Report - smkscitranegara.sch.id/tubbb/login.php

Report Overview

Submitted URL
smkscitranegara.sch.id/tubbb/login.php
IP
103.134.152.1
ASN
#138608 Cloud Host Pte Ltd
Submitted
2023-05-17 00:25:41
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
11
Threat Detection Systems
6

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2023-05-17	1.6 kB	112 kB	216.58.207.227
region1.analytics.google.com	unknown	1997-09-15	2022-03-17	2023-05-16	2.2 kB	1.3 kB	216.239.34.36
zendesk-eu.my.sentry.io	unknown	2012-04-07	2022-03-29	2023-05-16	488 B	426 B	34.89.128.121
blog.s.id	unknown	2013-08-14	2018-06-15	2023-05-16	2.4 kB	66 kB	188.114.96.1
ocsp.pki.goog	175	2016-06-13	2018-07-01	2023-05-16	3.7 kB	7.7 kB	142.250.74.131
home.s.id	488728	2013-08-14	2018-08-25	2023-05-16	1.3 kB	726 B	188.114.96.1
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2023-05-16	1.0 kB	62 kB	142.250.74.106
www.google.no	25607	2001-02-26	2016-04-05	2023-05-16	520 B	560 B	142.250.74.163
smkscitranegara.sch.id	unknown	2018-07-03	2019-06-18	2023-05-13	1.1 kB	10 kB	103.134.152.1
app.s.id	unknown	2013-08-14	2018-11-27	2023-05-16	2.1 kB	2.9 kB	45.126.58.78
ekr.zdassets.com	2396	2013-01-28	2018-06-14	2023-05-16	456 B	1.6 kB	104.18.70.113
s.id	134714	2013-08-14	2014-12-04	2023-05-16	466 B	592 B	188.114.96.1
cdn.s.id	unknown	2013-08-14	2018-08-31	2023-05-16	14 kB	1.4 MB	52.85.242.27
static.zdassets.com	2154	2013-01-28	2018-06-24	2023-05-16	1.3 kB	86 kB	104.18.72.113
www.googletagmanager.com	75	2011-11-11	2013-05-22	2023-05-16	3.5 kB	592 kB	142.250.74.168
protagcdn.com	62031	2020-04-17	2020-04-17	2023-05-16	398 B	115 kB	172.67.75.177
static.cloudflareinsights.com	1294	2019-08-30	2019-09-24	2023-05-16	486 B	20 kB	104.16.57.101

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-05-17 00:25:23	low	Client IP	Internal IP	ET INFO URL Shortener Service Domain in DNS Lookup (s .id)
2023-05-17 00:25:23	low	Client IP	Internal IP	ET INFO URL Shortener Service Domain in DNS Lookup (s .id)
2023-05-17 00:25:23	low	Client IP	188.114.96.1	ET INFO Observed URL Shortening Service Domain (s .id in TLS SNI)
2023-05-17 00:25:24	low	Client IP	Internal IP	ET INFO URL Shortener Service Domain in DNS Lookup (s .id)
2023-05-17 00:25:24	low	Client IP	Internal IP	ET INFO URL Shortener Service Domain in DNS Lookup (s .id)
2023-05-17 00:25:24	low	Client IP	Internal IP	ET INFO URL Shortener Service Domain in DNS Lookup (s .id)
2023-05-17 00:25:24	low	Client IP	Internal IP	ET INFO URL Shortener Service Domain in DNS Lookup (s .id)
2023-05-17 00:25:25	low	Client IP	Internal IP	ET INFO URL Shortener Service Domain in DNS Lookup (s .id)
2023-05-17 00:25:25	low	Client IP	Internal IP	ET INFO URL Shortener Service Domain in DNS Lookup (s .id)
2023-05-17 00:25:27	low	Client IP	Internal IP	ET INFO URL Shortener Service Domain in DNS Lookup (s .id)
2023-05-17 00:25:27	low	Client IP	Internal IP	ET INFO URL Shortener Service Domain in DNS Lookup (s .id)

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator
2023-05-17	medium	smkscitranegara.sch.id/tubbb/login.php
2023-05-17	medium	smkscitranegara.sch.id/
2023-05-17	medium	smkscitranegara.sch.id/

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (27)

	URL	Size	First Seen	Last Seen
	unknown	236 B	2023-05-11	2024-04-03
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-11 12:15:07 Last Seen2024-04-03 06:33:17 Times Seen339 Hash 69b1d9624dd2b4afe3b1bbb3065b5604 db391c0e83bfb261be30fb17489be412bec71b3f 097c9819b553f9882d00aaca5acd161e47f7e8ad49e266f2dd234b87bc6ae948 Loading...

	blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect	196 B	2023-03-07	2024-04-03
Pretty URL blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 16:34:55 Last Seen2024-04-03 06:33:17 Times Seen426 Hash c98323db1bef176960d2b1950e0800fd c3a3c7d59a039b6194c714e0af1aa73911ebd01d 5496584f2fe4ce363c48545e26b6c7756cb8399ccc481157002e175ba144422c Loading...

	static.cloudflareinsights.com/beacon.min.js/v52afc6f149f6479b8c77fa569edb01181681764108816	20 kB	2023-04-18	2024-04-21
Pretty URL static.cloudflareinsights.com/beacon.min.js/v52afc6f149f6479b8c77fa569edb01181681764108816 IP 104.16.57.101 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-18 04:27:55 Last Seen2024-04-21 01:34:52 Times Seen14481 Hash d294b48fb7400508953205265f95d2e1 fd545d38241c9c56e81f61e45cd239976ecd0b46 13a548e040a1ec08f77911fed1d559b95e5daae0ee227e632140e003c7268e7b Loading...

	securepubads.g.doubleclick.net/tag/js/gpt.js	13 kB	2023-04-05	2024-04-25
Pretty URL securepubads.g.doubleclick.net/tag/js/gpt.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-05 04:46:03 Last Seen2024-04-25 21:40:33 Times Seen30708 Hash 0c9ed134ae3d5ffe972da2a3e59dc428 620df222551395592e46e4c5f425cf23dcdad891 5f9efa604bfe2aee8c1a90376125a098306ba390530a6f9b2ecb0a67cdac178d Loading...

	blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect	251 B	2023-03-07	2024-04-03
Pretty URL blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 16:34:55 Last Seen2024-04-03 06:33:17 Times Seen426 Hash 968e084e30b878c76ecc20cc4cc6472a 9a01eea90ba2c553da933d93b626bf2afc8c72bd ed14e6cc5bb7748e4223f42b08b919001c2f851002a821b369c718bea43a2924 Loading...

	blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect	247 B	2023-03-07	2024-04-03
Pretty URL blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 16:34:55 Last Seen2024-04-03 06:33:17 Times Seen426 Hash ec9604d9253043e4c7ea1655cfefbb31 96f618deb14181f0b85c6a518ba3e5dcb4d909ff fdd1eeb2bdbe7baaf66d5fba08c2145b14a49acc590d9f02c1f9d8c534633aca Loading...

	blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect	260 B	2023-03-07	2024-04-03
Pretty URL blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 16:34:55 Last Seen2024-04-03 06:33:17 Times Seen426 Hash 06b4795adbd64ddcd90f3d56f8b77cab 82e1f620412efa5e13c1666218f356113f9c136b e847d77bd3b904a315099c754caeafb93a6aa049a5f7386c252f0d9579d2db42 Loading...

	cdn.s.id/app/p_230516ddcb39/blog/_next/static/chunks/framework-2647c7e378e02044.js	141 kB	2023-04-20	2024-02-05
Pretty URL cdn.s.id/app/p_230516ddcb39/blog/_next/static/chunks/framework-2647c7e378e02044.js IP 52.85.242.27 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-20 15:40:46 Last Seen2024-02-05 20:07:03 Times Seen395 Hash 1639a143b632bdca2ff0b6a30c784aeb d64cbc59de02eddaaa1e5f361f6927b8c1c0d712 df6ff92ab9484674635dab18aa6d97d4bdea7d26fffc3c53fc890c218e23ff7e Loading...

	blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect	224 B	2023-03-07	2024-04-03
Pretty URL blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 16:34:55 Last Seen2024-04-03 06:33:17 Times Seen426 Hash 5d3fad59fc126716231fd01bee254004 264df770cdff4f3ff4b54a280e53671e7b08d6a7 5a24aac7b928921204e217584dcea7740f14c86d961e6b30ff5219505cbeebcb Loading...

	cdn.s.id/app/p_230516ddcb39/blog/_next/static/chunks/pages/_app-3a80ef9e4649f53f.js	154 kB	2023-05-16	2023-05-17
Pretty URL cdn.s.id/app/p_230516ddcb39/blog/_next/static/chunks/pages/_app-3a80ef9e4649f53f.js IP 52.85.242.27 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-16 22:25:38 Last Seen2023-05-17 02:25:49 Times Seen7 Hash 7adb6bac7820e586b4910fecff4292e0 49838416e172abfa296f1fa1735a24589cafc7dd 03a62c1f709c2599dc273a893045e95214810ae74782c01d5121a371d59c9026 Loading...

	cdn.s.id/app/p_230516ddcb39/blog/_next/static/ELwIQCuh1HUjYVTodv86x/_ssgManifest.js	77 B	2023-03-07	2024-04-25
Pretty URL cdn.s.id/app/p_230516ddcb39/blog/_next/static/ELwIQCuh1HUjYVTodv86x/_ssgManifest.js IP 52.85.242.27 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:02 Last Seen2024-04-25 22:05:30 Times Seen85339 Hash b6652df95db52feb4daf4eca35380933 65451d110137761b318c82d9071c042db80c4036 6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e Loading...

	cdn.s.id/app/p_230516ddcb39/blog/_next/static/chunks/9849d5b5-45be35bd4b4157cd.js	2.7 kB	2023-04-20	2023-10-01
Pretty URL cdn.s.id/app/p_230516ddcb39/blog/_next/static/chunks/9849d5b5-45be35bd4b4157cd.js IP 52.85.242.27 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-20 15:40:46 Last Seen2023-10-01 14:45:37 Times Seen387 Hash ce5b46313723bd3cf5036595cef68bd3 db66130bdb125cc740f587250e0eff78a6043e89 3fd155d8504c42656f9a67bde0f6fa8c8313701dce4ca486a7d598dff22e1801 Loading...

	cdn.s.id/app/p_230516ddcb39/blog/_next/static/chunks/389-3c58604d16d9e910.js	165 kB	2023-05-03	2023-05-20
Pretty URL cdn.s.id/app/p_230516ddcb39/blog/_next/static/chunks/389-3c58604d16d9e910.js IP 52.85.242.27 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-03 20:55:46 Last Seen2023-05-20 15:40:41 Times Seen104 Hash de0723fc0f8847ef36892fad204fd180 47f047705fda7522490c9158e6dba1d6949de3f2 a918e36093fc1bc6aa3ba45dfdda02d32adeda69135a97167213d17f7c52bdbb Loading...

	cdn.s.id/app/p_230516ddcb39/blog/_next/static/chunks/pages/post/%5B...article%5D-51c50a194a28d7a1.js	23 kB	2023-05-05	2023-05-20
Pretty URL cdn.s.id/app/p_230516ddcb39/blog/_next/static/chunks/pages/post/%5B...article%5D-51c50a194a28d7a1.js IP 52.85.242.27 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-05 17:01:56 Last Seen2023-05-20 15:40:41 Times Seen92 Hash f3116f16f654e0dafdc43b1087577abf 25f71306d01b09e2caf25ee602f2e6577eda3039 4b0b85c742b9a2f7dc0cad9a5c33db6318f4965bd48d93ed24e33451a756a51d Loading...

	static.zdassets.com/ekr/snippet.js?key=1dc98855-fcfe-49a8-9ac6-f3d16b24538f	24 kB	2023-05-15	2023-07-10
Pretty URL static.zdassets.com/ekr/snippet.js?key=1dc98855-fcfe-49a8-9ac6-f3d16b24538f IP 104.18.72.113 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-15 05:31:54 Last Seen2023-07-10 06:05:33 Times Seen3558 Hash 9ce7e23b1a5cf89ecf9e795e0ccb61b4 d3c8c1151af2925bb8e1a8f1d1b679ae31285189 622be2eb8ef5825d74867a56c04c9274812a7276da1f7bd218401deb24fdc045 Loading...

	www.googletagmanager.com/gtag/js?id=G-LBWQJM5WLF	228 kB	2023-05-17	2023-05-17
Pretty URL www.googletagmanager.com/gtag/js?id=G-LBWQJM5WLF IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-17 02:25:48 Last Seen2023-05-17 02:25:48 Times Seen2 Hash 9d5bb4281c6cd9f6f1794d843f0787c1 7eacb7177c9c32763678657e111abd871ceded49 6c775583deed74a1590afae14881529e34bfc79c4fe3acaafdfe4e7c3b9008d6 Loading...

	cdn.s.id/app/p_230516ddcb39/blog/_next/static/chunks/webpack-a5376f837a525437.js	2.1 kB	2023-05-16	2023-05-17
Pretty URL cdn.s.id/app/p_230516ddcb39/blog/_next/static/chunks/webpack-a5376f837a525437.js IP 52.85.242.27 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-16 22:25:37 Last Seen2023-05-17 02:25:49 Times Seen8 Hash bcc9250b45e2c378d17f822f0a31c2a8 76b0bdcc4545517b470ebaa8de601e3fa8f71ebc 0a6d2557a2e94d730f25db042254968c5e3004d6c2c9d2dd990b6aaaa9a89a5c Loading...

	protagcdn.com/s/s.id/site.js	396 kB	2023-03-09	2023-07-17
Pretty URL protagcdn.com/s/s.id/site.js IP 172.67.75.177 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 14:57:53 Last Seen2023-07-17 21:59:01 Times Seen288 Hash 8b8ec52f223555670199afe98a1d5564 aafb241e22187b7a353ccb61547f6f2145833a44 1c47c23e57e44c1206678fcea2854a507dbd61c7db44ec7429767d82e09e6527 Loading...

	blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect	271 B	2023-03-07	2024-04-03
Pretty URL blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 16:34:55 Last Seen2024-04-03 06:33:17 Times Seen424 Hash c1058202d22ac09579022379d86826ee 1999a6d0d08b35ccd64a0ee69ae169dd3a0b3356 dad812433366937d85265938bb652a2801d9d6d4c0912abb0786fe65142fe715 Loading...

	cdn.s.id/app/p_230516ddcb39/blog/_next/static/ELwIQCuh1HUjYVTodv86x/_buildManifest.js	999 B	2023-05-16	2023-05-17
Pretty URL cdn.s.id/app/p_230516ddcb39/blog/_next/static/ELwIQCuh1HUjYVTodv86x/_buildManifest.js IP 52.85.242.27 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-16 22:25:37 Last Seen2023-05-17 02:25:49 Times Seen8 Hash 2433e6f9a9a0cce0db29145849364ab6 b74061259b98ba713b2b5d0c63385ba810f11b7f 53aca6d8f6d25abaaa9e73e196f895ad4c0939b50360b4110e41725a2647cf53 Loading...

	blog.s.id/post/2022/05/19/sandbox%20eval%20code	136 B	2023-04-11	2024-04-25
Pretty URL blog.s.id/post/2022/05/19/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-04-11 21:23:25 Last Seen2024-04-25 21:40:33 Times Seen31272 Hash fb4eb094524daea58bf7f82331598541 f5ca39eb98fa1685f8647514a627d3d7f216f7ef 7cbf1e77bb9277bac7030ded2087246adf5c59564a5a1f28ce8c09be6ef48683 Loading...

	blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect	265 B	2023-03-07	2024-04-03
Pretty URL blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 16:34:55 Last Seen2024-04-03 06:33:17 Times Seen425 Hash fba27f31e4e9d8b289492f2b860c88bf d96931f79cad01f3243dbff8ff9a869377367457 e7342621a7cf816200c668419e0c97d9660d7cc2bd00cfb3989143b50832bb99 Loading...

	cdn.s.id/app/p_230516ddcb39/blog/_next/static/chunks/main-ae57ee9c17c390d0.js	93 kB	2023-05-03	2023-07-03
Pretty URL cdn.s.id/app/p_230516ddcb39/blog/_next/static/chunks/main-ae57ee9c17c390d0.js IP 52.85.242.27 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-03 20:55:46 Last Seen2023-07-03 18:21:56 Times Seen272 Hash 1e2fd193041b6a319eb1776ae861be5e a3599fe7ad22029089faf569ce2e66060527fded e5da21f851857a02fb23a30c384c45585a17a6aa89cd3957ae10c678a24b9648 Loading...

	cdn.s.id/app/p_230516ddcb39/blog/_next/static/chunks/852-69ae09fb27796202.js	16 kB	2023-05-16	2023-05-17
Pretty URL cdn.s.id/app/p_230516ddcb39/blog/_next/static/chunks/852-69ae09fb27796202.js IP 52.85.242.27 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-16 22:25:38 Last Seen2023-05-17 02:25:49 Times Seen8 Hash 8b4f7660397c4f1f74699a6b8ce6d804 c503c28b8d511b1c8698aeb4d305444bc56fe3a7 37374beb2f523c25668b5d18fd59f3e521e6ff4d190dcc725e74687a4a12b1e2 Loading...

	www.googletagmanager.com/gtag/js?id=G-GJLS9JMJCK	225 kB	2023-05-17	2023-05-17
Pretty URL www.googletagmanager.com/gtag/js?id=G-GJLS9JMJCK IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-17 02:25:48 Last Seen2023-05-17 02:25:48 Times Seen2 Hash 0f376f2f78c33e408fb5285b86b469bf 01527676ab189fdcad95fb1c8651582893ed3150 8c720f17112739cf0decf1f6a663d2fc365af127e62babed86055bb02b985df4 Loading...

	static.zdassets.com/web_widget/latest/web-widget-framework-4156df7a230d696d9dfa.js	167 kB	2023-05-05	2023-05-21
Pretty URL static.zdassets.com/web_widget/latest/web-widget-framework-4156df7a230d696d9dfa.js IP 104.18.72.113 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-05 05:20:37 Last Seen2023-05-21 22:01:24 Times Seen414 Hash 8fb65d85b93d5ff05784a92cb5fd6750 5e587d968922ebaf89564f5c396cdcdd5fcaa08e 099bd9867467f5ad904780b6a1c2a93aaa54e869c4ffec16f12878cd9bce907a Loading...

	blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect	250 B	2023-03-07	2024-04-03
Pretty URL blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 16:34:55 Last Seen2024-04-03 06:33:17 Times Seen425 Hash a09918f345473da9d2f47ab9183868c8 210b67093ea8191ac2ad306976309c2cbfcd65ea ded8c2c2e016a529301571dca274c50855566e990281c816b223fd6ad68076c2 Loading...

HTTP Transactions (73)

URL IP Response Size

smkscitranegara.sch.id/tubbb/login.php

103.134.152.1

88 B

URL
smkscitranegara.sch.id/tubbb/login.php
IP
103.134.152.1:0
ASN
#138608 Cloud Host Pte Ltd

File type
HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Size
88 B (88 bytes)
Hash
25f4889425b3c0b7b14fe7149c2575ad
5d096315fa8eba5aaf6d870e034a455914386293
77cf3a26f2ad6fd43cfa593d8d5dcf0c224b25a624e0e2f63e0947d02edf650b

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /tubbb/login.php HTTP/1.1
Host: smkscitranegara.sch.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
x-powered-by: PHP/7.2.34
location: https://s.id/kY66E
content-type: text/html; charset=UTF-8
content-length: 88
content-encoding: br
vary: Accept-Encoding,User-Agent
date: Wed, 17 May 2023 00:25:25 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
X-Firefox-Spdy: h2

s.id/kY66E

188.114.96.1

0 B

URL
s.id/kY66E
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /kY66E HTTP/1.1
Host: s.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Wed, 17 May 2023 00:25:25 GMT
content-length: 0
location: https://home.s.id/forbidden#action
cache-control: private, max-age=30
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k7mF5iirA0gmpmAthNde1Jg7HnQsCgYoMHn332OuxxvJ0wb4UIXPMkVzKoSc7S%2B6%2B6csWiJIqvP6Kgvzi90nRBd%2BJFM98ulmSX11DDijnpMpHHttbUrI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7c87b91bafc6b50b-OSL
X-Firefox-Spdy: h2

smkscitranegara.sch.id/

103.134.152.1

706 B

URL
smkscitranegara.sch.id/
IP
103.134.152.1:0
ASN
#138608 Cloud Host Pte Ltd

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size
706 B (706 bytes)
Hash
67f3a5933c17b3ab044826d3927d0ba9
5957076d09bacaa6db8ddc832b4fd87ed8f05f8a
97e800f4836b7030dd58fe6296294b7ff5ef1b5eb0e88353f230ea1608d2bb64

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: smkscitranegara.sch.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Content-Type: text/html
Content-Length: 706
Date: Wed, 17 May 2023 00:25:26 GMT
Server: LiteSpeed
Location: https://smkscitranegara.sch.id/

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
28cd6a035ac0aaa402ac7ccbb2f4adf9
2b7e3fafc63ab4491a80d78a9e8a912913985916
bf57059bd2bb56d2796f005ca744dd7d687460310a279ea7920177202c0ef149

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 17 May 2023 00:25:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
28cd6a035ac0aaa402ac7ccbb2f4adf9
2b7e3fafc63ab4491a80d78a9e8a912913985916
bf57059bd2bb56d2796f005ca744dd7d687460310a279ea7920177202c0ef149

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 17 May 2023 00:25:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

cdn.s.id/app/p_230516ddcb39/user/_next/static/YDcmPW1Bo_Nx80uFgJhly/_buildManifest.js

52.85.242.27

10 kB

URL
cdn.s.id/app/p_230516ddcb39/user/_next/static/YDcmPW1Bo_Nx80uFgJhly/_buildManifest.js
IP
52.85.242.27:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (10149), with no line terminators
Size
10 kB (10149 bytes)
Hash
064afb17b7fc1ff7f7969915c1a5b146
9c51d477643e36bb1f82f8f8f2e43a63477794de
81c244e65debbccf38a5731b0bc4ec43fdea6a7a81913b0de3166c1384844e08

HTTP Headers

GET /app/p_230516ddcb39/user/_next/static/YDcmPW1Bo_Nx80uFgJhly/_buildManifest.js HTTP/1.1
Host: cdn.s.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://home.s.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-length: 10149
date: Tue, 16 May 2023 10:40:32 GMT
last-modified: Tue, 16 May 2023 10:27:03 GMT
etag: "064afb17b7fc1ff7f7969915c1a5b146"
x-amz-server-side-encryption: AES256
cache-control: immutable,max-age=31536000,public
content-encoding: utf-8
x-amz-version-id: qaapqQvvLQkxPszPdGWCcb0fHVRxNgAb
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 ffa40c4091d11859ad05cf9748508c58.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: 3WnBxvwiG5LInqYhJmnXV8kFwkbqN5VYuCA0BP94F1E3g6bRiM8HPg==
age: 49495
vary: Origin
X-Firefox-Spdy: h2

cdn.s.id/app/p_230516ddcb39/user/_next/static/YDcmPW1Bo_Nx80uFgJhly/_ssgManifest.js

52.85.242.27

91 B

URL
cdn.s.id/app/p_230516ddcb39/user/_next/static/YDcmPW1Bo_Nx80uFgJhly/_ssgManifest.js
IP
52.85.242.27:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
91 B (91 bytes)
Hash
5ce0d2713404bd05c9502cc490488dca
552f4970f95812a42a366cf0752db5c4c4218236
ddeea69d5116852145775870dab4d86b4e909e7a02c03465efaa67d5b0f744be

HTTP Headers

GET /app/p_230516ddcb39/user/_next/static/YDcmPW1Bo_Nx80uFgJhly/_ssgManifest.js HTTP/1.1
Host: cdn.s.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://home.s.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-length: 91
date: Tue, 16 May 2023 10:40:32 GMT
last-modified: Tue, 16 May 2023 10:27:03 GMT
etag: "5ce0d2713404bd05c9502cc490488dca"
x-amz-server-side-encryption: AES256
cache-control: immutable,max-age=31536000,public
content-encoding: utf-8
x-amz-version-id: R0VG713BkacWSfjkcOMWkDbfXuIEMPup
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 ffa40c4091d11859ad05cf9748508c58.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: hhQzafB8Iq0aJFsVjUXiBwjzHA_nfYvee0w2pwTUQvYVDIQ6enrLDw==
age: 49495
vary: Origin
X-Firefox-Spdy: h2

cdn.s.id/app/p_230516ddcb39/user/images/sid-logo-new-light.svg

52.85.242.27

3.9 kB

URL
cdn.s.id/app/p_230516ddcb39/user/images/sid-logo-new-light.svg
IP
52.85.242.27:0
ASN
#16509 AMAZON-02

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
3.9 kB (3904 bytes)
Hash
b3e9be8f1d6a2b7f3f961c636bd7a812
206229a9f6dba2f2aad30dde2ae671a7ae740027
1af5eacc5472d595046d8320feb556463d66ca3711b5fc2e6449e5cc49cd167f

HTTP Headers

GET /app/p_230516ddcb39/user/images/sid-logo-new-light.svg HTTP/1.1
Host: cdn.s.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://home.s.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 3904
date: Tue, 16 May 2023 10:40:32 GMT
last-modified: Tue, 16 May 2023 10:27:04 GMT
etag: "b3e9be8f1d6a2b7f3f961c636bd7a812"
x-amz-server-side-encryption: AES256
cache-control: immutable,max-age=31536000,public
content-encoding: utf-8
x-amz-version-id: zh5H1MWMdNe8Dqx4cK0t56OXU34T7oC8
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 ffa40c4091d11859ad05cf9748508c58.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: KVydMfTmTOnW9XCkA3lTIM_RSfjsRlj45Q-8m2ROH_CIzUDBzgslQg==
age: 49495
vary: Origin
X-Firefox-Spdy: h2

cdn.s.id/app/p_230516ddcb39/user/_next/static/chunks/pages/forbidden-8ba2f2f9e8409d0b.js

52.85.242.27

3.5 kB

URL
cdn.s.id/app/p_230516ddcb39/user/_next/static/chunks/pages/forbidden-8ba2f2f9e8409d0b.js
IP
52.85.242.27:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (3510), with no line terminators
Size
3.5 kB (3510 bytes)
Hash
afd3c6c27ec597ea1eae60f8f4788255
cfcac0bba9d401fb7cd13e1d83023ec45f48117e
66e5b55d86c0f08fd4f4eb1b255e67e92e26350c35f70279884ac043117e5825

HTTP Headers

GET /app/p_230516ddcb39/user/_next/static/chunks/pages/forbidden-8ba2f2f9e8409d0b.js HTTP/1.1
Host: cdn.s.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://home.s.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
content-length: 3510
date: Tue, 16 May 2023 10:40:32 GMT
last-modified: Tue, 16 May 2023 10:27:03 GMT
etag: "afd3c6c27ec597ea1eae60f8f4788255"
x-amz-server-side-encryption: AES256
cache-control: immutable,max-age=31536000,public
content-encoding: utf-8
x-amz-version-id: kOCCMfFRnFcx46LrG2FZfVDMr.5sgqTV
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 ffa40c4091d11859ad05cf9748508c58.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: fdbpQ18mmoj_Bgc6hVP4kAuWNwgCvSdlHnqQ-fzM3WVbIdNV7ovTRA==
age: 49495
vary: Origin
X-Firefox-Spdy: h2

cdn.s.id/app/p_230516ddcb39/user/images/errors/403.svg

52.85.242.27

4.4 kB

URL
cdn.s.id/app/p_230516ddcb39/user/images/errors/403.svg
IP
52.85.242.27:0
ASN
#16509 AMAZON-02

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (532)
Size
4.4 kB (4406 bytes)
Hash
a6f7dffd03977a861d575b73f92240c8
33186c93e96f9a6e2370ac1a21551a9d7bfcc802
92c39b5c986c8a9c713d77081a0272187a847c57192fe03fc152d25fc4c35668

