDING+703; expires=Thu, 03-Oct-2024 15:21:02 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 04 Oct 2022 15:21:02 GMT
cache-control: private
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP
File type ASCII text, with no line terminators
Hash b787d3600dbc0bef5c46aa9f090b5ba4
9e00b4ef078e38c908e990ac662c102a6718856e
44d347f85befc3299602ed07f9ce3a425a770d269015793470e948506139acec
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://thedailyberkasedu.blogspot.com
Connection: keep-alive
Referer: https://thedailyberkasedu.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 04 Oct 2022 15:21:02 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://thedailyberkasedu.blogspot.com
access-control-allow-credentials: true
set-cookie: uid_id2=f9e98430-ceb7-4625-be37-48737ecfa4ed:3:1; expires=Fri, 01 Oct 2032 15:21:02 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash edec9323540293b99ece306037d35de7
e7540f9962a6c7ee91168eee1e0fe343d5f5406e
5cf16c168d74a28dc30c0edf93edd09366a8c8609ac36e352e056580f7b24a20
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5CF16C168D74A28DC30C0EDF93EDD09366A8C8609AC36E352E056580F7B24A20"
Last-Modified: Mon, 03 Oct 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5926
Expires: Tue, 04 Oct 2022 16:59:48 GMT
Date: Tue, 04 Oct 2022 15:21:02 GMT
Connection: keep-alive
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 01 Oct 2022 12:31:58 GMT
expires: Sun, 01 Oct 2023 12:31:58 GMT
cache-control: public, max-age=31536000
age: 269344
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.blogger.com/comment/frame/5458410572178732081?po=7642874419536192754&hl=id&skin=contempo&blogspotRpcToken=2098530
200 OK 34 kB URL HTTP/2 www.blogger.com/comment/frame/5458410572178732081?po=7642874419536192754&hl=id&skin=contempo&blogspotRpcToken=2098530
IP
Hash ab795282d9c8c0bc96e38a8c49f6f0f7
b1049de2689fb7e96bad13dff447037af2bf60d1
752f76ffb6c06cbea24b705705a6634abc4c4df1217963e1c18f5d0134400369
GET /comment/frame/5458410572178732081?po=7642874419536192754&hl=id&skin=contempo&blogspotRpcToken=2098530 HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thedailyberkasedu.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-ua-compatible: IE=edge
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 04 Oct 2022 15:21:01 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-security-policy: script-src 'nonce-pKRmAH5RYXQHFAlIdJyZfQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/BloggerCommentUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/BloggerCommentUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/BloggerCommentUi/cspreport
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-site
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
set-cookie: NID=511=sXo9HDlAFpfNxE0tDGwIdxZVH4vqcZ8I6dAcYTBzxnFR6bXbNM7QUSIkBY20XbCMGpAEcvAHvjDlp66zjdHrOnwxVDreTaW7Zq4o0V6czhJ6HhH5Dud44RloWNM-lO8ELg9dDHUwT4On8uePDjtzDu9aJVOTLwacTpF6c5avEoc; expires=Wed, 05-Apr-2023 15:21:01 GMT; path=/; domain=.blogger.com; Secure; HttpOnly
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
s10.histats.com/js15_as.js
200 OK 4.4 kB URL HTTP/2 s10.histats.com/js15_as.js
IP
File type HTML document, ASCII text, with very long lines (11440), with no line terminators
Hash ed192092c129db6123a3397855f42619
067e9b8e26cf6246eb84c6b9cf3da0c192ce7b3e
998fff486a7fb38b6ed445edc36c9b317b70950cd39efcf4012ca641312fcee1
GET /js15_as.js HTTP/1.1
Host: s10.histats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thedailyberkasedu.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 04 Oct 2022 15:19:24 GMT
etag: "-375139978"
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
x-request-id: 481985331
content-type: application/javascript; charset=UTF-8
content-encoding: br
x-cdn-pop: sbg
x-cdn-pop-ip: 137.74.120.0/27
x-cacheable: Matched cache
accept-ranges: bytes
content-length: 4364
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash ff433c9569a3557d806b1480aeafece9
20bbd46383b85326837f45290ff87df708b3b310
e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6744
Expires: Tue, 04 Oct 2022 17:13:27 GMT
Date: Tue, 04 Oct 2022 15:21:03 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash ff433c9569a3557d806b1480aeafece9
20bbd46383b85326837f45290ff87df708b3b310
e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6744
Expires: Tue, 04 Oct 2022 17:13:27 GMT
Date: Tue, 04 Oct 2022 15:21:03 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash ff433c9569a3557d806b1480aeafece9
20bbd46383b85326837f45290ff87df708b3b310
e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6744
Expires: Tue, 04 Oct 2022 17:13:27 GMT
Date: Tue, 04 Oct 2022 15:21:03 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash ff433c9569a3557d806b1480aeafece9
20bbd46383b85326837f45290ff87df708b3b310
e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6744
Expires: Tue, 04 Oct 2022 17:13:27 GMT
Date: Tue, 04 Oct 2022 15:21:03 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F545190f2-96f3-40f8-bd46-cebe7171aee7.webp
200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F545190f2-96f3-40f8-bd46-cebe7171aee7.webp
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d8c08f8066cc732de8befd6ccd629a95
22aab05208a01ae5def4d63dc145085630f57bcb
f8a560a0563518d992d0bd2655d2b5c406435a18e874ca00b51374d2ff901770
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F545190f2-96f3-40f8-bd46-cebe7171aee7.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9917
x-amzn-requestid: 2dff93d9-795d-4885-9b82-610b0d235a82
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpvTGEnIAMF1zg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5661-117afa703663ada75627792c;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:38:41 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: p5nOqBojKO6S-c_DxIu8B3p-NK0pzRHkz0DOPeyv7PQt9h0x1jdtoQ==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:55:54 GMT
age: 62709
etag: "22aab05208a01ae5def4d63dc145085630f57bcb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8641c47a-9aff-4f73-bb07-6770cbbcc8d6.jpeg
200 OK 5.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8641c47a-9aff-4f73-bb07-6770cbbcc8d6.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6c6882c60d7ca6f918c77104e3ad1d52
20ef861be49c652a938e0145e4ca3a60159367e2
861f5870990fbd2939d151ae18384cf311e87067ca9a50818efe0c2d51b83088
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8641c47a-9aff-4f73-bb07-6770cbbcc8d6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5504
x-amzn-requestid: 37405eb0-5c75-46a9-84c0-e8ed726995d8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpHvHPvoAMF3mg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5564-77fd550b58af612525e74761;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:34:28 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Ovm2wuk28PygH4EZNEUoPchoHQggWCyXbYHOjMV1tZmfyDrL6PjPZA==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 22:29:19 GMT