HTTP Headers

GET /app/p_230516ddcb39/user/images/errors/403.svg HTTP/1.1
Host: cdn.s.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://home.s.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 4406
date: Tue, 16 May 2023 10:40:32 GMT
last-modified: Tue, 16 May 2023 10:27:04 GMT
etag: "a6f7dffd03977a861d575b73f92240c8"
x-amz-server-side-encryption: AES256
cache-control: immutable,max-age=31536000,public
content-encoding: utf-8
x-amz-version-id: hfXd5fkWxF7nJ1ys.xkaLRAZl5_K59tf
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 ffa40c4091d11859ad05cf9748508c58.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: XofOvoqQ0qpgoUSEA17hGgcbwqJ4klJN_vr_Dt9-V1wqu0tkhEHkVw==
age: 49495
vary: Origin
X-Firefox-Spdy: h2

cdn.s.id/app/p_230516ddcb39/user/_next/static/css/2d56158dcbc03b88.css

52.85.242.27

121 kB

URL
cdn.s.id/app/p_230516ddcb39/user/_next/static/css/2d56158dcbc03b88.css
IP
52.85.242.27:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (65453)
Size
121 kB (120595 bytes)
Hash
1d7a22dd846c8506cc6afc60909bc0b9
5f29fadca441fd2e726c0d9ebf25a3c0076098e8
d9100262f02b0cc0387f7604acb34d54aad1cb9d47e6a6c4b4967e3e21a6ca82

HTTP Headers

GET /app/p_230516ddcb39/user/_next/static/css/2d56158dcbc03b88.css HTTP/1.1
Host: cdn.s.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://home.s.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css
content-length: 120595
date: Tue, 16 May 2023 10:40:32 GMT
last-modified: Tue, 16 May 2023 10:27:03 GMT
etag: "1d7a22dd846c8506cc6afc60909bc0b9"
x-amz-server-side-encryption: AES256
cache-control: immutable,max-age=31536000,public
content-encoding: utf-8
x-amz-version-id: MTOAI2xR4DEmktzMjxXofD7i0DFxh_1t
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 ffa40c4091d11859ad05cf9748508c58.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: Y-JplFcjRD60bGK9EjHcftaL3afgc-gvyWVyHUl54OvHxbURxBLBcQ==
age: 49495
vary: Origin
X-Firefox-Spdy: h2

cdn.s.id/app/p_230516ddcb39/user/_next/static/chunks/webpack-2f3689e7b4b29a33.js

52.85.242.27

5.6 kB

URL
cdn.s.id/app/p_230516ddcb39/user/_next/static/chunks/webpack-2f3689e7b4b29a33.js
IP
52.85.242.27:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (5598), with no line terminators
Size
5.6 kB (5598 bytes)
Hash
584194a47dd64b5889c4c4bc4b5fe1ad
41de45e1eaaab5b3e46b980609d7f1f74c840d6b
e18c03b0cf56b22202f4a1678a26600f26d723e6929b82a9ce4f55ebb9e6dd8c

HTTP Headers

GET /app/p_230516ddcb39/user/_next/static/chunks/webpack-2f3689e7b4b29a33.js HTTP/1.1
Host: cdn.s.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://home.s.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
content-length: 5598
date: Tue, 16 May 2023 10:40:32 GMT
last-modified: Tue, 16 May 2023 10:27:03 GMT
etag: "584194a47dd64b5889c4c4bc4b5fe1ad"
x-amz-server-side-encryption: AES256
cache-control: immutable,max-age=31536000,public
content-encoding: utf-8
x-amz-version-id: wb5Q_d3g8h0Zgqd81ZekqXX16oeykyuo
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 ffa40c4091d11859ad05cf9748508c58.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: vi_EPnBVmZ9Xyg_Pe7Ox2OxfSVhcQwIXv-vHRkhzPcNrUnfo3nHndA==
age: 49495
vary: Origin
X-Firefox-Spdy: h2

cdn.s.id/app/p_230516ddcb39/user/_next/static/chunks/framework-0203d16360ddbf38.js

52.85.242.27

141 kB

URL
cdn.s.id/app/p_230516ddcb39/user/_next/static/chunks/framework-0203d16360ddbf38.js
IP
52.85.242.27:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (65200)
Size
141 kB (141073 bytes)
Hash
283b599b9087f3bd0b5c7388146fd178
d92b8e5f84d3bee2817767dfd2635d3f14d8102e
dffb777aa00ce1479132f8dbacb4a9446cea81d9fce5c2df882506a8c4c93122

HTTP Headers

GET /app/p_230516ddcb39/user/_next/static/chunks/framework-0203d16360ddbf38.js HTTP/1.1
Host: cdn.s.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://home.s.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
content-length: 141073
date: Tue, 16 May 2023 10:40:32 GMT
last-modified: Tue, 16 May 2023 10:27:03 GMT
etag: "283b599b9087f3bd0b5c7388146fd178"
x-amz-server-side-encryption: AES256
cache-control: immutable,max-age=31536000,public
content-encoding: utf-8
x-amz-version-id: XQ2LJi7HT46v8YWGk92LLDWJoVe_w9VQ
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 ffa40c4091d11859ad05cf9748508c58.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: 3bA_U_Yuh-IbznKNkBdfZQhNqjyhnHZ1IjMgNj-23WakVWXCSt5rpw==
age: 49495
vary: Origin
X-Firefox-Spdy: h2

cdn.s.id/app/p_230516ddcb39/user/_next/static/chunks/main-84504437487b53da.js

52.85.242.27

93 kB

URL
cdn.s.id/app/p_230516ddcb39/user/_next/static/chunks/main-84504437487b53da.js
IP
52.85.242.27:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (65536), with no line terminators
Size
93 kB (93359 bytes)
Hash
047faf5eef01a98108ec7e707d6c0a4c
5f07551bda7e2688741d2bc3248d2ea4cbbd612e
98a14d0ac05f3daa1edf06f4b1ed451a24dcf34c2af67f8377db3e19e376d646

HTTP Headers

GET /app/p_230516ddcb39/user/_next/static/chunks/main-84504437487b53da.js HTTP/1.1
Host: cdn.s.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://home.s.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
content-length: 93359
date: Tue, 16 May 2023 10:40:32 GMT
last-modified: Tue, 16 May 2023 10:27:03 GMT
etag: "047faf5eef01a98108ec7e707d6c0a4c"
x-amz-server-side-encryption: AES256
cache-control: immutable,max-age=31536000,public
content-encoding: utf-8
x-amz-version-id: Lf_d8pxI1s2R3ATrfmg1eLE4odPUClKK
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 ffa40c4091d11859ad05cf9748508c58.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: -4ZVHUldesUJsY5Ht6SerjroFzoGctLmkZuIjdoceKblHaYkdJMe8A==
age: 49495
vary: Origin
X-Firefox-Spdy: h2

cdn.s.id/app/p_230516ddcb39/user/_next/static/chunks/pages/_app-11970c27be5abea0.js

52.85.242.27

310 kB

URL
cdn.s.id/app/p_230516ddcb39/user/_next/static/chunks/pages/_app-11970c27be5abea0.js
IP
52.85.242.27:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (65536), with no line terminators
Size
310 kB (309657 bytes)
Hash
374890c8586c3684ea520e9864c8f6ca
86f8081fb17b61d2747518c125d7de894e7e3ce3
070071db36d7dd13cc6754762ee8b0b5a1720969cd5d3607e59f0c904dda4357

HTTP Headers

GET /app/p_230516ddcb39/user/_next/static/chunks/pages/_app-11970c27be5abea0.js HTTP/1.1
Host: cdn.s.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://home.s.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
content-length: 309657
date: Tue, 16 May 2023 10:40:32 GMT
last-modified: Tue, 16 May 2023 10:27:03 GMT
etag: "374890c8586c3684ea520e9864c8f6ca"
x-amz-server-side-encryption: AES256
cache-control: immutable,max-age=31536000,public
content-encoding: utf-8
x-amz-version-id: 0BajmFjmFVFOdHe2Y3aVzQqOUfM23585
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 ffa40c4091d11859ad05cf9748508c58.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: OPI1r4Zs4r7uM_eEDiNVFXh3csUFcjNocki4caEVC3SiD8P88SVmRg==
age: 49495
vary: Origin
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
28cd6a035ac0aaa402ac7ccbb2f4adf9
2b7e3fafc63ab4491a80d78a9e8a912913985916
bf57059bd2bb56d2796f005ca744dd7d687460310a279ea7920177202c0ef149

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 17 May 2023 00:25:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
4e8b3f6b8b295025bd61a839c02cc86b
6f7e0f94def3ab3598b7ca28b55ffbea70eb8af7
929a7fcc996f372faa8a61c673ab30a3c85f8962105c994a1d065bda5720f6b0

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 17 May 2023 00:25:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
daf44651dca329d9a576303f0a0783f2
ce233153a6600e7a8b1330cc6794f25073ba1e8e
769d8ba92c3d92b10e7855b0b32d74509f4b61c265032b9b3155018c4130b00a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 17 May 2023 00:25:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

216.58.207.227

31 kB

URL
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Size
31 kB (30928 bytes)
Hash
ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

HTTP Headers

GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://home.s.id
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 10 May 2023 19:27:09 GMT
expires: Thu, 09 May 2024 19:27:09 GMT
cache-control: public, max-age=31536000
age: 536297
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

216.58.207.227

31 kB

URL
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Size
31 kB (30928 bytes)
Hash
ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

HTTP Headers

GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://home.s.id
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 10 May 2023 19:27:09 GMT
expires: Thu, 09 May 2024 19:27:09 GMT
cache-control: public, max-age=31536000
age: 536297
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
4e8b3f6b8b295025bd61a839c02cc86b
6f7e0f94def3ab3598b7ca28b55ffbea70eb8af7
929a7fcc996f372faa8a61c673ab30a3c85f8962105c994a1d065bda5720f6b0

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 17 May 2023 00:25:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
fd3341f7b6673eb3e52806a03abf4bee
fde975eb3b07b223a65f976745342cf39893ccbf
aa5b45741860612affa295f05d1729266933bd78094d227a10e0faca1d336739

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 17 May 2023 00:25:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

static.zdassets.com/ekr/snippet.js?key=4b27aa03-d3da-43eb-8382-660c054fbc9d

104.18.72.113

6.9 kB

URL
static.zdassets.com/ekr/snippet.js?key=4b27aa03-d3da-43eb-8382-660c054fbc9d
IP
104.18.72.113:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (24203), with no line terminators
Size
6.9 kB (6924 bytes)
Hash
9ce7e23b1a5cf89ecf9e795e0ccb61b4
d3c8c1151af2925bb8e1a8f1d1b679ae31285189
622be2eb8ef5825d74867a56c04c9274812a7276da1f7bd218401deb24fdc045

HTTP Headers

GET /ekr/snippet.js?key=4b27aa03-d3da-43eb-8382-660c054fbc9d HTTP/1.1
Host: static.zdassets.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://home.s.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 17 May 2023 00:25:26 GMT
content-type: application/javascript
x-amz-id-2: NJE7m1ytiUXhKN4LIVjfMoU1Q7kysbfpxRordgt4ZmRpv5yUOTYGq9n7/khhH87D9W8VcgWYTUoy24B9kthQtg==
x-amz-request-id: Q6B2N48HBB8X1MDN
x-amz-replication-status: COMPLETED
last-modified: Sun, 14 May 2023 23:22:32 GMT
etag: W/"9ce7e23b1a5cf89ecf9e795e0ccb61b4"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=3600, s-maxage=60
x-amz-version-id: h_C7R95D6YonGiyqdlKE7XDlNtmjvPl8
cf-cache-status: HIT
age: 27
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uTEdX79eQYOgBBZMkuN9QFr0Bc%2BvLAEdU7f36cexjlLOuBWlRpKktXZWtknnSqnqec%2B85GT8fub8TnTYwNRV%2Bv0AGzVWoWEKIVHgT74bYoFehbhjxKmoZjhwpqpfRJjLF0Ib4nQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 7c87b9268b98b527-OSL
content-encoding: br
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
e8fdea25bc2323a470a121a0b3b54f59
f42b557a65a26301f10ea977216834c27e4483d1
1d5120c898280ce8d8ea669ff7f0c48b99446f83174f1164844caec151fbcbcd

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 17 May 2023 00:25:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.googletagmanager.com/gtag/js?id=G-LJQ0V44EV5

142.250.74.168

80 kB

URL
www.googletagmanager.com/gtag/js?id=G-LJQ0V44EV5
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (3288)
Size
80 kB (79530 bytes)
Hash
60625e4695da89279c15e05762f4ee39
5e105c9f59b6ab1f58dd0354ebfb08001d8dfc9a
cf7828d42b309a3ecfceb3017bbdf6813d1af9e9c600b33174b6dd83ee199263

HTTP Headers

GET /gtag/js?id=G-LJQ0V44EV5 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://home.s.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 17 May 2023 00:25:26 GMT
expires: Wed, 17 May 2023 00:25:26 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 79530
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=AW-10823601447

142.250.74.168

71 kB

URL
www.googletagmanager.com/gtag/js?id=AW-10823601447
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (4372)
Size
71 kB (70869 bytes)
Hash
95d24d92e36cdd250406d1b35edb47a1
c601414f139036dad66b530a4f88fcb0783c1b19
76a2d9707f9d7bb2d73ef9296192ba4662a316f83ceb6a65e58249061b265ef6

HTTP Headers

GET /gtag/js?id=AW-10823601447 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://home.s.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 17 May 2023 00:25:26 GMT
expires: Wed, 17 May 2023 00:25:26 GMT
cache-control: private, max-age=900
last-modified: Wed, 17 May 2023 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 70869
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=G-98MWVCBDD7

142.250.74.168

80 kB

URL
www.googletagmanager.com/gtag/js?id=G-98MWVCBDD7
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (3288)
Size
80 kB (80169 bytes)
Hash
f79d0862217a55770ec73fd774a65501
5d59dab651222a678bd3778cb34f2faf1fc9633a
dde5efe5296abc6bd904f26367ec188e1a9ddc21191b3b5a3129a2647e9b7e50

HTTP Headers

GET /gtag/js?id=G-98MWVCBDD7 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://home.s.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 17 May 2023 00:25:26 GMT
expires: Wed, 17 May 2023 00:25:26 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 80169
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
e8fdea25bc2323a470a121a0b3b54f59
f42b557a65a26301f10ea977216834c27e4483d1
1d5120c898280ce8d8ea669ff7f0c48b99446f83174f1164844caec151fbcbcd

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 17 May 2023 00:25:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.googletagmanager.com/gtag/js?id=UA-225238330-2&l=dataLayer&cx=c

142.250.74.168

46 kB

URL
www.googletagmanager.com/gtag/js?id=UA-225238330-2&l=dataLayer&cx=c
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (2271)
Size
46 kB (46261 bytes)
Hash
d94d2734fe65d3b3ef1d1134db1ed987
03fba64398fca68b1d3875426de425f638477345
18500cb828e996e04bbc07c388743e82b80beede290737cfc9f17cffd2a38a84

HTTP Headers

GET /gtag/js?id=UA-225238330-2&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://home.s.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 17 May 2023 00:25:27 GMT
expires: Wed, 17 May 2023 00:25:27 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 46261
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.googletagmanager.com/gtag/js?id=G-98MWVCBDD7&l=dataLayer&cx=c

142.250.74.168

80 kB

URL
www.googletagmanager.com/gtag/js?id=G-98MWVCBDD7&l=dataLayer&cx=c
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (3288)
Size
80 kB (80203 bytes)
Hash
610ed1d2c20c9f0cdc6edaf0f45ccdbf
6dc6e727c85ea6571a01cf5901cd823fcf207273
7ad4ca3f1f4b58b9b31cadd1fec0d69144127716cd92b89694c2f9f71589b31b

HTTP Headers

GET /gtag/js?id=G-98MWVCBDD7&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://home.s.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 17 May 2023 00:25:27 GMT
expires: Wed, 17 May 2023 00:25:27 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 80203
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.googletagmanager.com/gtag/js?id=AW-10823601447&l=dataLayer&cx=c

142.250.74.168

71 kB

URL
www.googletagmanager.com/gtag/js?id=AW-10823601447&l=dataLayer&cx=c
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (4372)
Size
71 kB (70926 bytes)
Hash
c03b79e5bea548840b789d39f8a5997e
e41bb6d84330019b52797f77c4ab00ae3ba3ead3
226fbb698dc77179120ce7559d3cb5d78fdb8f307f111a80249100effeaecb8d

HTTP Headers

GET /gtag/js?id=AW-10823601447&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://home.s.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 17 May 2023 00:25:27 GMT
expires: Wed, 17 May 2023 00:25:27 GMT
cache-control: private, max-age=900
last-modified: Wed, 17 May 2023 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 70926
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

static.zdassets.com/web_widget/latest/web-widget-framework-4156df7a230d696d9dfa.js

104.18.72.113

200 OK

52 kB

URL GET HTTP/2
static.zdassets.com/web_widget/latest/web-widget-framework-4156df7a230d696d9dfa.js
IP
104.18.72.113:443
ASN
#13335 CLOUDFLARENET

Requested by
https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect
Certificate
IssuerCloudflare, Inc.
Subjectzdassets.com
Fingerprint8A:25:1A:C6:2D:0B:57:20:0E:AC:67:73:C0:21:62:12:0D:EA:56:28
ValidityThu, 10 Nov 2022 00:00:00 GMT - Thu, 09 Nov 2023 23:59:59 GMT

File type
Unicode text, UTF-8 text, with very long lines (65535), with no line terminators
Size
52 kB (52275 bytes)
Hash
8fb65d85b93d5ff05784a92cb5fd6750
5e587d968922ebaf89564f5c396cdcdd5fcaa08e
099bd9867467f5ad904780b6a1c2a93aaa54e869c4ffec16f12878cd9bce907a

HTTP Headers

GET /web_widget/latest/web-widget-framework-4156df7a230d696d9dfa.js HTTP/1.1
Host: static.zdassets.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 17 May 2023 00:25:27 GMT
content-type: application/javascript; charset=utf-8
x-amz-id-2: QragrPajtgWXI2GSOKNz+36HPUXiDNzgWDUbdUopsGuQKzksAEgLtbYMf9RsvWr4AYE8rzx6WUAUlbFHJWRQAQ==
x-amz-request-id: 4ASD6BC4DB3A1F8V
x-amz-replication-status: COMPLETED
last-modified: Fri, 05 May 2023 01:12:08 GMT
etag: W/"8fb65d85b93d5ff05784a92cb5fd6750"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000
expires: Sat, 04 May 2024 01:12:06 GMT
x-amz-version-id: tWrlWgSWj4y2kCVtosT1irVWDwD.aQlK
cf-cache-status: HIT
age: 443558
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mAqggUnC2t3Rdm85w9QwexFNVpy2djsUH9O4HMux3L2iRSqkJLqVoUY7j360c8R3Mpsq%2BT757e7X5aJeLaqX%2FpiWs9NB%2F8herR8M%2F4%2B1yjix20LiXOYnuQwGbF3s3CCBof7XYt8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 7c87b928dd2db527-OSL
content-encoding: br
X-Firefox-Spdy: h2

app.s.id/api/redirect

45.126.58.78

0 B

URL
app.s.id/api/redirect
IP
45.126.58.78:0
ASN
#132647 Pengelola Nama Domain Internet Indonesia

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /api/redirect HTTP/1.1
Host: app.s.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: ds,x-rpc-lang
Referer: https://home.s.id/
Origin: https://home.s.id
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
date: Wed, 17 May 2023 00:25:27 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://home.s.id
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With, X-RPC-Lang, DS
access-control-allow-methods: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2

app.s.id/api/user/me

45.126.58.78

0 B

URL
app.s.id/api/user/me
IP
45.126.58.78:0
ASN
#132647 Pengelola Nama Domain Internet Indonesia

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /api/user/me HTTP/1.1
Host: app.s.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: ds,x-rpc-lang
Referer: https://home.s.id/
Origin: https://home.s.id
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
date: Wed, 17 May 2023 00:25:27 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://home.s.id
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With, X-RPC-Lang, DS
access-control-allow-methods: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
caa422edff8653ffbdb424ace6ebccd4
a4ffadc5744b65a4db85987b0f15f175ff036c76
49253bd293c141d3f4b527b9bfdb33cd15ae2a6b112f4a611acdf1977710446a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 17 May 2023 00:25:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

smkscitranegara.sch.id/

103.134.152.1

8.1 kB

URL
smkscitranegara.sch.id/
IP
103.134.152.1:0
ASN
#138608 Cloud Host Pte Ltd

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (4079), with CRLF, LF line terminators
Size
8.1 kB (8096 bytes)
Hash
5fa1f3d381269ce3ed26f382cd550ca5
5b85bc83b0af8cc3e6a2b748e444879085124582
28b6d1e9061bf7f003c1359f6c6db7221e6a676455ed504aeddc48418c1c9a00

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: smkscitranegara.sch.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
x-powered-by: PHP/7.2.34
set-cookie: _sessions=1892a494e72cb4336d6ec763f8088cf14f45603d; expires=Wed, 17-May-2023 02:25:27 GMT; Max-Age=7200; path=/; HttpOnly; secure
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
content-encoding: br
vary: Accept-Encoding,User-Agent
date: Wed, 17 May 2023 00:25:27 GMT
server: LiteSpeed
alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
X-Firefox-Spdy: h2

home.s.id/cdn-cgi/rum?

188.114.96.1

204 No Content

0 B

URL POST HTTP/2
home.s.id/cdn-cgi/rum?
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://home.s.id/forbidden#action
Certificate
IssuerGoogle Trust Services LLC
Subjects.id
Fingerprint83:8D:A7:3C:E3:A9:84:19:28:12:27:7D:EF:E9:A2:FE:F8:13:2E:0F
ValiditySun, 16 Apr 2023 06:17:19 GMT - Sat, 15 Jul 2023 06:17:18 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /cdn-cgi/rum? HTTP/1.1
Host: home.s.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/json
Content-Length: 1060
Origin: https://home.s.id
DNT: 1
Connection: keep-alive
Referer: https://home.s.id/forbidden
Cookie: _ga_LJQ0V44EV5=GS1.1.1684283125.1.0.1684283125.0.0.0; _ga=GA1.1.166401575.1684283126; _gcl_au=1.1.1210117226.1684283126; _ga_98MWVCBDD7=GS1.1.1684283125.1.0.1684283125.60.0.0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 204 No Content
date: Wed, 17 May 2023 00:25:27 GMT
access-control-allow-origin: https://home.s.id
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 7c87b92b1963b50b-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
caa422edff8653ffbdb424ace6ebccd4
a4ffadc5744b65a4db85987b0f15f175ff036c76
49253bd293c141d3f4b527b9bfdb33cd15ae2a6b112f4a611acdf1977710446a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 17 May 2023 00:25:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

app.s.id/api/redirect

45.126.58.78

469 B

URL
app.s.id/api/redirect
IP
45.126.58.78:0
ASN
#132647 Pengelola Nama Domain Internet Indonesia

File type
JSON data\012- , ASCII text, with very long lines (469), with no line terminators
Size
469 B (469 bytes)
Hash
a986c42aab43f215b2cff47a241682ad
6d9a0e2cb5cc1d1fbb2be4c07b7a9bd4876a5d0b
81d6ef397a6d125f2e35713f1329b807851d4040b122463c5106c0f97ef34149

HTTP Headers

GET /api/redirect HTTP/1.1
Host: app.s.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-RPC-Lang: en
DS: 1684283125,zcqkos,fd621cb64ef8349e953af6407742d490
Origin: https://home.s.id
DNT: 1
Connection: keep-alive
Referer: https://home.s.id/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 17 May 2023 00:25:27 GMT
content-type: application/json
content-length: 469
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://home.s.id
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With, X-RPC-Lang, DS
access-control-allow-methods: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2

app.s.id/api/user/me

45.126.58.78

58 B

URL
app.s.id/api/user/me
IP
45.126.58.78:0
ASN
#132647 Pengelola Nama Domain Internet Indonesia

File type
JSON data\012- , ASCII text, with no line terminators
Size
58 B (58 bytes)
Hash
dc6337924fcba32afbaef2dc7a71ffcf
1bb7b761c6bf8bc117eddd9525d61844fa676190
4bc6fcf8abb0feb0a50bc17148052beafa7b3ac9aeb9e20ecf183791f6a9c50b

HTTP Headers

GET /api/user/me HTTP/1.1
Host: app.s.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-RPC-Lang: en
DS: 1684283125,zrx2q5,b3c2d2322ded3d449f0a81aedcc7ba7b
Origin: https://home.s.id
DNT: 1
Connection: keep-alive
Referer: https://home.s.id/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 401 Unauthorized
date: Wed, 17 May 2023 00:25:27 GMT
content-type: application/json
content-length: 58
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://home.s.id
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With, X-RPC-Lang, DS
access-control-allow-methods: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
x-ratelimit-limit: 30
x-ratelimit-remaining: 29
x-ratelimit-reset: 15
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2

region1.analytics.google.com/g/collect?v=2&tid=G-98MWVCBDD7&gtm=45je35a0&_p=1668936502&_gaz=1&cid=166401575.1684283126&ul=en-us&sr=1280x1024&_s=1&sid=1684283125&sct=1&seg=0&dl=https%3A%2F%2Fhome.s.id%2Fforbidden&dt=Forbidden%20-%20S.id&en=page_view&_fv=1&_ss=1&_ee=1

216.239.34.36

0 B

URL
region1.analytics.google.com/g/collect?v=2&tid=G-98MWVCBDD7&gtm=45je35a0&_p=1668936502&_gaz=1&cid=166401575.1684283126&ul=en-us&sr=1280x1024&_s=1&sid=1684283125&sct=1&seg=0&dl=https%3A%2F%2Fhome.s.id%2Fforbidden&dt=Forbidden%20-%20S.id&en=page_view&_fv=1&_ss=1&_ee=1
IP
216.239.34.36:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-98MWVCBDD7&gtm=45je35a0&_p=1668936502&_gaz=1&cid=166401575.1684283126&ul=en-us&sr=1280x1024&_s=1&sid=1684283125&sct=1&seg=0&dl=https%3A%2F%2Fhome.s.id%2Fforbidden&dt=Forbidden%20-%20S.id&en=page_view&_fv=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://home.s.id
DNT: 1
Connection: keep-alive
Referer: https://home.s.id/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://home.s.id
date: Wed, 17 May 2023 00:25:27 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

home.s.id/cdn-cgi/rum?