age: 60704
etag: "20ef861be49c652a938e0145e4ca3a60159367e2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg
200 OK 6.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 206fb65e75dbadf119512f71e0b78402
58ff0bf8ce7528b303d28bab01a80ad721705569
56c8d5f3b3060ee54bf81995269b86c070855d8c33bf437161339a45b309703f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6315
x-amzn-requestid: 6aa75b16-32e4-48a7-9fb0-9e3d5528c2d5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWSdsHUnIAMFXtw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338cabd-742d8a436403683e0cd9368f;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 23:18:21 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 5sAzc5Ewv4g6Wqq6JJiLylG3Jyy_nlWrr5Oteeo6ebEgq7Rvss4XaQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Tue, 04 Oct 2022 04:42:53 GMT
age: 38290
etag: "58ff0bf8ce7528b303d28bab01a80ad721705569"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fec31ab6c-46f2-4d77-a807-9f14bb5073bc.jpeg
200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fec31ab6c-46f2-4d77-a807-9f14bb5073bc.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 54b3ef7aa50273b78b59c24511b0c1f9
e2ea2ef6805e391c497e62e101e76a0bdecfce64
296e8954022d5160137b3e02ab5085a15cee7c23cd6d4ca61b36880706062457
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fec31ab6c-46f2-4d77-a807-9f14bb5073bc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11955
x-amzn-requestid: ce6bbe93-95b0-4b6e-a8bc-012796485e67
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zcqb9FUtoAMF0WQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b577f-59dc0a18523f900a059aa5df;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:43:27 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: tJwzKfs7HnQ7dVcINwnlzxTChXiEi4JPj8jrS8p5KhurRx_o3ZVOZQ==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 22:10:59 GMT
etag: "e2ea2ef6805e391c497e62e101e76a0bdecfce64"
content-type: image/jpeg
age: 61804
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a61745f-0c9b-404a-ba22-0a69cf2f0383.jpeg
200 OK 4.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a61745f-0c9b-404a-ba22-0a69cf2f0383.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6779181f9c06975f2a662da743893939
585e7146fd24cdc2496b05baafea04091dc541e2
8e9a9f92fd89b7cdce77884ccd76b83ab82d28f125ebfc1cb0d371d4046b7985
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a61745f-0c9b-404a-ba22-0a69cf2f0383.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4858
x-amzn-requestid: fb21c414-2994-444a-a838-e643fd05b171
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpvTEfPoAMFfeQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5661-593dd8043b0490e7301cac0d;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:38:41 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: MiSh_FjAciKCaOakY2mM_EHBN1Z6GIDYIP8mwS4ikkrToQN3Ktsv2g==
via: 1.1 773ca14e6bd4bf9244988cb69fc9dca8.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:56:46 GMT
age: 62657
etag: "585e7146fd24cdc2496b05baafea04091dc541e2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffdb412b7-1bf6-4a48-b9f1-b171f540e434.jpeg
200 OK 4.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffdb412b7-1bf6-4a48-b9f1-b171f540e434.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 24a4a122273ef9f772852031eb13114a
c20f1fac9020eb4bd6c84583f73872979639b991
8e1ffbed5f156637ed2f22e81d03f6d85eff0c28237c1639ea5f977e92ee7b70
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffdb412b7-1bf6-4a48-b9f1-b171f540e434.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4151
x-amzn-requestid: f709a11e-cbea-4965-8502-94ddbd8768bb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpvSF3YIAMFdow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5661-29bfa31d51e8f60b38136dba;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:38:41 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 7H1QKlOtoBoVz93G5lddxHSGiTjtMnHJCZX5FhwqhNPkspslaDoFQA==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:57:01 GMT
age: 62642
etag: "c20f1fac9020eb4bd6c84583f73872979639b991"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash a51da161ea75698ec91119191a6084d2
b48ebd22b615d419993bbacded9ad4469be82462
52b0a842e43ea375bc9999831c5116c7ce34f3e293c8fa8fcb8bb6a42637d474
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "52B0A842E43EA375BC9999831C5116C7CE34F3E293C8FA8FCB8BB6A42637D474"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2145
Expires: Tue, 04 Oct 2022 15:56:48 GMT
Date: Tue, 04 Oct 2022 15:21:03 GMT
Connection: keep-alive
s4.histats.com/stats/0.php?4553652&@f16&@g1&@h1&@i1&@j1664896862170&@k0&@l1&@mKunci%20Jawaban%20Auditing%20Dan%20Jasa%20Assurance%20Bab%2021%20%2F%20Kunci%20Jawaban%20Buku%20Auditing%20Dan%20Jasa%20Assurance%20Arens%20Jilid%202%20Berbagai%20Buku%20-%20Tanggung%20jawab%20dan%20tujuan%20audit.%20-%20thedailyberkasedu&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:132817730&@b3:1664896862&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fthedailyberkasedu.blogspot.com%2F2021%2F09%2Fkunci-jawaban-auditing-dan-jasa.html&@w
200 OK 51 B URL HTTP/1.1 s4.histats.com/stats/0.php?4553652&@f16&@g1&@h1&@i1&@j1664896862170&@k0&@l1&@mKunci%20Jawaban%20Auditing%20Dan%20Jasa%20Assurance%20Bab%2021%20%2F%20Kunci%20Jawaban%20Buku%20Auditing%20Dan%20Jasa%20Assurance%20Arens%20Jilid%202%20Berbagai%20Buku%20-%20Tanggung%20jawab%20dan%20tujuan%20audit.%20-%20thedailyberkasedu&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:132817730&@b3:1664896862&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fthedailyberkasedu.blogspot.com%2F2021%2F09%2Fkunci-jawaban-auditing-dan-jasa.html&@w
IP
File type ASCII text, with no line terminators
Hash 55fa4a8be68cc753843e862f915a7ce8
d912ac914d9a473192ea581d096a56f419308433
cc37a0f9e3f2c2f9f30c9e0968162a58d624ba50685e607a4013fd9c2abe92ae
GET /stats/0.php?4553652&@f16&@g1&@h1&@i1&@j1664896862170&@k0&@l1&@mKunci%20Jawaban%20Auditing%20Dan%20Jasa%20Assurance%20Bab%2021%20%2F%20Kunci%20Jawaban%20Buku%20Auditing%20Dan%20Jasa%20Assurance%20Arens%20Jilid%202%20Berbagai%20Buku%20-%20Tanggung%20jawab%20dan%20tujuan%20audit.%20-%20thedailyberkasedu&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:132817730&@b3:1664896862&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fthedailyberkasedu.blogspot.com%2F2021%2F09%2Fkunci-jawaban-auditing-dan-jasa.html&@w HTTP/1.1
Host: s4.histats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thedailyberkasedu.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 15:21:03 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 51
Connection: close
incomprehensibleacrid.com/sbar.json?key=96787a1945876b1a9c10f79941441964&uuid=f9e98430-ceb7-4625-be37-48737ecfa4ed%3A3%3A1
200 OK 4.0 kB URL HTTP/1.1 incomprehensibleacrid.com/sbar.json?key=96787a1945876b1a9c10f79941441964&uuid=f9e98430-ceb7-4625-be37-48737ecfa4ed%3A3%3A1
IP
ASN #39572 DataWeb Global Group B.V.
File type JSON data\012- , ASCII text, with very long lines (5753), with no line terminators
Hash da2a9481cd4438720b868ba80ad99f31
41bc6ae73d5157714ed4854ffc468c70a0c54b1b
c91d46c67a14a74842eafc967ee0786b330315205ef2b8350aac46f25cc0124a
Analyzer Verdict Alert quad9 Sinkholed
GET /sbar.json?key=96787a1945876b1a9c10f79941441964&uuid=f9e98430-ceb7-4625-be37-48737ecfa4ed%3A3%3A1 HTTP/1.1
Host: incomprehensibleacrid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://thedailyberkasedu.blogspot.com
Connection: keep-alive
Referer: https://thedailyberkasedu.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Tue, 04 Oct 2022 15:21:03 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://thedailyberkasedu.blogspot.com
Access-Control-Allow-Origin: https://thedailyberkasedu.blogspot.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=15809834; expires=Wed, 05 Oct 2022 15:21:03 GMT; secure; SameSite=None
uid_id2=f9e98430-ceb7-4625-be37-48737ecfa4ed:3:1; expires=Tue, 11 Oct 2022 15:21:03 GMT; secure; SameSite=None
pdhtkv=true; expires=Wed, 05 Oct 2022 15:21:03 GMT; secure; SameSite=None
uncs=1; expires=Wed, 05 Oct 2022 15:21:03 GMT; secure; SameSite=None
pdhtkv29=true; expires=Wed, 05 Oct 2022 15:21:03 GMT; secure; SameSite=None
uncs29=1; expires=Wed, 05 Oct 2022 15:21:03 GMT; secure; SameSite=None
slec96787a1945876b1a9c10f79941441964=[3364848]; expires=Tue, 04 Oct 2022 15:21:08 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 914fc83dc208d516fc86869bc954c59b
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ocsp.digicert.com/
200 OK 280 B IP
Hash a1c45d147edffcf7edf9a2a6efcc27d1
3377fb5f6ff4311aa5ba6087dd389074fae7279c
5658f0c18fb7b3e8c28473d83dddae2d7672c70746004f49a04e9d00582bf587
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3811
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 15:21:03 GMT
Last-Modified: Tue, 04 Oct 2022 14:17:32 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 280
incomprehensibleacrid.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSQYscRRitzkYQPKm5KCpz8KDiznbP9HZPGyWYxJXgJhsSJd5idVXNpNzqrqaqa3p2D7IYlBzHHyD0vtnNEo2i4NUgs4EcFoSMpz24v8EgxIsHmcni6Hf53qv3Dq9e1Zfb7oj4cPTw%2FEW9KZWiS8tNv%2FHax0FwurEqczdoDDrR9Sg83TD9t5Ko6b%2FeeF%2Bwdb3U8gPfD%2FygsSKN6OrB0lSELO4mQTPxm2GrGSyHGJj%2Fc%2Bs8WOqB94%2FIc5B8cvK%2BdwqSjZFnP5wXdr3UxZvvZU7RUhv0%2Bd5H%2BXquqxzZHHaNh26%2Bd%2ByGtg9X7kHnu7O40P1%2FjamcEO%2FBPaT53nFIpP2dWc5UQeRI%2BTOo%2BmMINYakYzB9E5I%2FJADjuLSGPLt9SZuKbjxR6VSdkJOP%2F4SsJuTk76eQZ9%2BfVXLQuKqVK6XOLQbdGnIwhuyNUbh9lJsnIKt9sPJzSP4rWXq8ijzbWbNKQ%2FLDV7uJSDph219kIo0Xw6i1vJiKdrwYduJ2LFiXhoLPCpJyDNkdQ4khqF2Asx6c9OC6HlzhIeOHDRYEQexzRv1OwlibxyKNuB%2FQuBvQwI86cGx6hyHKYgimhmBmC4XZwrocwrhfYG%2FUsNyDLQn6vEYlCCpLUFGCShJUJUHVr3e5si1b3%2BbKujQ43q3j3a5Huuxt011d9kROtosj8uysuEfvvIF1cdhIorgT0yAJlztxlAY0YYHfjZMkDMIwSKIQVtaQ9gSo9bApJ%2BT5%2FC8UckJOfH0OKd2HVftg8iVQ9zJoNYpbPuiNUdjxsZl%2FJ1XmrLaSqqbk4LpGUT6FcsPbVkfkhVmQ9rU%2FINjBmU%2FSi5NHd%2F4GMzUKU%2BNTeZ%2Bgp26NruiK7FzRlSU%2FrhWlzOQmnb7u1ZKWYuGbD8RGpQ2%2FcN4O77zLpsIU3v1Q2HKV5lzmPUu%2BPSs5F2ZFGybIzxfsNZFedvbGWWdyV6xePrdyISuMsFbqfAwqJ4Q8OACTE%2FL0T7uzj%2FviF59BmjGMq5G5A3I8kHofrNiCLeb5rV6AUXNPWnioXD0yrXR%2BqCSBEnNO0xr2Pzyd4217Cz3zCmh5E3lWo29q9FUNqoawbmFUFubgzG%2Ft2SBV3ihVxttJlVFfPSnXysNG3G77NEqWgzimIk7DVqcbBZzSVhi1ooi2UdoJe3vt%2Bj8AAAD%2F%2FwEAAP%2F%2Fg5q8QYMEAAA%3D
200 OK 7 B URL HTTP/1.1 incomprehensibleacrid.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSQYscRRitzkYQPKm5KCpz8KDiznbP9HZPGyWYxJXgJhsSJd5idVXNpNzqrqaqa3p2D7IYlBzHHyD0vtnNEo2i4NUgs4EcFoSMpz24v8EgxIsHmcni6Hf53qv3Dq9e1Zfb7oj4cPTw%2FEW9KZWiS8tNv%2FHax0FwurEqczdoDDrR9Sg83TD9t5Ko6b%2FeeF%2Bwdb3U8gPfD%2FygsSKN6OrB0lSELO4mQTPxm2GrGSyHGJj%2Fc%2Bs8WOqB94%2FIc5B8cvK%2BdwqSjZFnP5wXdr3UxZvvZU7RUhv0%2Bd5H%2BXquqxzZHHaNh26%2Bd%2ByGtg9X7kHnu7O40P1%2FjamcEO%2FBPaT53nFIpP2dWc5UQeRI%2BTOo%2BmMINYakYzB9E5I%2FJADjuLSGPLt9SZuKbjxR6VSdkJOP%2F4SsJuTk76eQZ9%2BfVXLQuKqVK6XOLQbdGnIwhuyNUbh9lJsnIKt9sPJzSP4rWXq8ijzbWbNKQ%2FLDV7uJSDph219kIo0Xw6i1vJiKdrwYduJ2LFiXhoLPCpJyDNkdQ4khqF2Asx6c9OC6HlzhIeOHDRYEQexzRv1OwlibxyKNuB%2FQuBvQwI86cGx6hyHKYgimhmBmC4XZwrocwrhfYG%2FUsNyDLQn6vEYlCCpLUFGCShJUJUHVr3e5si1b3%2BbKujQ43q3j3a5Huuxt011d9kROtosj8uysuEfvvIF1cdhIorgT0yAJlztxlAY0YYHfjZMkDMIwSKIQVtaQ9gSo9bApJ%2BT5%2FC8UckJOfH0OKd2HVftg8iVQ9zJoNYpbPuiNUdjxsZl%2FJ1XmrLaSqqbk4LpGUT6FcsPbVkfkhVmQ9rU%2FINjBmU%2FSi5NHd%2F4GMzUKU%2BNTeZ%2Bgp26NruiK7FzRlSU%2FrhWlzOQmnb7u1ZKWYuGbD8RGpQ2%2FcN4O77zLpsIU3v1Q2HKV5lzmPUu%2BPSs5F2ZFGybIzxfsNZFedvbGWWdyV6xePrdyISuMsFbqfAwqJ4Q8OACTE%2FL0T7uzj%2FviF59BmjGMq5G5A3I8kHofrNiCLeb5rV6AUXNPWnioXD0yrXR%2BqCSBEnNO0xr2Pzyd4217Cz3zCmh5E3lWo29q9FUNqoawbmFUFubgzG%2Ft2SBV3ihVxttJlVFfPSnXysNG3G77NEqWgzimIk7DVqcbBZzSVhi1ooi2UdoJe3vt%2Bj8AAAD%2F%2FwEAAP%2F%2Fg5q8QYMEAAA%3D