188.114.96.1

204 No Content

0 B

URL POST HTTP/2
home.s.id/cdn-cgi/rum?
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://home.s.id/forbidden#action
Certificate
IssuerGoogle Trust Services LLC
Subjects.id
Fingerprint83:8D:A7:3C:E3:A9:84:19:28:12:27:7D:EF:E9:A2:FE:F8:13:2E:0F
ValiditySun, 16 Apr 2023 06:17:19 GMT - Sat, 15 Jul 2023 06:17:18 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /cdn-cgi/rum? HTTP/1.1
Host: home.s.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 481
Origin: https://home.s.id
DNT: 1
Connection: keep-alive
Referer: https://home.s.id/forbidden
Cookie: _ga_LJQ0V44EV5=GS1.1.1684283125.1.0.1684283125.0.0.0; _ga=GA1.1.166401575.1684283126; _gcl_au=1.1.1210117226.1684283126; _ga_98MWVCBDD7=GS1.1.1684283125.1.0.1684283125.60.0.0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 204 No Content
date: Wed, 17 May 2023 00:25:28 GMT
access-control-allow-origin: https://home.s.id
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 7c87b9336dd4b50b-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2

cdn.s.id/app/p_230516ddcb39/blog/_next/static/css/0ccc702cf5b6f291.css

52.85.242.27

200 OK

722 B

URL GET HTTP/2
cdn.s.id/app/p_230516ddcb39/blog/_next/static/css/0ccc702cf5b6f291.css
IP
52.85.242.27:443
ASN
#16509 AMAZON-02

Requested by
https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect
Certificate
IssuerAmazon
Subjectcdn.s.id
FingerprintFE:A0:2C:D1:AB:F9:CF:31:E4:C9:5A:F7:0F:8A:97:19:7E:04:7F:C3
ValidityTue, 20 Dec 2022 00:00:00 GMT - Thu, 18 Jan 2024 23:59:59 GMT

File type
ASCII text, with very long lines (722), with no line terminators
Size
722 B (722 bytes)
Hash
17b149a5ca6bb2e1b1b6a41e8ed22c17
682c9c9739b50e6219758282952f347b44886d3f
ecf1b45e741c358105ec165c66cc44e962e6dbfe4948ea4a4094791472e03c6d

HTTP Headers

GET /app/p_230516ddcb39/blog/_next/static/css/0ccc702cf5b6f291.css HTTP/1.1
Host: cdn.s.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://blog.s.id/
Cookie: _ga_LJQ0V44EV5=GS1.1.1684283125.1.0.1684283125.0.0.0; _ga=GA1.1.166401575.1684283126; _gcl_au=1.1.1210117226.1684283126; _ga_98MWVCBDD7=GS1.1.1684283125.1.0.1684283125.60.0.0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: text/css
content-length: 722
date: Tue, 16 May 2023 10:53:11 GMT
last-modified: Tue, 16 May 2023 10:27:02 GMT
etag: "17b149a5ca6bb2e1b1b6a41e8ed22c17"
x-amz-server-side-encryption: AES256
cache-control: immutable,max-age=31536000,public
content-encoding: utf-8
x-amz-version-id: .Bh6Q46zvsrrbS5msYWNrnKgjeYTGmI2
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 ffa40c4091d11859ad05cf9748508c58.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: ekn5gWhyQX1TebkGINgVRzSj5EmezGQafdTxUGEwWbc7kswurFZbQg==
age: 48738
vary: Origin
X-Firefox-Spdy: h2

cdn.s.id/app/p_230516ddcb39/blog/_next/static/css/66cff30cd29ae6c0.css

52.85.242.27

200 OK

105 kB

URL GET HTTP/2
cdn.s.id/app/p_230516ddcb39/blog/_next/static/css/66cff30cd29ae6c0.css
IP
52.85.242.27:443
ASN
#16509 AMAZON-02

Requested by
https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect
Certificate
IssuerAmazon
Subjectcdn.s.id
FingerprintFE:A0:2C:D1:AB:F9:CF:31:E4:C9:5A:F7:0F:8A:97:19:7E:04:7F:C3
ValidityTue, 20 Dec 2022 00:00:00 GMT - Thu, 18 Jan 2024 23:59:59 GMT

File type
ASCII text, with very long lines (64935)
Size
105 kB (104811 bytes)
Hash
8ae5e044e2837b5945b6d554e23793b5
cf7923cafaef4fab2991a0b4e701d5194b7ec6c5
77dfcacace23fd01875671db4198b3ade5a6245eb46633b41a35184f19eb139d

HTTP Headers

GET /app/p_230516ddcb39/blog/_next/static/css/66cff30cd29ae6c0.css HTTP/1.1
Host: cdn.s.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://blog.s.id/
Cookie: _ga_LJQ0V44EV5=GS1.1.1684283125.1.0.1684283125.0.0.0; _ga=GA1.1.166401575.1684283126; _gcl_au=1.1.1210117226.1684283126; _ga_98MWVCBDD7=GS1.1.1684283125.1.0.1684283125.60.0.0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: text/css
content-length: 104811
date: Tue, 16 May 2023 10:53:11 GMT
last-modified: Tue, 16 May 2023 10:27:02 GMT
etag: "8ae5e044e2837b5945b6d554e23793b5"
x-amz-server-side-encryption: AES256
cache-control: immutable,max-age=31536000,public
content-encoding: utf-8
x-amz-version-id: iEqEIffY114jmJhoXvZrLBBkWmRZQZMQ
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 ffa40c4091d11859ad05cf9748508c58.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: o_-CrfCcgepygJqC32T7229v_GFuWQfFFDo2S8eLFb57eSpqmoRrJQ==
age: 48738
vary: Origin
X-Firefox-Spdy: h2

cdn.s.id/app/p_230516ddcb39/blog/_next/static/chunks/webpack-a5376f837a525437.js

52.85.242.27

200 OK

2.1 kB

URL GET HTTP/2
cdn.s.id/app/p_230516ddcb39/blog/_next/static/chunks/webpack-a5376f837a525437.js
IP
52.85.242.27:443
ASN
#16509 AMAZON-02

Requested by
https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect
Certificate
IssuerAmazon
Subjectcdn.s.id
FingerprintFE:A0:2C:D1:AB:F9:CF:31:E4:C9:5A:F7:0F:8A:97:19:7E:04:7F:C3
ValidityTue, 20 Dec 2022 00:00:00 GMT - Thu, 18 Jan 2024 23:59:59 GMT

File type
ASCII text, with very long lines (2140), with no line terminators
Size
2.1 kB (2140 bytes)
Hash
bcc9250b45e2c378d17f822f0a31c2a8
76b0bdcc4545517b470ebaa8de601e3fa8f71ebc
0a6d2557a2e94d730f25db042254968c5e3004d6c2c9d2dd990b6aaaa9a89a5c

HTTP Headers

GET /app/p_230516ddcb39/blog/_next/static/chunks/webpack-a5376f837a525437.js HTTP/1.1
Host: cdn.s.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://blog.s.id/
Cookie: _ga_LJQ0V44EV5=GS1.1.1684283125.1.0.1684283125.0.0.0; _ga=GA1.1.166401575.1684283126; _gcl_au=1.1.1210117226.1684283126; _ga_98MWVCBDD7=GS1.1.1684283125.1.0.1684283125.60.0.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-length: 2140
date: Tue, 16 May 2023 10:53:11 GMT
last-modified: Tue, 16 May 2023 10:27:02 GMT
etag: "bcc9250b45e2c378d17f822f0a31c2a8"
x-amz-server-side-encryption: AES256
cache-control: immutable,max-age=31536000,public
content-encoding: utf-8
x-amz-version-id: Y7uOZ8ONz2Im93M5p3tjDVqMsxsjAj5C
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 ffa40c4091d11859ad05cf9748508c58.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: tGsr3e6vccAAuiFi3___5oBTSEek7scc753rOPSukEhtoybKg3ngyQ==
age: 48738
vary: Origin
X-Firefox-Spdy: h2

cdn.s.id/app/p_230516ddcb39/blog/_next/static/chunks/framework-2647c7e378e02044.js

52.85.242.27

200 OK

141 kB

URL GET HTTP/2
cdn.s.id/app/p_230516ddcb39/blog/_next/static/chunks/framework-2647c7e378e02044.js
IP
52.85.242.27:443
ASN
#16509 AMAZON-02

Requested by
https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect
Certificate
IssuerAmazon
Subjectcdn.s.id
FingerprintFE:A0:2C:D1:AB:F9:CF:31:E4:C9:5A:F7:0F:8A:97:19:7E:04:7F:C3
ValidityTue, 20 Dec 2022 00:00:00 GMT - Thu, 18 Jan 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65202)
Size
141 kB (141057 bytes)
Hash
1639a143b632bdca2ff0b6a30c784aeb
d64cbc59de02eddaaa1e5f361f6927b8c1c0d712
df6ff92ab9484674635dab18aa6d97d4bdea7d26fffc3c53fc890c218e23ff7e

HTTP Headers

GET /app/p_230516ddcb39/blog/_next/static/chunks/framework-2647c7e378e02044.js HTTP/1.1
Host: cdn.s.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://blog.s.id/
Cookie: _ga_LJQ0V44EV5=GS1.1.1684283125.1.0.1684283125.0.0.0; _ga=GA1.1.166401575.1684283126; _gcl_au=1.1.1210117226.1684283126; _ga_98MWVCBDD7=GS1.1.1684283125.1.0.1684283125.60.0.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-length: 141057
date: Tue, 16 May 2023 10:53:11 GMT
last-modified: Tue, 16 May 2023 10:27:02 GMT
etag: "1639a143b632bdca2ff0b6a30c784aeb"
x-amz-server-side-encryption: AES256
cache-control: immutable,max-age=31536000,public
content-encoding: utf-8
x-amz-version-id: uQj9xNRewTXaXiQUbKdk5DNyAcFsQ6Bi
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 ffa40c4091d11859ad05cf9748508c58.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: PeAW9h7ESa3oP1f19ScGde6syd41GSvR2wlbncDyKP77hkwx9BB1EQ==
age: 48738
vary: Origin
X-Firefox-Spdy: h2

cdn.s.id/app/p_230516ddcb39/blog/_next/static/chunks/main-ae57ee9c17c390d0.js

52.85.242.27

200 OK

93 kB

URL GET HTTP/2
cdn.s.id/app/p_230516ddcb39/blog/_next/static/chunks/main-ae57ee9c17c390d0.js
IP
52.85.242.27:443
ASN
#16509 AMAZON-02

Requested by
https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect
Certificate
IssuerAmazon
Subjectcdn.s.id
FingerprintFE:A0:2C:D1:AB:F9:CF:31:E4:C9:5A:F7:0F:8A:97:19:7E:04:7F:C3
ValidityTue, 20 Dec 2022 00:00:00 GMT - Thu, 18 Jan 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
93 kB (93058 bytes)
Hash
1e2fd193041b6a319eb1776ae861be5e
a3599fe7ad22029089faf569ce2e66060527fded
e5da21f851857a02fb23a30c384c45585a17a6aa89cd3957ae10c678a24b9648

HTTP Headers

GET /app/p_230516ddcb39/blog/_next/static/chunks/main-ae57ee9c17c390d0.js HTTP/1.1
Host: cdn.s.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://blog.s.id/
Cookie: _ga_LJQ0V44EV5=GS1.1.1684283125.1.0.1684283125.0.0.0; _ga=GA1.1.166401575.1684283126; _gcl_au=1.1.1210117226.1684283126; _ga_98MWVCBDD7=GS1.1.1684283125.1.0.1684283125.60.0.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-length: 93058
date: Tue, 16 May 2023 10:53:11 GMT
last-modified: Tue, 16 May 2023 10:27:02 GMT
etag: "1e2fd193041b6a319eb1776ae861be5e"
x-amz-server-side-encryption: AES256
cache-control: immutable,max-age=31536000,public
content-encoding: utf-8
x-amz-version-id: 7Q_I2lUoalRYhk2Rmq4T0yMor3e9db2y
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 ffa40c4091d11859ad05cf9748508c58.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: EWYGTqQHSMKAXSfLT_RhfzCOf9J4EAd6yGUGN8MRXkhzO-Ejbnxosg==
age: 48738
vary: Origin
X-Firefox-Spdy: h2

cdn.s.id/app/p_230516ddcb39/blog/_next/static/chunks/pages/_app-3a80ef9e4649f53f.js

52.85.242.27

200 OK

154 kB

URL GET HTTP/2
cdn.s.id/app/p_230516ddcb39/blog/_next/static/chunks/pages/_app-3a80ef9e4649f53f.js
IP
52.85.242.27:443
ASN
#16509 AMAZON-02

Requested by
https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect
Certificate
IssuerAmazon
Subjectcdn.s.id
FingerprintFE:A0:2C:D1:AB:F9:CF:31:E4:C9:5A:F7:0F:8A:97:19:7E:04:7F:C3
ValidityTue, 20 Dec 2022 00:00:00 GMT - Thu, 18 Jan 2024 23:59:59 GMT

File type
Unicode text, UTF-8 text, with very long lines (65532), with no line terminators
Size
154 kB (153949 bytes)
Hash
7adb6bac7820e586b4910fecff4292e0
49838416e172abfa296f1fa1735a24589cafc7dd
03a62c1f709c2599dc273a893045e95214810ae74782c01d5121a371d59c9026

HTTP Headers

GET /app/p_230516ddcb39/blog/_next/static/chunks/pages/_app-3a80ef9e4649f53f.js HTTP/1.1
Host: cdn.s.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://blog.s.id/
Cookie: _ga_LJQ0V44EV5=GS1.1.1684283125.1.0.1684283125.0.0.0; _ga=GA1.1.166401575.1684283126; _gcl_au=1.1.1210117226.1684283126; _ga_98MWVCBDD7=GS1.1.1684283125.1.0.1684283125.60.0.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-length: 153949
date: Tue, 16 May 2023 10:53:11 GMT
last-modified: Tue, 16 May 2023 10:27:02 GMT
etag: "7adb6bac7820e586b4910fecff4292e0"
x-amz-server-side-encryption: AES256
cache-control: immutable,max-age=31536000,public
content-encoding: utf-8
x-amz-version-id: WQFKLJRac9oRP1XbyYus1J6.f1RVz3Oi
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 ffa40c4091d11859ad05cf9748508c58.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: cMrqWKk_WcxavlZV7ELQKHyujDGjUPeS2Aq5ljLloahWViRcui_RDw==
age: 48738
vary: Origin
X-Firefox-Spdy: h2

cdn.s.id/app/p_230516ddcb39/blog/_next/static/chunks/9849d5b5-45be35bd4b4157cd.js

52.85.242.27

200 OK

2.7 kB

URL GET HTTP/2
cdn.s.id/app/p_230516ddcb39/blog/_next/static/chunks/9849d5b5-45be35bd4b4157cd.js
IP
52.85.242.27:443
ASN
#16509 AMAZON-02

Requested by
https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect
Certificate
IssuerAmazon
Subjectcdn.s.id
FingerprintFE:A0:2C:D1:AB:F9:CF:31:E4:C9:5A:F7:0F:8A:97:19:7E:04:7F:C3
ValidityTue, 20 Dec 2022 00:00:00 GMT - Thu, 18 Jan 2024 23:59:59 GMT

File type
ASCII text, with very long lines (2686), with no line terminators
Size
2.7 kB (2686 bytes)
Hash
ce5b46313723bd3cf5036595cef68bd3
db66130bdb125cc740f587250e0eff78a6043e89
3fd155d8504c42656f9a67bde0f6fa8c8313701dce4ca486a7d598dff22e1801