IP
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSQYscRRitzkYQPKm5KCpz8KDiznbP9HZPGyWYxJXgJhsSJd5idVXNpNzqrqaqa3p2D7IYlBzHHyD0vtnNEo2i4NUgs4EcFoSMpz24v8EgxIsHmcni6Hf53qv3Dq9e1Zfb7oj4cPTw%2FEW9KZWiS8tNv%2FHax0FwurEqczdoDDrR9Sg83TD9t5Ko6b%2FeeF%2Bwdb3U8gPfD%2FygsSKN6OrB0lSELO4mQTPxm2GrGSyHGJj%2Fc%2Bs8WOqB94%2FIc5B8cvK%2BdwqSjZFnP5wXdr3UxZvvZU7RUhv0%2Bd5H%2BXquqxzZHHaNh26%2Bd%2ByGtg9X7kHnu7O40P1%2FjamcEO%2FBPaT53nFIpP2dWc5UQeRI%2BTOo%2BmMINYakYzB9E5I%2FJADjuLSGPLt9SZuKbjxR6VSdkJOP%2F4SsJuTk76eQZ9%2BfVXLQuKqVK6XOLQbdGnIwhuyNUbh9lJsnIKt9sPJzSP4rWXq8ijzbWbNKQ%2FLDV7uJSDph219kIo0Xw6i1vJiKdrwYduJ2LFiXhoLPCpJyDNkdQ4khqF2Asx6c9OC6HlzhIeOHDRYEQexzRv1OwlibxyKNuB%2FQuBvQwI86cGx6hyHKYgimhmBmC4XZwrocwrhfYG%2FUsNyDLQn6vEYlCCpLUFGCShJUJUHVr3e5si1b3%2BbKujQ43q3j3a5Huuxt011d9kROtosj8uysuEfvvIF1cdhIorgT0yAJlztxlAY0YYHfjZMkDMIwSKIQVtaQ9gSo9bApJ%2BT5%2FC8UckJOfH0OKd2HVftg8iVQ9zJoNYpbPuiNUdjxsZl%2FJ1XmrLaSqqbk4LpGUT6FcsPbVkfkhVmQ9rU%2FINjBmU%2FSi5NHd%2F4GMzUKU%2BNTeZ%2Bgp26NruiK7FzRlSU%2FrhWlzOQmnb7u1ZKWYuGbD8RGpQ2%2FcN4O77zLpsIU3v1Q2HKV5lzmPUu%2BPSs5F2ZFGybIzxfsNZFedvbGWWdyV6xePrdyISuMsFbqfAwqJ4Q8OACTE%2FL0T7uzj%2FviF59BmjGMq5G5A3I8kHofrNiCLeb5rV6AUXNPWnioXD0yrXR%2BqCSBEnNO0xr2Pzyd4217Cz3zCmh5E3lWo29q9FUNqoawbmFUFubgzG%2Ft2SBV3ihVxttJlVFfPSnXysNG3G77NEqWgzimIk7DVqcbBZzSVhi1ooi2UdoJe3vt%2Bj8AAAD%2F%2FwEAAP%2F%2Fg5q8QYMEAAA%3D HTTP/1.1
Host: incomprehensibleacrid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thedailyberkasedu.blogspot.com/
Cookie: u_pl=15809834; uid_id2=f9e98430-ceb7-4625-be37-48737ecfa4ed:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec96787a1945876b1a9c10f79941441964=[3364848]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Tue, 04 Oct 2022 15:21:03 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a77ef3d2824e6862fef7e2e4cc132756
Strict-Transport-Security: max-age=0; includeSubdomains
i1.wp.com/s1.bukalapak.com/img/6189701252/w-1000/IMG_20180412_012529_scaled.jpg
200 OK 45 kB URL HTTP/2 i1.wp.com/s1.bukalapak.com/img/6189701252/w-1000/IMG_20180412_012529_scaled.jpg
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1000x1333, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 0719e728769af20b15a729dec5104128
7051d1fc73910575cef3f3b8881d6f63fc493778
cd54d6b4fa1213d25607b9ba97a1a699b8ea84683d8752c38a6840c81c9faaeb
GET /s1.bukalapak.com/img/6189701252/w-1000/IMG_20180412_012529_scaled.jpg HTTP/1.1
Host: i1.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thedailyberkasedu.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 15:21:03 GMT
content-type: image/webp
content-length: 45350
last-modified: Tue, 04 Oct 2022 15:21:03 GMT
expires: Fri, 04 Oct 2024 03:21:03 GMT
cache-control: public, max-age=63115200
link: <http://s1.bukalapak.com/img/6189701252/w-1000/IMG_20180412_012529_scaled.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "cd062d74825815a4"
vary: Accept
x-nc: MISS arn 2
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash a7395fbf71381e7b99a8f2dc723aeca6
1c17cde68b62dde4c2871178e45274c60f666d16
b3df570e2fbb53547e0b3722e77b0f31e6abbf27b9c27834411e6bd70884e067
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B3DF570E2FBB53547E0B3722E77B0F31E6ABBF27B9C27834411E6BD70884E067"
Last-Modified: Mon, 03 Oct 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15332
Expires: Tue, 04 Oct 2022 19:36:36 GMT
Date: Tue, 04 Oct 2022 15:21:04 GMT
Connection: keep-alive
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash 66909c9078632d44ebf4a15cd12a5595
c11a63fa7f302a0bafc7f20821d0e9ca9328f9d2
b525db57340ac0c9ac960f9e711431b1992008b5b1506d72e8260ad3743b8f3b
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "B525DB57340AC0C9AC960F9E711431B1992008B5B1506D72E8260AD3743B8F3B"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5219
Expires: Tue, 04 Oct 2022 16:48:03 GMT
Date: Tue, 04 Oct 2022 15:21:04 GMT
Connection: keep-alive
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash 66909c9078632d44ebf4a15cd12a5595
c11a63fa7f302a0bafc7f20821d0e9ca9328f9d2
b525db57340ac0c9ac960f9e711431b1992008b5b1506d72e8260ad3743b8f3b
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "B525DB57340AC0C9AC960F9E711431B1992008B5B1506D72E8260AD3743B8F3B"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5219
Expires: Tue, 04 Oct 2022 16:48:03 GMT
Date: Tue, 04 Oct 2022 15:21:04 GMT
Connection: keep-alive
cdn.yourwebbars.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/index.html
200 OK 596 B URL HTTP/2 cdn.yourwebbars.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/index.html
IP
File type HTML document, ASCII text