HTTP Headers

GET /app/p_230516ddcb39/blog/_next/static/chunks/9849d5b5-45be35bd4b4157cd.js HTTP/1.1
Host: cdn.s.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://blog.s.id/
Cookie: _ga_LJQ0V44EV5=GS1.1.1684283125.1.0.1684283125.0.0.0; _ga=GA1.1.166401575.1684283126; _gcl_au=1.1.1210117226.1684283126; _ga_98MWVCBDD7=GS1.1.1684283125.1.0.1684283125.60.0.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-length: 2686
date: Tue, 16 May 2023 10:53:12 GMT
last-modified: Tue, 16 May 2023 10:27:02 GMT
etag: "ce5b46313723bd3cf5036595cef68bd3"
x-amz-server-side-encryption: AES256
cache-control: immutable,max-age=31536000,public
content-encoding: utf-8
x-amz-version-id: CFDI4rOC0tHVb2kUI0lgdmMo2l09wYYt
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 ffa40c4091d11859ad05cf9748508c58.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: zDq3jPRP4hcNlKVuNAlm8QyoXLJZyn-oSuLFSzW0j-EZcb5AZs6gXw==
age: 48737
vary: Origin
X-Firefox-Spdy: h2

cdn.s.id/app/p_230516ddcb39/blog/_next/static/chunks/389-3c58604d16d9e910.js

52.85.242.27

200 OK

165 kB

URL GET HTTP/2
cdn.s.id/app/p_230516ddcb39/blog/_next/static/chunks/389-3c58604d16d9e910.js
IP
52.85.242.27:443
ASN
#16509 AMAZON-02

Requested by
https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect
Certificate
IssuerAmazon
Subjectcdn.s.id
FingerprintFE:A0:2C:D1:AB:F9:CF:31:E4:C9:5A:F7:0F:8A:97:19:7E:04:7F:C3
ValidityTue, 20 Dec 2022 00:00:00 GMT - Thu, 18 Jan 2024 23:59:59 GMT

File type
ASCII text, with very long lines (64667), with CRLF line terminators
Size
165 kB (165026 bytes)
Hash
de0723fc0f8847ef36892fad204fd180
47f047705fda7522490c9158e6dba1d6949de3f2
a918e36093fc1bc6aa3ba45dfdda02d32adeda69135a97167213d17f7c52bdbb

HTTP Headers

GET /app/p_230516ddcb39/blog/_next/static/chunks/389-3c58604d16d9e910.js HTTP/1.1
Host: cdn.s.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://blog.s.id/
Cookie: _ga_LJQ0V44EV5=GS1.1.1684283125.1.0.1684283125.0.0.0; _ga=GA1.1.166401575.1684283126; _gcl_au=1.1.1210117226.1684283126; _ga_98MWVCBDD7=GS1.1.1684283125.1.0.1684283125.60.0.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-length: 165026
date: Tue, 16 May 2023 10:53:12 GMT
last-modified: Tue, 16 May 2023 10:27:02 GMT
etag: "de0723fc0f8847ef36892fad204fd180"
x-amz-server-side-encryption: AES256
cache-control: immutable,max-age=31536000,public
content-encoding: utf-8
x-amz-version-id: mfFu24ajCwI.PVOpylM_cSCxjrqQwl5O
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 ffa40c4091d11859ad05cf9748508c58.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: 2tmVlFx3Sb8ObsMNsFFzGTQrKmE1KkUwp--50Kp3KThcste_Ms_0ew==
age: 48737
vary: Origin
X-Firefox-Spdy: h2

cdn.s.id/app/p_230516ddcb39/blog/_next/static/chunks/852-69ae09fb27796202.js

52.85.242.27

200 OK

16 kB

URL GET HTTP/2
cdn.s.id/app/p_230516ddcb39/blog/_next/static/chunks/852-69ae09fb27796202.js
IP
52.85.242.27:443
ASN
#16509 AMAZON-02

Requested by
https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect
Certificate
IssuerAmazon
Subjectcdn.s.id
FingerprintFE:A0:2C:D1:AB:F9:CF:31:E4:C9:5A:F7:0F:8A:97:19:7E:04:7F:C3
ValidityTue, 20 Dec 2022 00:00:00 GMT - Thu, 18 Jan 2024 23:59:59 GMT

File type
HTML document, ASCII text, with very long lines (15946), with no line terminators
Size
16 kB (15946 bytes)
Hash
8b4f7660397c4f1f74699a6b8ce6d804
c503c28b8d511b1c8698aeb4d305444bc56fe3a7
37374beb2f523c25668b5d18fd59f3e521e6ff4d190dcc725e74687a4a12b1e2

HTTP Headers

GET /app/p_230516ddcb39/blog/_next/static/chunks/852-69ae09fb27796202.js HTTP/1.1
Host: cdn.s.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://blog.s.id/
Cookie: _ga_LJQ0V44EV5=GS1.1.1684283125.1.0.1684283125.0.0.0; _ga=GA1.1.166401575.1684283126; _gcl_au=1.1.1210117226.1684283126; _ga_98MWVCBDD7=GS1.1.1684283125.1.0.1684283125.60.0.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-length: 15946
date: Tue, 16 May 2023 10:53:11 GMT
last-modified: Tue, 16 May 2023 10:27:02 GMT
etag: "8b4f7660397c4f1f74699a6b8ce6d804"
x-amz-server-side-encryption: AES256
cache-control: immutable,max-age=31536000,public
content-encoding: utf-8
x-amz-version-id: ul.2H93nHFRDSsE4kSQLqZ0.g1rI5q9c
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 ffa40c4091d11859ad05cf9748508c58.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: VtGX-ti2Bl6wetYWVPJINEYqQpHWZDqwA5jQDqOVMCfs_x16SXFaFg==
age: 48738
vary: Origin
X-Firefox-Spdy: h2

cdn.s.id/app/p_230516ddcb39/blog/_next/static/chunks/pages/post/%5B...article%5D-51c50a194a28d7a1.js

52.85.242.27

200 OK

23 kB

URL GET HTTP/2
cdn.s.id/app/p_230516ddcb39/blog/_next/static/chunks/pages/post/%5B...article%5D-51c50a194a28d7a1.js
IP
52.85.242.27:443
ASN
#16509 AMAZON-02

Requested by
https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect
Certificate
IssuerAmazon
Subjectcdn.s.id
FingerprintFE:A0:2C:D1:AB:F9:CF:31:E4:C9:5A:F7:0F:8A:97:19:7E:04:7F:C3
ValidityTue, 20 Dec 2022 00:00:00 GMT - Thu, 18 Jan 2024 23:59:59 GMT

File type
Unicode text, UTF-8 text, with very long lines (23081), with no line terminators
Size
23 kB (23083 bytes)
Hash
f3116f16f654e0dafdc43b1087577abf
25f71306d01b09e2caf25ee602f2e6577eda3039
4b0b85c742b9a2f7dc0cad9a5c33db6318f4965bd48d93ed24e33451a756a51d

HTTP Headers

GET /app/p_230516ddcb39/blog/_next/static/chunks/pages/post/%5B...article%5D-51c50a194a28d7a1.js HTTP/1.1
Host: cdn.s.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://blog.s.id/
Cookie: _ga_LJQ0V44EV5=GS1.1.1684283125.1.0.1684283125.0.0.0; _ga=GA1.1.166401575.1684283126; _gcl_au=1.1.1210117226.1684283126; _ga_98MWVCBDD7=GS1.1.1684283125.1.0.1684283125.60.0.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-length: 23083
date: Tue, 16 May 2023 10:53:12 GMT
last-modified: Tue, 16 May 2023 10:27:02 GMT
etag: "f3116f16f654e0dafdc43b1087577abf"
x-amz-server-side-encryption: AES256
cache-control: immutable,max-age=31536000,public
content-encoding: utf-8
x-amz-version-id: 3MsBn2sg0X1cvXU6u9n_9OyesXBTocaK
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 ffa40c4091d11859ad05cf9748508c58.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: kKTofsW4AtKeVcBHGQ-ozwAAcDJmX_6AkeJ4DpLUWjbfaGPCSY0UsQ==
age: 48737
vary: Origin
X-Firefox-Spdy: h2

cdn.s.id/app/p_230516ddcb39/blog/_next/static/ELwIQCuh1HUjYVTodv86x/_buildManifest.js

52.85.242.27

200 OK

999 B

URL GET HTTP/2
cdn.s.id/app/p_230516ddcb39/blog/_next/static/ELwIQCuh1HUjYVTodv86x/_buildManifest.js
IP
52.85.242.27:443
ASN
#16509 AMAZON-02

Requested by
https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect
Certificate
IssuerAmazon
Subjectcdn.s.id
FingerprintFE:A0:2C:D1:AB:F9:CF:31:E4:C9:5A:F7:0F:8A:97:19:7E:04:7F:C3
ValidityTue, 20 Dec 2022 00:00:00 GMT - Thu, 18 Jan 2024 23:59:59 GMT

File type
ASCII text, with very long lines (999), with no line terminators
Size
999 B (999 bytes)
Hash
2433e6f9a9a0cce0db29145849364ab6
b74061259b98ba713b2b5d0c63385ba810f11b7f
53aca6d8f6d25abaaa9e73e196f895ad4c0939b50360b4110e41725a2647cf53

HTTP Headers

GET /app/p_230516ddcb39/blog/_next/static/ELwIQCuh1HUjYVTodv86x/_buildManifest.js HTTP/1.1
Host: cdn.s.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://blog.s.id/
Cookie: _ga_LJQ0V44EV5=GS1.1.1684283125.1.0.1684283125.0.0.0; _ga=GA1.1.166401575.1684283126; _gcl_au=1.1.1210117226.1684283126; _ga_98MWVCBDD7=GS1.1.1684283125.1.0.1684283125.60.0.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-length: 999
date: Tue, 16 May 2023 10:53:12 GMT
last-modified: Tue, 16 May 2023 10:27:02 GMT
etag: "2433e6f9a9a0cce0db29145849364ab6"
x-amz-server-side-encryption: AES256
cache-control: immutable,max-age=31536000,public
content-encoding: utf-8
x-amz-version-id: tah1j56YesvSnatisky4NcJP44r7afgh
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 ffa40c4091d11859ad05cf9748508c58.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: k166ZUm-ib6feS-Feska5XweGpNI-119KgeQnEYAWuxXKKmgJdFpDA==
age: 48737
vary: Origin
X-Firefox-Spdy: h2

cdn.s.id/app/p_230516ddcb39/blog/_next/static/ELwIQCuh1HUjYVTodv86x/_ssgManifest.js

52.85.242.27

200 OK

77 B

URL GET HTTP/2
cdn.s.id/app/p_230516ddcb39/blog/_next/static/ELwIQCuh1HUjYVTodv86x/_ssgManifest.js
IP
52.85.242.27:443
ASN
#16509 AMAZON-02

Requested by
https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect
Certificate
IssuerAmazon
Subjectcdn.s.id
FingerprintFE:A0:2C:D1:AB:F9:CF:31:E4:C9:5A:F7:0F:8A:97:19:7E:04:7F:C3
ValidityTue, 20 Dec 2022 00:00:00 GMT - Thu, 18 Jan 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
77 B (77 bytes)
Hash
b6652df95db52feb4daf4eca35380933
65451d110137761b318c82d9071c042db80c4036
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e

HTTP Headers

GET /app/p_230516ddcb39/blog/_next/static/ELwIQCuh1HUjYVTodv86x/_ssgManifest.js HTTP/1.1
Host: cdn.s.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://blog.s.id/
Cookie: _ga_LJQ0V44EV5=GS1.1.1684283125.1.0.1684283125.0.0.0; _ga=GA1.1.166401575.1684283126; _gcl_au=1.1.1210117226.1684283126; _ga_98MWVCBDD7=GS1.1.1684283125.1.0.1684283125.60.0.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-length: 77
date: Tue, 16 May 2023 10:53:12 GMT
last-modified: Tue, 16 May 2023 10:27:02 GMT
etag: "b6652df95db52feb4daf4eca35380933"
x-amz-server-side-encryption: AES256
cache-control: immutable,max-age=31536000,public
content-encoding: utf-8
x-amz-version-id: iGNNTyEGWKY4kMBkXqy.Xr2JgqxHn7B.
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 ffa40c4091d11859ad05cf9748508c58.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: a2WRWwPB74YBNckvCnhG5Q_D4zgByl9J_diu4EdzNmKhtjSKoZu-fQ==
age: 48737
vary: Origin
X-Firefox-Spdy: h2

cdn.s.id/app/p_230516ddcb39/blog/images/sid-logo-new-light.svg

52.85.242.27

200 OK

3.9 kB

URL GET HTTP/2
cdn.s.id/app/p_230516ddcb39/blog/images/sid-logo-new-light.svg
IP
52.85.242.27:443
ASN
#16509 AMAZON-02

Requested by
https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect
Certificate
IssuerAmazon
Subjectcdn.s.id
FingerprintFE:A0:2C:D1:AB:F9:CF:31:E4:C9:5A:F7:0F:8A:97:19:7E:04:7F:C3
ValidityTue, 20 Dec 2022 00:00:00 GMT - Thu, 18 Jan 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
3.9 kB (3904 bytes)
Hash
b3e9be8f1d6a2b7f3f961c636bd7a812
206229a9f6dba2f2aad30dde2ae671a7ae740027
1af5eacc5472d595046d8320feb556463d66ca3711b5fc2e6449e5cc49cd167f

HTTP Headers

GET /app/p_230516ddcb39/blog/images/sid-logo-new-light.svg HTTP/1.1
Host: cdn.s.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://blog.s.id/
Cookie: _ga_LJQ0V44EV5=GS1.1.1684283125.1.0.1684283125.0.0.0; _ga=GA1.1.166401575.1684283126; _gcl_au=1.1.1210117226.1684283126; _ga_98MWVCBDD7=GS1.1.1684283125.1.0.1684283125.60.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 3904
date: Tue, 16 May 2023 10:53:12 GMT
last-modified: Tue, 16 May 2023 10:27:02 GMT
etag: "b3e9be8f1d6a2b7f3f961c636bd7a812"
x-amz-server-side-encryption: AES256
cache-control: immutable,max-age=31536000,public
content-encoding: utf-8
x-amz-version-id: q8gW6MgnlJkYHjoIhn5wbPQIivAr7lty
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 ffa40c4091d11859ad05cf9748508c58.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: -uCjo_mm1WQZwufrNDIbq3IRX9pCIO8p4ywYHA7qAq1ZAoWigmo1sQ==
age: 48737
vary: Origin
X-Firefox-Spdy: h2

cdn.s.id/app/p_230516ddcb39/blog/images/adg-red-ring.svg

52.85.242.27

200 OK

6.4 kB

URL GET HTTP/2
cdn.s.id/app/p_230516ddcb39/blog/images/adg-red-ring.svg
IP
52.85.242.27:443
ASN
#16509 AMAZON-02

Requested by
https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect
Certificate
IssuerAmazon
Subjectcdn.s.id
FingerprintFE:A0:2C:D1:AB:F9:CF:31:E4:C9:5A:F7:0F:8A:97:19:7E:04:7F:C3
ValidityTue, 20 Dec 2022 00:00:00 GMT - Thu, 18 Jan 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (6438), with no line terminators
Size
6.4 kB (6438 bytes)
Hash
d8656f00411289185175620333fd7531
5cb6bb53297cb7de333679fef32a2e8ac075f59c
c7fb840478ca64f3410fff0ffa40eb38fd8a7cfc36c10f117c3869ea93c00182

HTTP Headers

GET /app/p_230516ddcb39/blog/images/adg-red-ring.svg HTTP/1.1
Host: cdn.s.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://blog.s.id/
Cookie: _ga_LJQ0V44EV5=GS1.1.1684283125.1.0.1684283125.0.0.0; _ga=GA1.1.166401575.1684283126; _gcl_au=1.1.1210117226.1684283126; _ga_98MWVCBDD7=GS1.1.1684283125.1.0.1684283125.60.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 6438
date: Tue, 16 May 2023 10:53:12 GMT
last-modified: Tue, 16 May 2023 10:27:02 GMT
etag: "d8656f00411289185175620333fd7531"
x-amz-server-side-encryption: AES256
cache-control: immutable,max-age=31536000,public
content-encoding: utf-8
x-amz-version-id: 70bVH68SZN.NXU5aUU3TIB7WGrsDAmKz
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 ffa40c4091d11859ad05cf9748508c58.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: 0qsbvkPvozxML6_pmOGEWEoeSKxjER0dSp6V2XGQbuMPIqPVRAIOhw==
age: 48737
vary: Origin
X-Firefox-Spdy: h2

zendesk-eu.my.sentry.io/api/113/envelope/?sentry_key=460f708319894406a8ebaea641969c60&sentry_version=7

34.89.128.121

2 B

URL
zendesk-eu.my.sentry.io/api/113/envelope/?sentry_key=460f708319894406a8ebaea641969c60&sentry_version=7
IP
34.89.128.121:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
JSON data\012- , ASCII text, with no line terminators
Size
2 B (2 bytes)
Hash
99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

HTTP Headers

POST /api/113/envelope/?sentry_key=460f708319894406a8ebaea641969c60&sentry_version=7 HTTP/1.1
Host: zendesk-eu.my.sentry.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 134
Origin: https://home.s.id
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 17 May 2023 00:25:29 GMT
content-type: application/json
content-length: 2
access-control-allow-origin: *
vary: origin,access-control-request-method,access-control-request-headers
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time: 0
x-upstream-remote-address: 10.2.150.224:3000
x-upstream: relay
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Montserrat:wght@400;500;600;700;800&family=Work+Sans:wght@400;500;600;700&display=swap

142.250.74.106

48 kB

URL
fonts.googleapis.com/css2?family=Montserrat:wght@400;500;600;700;800&family=Work+Sans:wght@400;500;600;700&display=swap
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type
gzip compressed data, max compression\012- data
Size
48 kB (48500 bytes)
Hash
7b4b5337e6846402b53493080ad42520
5a963eac0a6fcc6a5a85d444de085bd14ddf0c0f
7a8728a19320b0815c39c099d9eb467f08c9c04c0ba48f7999432371ee4521e6

HTTP Headers

GET /css2?family=Montserrat:wght@400;500;600;700;800&family=Work+Sans:wght@400;500;600;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://home.s.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 17 May 2023 00:25:26 GMT
date: Wed, 17 May 2023 00:25:26 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/worksans/v18/QGYsz_wNahGAdqQ43Rh_fKDp.woff2

216.58.207.227

200 OK

48 kB

URL GET HTTP/2
fonts.gstatic.com/s/worksans/v18/QGYsz_wNahGAdqQ43Rh_fKDp.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE2:33:59:47:38:D7:4A:7A:9E:28:5D:EC:AA:94:7F:92:25:D2:B1:C4
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT

File type
Web Open Font Format (Version 2), TrueType, length 47728, version 1.0\012- data
Size
48 kB (47728 bytes)
Hash
b1581ddd77372ceb06eb14adfd1bea07
1a3b0fc96fa73b808aa1f91f122a3c9bdcf93ee8
97e82d8eac8d106b28abf1b716982c40c06fffe49cc2f34cd1c299266745ef73

HTTP Headers

GET /s/worksans/v18/QGYsz_wNahGAdqQ43Rh_fKDp.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://blog.s.id
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 47728
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 11 May 2023 06:20:48 GMT
expires: Fri, 10 May 2024 06:20:48 GMT
cache-control: public, max-age=31536000
age: 497081
last-modified: Tue, 23 Aug 2022 17:55:22 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect

188.114.96.1

200 OK

64 kB

URL User Request GET HTTP/2
blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjects.id
Fingerprint83:8D:A7:3C:E3:A9:84:19:28:12:27:7D:EF:E9:A2:FE:F8:13:2E:0F
ValiditySun, 16 Apr 2023 06:17:19 GMT - Sat, 15 Jul 2023 06:17:18 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (47398)
Size
64 kB (63472 bytes)
Hash
dcf3a83a83aaa1fc18fac029f9bab6f9
02c0ad5d45d421cbabc81f6134c5c79cc09b4034
2444f61a3ade77dd3cc83636f2d81d2ee33b9070793afbf68356fe89a22c48dc

HTTP Headers

GET /post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect HTTP/1.1
Host: blog.s.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://home.s.id/
Cookie: _ga_LJQ0V44EV5=GS1.1.1684283125.1.0.1684283125.0.0.0; _ga=GA1.1.166401575.1684283126; _gcl_au=1.1.1210117226.1684283126; _ga_98MWVCBDD7=GS1.1.1684283125.1.0.1684283125.60.0.0
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 17 May 2023 00:25:28 GMT
content-type: text/html; charset=utf-8
x-powered-by: Next.js
cache-control: private, no-cache, no-store, max-age=0, must-revalidate
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=93RDqBNpWXb%2B8ZvoYAFd4B2ufurTvvUEmBS%2BOUhaFEOF1B68tn8YkkD0Zbi7FMqdo3YrLOHLvJpCoa5Qx9vcH9Pumhr4iyN5u1MANScdPQORpM9f%2FAjBLLwGsck%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7c87b9304c55b50b-OSL
content-encoding: br
X-Firefox-Spdy: h2

cdn.s.id/app/p_230516ddcb39/blog/images/sid-logo-new-dark.svg

52.85.242.27

200 OK

3.9 kB

URL GET HTTP/2
cdn.s.id/app/p_230516ddcb39/blog/images/sid-logo-new-dark.svg
IP
52.85.242.27:443
ASN
#16509 AMAZON-02

Requested by
https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect
Certificate
IssuerAmazon
Subjectcdn.s.id
FingerprintFE:A0:2C:D1:AB:F9:CF:31:E4:C9:5A:F7:0F:8A:97:19:7E:04:7F:C3
ValidityTue, 20 Dec 2022 00:00:00 GMT - Thu, 18 Jan 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
3.9 kB (3904 bytes)
Hash
5f6c6d33de5cabfc68231a77c873ac2a
4d97e1c7d12deb6d6873d5ee5bcc787084d246a7
c62efa11e56d452e201244a46cc0c80d5bbd7d676487f6bb4953d71ac55e4f04

HTTP Headers

GET /app/p_230516ddcb39/blog/images/sid-logo-new-dark.svg HTTP/1.1
Host: cdn.s.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://blog.s.id/
Cookie: _ga_LJQ0V44EV5=GS1.1.1684283125.1.0.1684283125.0.0.0; _ga=GA1.1.166401575.1684283126; _gcl_au=1.1.1210117226.1684283126; _ga_98MWVCBDD7=GS1.1.1684283125.1.0.1684283125.60.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 3904
date: Tue, 16 May 2023 10:53:15 GMT
last-modified: Tue, 16 May 2023 10:27:02 GMT
etag: "5f6c6d33de5cabfc68231a77c873ac2a"
x-amz-server-side-encryption: AES256
cache-control: immutable,max-age=31536000,public
content-encoding: utf-8
x-amz-version-id: 6xGD77blyDm6ofhez20tCKqVIS1yUMN6
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 ffa40c4091d11859ad05cf9748508c58.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: kEOz1QWLiIOFdVWul0O1eA5V-yxWQjKAx6oJ_z62W116xP-bc4co4Q==
age: 48735
vary: Origin
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=G-LBWQJM5WLF

142.250.74.168

200 OK

80 kB

URL GET HTTP/3
www.googletagmanager.com/gtag/js?id=G-LBWQJM5WLF
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint55:51:32:58:36:72:A1:C8:50:5E:5A:8D:CE:A5:2F:DC:D7:1E:62:03
ValidityMon, 24 Apr 2023 11:56:06 GMT - Mon, 17 Jul 2023 11:56:05 GMT

File type
ASCII text, with very long lines (3288)
Size
80 kB (80154 bytes)
Hash
9d5bb4281c6cd9f6f1794d843f0787c1
7eacb7177c9c32763678657e111abd871ceded49
6c775583deed74a1590afae14881529e34bfc79c4fe3acaafdfe4e7c3b9008d6

HTTP Headers

GET /gtag/js?id=G-LBWQJM5WLF HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://blog.s.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 17 May 2023 00:25:29 GMT
expires: Wed, 17 May 2023 00:25:29 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 80154
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.googletagmanager.com/gtag/js?id=G-GJLS9JMJCK

142.250.74.168

200 OK

80 kB

URL GET HTTP/3
www.googletagmanager.com/gtag/js?id=G-GJLS9JMJCK
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint55:51:32:58:36:72:A1:C8:50:5E:5A:8D:CE:A5:2F:DC:D7:1E:62:03
ValidityMon, 24 Apr 2023 11:56:06 GMT - Mon, 17 Jul 2023 11:56:05 GMT

File type
ASCII text, with very long lines (3288)
Size
80 kB (79480 bytes)
Hash
0f376f2f78c33e408fb5285b86b469bf
01527676ab189fdcad95fb1c8651582893ed3150
8c720f17112739cf0decf1f6a663d2fc365af127e62babed86055bb02b985df4

HTTP Headers

GET /gtag/js?id=G-GJLS9JMJCK HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://blog.s.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 17 May 2023 00:25:29 GMT
expires: Wed, 17 May 2023 00:25:29 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 79480
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

blog.s.id/cdn-cgi/rum?

188.114.96.1

204 No Content

0 B

URL POST HTTP/2
blog.s.id/cdn-cgi/rum?
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect
Certificate
IssuerGoogle Trust Services LLC
Subjects.id
Fingerprint83:8D:A7:3C:E3:A9:84:19:28:12:27:7D:EF:E9:A2:FE:F8:13:2E:0F
ValiditySun, 16 Apr 2023 06:17:19 GMT - Sat, 15 Jul 2023 06:17:18 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /cdn-cgi/rum? HTTP/1.1
Host: blog.s.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/json
Content-Length: 1211
Origin: https://blog.s.id
DNT: 1
Connection: keep-alive
Referer: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect
Cookie: _ga_LJQ0V44EV5=GS1.1.1684283125.1.0.1684283125.0.0.0; _ga=GA1.1.166401575.1684283126; _gcl_au=1.1.1210117226.1684283126; _ga_98MWVCBDD7=GS1.1.1684283125.1.0.1684283125.60.0.0; _ga_LBWQJM5WLF=GS1.1.1684283128.1.0.1684283128.60.0.0; _ga_GJLS9JMJCK=GS1.1.1684283128.1.0.1684283128.0.0.0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 204 No Content
date: Wed, 17 May 2023 00:25:29 GMT
access-control-allow-origin: https://blog.s.id
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 7c87b936a80ab50b-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2

region1.analytics.google.com/g/collect?v=2&tid=G-98MWVCBDD7&gtm=45je35a0&_p=1668936502&cid=166401575.1684283126&ul=en-us&sr=1280x1024&_eu=AEA&_s=2&sid=1684283125&sct=1&seg=0&dl=https%3A%2F%2Fhome.s.id%2Fforbidden&dt=Forbidden%20-%20S.id&en=scroll&epn.percent_scrolled=90

216.239.34.36

204 No Content

0 B

URL POST HTTP/3
region1.analytics.google.com/g/collect?v=2&tid=G-98MWVCBDD7&gtm=45je35a0&_p=1668936502&cid=166401575.1684283126&ul=en-us&sr=1280x1024&_eu=AEA&_s=2&sid=1684283125&sct=1&seg=0&dl=https%3A%2F%2Fhome.s.id%2Fforbidden&dt=Forbidden%20-%20S.id&en=scroll&epn.percent_scrolled=90
IP
216.239.34.36:443
ASN
#15169 GOOGLE

Requested by
https://home.s.id/forbidden#action
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint55:51:32:58:36:72:A1:C8:50:5E:5A:8D:CE:A5:2F:DC:D7:1E:62:03
ValidityMon, 24 Apr 2023 11:56:06 GMT - Mon, 17 Jul 2023 11:56:05 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-98MWVCBDD7&gtm=45je35a0&_p=1668936502&cid=166401575.1684283126&ul=en-us&sr=1280x1024&_eu=AEA&_s=2&sid=1684283125&sct=1&seg=0&dl=https%3A%2F%2Fhome.s.id%2Fforbidden&dt=Forbidden%20-%20S.id&en=scroll&epn.percent_scrolled=90 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://home.s.id
DNT: 1
Connection: keep-alive
Referer: https://home.s.id/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers

HTTP/3 204 No Content
access-control-allow-origin: https://home.s.id
date: Wed, 17 May 2023 00:25:29 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

protagcdn.com/s/s.id/site.js

172.67.75.177

200 OK

115 kB

URL GET HTTP/2
protagcdn.com/s/s.id/site.js
IP
172.67.75.177:443
ASN
#13335 CLOUDFLARENET