Hash 2bb74ed6057da5549215f27be9259978
29d846959f23ecc05066ff6d4a5a81ce43990c2c
3b13560546a94267cefba02c4ba81853c9de6e01d439c0f3550d0d712eff6717
GET /sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/index.html HTTP/1.1
Host: cdn.yourwebbars.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://thedailyberkasedu.blogspot.com
Connection: keep-alive
Referer: https://thedailyberkasedu.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 04 Oct 2022 15:21:04 GMT
content-type: text/html
last-modified: Wed, 09 Feb 2022 14:12:53 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lwE05Kpr%2Bdr9fPyBNk1pMzaZ6NvBESjak%2B8be7KH8yGYJFyHWnqP%2BanjnrqWq9xsIqmxxNvPscJ3%2Btarkq%2B5yAx3KQpN%2B4FhmgPv3PqBXZjkHuvjbY4TgJA0WzziWhDD3tslYFc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 754ee7b648c6b509-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/img/close.png
200 OK 6.0 kB URL HTTP/2 cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/img/close.png
IP
File type PNG image data, 522 x 391, 8-bit/color RGBA, non-interlaced\012- data
Hash c489ce2c491a22ee37a55e26a92dfd73
2fa588ab09e94dd902e5bd24b48f98ad1949c9d6
1eed147c7d5de6291c25fbc5274830c12d5549262fb144271576d4e15966e5bd
GET /sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/img/close.png HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 04 Oct 2022 15:21:04 GMT
content-type: image/png
content-length: 5982
last-modified: Fri, 21 May 2021 10:10:48 GMT
etag: "60a78728-175e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 5375776
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8f6EZrizNDhgRWUTINTVb9r2jN1FgGetBK8POjBBvCw9kqFNqzXYlgLxnaev0hhc%2BXs6ggeAPtXKC24X%2BBXPThXjq%2F4wgBRDcqvhi96XgciBtgPQES4GCEoTBgMd%2FX%2FPOTg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 754ee7baeeb971b6-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/img/arrow.png
200 OK 2.0 kB URL HTTP/2 cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/img/arrow.png
IP
File type PNG image data, 52 x 81, 8-bit/color RGBA, non-interlaced\012- data
Hash ef2bad0eceeff00bf615df0a433a5bff
a910af81d23d78c96283b46c241d3d9652562009
9c362044a93ac6919b7174a1620d4d82dbe1940a450aea1abca32a48fd160d40
GET /sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/img/arrow.png HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 04 Oct 2022 15:21:04 GMT
content-type: image/png
content-length: 2008
last-modified: Fri, 21 May 2021 10:10:48 GMT
etag: "60a78728-7d8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 5375776
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RljmpyiXlGNqN4yriSNUo62F%2FhwYCEFdfT4NMcm%2BtO6w6dibsaR3O8VwvqIA0C48OdgW4L8oZoBlh50spBonMccZjKuItPKD7FG4H4af%2FCzl1wY0tFD2vf6QTLbtvDlv%2FyM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 754ee7baeeba71b6-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 9e40b2c69615f45f2bc898334ab3e343
6a569648ed10564e126d3bbf3f91352e6b3f6d4f
4f1d0982c58b9bbeaa266b99292baa1a00c9e39280f73d5a525722c851e15981
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 15:21:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/img/number.png
200 OK 1.1 kB URL HTTP/2 cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/img/number.png
IP
File type PNG image data, 43 x 43, 8-bit/color RGBA, non-interlaced\012- data
Hash 9e4414e85c588bf7db195e49c02ab2bb
09254e79b255f1b2dfe45adbbe44583a4b433782
0b977ec6e7cf5d35df03cd3a8041f5f523f5d4059ac67c152c0a7b613e20b762
GET /sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/img/number.png HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 04 Oct 2022 15:21:04 GMT
content-type: image/png
content-length: 1138
last-modified: Fri, 21 May 2021 10:10:48 GMT
etag: "60a78728-472"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 5375776
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Eh2XsQ7UYL8c3HUui%2F%2BCddF52zfbXJZ7s7GHIsKAWI7L%2BwxFe6gvTS%2BoJSjb7p%2FJ%2BinjwH9fJuCEoMDp9FVHnN%2FmwfRsq7K5c%2Fs9KX669%2Bgr9PluClDKViEVabekRfe4TPY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 754ee7baeebb71b6-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/img/icon.png
200 OK 157 kB URL HTTP/2 cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/img/icon.png
IP
File type PNG image data, 340 x 340, 8-bit/color RGB, non-interlaced\012- data
Size 157 kB (157252 bytes)
Hash 70ffdd6375de1144c67e71e385cedb80
6d5c9590fa9a156851435bcefc963949de13ceb1
18515abb1bfe26c5b54bbbdc24aac4e8a757f879eeaa9c0ad986dc0c8d5ca0af
GET /sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/img/icon.png HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 04 Oct 2022 15:21:04 GMT
content-type: image/png
content-length: 157252
last-modified: Tue, 08 Feb 2022 14:14:59 GMT
etag: "62027ae3-26644"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 5375776
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=72lT8vNdt7iq1CWTYf4TiD%2BbFSn09BiNajIzL9LjVqq8ejMZ5HYRnkL9iNOUTMcM0SAlPxCfMrGWeUWRZ2M0w3j83xvVm9jvwveTUAtHlCQ%2FssKLoLGkgE28VB0DSqaX5jo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 754ee7bafebd71b6-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash 66909c9078632d44ebf4a15cd12a5595
c11a63fa7f302a0bafc7f20821d0e9ca9328f9d2
b525db57340ac0c9ac960f9e711431b1992008b5b1506d72e8260ad3743b8f3b
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "B525DB57340AC0C9AC960F9E711431B1992008B5B1506D72E8260AD3743B8F3B"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5219
Expires: Tue, 04 Oct 2022 16:48:03 GMT
Date: Tue, 04 Oct 2022 15:21:04 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 9e40b2c69615f45f2bc898334ab3e343
6a569648ed10564e126d3bbf3f91352e6b3f6d4f
4f1d0982c58b9bbeaa266b99292baa1a00c9e39280f73d5a525722c851e15981
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 15:21:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
unseenreport.com/pxf.gif?uuid=f9e98430-ceb7-4625-be37-48737ecfa4ed&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.31&b_frame=0&pk=96787a1945876b1a9c10f79941441964&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=15
200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=f9e98430-ceb7-4625-be37-48737ecfa4ed&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.31&b_frame=0&pk=96787a1945876b1a9c10f79941441964&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=15
IP
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=f9e98430-ceb7-4625-be37-48737ecfa4ed&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.31&b_frame=0&pk=96787a1945876b1a9c10f79941441964&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=15 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thedailyberkasedu.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Tue, 04 Oct 2022 15:21:04 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 1c952cb8be7bd05522971add75e00463
Strict-Transport-Security: max-age=0; includeSubdomains
cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/css/style.css
200 OK 2.3 kB URL HTTP/2 cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/css/style.css
IP
Hash 9e6a3139b133de29072d71c14963a1ac
074519fd7d10afb7ddd5133fd66fd0c503618976
089d7f1a16fd6ebbd1b9cc479cb07fe452b6a28ce5696c94102aaf52736a7ce4
GET /sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/css/style.css HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://thedailyberkasedu.blogspot.com
Connection: keep-alive
Referer: https://thedailyberkasedu.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 04 Oct 2022 15:21:04 GMT
content-type: text/css
last-modified: Mon, 31 Jan 2022 14:46:40 GMT
etag: W/"61f7f650-2516"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UBrSyW8QGp3K%2B8Y2FocY5Kw7yTWN1Eb8N6zgiPr4UvoHwOnHd3sgO%2FNnaBezT5Arc38MbIOL32utdt%2B05uM9wCGFDMXyBP6D5q4nFT45IRZCUEW2l3wSSNMZN0cXlED6djE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 754ee7bace8a71b6-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
incomprehensibleacrid.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fsimple_bubbleicon%2F15%2Fcss%2Fanimate.css&l=79249&fd=380
200 OK 0 B URL HTTP/1.1 incomprehensibleacrid.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fsimple_bubbleicon%2F15%2Fcss%2Fanimate.css&l=79249&fd=380
IP
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fsimple_bubbleicon%2F15%2Fcss%2Fanimate.css&l=79249&fd=380 HTTP/1.1
Host: incomprehensibleacrid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thedailyberkasedu.blogspot.com/
Cookie: u_pl=15809834; uid_id2=f9e98430-ceb7-4625-be37-48737ecfa4ed:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec96787a1945876b1a9c10f79941441964=[3364848]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Tue, 04 Oct 2022 15:21:04 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/css/animate.css
200 OK 4.8 kB URL HTTP/2 cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/css/animate.css
IP
Hash c91016401e0a0b7b3d7572de48c76597
12fb634abb5e708b4f55d1489055b4f626d3cdd1
2472e286e0bf6f54cef9d99e9c63301c873fa02bc4e3979e1a18587a6d973120
GET /sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/css/animate.css HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://thedailyberkasedu.blogspot.com
Connection: keep-alive
Referer: https://thedailyberkasedu.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 04 Oct 2022 15:21:04 GMT
content-type: text/css
last-modified: Fri, 21 May 2021 10:10:46 GMT
etag: W/"60a78726-13591"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9F0u%2FFCChukYJA7WFZG2FBI97nHSz3aznDxXYGaNxZtQ6hSeNvidDk2KMHl1qxGAnHhZIdJJDrt%2FK6VEymHt1DPXIu5SUPkhI9mByfKQ3z7kwDMDbz7uOpVUOJXWt69VcoE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 754ee7bace8371b6-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
incomprehensibleacrid.com/impr.gif?sid=H4sIAAAAAAAC%2F1RST4scRRytzkYQPKm5KCpz8KDiznbP9ExPGyWYxJXgJhsSJd5i%2FetJudVdTVX39GQPEgxKjuMHEHrf7GaJRlHwapDZQA4LQsbTHtzPYBDixYPMZHH0d%2Fm9V%2B8dXr2qL7fKQ%2BKjpAdnz5tNpTVd6TT9xmsfB8HJxprKymFj2Ote7YYnG3bwVtxt%2Bq833pd8w6y0%2FMD3Az9orCorEzNcmYlQ%2Bd04aMZ%2BM2w1g06Iof0%2Fd6UHRz2IwSF5DkpMj9%2F3TkDxCbL0h7PSbRQmf%2FO9tNS0MBYDsftRtpGZKkO6gIn1kGS7R24Y93D1Hky2M48LM%2FjXyNSUeA%2FugWW7RyHBBtvznExDZmDiGVSDCaSeQNEJuLkJJR4SgAtcWEeW3r5gbEWvP1HpTJ2S44%2F%2FhKqm5PjvJ5Cl35%2FWati4bHRZKJM5DJMaajiB6k%2BQl3soNo9BVXvgxedQ4ley8ngNWbq97rSBEgevJrGMe2HbX%2BaSRctht9VZZrIdLYe9qB1JntBQinlBSk2gkgm0HIG6JZTOQ6k8lImHMveQioMGD4Ig8gWnfi%2FmvC0iybrCD2iUBDTwuz2UfHaHEYp8BK5H4PYGcnsDG2oEW%2F4Cd62GEx5cQTAQNSpJUDmCihJUiqAqCKpBvSO0a7n6ttCuZMHRbh3tdj02RX%2BL7piiLzOylR%2BSZ%2BfFPXrnDWzIg0bcjXoRDeKw04u6LKAxD%2FwkiuMwCMMg7oZwqoZyx0Cdh001Jc9nfyFXU3Ls6zNgdA9O74Grl0DLl0GrcdTyQa%2BNw56Pzew7pdPSGaeobioBYWrkxVMorntb%2BpC8MA%2FSvvIHJN8%2F9Qk7P310529wWyO3NT5V9wn6%2Btb4kqnI9iVTOfLjel6oVG3S2eteLmghl775QF6vjBXnzrrRnXf5TJjBux9KV6zRTKis78i3p5UQ0q4ayyX5%2BZy7ItnF0l07XdqszNcunlk9l%2BZWOqdMNgFVU0Ie7IOrKXn6p535x33xi8%2Bg7AS2rJGW%2B%2BRooMweeH4DLl%2Fkd2YJVi88LPdQlfXYttjiUCsCLRecshruP5wt8Ja7hb59BbS4iSytMbA1BroG1SO4cmlc5Hb%2F1G%2Ft%2BYBpb8y09baZtvqrJ%2BU6ddBo%2ByJiMpERk2EnTCQXrNNhPk84a4tej6NwU%2F72%2BtV%2FAAAA%2F%2F8BAAD%2F%2FwNOaamDBAAA
200 OK 7 B URL HTTP/1.1 incomprehensibleacrid.com/impr.gif?sid=H4sIAAAAAAAC%2F1RST4scRRytzkYQPKm5KCpz8KDiznbP9ExPGyWYxJXgJhsSJd5i%2FetJudVdTVX39GQPEgxKjuMHEHrf7GaJRlHwapDZQA4LQsbTHtzPYBDixYPMZHH0d%2Fm9V%2B8dXr2qL7fKQ%2BKjpAdnz5tNpTVd6TT9xmsfB8HJxprKymFj2Ote7YYnG3bwVtxt%2Bq833pd8w6y0%2FMD3Az9orCorEzNcmYlQ%2Bd04aMZ%2BM2w1g06Iof0%2Fd6UHRz2IwSF5DkpMj9%2F3TkDxCbL0h7PSbRQmf%2FO9tNS0MBYDsftRtpGZKkO6gIn1kGS7R24Y93D1Hky2M48LM%2FjXyNSUeA%2FugWW7RyHBBtvznExDZmDiGVSDCaSeQNEJuLkJJR4SgAtcWEeW3r5gbEWvP1HpTJ2S44%2F%2FhKqm5PjvJ5Cl35%2FWati4bHRZKJM5DJMaajiB6k%2BQl3soNo9BVXvgxedQ4ley8ngNWbq97rSBEgevJrGMe2HbX%2BaSRctht9VZZrIdLYe9qB1JntBQinlBSk2gkgm0HIG6JZTOQ6k8lImHMveQioMGD4Ig8gWnfi%2FmvC0iybrCD2iUBDTwuz2UfHaHEYp8BK5H4PYGcnsDG2oEW%2F4Cd62GEx5cQTAQNSpJUDmCihJUiqAqCKpBvSO0a7n6ttCuZMHRbh3tdj02RX%2BL7piiLzOylR%2BSZ%2BfFPXrnDWzIg0bcjXoRDeKw04u6LKAxD%2FwkiuMwCMMg7oZwqoZyx0Cdh001Jc9nfyFXU3Ls6zNgdA9O74Grl0DLl0GrcdTyQa%2BNw56Pzew7pdPSGaeobioBYWrkxVMorntb%2BpC8MA%2FSvvIHJN8%2F9Qk7P310529wWyO3NT5V9wn6%2Btb4kqnI9iVTOfLjel6oVG3S2eteLmghl775QF6vjBXnzrrRnXf5TJjBux9KV6zRTKis78i3p5UQ0q4ayyX5%2BZy7ItnF0l07XdqszNcunlk9l%2BZWOqdMNgFVU0Ie7IOrKXn6p535x33xi8%2Bg7AS2rJGW%2B%2BRooMweeH4DLl%2Fkd2YJVi88LPdQlfXYttjiUCsCLRecshruP5wt8Ja7hb59BbS4iSytMbA1BroG1SO4cmlc5Hb%2F1G%2Ft%2BYBpb8y09baZtvqrJ%2BU6ddBo%2ByJiMpERk2EnTCQXrNNhPk84a4tej6NwU%2F72%2BtV%2FAAAA%2F%2F8BAAD%2F%2FwNOaamDBAAA
IP
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RST4scRRytzkYQPKm5KCpz8KDiznbP9ExPGyWYxJXgJhsSJd5i%2FetJudVdTVX39GQPEgxKjuMHEHrf7GaJRlHwapDZQA4LQsbTHtzPYBDixYPMZHH0d%2Fm9V%2B8dXr2qL7fKQ%2BKjpAdnz5tNpTVd6TT9xmsfB8HJxprKymFj2Ote7YYnG3bwVtxt%2Bq833pd8w6y0%2FMD3Az9orCorEzNcmYlQ%2Bd04aMZ%2BM2w1g06Iof0%2Fd6UHRz2IwSF5DkpMj9%2F3TkDxCbL0h7PSbRQmf%2FO9tNS0MBYDsftRtpGZKkO6gIn1kGS7R24Y93D1Hky2M48LM%2FjXyNSUeA%2FugWW7RyHBBtvznExDZmDiGVSDCaSeQNEJuLkJJR4SgAtcWEeW3r5gbEWvP1HpTJ2S44%2F%2FhKqm5PjvJ5Cl35%2FWati4bHRZKJM5DJMaajiB6k%2BQl3soNo9BVXvgxedQ4ley8ngNWbq97rSBEgevJrGMe2HbX%2BaSRctht9VZZrIdLYe9qB1JntBQinlBSk2gkgm0HIG6JZTOQ6k8lImHMveQioMGD4Ig8gWnfi%2FmvC0iybrCD2iUBDTwuz2UfHaHEYp8BK5H4PYGcnsDG2oEW%2F4Cd62GEx5cQTAQNSpJUDmCihJUiqAqCKpBvSO0a7n6ttCuZMHRbh3tdj02RX%2BL7piiLzOylR%2BSZ%2BfFPXrnDWzIg0bcjXoRDeKw04u6LKAxD%2FwkiuMwCMMg7oZwqoZyx0Cdh001Jc9nfyFXU3Ls6zNgdA9O74Grl0DLl0GrcdTyQa%2BNw56Pzew7pdPSGaeobioBYWrkxVMorntb%2BpC8MA%2FSvvIHJN8%2F9Qk7P310529wWyO3NT5V9wn6%2Btb4kqnI9iVTOfLjel6oVG3S2eteLmghl775QF6vjBXnzrrRnXf5TJjBux9KV6zRTKis78i3p5UQ0q4ayyX5%2BZy7ItnF0l07XdqszNcunlk9l%2BZWOqdMNgFVU0Ie7IOrKXn6p535x33xi8%2Bg7AS2rJGW%2B%2BRooMweeH4DLl%2Fkd2YJVi88LPdQlfXYttjiUCsCLRecshruP5wt8Ja7hb59BbS4iSytMbA1BroG1SO4cmlc5Hb%2F1G%2Ft%2BYBpb8y09baZtvqrJ%2BU6ddBo%2ByJiMpERk2EnTCQXrNNhPk84a4tej6NwU%2F72%2BtV%2FAAAA%2F%2F8BAAD%2F%2FwNOaamDBAAA HTTP/1.1
Host: incomprehensibleacrid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thedailyberkasedu.blogspot.com/
Cookie: u_pl=15809834; uid_id2=f9e98430-ceb7-4625-be37-48737ecfa4ed:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec96787a1945876b1a9c10f79941441964=[3364848]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Tue, 04 Oct 2022 15:21:05 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: bb98793a52778697fcecc038432e9970
Strict-Transport-Security: max-age=0; includeSubdomains
incomprehensibleacrid.com/pixel/sbs?c=1
200 OK 0 B URL HTTP/1.1 incomprehensibleacrid.com/pixel/sbs?c=1
IP
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbs?c=1 HTTP/1.1
Host: incomprehensibleacrid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thedailyberkasedu.blogspot.com/
Cookie: u_pl=15809834; uid_id2=f9e98430-ceb7-4625-be37-48737ecfa4ed:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec96787a1945876b1a9c10f79941441964=[3364848]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Tue, 04 Oct 2022 15:21:05 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
i1.wp.com/encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcRKmnsPNl8VW_T4jH5Ut6cgIklvv93eG5M4aQ&usqp=CAU
404 Not Found 0 B URL HTTP/2 i1.wp.com/encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcRKmnsPNl8VW_T4jH5Ut6cgIklvv93eG5M4aQ&usqp=CAU
IP
GET /encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcRKmnsPNl8VW_T4jH5Ut6cgIklvv93eG5M4aQ&usqp=CAU HTTP/1.1
Host: i1.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thedailyberkasedu.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Tue, 04 Oct 2022 15:21:01 GMT
content-type: text/html; charset=utf-8
x-nc: MISS arn 8
X-Firefox-Spdy: h2
i0.wp.com/d20ohkaloyme4g.cloudfront.net/img/document_thumbnails/4b7e14d90ac7705e875065e14cd7c3e6/thumb_300_388.png
403 Forbidden 0 B URL HTTP/2 i0.wp.com/d20ohkaloyme4g.cloudfront.net/img/document_thumbnails/4b7e14d90ac7705e875065e14cd7c3e6/thumb_300_388.png
IP
GET /d20ohkaloyme4g.cloudfront.net/img/document_thumbnails/4b7e14d90ac7705e875065e14cd7c3e6/thumb_300_388.png HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thedailyberkasedu.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
server: nginx
date: Tue, 04 Oct 2022 15:21:01 GMT
content-type: text/html; charset=utf-8
x-nc: MISS arn 8
X-Firefox-Spdy: h2
cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/js/jquery.min.js
200 OK 0 B URL HTTP/2 cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/js/jquery.min.js
IP
GET /sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/js/jquery.min.js HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 04 Oct 2022 15:21:04 GMT
content-type: application/javascript
last-modified: Fri, 21 May 2021 10:10:50 GMT
etag: W/"60a7872a-15d94"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 5375776
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nk7h4btM2Or7xQQOMEhyA7WgYBzTXb66hFcomMcsXGgMRWpl1yuPCRxIcVjCtveNmMyGvhBNf3gJmsrQos7IFvW5Dh76BnAmTXM%2BzLnv4iFpyLZazmesXtZlugfgNASj2xQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 754ee7bafec071b6-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
creepingbrings.com/sfp.js
200 OK 0 B URL HTTP/2 creepingbrings.com/sfp.js
IP
GET /sfp.js HTTP/1.1
Host: creepingbrings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thedailyberkasedu.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 04 Oct 2022 15:21:02 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 4380b6bd4f9000af3fba3e3cce289c27
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Tue, 04 Oct 2022 15:21:02 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z%2BHOP83%2FOvWIq4hZ2uayPycrC3%2FAnAG%2FIxndZDpTCznidNDEeyPbwk%2BsPyxIJW1kkXjbtC1AaSIkXnM9ML0spAOiRcUa0PclCKRE63r55TSdMXvc2GpFgHNZ7l%2Bz7O48s4gwdoc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 754ee7ad8d8c7511-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
IP
GET /css?family=Roboto:300,400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 04 Oct 2022 15:21:04 GMT
date: Tue, 04 Oct 2022 15:21:04 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
i0.wp.com/encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcQgtHSU7vwB2YPYaPM9NBuOkqVBORD4jQNhQQ&usqp=CAU
404 Not Found 0 B URL HTTP/2 i0.wp.com/encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcQgtHSU7vwB2YPYaPM9NBuOkqVBORD4jQNhQQ&usqp=CAU
IP
GET /encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcQgtHSU7vwB2YPYaPM9NBuOkqVBORD4jQNhQQ&usqp=CAU HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thedailyberkasedu.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Tue, 04 Oct 2022 15:21:01 GMT
content-type: text/html; charset=utf-8
x-nc: MISS arn 8
X-Firefox-Spdy: h2
142.250.74.161
158.69.251.190
23.36.77.32
93.184.220.29
3.66.118.16
46.105.201.240
0.0.0.0