Requested by
https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect
Certificate
IssuerLet's Encrypt
Subjectprotagcdn.com
Fingerprint77:9F:9C:0E:AB:36:C9:7A:8F:76:3D:6F:68:D8:E4:46:11:80:72:BC
ValidityTue, 02 May 2023 23:36:49 GMT - Mon, 31 Jul 2023 23:36:48 GMT

File type
Unicode text, UTF-8 text, with very long lines (65530), with no line terminators
Size
115 kB (114645 bytes)
Hash
8b8ec52f223555670199afe98a1d5564
aafb241e22187b7a353ccb61547f6f2145833a44
1c47c23e57e44c1206678fcea2854a507dbd61c7db44ec7429767d82e09e6527

HTTP Headers

GET /s/s.id/site.js HTTP/1.1
Host: protagcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://blog.s.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 17 May 2023 00:25:29 GMT
content-type: application/javascript
cache-control: public, max-age=1800
cf-bgj: minify
cf-polished: origSize=396346
expires: Wed, 17 May 2023 00:55:29 GMT
last-modified: Tue, 28 Jun 2022 09:03:45 GMT
pragma: no-cache
vary: Accept-Encoding
cf-cache-status: HIT
age: 2900
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zzBMfmXLvEwB0tdgn4zpvSr09c1YYkeOlAv%2B758TpXYHJenAvWHTCewx9I%2F5pmNVs4FRxxSSEGTA2NjCYVTKeogg4sWJxoaT9s6SUSSfX8AA03oc1l81fxdT5ZkpU%2FI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c87b9370c4d0b59-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

region1.analytics.google.com/g/collect?v=2&tid=G-LBWQJM5WLF&gtm=45je35a0&_p=833938145&_gaz=1&cid=166401575.1684283126&ul=en-us&sr=1280x1024&_s=1&sid=1684283128&sct=1&seg=0&dl=https%3A%2F%2Fblog.s.id%2Fpost%2F2022%2F05%2F19%2Foops-you-accessing-forbidden-link-what-is-that-9m00gu9i3%3Futm_source%3Dhome_sid%26utm_medium%3Dredirect&dr=https%3A%2F%2Fhome.s.id%2F&dt=Oops%2C%20You%20accessing%20Forbidden%20Link!%20What%20is%20that%3F%20-%20S.id&en=page_view&_fv=1&_ss=1&_ee=1

216.239.34.36

204 No Content

0 B

URL POST HTTP/3
region1.analytics.google.com/g/collect?v=2&tid=G-LBWQJM5WLF&gtm=45je35a0&_p=833938145&_gaz=1&cid=166401575.1684283126&ul=en-us&sr=1280x1024&_s=1&sid=1684283128&sct=1&seg=0&dl=https%3A%2F%2Fblog.s.id%2Fpost%2F2022%2F05%2F19%2Foops-you-accessing-forbidden-link-what-is-that-9m00gu9i3%3Futm_source%3Dhome_sid%26utm_medium%3Dredirect&dr=https%3A%2F%2Fhome.s.id%2F&dt=Oops%2C%20You%20accessing%20Forbidden%20Link!%20What%20is%20that%3F%20-%20S.id&en=page_view&_fv=1&_ss=1&_ee=1
IP
216.239.34.36:443
ASN
#15169 GOOGLE

Requested by
https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint55:51:32:58:36:72:A1:C8:50:5E:5A:8D:CE:A5:2F:DC:D7:1E:62:03
ValidityMon, 24 Apr 2023 11:56:06 GMT - Mon, 17 Jul 2023 11:56:05 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-LBWQJM5WLF&gtm=45je35a0&_p=833938145&_gaz=1&cid=166401575.1684283126&ul=en-us&sr=1280x1024&_s=1&sid=1684283128&sct=1&seg=0&dl=https%3A%2F%2Fblog.s.id%2Fpost%2F2022%2F05%2F19%2Foops-you-accessing-forbidden-link-what-is-that-9m00gu9i3%3Futm_source%3Dhome_sid%26utm_medium%3Dredirect&dr=https%3A%2F%2Fhome.s.id%2F&dt=Oops%2C%20You%20accessing%20Forbidden%20Link!%20What%20is%20that%3F%20-%20S.id&en=page_view&_fv=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://blog.s.id
DNT: 1
Connection: keep-alive
Referer: https://blog.s.id/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers

HTTP/3 204 No Content
access-control-allow-origin: https://blog.s.id
date: Wed, 17 May 2023 00:25:29 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

ekr.zdassets.com/compose/1dc98855-fcfe-49a8-9ac6-f3d16b24538f

104.18.70.113

200 OK

319 B

URL GET HTTP/2
ekr.zdassets.com/compose/1dc98855-fcfe-49a8-9ac6-f3d16b24538f
IP
104.18.70.113:443
ASN
#13335 CLOUDFLARENET

Requested by
https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect
Certificate
IssuerCloudflare, Inc.
Subjectzdassets.com
Fingerprint8A:25:1A:C6:2D:0B:57:20:0E:AC:67:73:C0:21:62:12:0D:EA:56:28
ValidityThu, 10 Nov 2022 00:00:00 GMT - Thu, 09 Nov 2023 23:59:59 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (343), with no line terminators
Size
319 B (319 bytes)
Hash
f3e08ca10b936ea33e525864dcfea4ce
0922b9fc183881c14c5ee65e0f6fc492c6b1fcd4
bd82135bb6113df625761d2eccb17797d6c210b3f90eb949e4b4d50293fc4519

HTTP Headers

GET /compose/1dc98855-fcfe-49a8-9ac6-f3d16b24538f HTTP/1.1
Host: ekr.zdassets.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://blog.s.id
DNT: 1
Connection: keep-alive
Referer: https://blog.s.id/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 17 May 2023 00:25:29 GMT
content-type: application/json; charset=utf-8
status: 200 OK
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-expose-headers: 
access-control-max-age: 7200
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cdn-cache-control: max-age=60
vary: Accept, Origin, Accept-Encoding
cache-control: max-age=600, public, stale-while-revalidate=600, stale-if-error=21600
etag: W/"1748f7fd83003294df841b0b263aebf7"
x-request-id: 7c25e0fb19fb0b55-SEA, 7c25e0fb19fb0b55-SEA
x-runtime: 0.002357
x-zendesk-zorg: yes
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o9V2Jmt%2F%2F3EH9CKYYsX1T0K1y%2FCliRfMFW8RfYjmzs8Tsc%2FsEy4tFzxiVp73tud3iA5mm4v7UhA8TlG38oV%2BexjywBHPBunsrUUQDKE9JRIkFCUtj67F2I%2F7nxT1BdNQ3rs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 7c87b9361c7bb505-OSL
content-encoding: br
X-Firefox-Spdy: h2

static.zdassets.com/ekr/snippet.js?key=1dc98855-fcfe-49a8-9ac6-f3d16b24538f

104.18.72.113

200 OK

24 kB

URL GET HTTP/2
static.zdassets.com/ekr/snippet.js?key=1dc98855-fcfe-49a8-9ac6-f3d16b24538f
IP
104.18.72.113:443
ASN
#13335 CLOUDFLARENET

Requested by
https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect
Certificate
IssuerCloudflare, Inc.
Subjectzdassets.com
Fingerprint8A:25:1A:C6:2D:0B:57:20:0E:AC:67:73:C0:21:62:12:0D:EA:56:28
ValidityThu, 10 Nov 2022 00:00:00 GMT - Thu, 09 Nov 2023 23:59:59 GMT

File type
ASCII text, with very long lines (24203), with no line terminators
Size
24 kB (24203 bytes)
Hash
9ce7e23b1a5cf89ecf9e795e0ccb61b4
d3c8c1151af2925bb8e1a8f1d1b679ae31285189
622be2eb8ef5825d74867a56c04c9274812a7276da1f7bd218401deb24fdc045

HTTP Headers

GET /ekr/snippet.js?key=1dc98855-fcfe-49a8-9ac6-f3d16b24538f HTTP/1.1
Host: static.zdassets.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://blog.s.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 17 May 2023 00:25:29 GMT
content-type: application/javascript
x-amz-id-2: NJE7m1ytiUXhKN4LIVjfMoU1Q7kysbfpxRordgt4ZmRpv5yUOTYGq9n7/khhH87D9W8VcgWYTUoy24B9kthQtg==
x-amz-request-id: Q6B2N48HBB8X1MDN
x-amz-replication-status: COMPLETED
last-modified: Sun, 14 May 2023 23:22:32 GMT
etag: W/"9ce7e23b1a5cf89ecf9e795e0ccb61b4"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=3600, s-maxage=60
x-amz-version-id: h_C7R95D6YonGiyqdlKE7XDlNtmjvPl8
cf-cache-status: HIT
age: 30
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ttg4umPV9s1mqMmykFGoF%2Fj9zwNC%2FHc1b%2FByommkWkseXEFGDnjh4O2tPqZczFIrlohyX4IdgRmW%2FV%2BIJD23YCKqLpLQ0YhXNUsd3A7zpPCRU%2FKPI7QK4S677jSaKMGoDBgJlXI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 7c87b9358c9bb527-OSL
content-encoding: br
X-Firefox-Spdy: h2

blog.s.id/favicon.ico

188.114.96.1

200 OK

369 B

URL GET HTTP/2
blog.s.id/favicon.ico
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect
Certificate
IssuerGoogle Trust Services LLC
Subjects.id
Fingerprint83:8D:A7:3C:E3:A9:84:19:28:12:27:7D:EF:E9:A2:FE:F8:13:2E:0F
ValiditySun, 16 Apr 2023 06:17:19 GMT - Sat, 15 Jul 2023 06:17:18 GMT

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Size
369 B (369 bytes)
Hash
2137def2d03d166159c9d82347e2f023
d566cfac9656ce95ba623921422c02b7ff0b49c5
cfe37d249e5eda84e78c2c746fa7c094303fdb0288caa687c895e02a3d46c114

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: blog.s.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect
Cookie: _ga_LJQ0V44EV5=GS1.1.1684283125.1.0.1684283125.0.0.0; _ga=GA1.1.166401575.1684283126; _gcl_au=1.1.1210117226.1684283126; _ga_98MWVCBDD7=GS1.1.1684283125.1.0.1684283125.60.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 17 May 2023 00:25:30 GMT
content-type: image/x-icon
cache-control: public, max-age=14400
last-modified: Fri, 04 Mar 2022 07:03:55 GMT
etag: W/"171-17f53bdff78"
vary: Accept-Encoding
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xwgNAyUvWNTUcu6ycLjIJHYNqDe07582Q1WlANft2Q%2B8xG6u8y%2BUMLk81Rcr%2FoRovZO%2F9yGVURlc7gdrR11OK4RrQxspzC6BdW8UFSs4cHHXqG%2FdaxVEnpKp%2Bjo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7c87b935ef8fb50b-OSL
content-encoding: br
X-Firefox-Spdy: h2

www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-LBWQJM5WLF&cid=166401575.1684283126&gtm=45je35a0&aip=1&z=1723236870

142.250.74.163

200 OK

42 B

URL GET HTTP/3
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-LBWQJM5WLF&cid=166401575.1684283126&gtm=45je35a0&aip=1&z=1723236870
IP
142.250.74.163:443
ASN
#15169 GOOGLE

Requested by
https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.no
FingerprintDC:04:40:A7:66:FE:43:A4:60:74:CB:F5:05:B7:C5:30:60:15:0E:C8
ValidityMon, 24 Apr 2023 12:02:59 GMT - Mon, 17 Jul 2023 12:02:58 GMT

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-LBWQJM5WLF&cid=166401575.1684283126&gtm=45je35a0&aip=1&z=1723236870 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://blog.s.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 17 May 2023 00:25:29 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

static.cloudflareinsights.com/beacon.min.js/v52afc6f149f6479b8c77fa569edb01181681764108816

104.16.57.101

200 OK

20 kB

URL GET HTTP/2
static.cloudflareinsights.com/beacon.min.js/v52afc6f149f6479b8c77fa569edb01181681764108816
IP
104.16.57.101:443
ASN
#13335 CLOUDFLARENET

Requested by
https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint89:79:35:ED:04:A2:CA:50:F7:9A:B8:FE:DF:A5:0C:B1:F2:E6:DD:E8
ValidityMon, 10 Apr 2023 00:00:00 GMT - Tue, 09 Apr 2024 23:59:59 GMT

File type
ASCII text, with very long lines (19927), with no line terminators
Size
20 kB (19927 bytes)
Hash
d294b48fb7400508953205265f95d2e1
fd545d38241c9c56e81f61e45cd239976ecd0b46
13a548e040a1ec08f77911fed1d559b95e5daae0ee227e632140e003c7268e7b

HTTP Headers

GET /beacon.min.js/v52afc6f149f6479b8c77fa569edb01181681764108816 HTTP/1.1
Host: static.cloudflareinsights.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://blog.s.id
DNT: 1
Connection: keep-alive
Referer: https://blog.s.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 17 May 2023 00:25:29 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/2023.4.2
last-modified: Mon, 17 Apr 2023 20:41:48 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c87b934d919fab4-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Montserrat:wght@400;500;600;700&family=Work+Sans:wght@400;500;600;700&display=swap

142.250.74.106

200 OK

12 kB

URL GET HTTP/3
fonts.googleapis.com/css2?family=Montserrat:wght@400;500;600;700&family=Work+Sans:wght@400;500;600;700&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint9B:D0:53:C4:55:9D:41:A4:94:03:4A:2B:6A:5B:57:EB:EB:A5:F0:4A
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT

File type
ASCII text
Size
12 kB (12084 bytes)
Hash
b2dfb29442dc1bdbba96360e76a2d8ff
08abbec340dad80efd39b15d0e4729f886214ed7
ac2af12c81be58d6906f22b9dbdb6d9753a775ca31d71c993839c8674acd020f

HTTP Headers

GET /css2?family=Montserrat:wght@400;500;600;700&family=Work+Sans:wght@400;500;600;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://blog.s.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 17 May 2023 00:25:28 GMT
date: Wed, 17 May 2023 00:25:28 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (27)

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL