ocsp.pki.goog/gts1c3
471 B IP
Hash be1503134e951ab7848860728b7a4bd1
63df4353253c5f9d1f335ed650ca3f7d4a45bdc4
45e00a56f09b23db110c9e9f0dac7ae9e0b9fd532e1cb11e4aeda9b3af2d2d87
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 01 Oct 2023 10:02:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
sakitiwasan.blogspot.com/2022/01/butas-na-butas-na-kamay.html
200 OK 37 kB URL User Request GET HTTP/2 sakitiwasan.blogspot.com/2022/01/butas-na-butas-na-kamay.html
IP
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (4754)
Hash 4946235873a155dfd3a2cb7a16e19beb
e9f0db55b03417c0c861a5bc9e27ae341faa1a2f
723b938e9306ed2bd3b4d6b93b68b0401043d876662af0d85cf704e98473660e
GET /2022/01/butas-na-butas-na-kamay.html HTTP/1.1
Host: sakitiwasan.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
expires: Sun, 01 Oct 2023 10:02:46 GMT
date: Sun, 01 Oct 2023 10:02:46 GMT
cache-control: private, max-age=0
last-modified: Tue, 21 Mar 2023 00:34:50 GMT
etag: W/"32ec247f2d73d7c3ccd2b06f30d348ea4ec3241b74809aca4f91d653f2720c45"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 36557
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
471 B IP
Hash be1503134e951ab7848860728b7a4bd1
63df4353253c5f9d1f335ed650ca3f7d4a45bdc4
45e00a56f09b23db110c9e9f0dac7ae9e0b9fd532e1cb11e4aeda9b3af2d2d87
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 01 Oct 2023 10:02:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tracking-protection.cdn.mozilla.net/ads-track-digest256/111.0/1684443982
56 kB URL tracking-protection.cdn.mozilla.net/ads-track-digest256/111.0/1684443982
IP
Hash eccf8436aa08de0d355cd2c068568453
e05e69cb2970888f00770ab772d77354df830f05
71a2d75150b4656ff17a9589a66e9e03661fa4ea1dfdf16c1d848efaae082439
GET /ads-track-digest256/111.0/1684443982 HTTP/1.1
Host: tracking-protection.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: close
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: none
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
x-amz-id-2: uq4b8MP+fBHU6W2MkPVxVapAATVhVWQlyljWyPeGF0Xp14/ysr2dlwY6e8kBBmArnMXYfuHnAzs=
x-amz-request-id: J85X6Z61GQZCJ78C
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
content-length: 56118
via: 1.1 google
date: Sat, 30 Sep 2023 21:39:55 GMT
age: 44572
last-modified: Thu, 18 May 2023 21:16:40 GMT
etag: "eccf8436aa08de0d355cd2c068568453"
content-type: application/octet-stream
cache-control: public,max-age=86400
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
471 B IP
Hash d1f3de1a2fa80b3fa43fb780285ee3ca
aa7cbb9506d21822e795685764c2ede8115a677e
9e191a17c0492873293d013bca8257e2844f3e078e7002e634fbd89aff2a45b5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 01 Oct 2023 10:02:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdnjs.cloudflare.com/ajax/libs/animate.css/3.7.2/animate.min.css
200 OK 3.5 kB URL GET HTTP/2 cdnjs.cloudflare.com/ajax/libs/animate.css/3.7.2/animate.min.css
IP
Requested by https://sakitiwasan.blogspot.com/2022/01/butas-na-butas-na-kamay.html
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File type ASCII text, with very long lines (57919)
Hash bc1a6a99c43f5ccc97d2d350bde13f74
29a6f54569c193ffd6116f03be3eb42359c60eb7
3c770e90f98eb21b0c042fafb49755af93306fbaf42e449524f94fae9fc83295
GET /ajax/libs/animate.css/3.7.2/animate.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sakitiwasan.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 01 Oct 2023 10:02:47 GMT
content-type: text/css; charset=utf-8
content-length: 3513
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "6494263c-db9"
last-modified: Thu, 22 Jun 2023 10:45:16 GMT
cf-cdnjs-via: cfworker/r2
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 5764511
expires: Fri, 20 Sep 2024 10:02:47 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ak7gAGg5tWokZemjCZ1rEqVULWieXo21pGsU8GFQfr5I24t6XTkAY4iwoAOtQrzXNGXE09EgkipzjIsLzICXym1uQg8pLU%2Bh9hL7CWKAvyyHxsA8ImSlUKUradKQnLD%2FfnuvmUqS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 80f3df40cfc3b4fd-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
sakitiwasan.blogspot.com/js/cookienotice.js
200 OK 2.0 kB URL GET HTTP/3 sakitiwasan.blogspot.com/js/cookienotice.js
IP
Requested by https://sakitiwasan.blogspot.com/2022/01/butas-na-butas-na-kamay.html
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
Hash a705132a2174f88e196ec3610d68faa8
3bad57a48d973a678fec600d45933010f6edc659
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
GET /js/cookienotice.js HTTP/1.1
Host: sakitiwasan.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sakitiwasan.blogspot.com/2022/01/butas-na-butas-na-kamay.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 2026
date: Sun, 01 Oct 2023 10:02:47 GMT
expires: Sun, 08 Oct 2023 10:02:47 GMT
cache-control: public, max-age=604800
last-modified: Sat, 30 Sep 2023 15:51:28 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
tracking-protection.cdn.mozilla.net/analytics-track-digest256/111.0/1683905755
10 kB URL tracking-protection.cdn.mozilla.net/analytics-track-digest256/111.0/1683905755
IP
Hash 27ca7a562ad626165a25126b5975bc58
de8e9d89b673f3e1375e2a70f3c9d696726dfbe4
405d79f4b44125a2147ac70652ea7e7a544c1a5b34b376f683ea3e90445e7e42
GET /analytics-track-digest256/111.0/1683905755 HTTP/1.1
Host: tracking-protection.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: close
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: none
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
x-amz-id-2: iT2DaFRrRxbsTHuJoGHJ/oHogEWHfCxMUEONwmnTdMR7i0lSSXikvSEAG5XjK2HOcbFJLicgokc=
x-amz-request-id: R600E4W4N3RF3XTT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
content-length: 10262
via: 1.1 google
date: Sat, 30 Sep 2023 18:19:09 GMT
age: 56618
last-modified: Fri, 12 May 2023 15:46:41 GMT
etag: "27ca7a562ad626165a25126b5975bc58"
content-type: application/octet-stream
cache-control: public,max-age=86400
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
471 B IP
Hash d1f3de1a2fa80b3fa43fb780285ee3ca
aa7cbb9506d21822e795685764c2ede8115a677e
9e191a17c0492873293d013bca8257e2844f3e078e7002e634fbd89aff2a45b5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 01 Oct 2023 10:02:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.jsdelivr.net/npm/popper.js@1.16.0/dist/umd/popper.min.js
200 OK 7.8 kB URL GET HTTP/2 cdn.jsdelivr.net/npm/popper.js@1.16.0/dist/umd/popper.min.js
IP
Requested by https://sakitiwasan.blogspot.com/2022/01/butas-na-butas-na-kamay.html
Certificate IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09
ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT
File type ASCII text, with very long lines (21084)
Hash 84415b7368fd6fc764cbe86039ce0626
62f238e73348c77eb9e865426a7d1b7de23cbb2d
c776195ad46333c6c9a9fe3c74502ffea9a02faf122388ea3567922cc65a3060
GET /npm/popper.js@1.16.0/dist/umd/popper.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sakitiwasan.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 1.16.0
x-jsd-version-type: version
etag: W/"5309-YvI45zNIx3656GVCan0bfeI8uy0"
content-encoding: br
accept-ranges: bytes
date: Sun, 01 Oct 2023 10:02:47 GMT
age: 10691460
x-served-by: cache-fra-eddf8230104-FRA, cache-bma1633-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7835
X-Firefox-Spdy: h2
juraganelite.github.io/iklan300/tigaratus.js
200 OK 255 B URL GET HTTP/2 juraganelite.github.io/iklan300/tigaratus.js
IP
Requested by https://sakitiwasan.blogspot.com/2022/01/butas-na-butas-na-kamay.html
Certificate IssuerDigiCert Inc
Subject*.github.io
FingerprintA1:46:14:C7:2A:1D:52:79:F6:AA:2B:B2:C5:0A:3B:D3:F5:02:06:75
ValidityTue, 21 Feb 2023 00:00:00 GMT - Wed, 20 Mar 2024 23:59:59 GMT
File type ASCII text, with CRLF line terminators
Hash 9f4eb0d23ebaa65b079d48303ad4b131
d01180a56a0e516f92794611575a75f770f14a14
ca13381d08433a5ffa6371fb6205de35fe25221cb916498acb9a0bf743ca2d54
GET /iklan300/tigaratus.js HTTP/1.1
Host: juraganelite.github.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sakitiwasan.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: GitHub.com
content-type: application/javascript; charset=utf-8
permissions-policy: interest-cohort=()
last-modified: Mon, 03 Apr 2023 17:59:09 GMT
access-control-allow-origin: *
strict-transport-security: max-age=31556952
etag: W/"642b13ed-15e"
expires: Sun, 01 Oct 2023 05:37:20 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: 1304:1842:11EFD6C:1278C67:65190337
accept-ranges: bytes
date: Sun, 01 Oct 2023 10:02:47 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1664-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1696154568.834756,VS0,VE123
vary: Accept-Encoding
x-fastly-request-id: 1414063af8f53fa3744da6516204674ceae1e521
content-length: 255
X-Firefox-Spdy: h2
juraganelite.github.io/iklan729/iklanya.js
200 OK 250 B URL GET HTTP/2 juraganelite.github.io/iklan729/iklanya.js
IP
Requested by https://sakitiwasan.blogspot.com/2022/01/butas-na-butas-na-kamay.html
Certificate IssuerDigiCert Inc
Subject*.github.io
FingerprintA1:46:14:C7:2A:1D:52:79:F6:AA:2B:B2:C5:0A:3B:D3:F5:02:06:75
ValidityTue, 21 Feb 2023 00:00:00 GMT - Wed, 20 Mar 2024 23:59:59 GMT
Hash 6de1b0a259d64af641e72e8cce158f08
e7cfd976b3ba5135614fd6ddebffd212d17f7e33
0b403b045645f4f8261348b7e594df09326d16550322a658da422478e296e0b9
GET /iklan729/iklanya.js HTTP/1.1
Host: juraganelite.github.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sakitiwasan.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: GitHub.com
content-type: application/javascript; charset=utf-8
permissions-policy: interest-cohort=()
last-modified: Mon, 03 Apr 2023 17:59:30 GMT
access-control-allow-origin: *
strict-transport-security: max-age=31556952
etag: W/"642b1402-155"
expires: Sun, 01 Oct 2023 02:35:28 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: 81C8:7C1A:291E051:2A4A980:6518D898
accept-ranges: bytes
date: Sun, 01 Oct 2023 10:02:47 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1664-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1696154568.853628,VS0,VE119
vary: Accept-Encoding
x-fastly-request-id: e34585ae058f66469792c9ab4db22701abde1411
content-length: 250
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
471 B IP
Hash 123095bae7268b74b553f63ef5e3b72c
ed123b21b8e0ca54b4ca9acdbe228e778ac83458
cae9ce077ef80f20ae834e215c22e987c9998563d8a6c7b68de00c211ae23782
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 01 Oct 2023 10:02:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js
200 OK 31 kB URL GET HTTP/2 ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js
IP
Requested by https://sakitiwasan.blogspot.com/2022/01/butas-na-butas-na-kamay.html
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintBE:40:3A:A6:DE:CC:A7:8B:75:43:68:F2:F9:56:63:71:49:61:06:49
ValidityMon, 04 Sep 2023 08:23:18 GMT - Mon, 27 Nov 2023 08:23:17 GMT
File type ASCII text, with very long lines (65451)
Hash 220afd743d9e9643852e31a135a9f3ae
88523924351bac0b5d560fe0c5781e2556e7693d
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
GET /ajax/libs/jquery/3.4.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sakitiwasan.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30774
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 29 Sep 2023 06:02:39 GMT
expires: Sat, 28 Sep 2024 06:02:39 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 187209
last-modified: Mon, 13 May 2019 14:37:17 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
471 B IP
Hash 123095bae7268b74b553f63ef5e3b72c
ed123b21b8e0ca54b4ca9acdbe228e778ac83458
cae9ce077ef80f20ae834e215c22e987c9998563d8a6c7b68de00c211ae23782
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 01 Oct 2023 10:02:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
471 B IP
Hash d1f3de1a2fa80b3fa43fb780285ee3ca
aa7cbb9506d21822e795685764c2ede8115a677e
9e191a17c0492873293d013bca8257e2844f3e078e7002e634fbd89aff2a45b5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 01 Oct 2023 10:02:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.blogger.com/static/v1/jsbin/4235886812-comment_from_post_iframe.js
200 OK 6.8 kB URL GET HTTP/2 www.blogger.com/static/v1/jsbin/4235886812-comment_from_post_iframe.js
IP
Requested by https://sakitiwasan.blogspot.com/2022/01/butas-na-butas-na-kamay.html
Certificate IssuerGoogle Trust Services LLC
Subject*.blogger.com
FingerprintCB:2E:4E:04:8F:48:B1:A1:1A:F4:F6:E1:8A:18:2F:F9:B5:A6:DD:60
ValidityMon, 04 Sep 2023 08:16:44 GMT - Mon, 27 Nov 2023 08:16:43 GMT
File type ASCII text, with very long lines (2165)
Hash 49aad9405434d8887646881ecda8cf64
59bfe11a22024072043b6fc2562ce01b3d4b7344
d86e5bbbff2909f2cefcd5edbbb5b224660e76913e3872dc029758206955a8c6
GET /static/v1/jsbin/4235886812-comment_from_post_iframe.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sakitiwasan.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 6760
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 01 Oct 2023 09:41:49 GMT
expires: Mon, 30 Sep 2024 09:41:49 GMT
cache-control: public, max-age=31536000
last-modified: Sat, 30 Sep 2023 15:51:28 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 1259
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.blogger.com/static/v1/widgets/591462033-widgets.js
200 OK 58 kB URL GET HTTP/2 www.blogger.com/static/v1/widgets/591462033-widgets.js
IP
Requested by https://sakitiwasan.blogspot.com/2022/01/butas-na-butas-na-kamay.html
Certificate IssuerGoogle Trust Services LLC
Subject*.blogger.com
FingerprintCB:2E:4E:04:8F:48:B1:A1:1A:F4:F6:E1:8A:18:2F:F9:B5:A6:DD:60
ValidityMon, 04 Sep 2023 08:16:44 GMT - Mon, 27 Nov 2023 08:16:43 GMT
File type ASCII text, with very long lines (2215)
Hash 4d1b106bf3a0e3b19271b2d2c6d58e1f
5ee4515f2f159d2dd7b97af21ebfe9de785a0ac9
8938e987d959c3738c63f512a238ab34c83a962166bab455877a68d091db3f0f
GET /static/v1/widgets/591462033-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sakitiwasan.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 57938
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 01 Oct 2023 09:59:48 GMT
expires: Mon, 30 Sep 2024 09:59:48 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 27 Sep 2023 20:54:05 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 180
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
471 B IP
Hash d1f3de1a2fa80b3fa43fb780285ee3ca
aa7cbb9506d21822e795685764c2ede8115a677e
9e191a17c0492873293d013bca8257e2844f3e078e7002e634fbd89aff2a45b5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 01 Oct 2023 10:02:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tracking-protection.cdn.mozilla.net/base-cryptomining-track-digest256/111.0/1683905755
2.3 kB URL tracking-protection.cdn.mozilla.net/base-cryptomining-track-digest256/111.0/1683905755
IP
Hash 7938ce04b9288ce2553c06df7544718e
0f6bcdb2770858cfc9018dd76d3ac16386afd3e0
efedbe30e6f1ac7617b022b31ccd2920f0d518e9a7f8818447e117fbc7cd30ee
GET /base-cryptomining-track-digest256/111.0/1683905755 HTTP/1.1
Host: tracking-protection.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: close
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: none
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
x-amz-id-2: dHERMlbK09jMQ18i7BxJUJIxg5T//V3xBvc1wCBCDz7JN2QkgOj/F8b+xR4Syooj5HzdT/XoBU8=
x-amz-request-id: 479TWFJ757GJDC90
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
content-length: 2293
via: 1.1 google
date: Sat, 30 Sep 2023 16:00:49 GMT
age: 64919
last-modified: Fri, 12 May 2023 15:46:54 GMT
etag: "7938ce04b9288ce2553c06df7544718e"
content-type: application/octet-stream
cache-control: public,max-age=86400
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
471 B IP
Hash 123095bae7268b74b553f63ef5e3b72c
ed123b21b8e0ca54b4ca9acdbe228e778ac83458
cae9ce077ef80f20ae834e215c22e987c9998563d8a6c7b68de00c211ae23782
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 01 Oct 2023 10:02:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tracking-protection.cdn.mozilla.net/base-email-track-digest256/111.0/1683905755
7.0 kB URL tracking-protection.cdn.mozilla.net/base-email-track-digest256/111.0/1683905755
IP
Hash 02560eef6a3e694713d21ba526dbf2d2
c300dbaeeb367bd302eaf2941a97cdd54c84bde9
6796e1d3ffc1d5316c498c022fd22be9e15842a3b3166f664d14042b614e491c
GET /base-email-track-digest256/111.0/1683905755 HTTP/1.1
Host: tracking-protection.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: close
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: none
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
x-amz-id-2: ov6MOFaTpbjn8VMpZKp7/5as5RjHa7+d6wQlrQnmK4gEfXRvnoJQ/XNF4egvtF31Azjms+WqFLY=
x-amz-request-id: H3A3JQY51PXNHJ5V
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
content-length: 6965
via: 1.1 google
date: Sat, 30 Sep 2023 18:17:55 GMT
age: 56693
last-modified: Fri, 12 May 2023 15:46:56 GMT
etag: "02560eef6a3e694713d21ba526dbf2d2"
content-type: application/octet-stream
cache-control: public,max-age=86400
alt-svc: clear
X-Firefox-Spdy: h2
www.blogger.com/dyn-css/authorization.css?targetBlogID=2271042777992815774&zx=1fdfab69-490e-496f-8325-d9d5a6de9576
200 OK 21 B URL GET HTTP/2 www.blogger.com/dyn-css/authorization.css?targetBlogID=2271042777992815774&zx=1fdfab69-490e-496f-8325-d9d5a6de9576
IP
Requested by https://sakitiwasan.blogspot.com/2022/01/butas-na-butas-na-kamay.html
Certificate IssuerGoogle Trust Services LLC
Subject*.blogger.com
FingerprintCB:2E:4E:04:8F:48:B1:A1:1A:F4:F6:E1:8A:18:2F:F9:B5:A6:DD:60
ValidityMon, 04 Sep 2023 08:16:44 GMT - Mon, 27 Nov 2023 08:16:43 GMT
File type very short file (no magic)
Hash 68b329da9893e34099c7d8ad5cb9c940
adc83b19e793491b1c6ea0fd8b46cd9f32e592fc
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
GET /dyn-css/authorization.css?targetBlogID=2271042777992815774&zx=1fdfab69-490e-496f-8325-d9d5a6de9576 HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sakitiwasan.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 01 Oct 2023 10:02:48 GMT
last-modified: Sun, 01 Oct 2023 10:02:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-length: 21
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
471 B IP
Hash 3c85c63522b8d9311fd17b60cc3f0245
05c4621bf02336bf463bc9247c63e2cf7ea7afca
3c7cbe3679e411d320ca86d457cfc507d2f4b8e127d8d2748b9758fd79b0c7b4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 01 Oct 2023 10:02:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
200 OK 77 kB URL GET HTTP/3 maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
IP
Requested by https://sakitiwasan.blogspot.com/2022/01/butas-na-butas-na-kamay.html
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint5B:F7:8F:50:AD:E5:5B:5E:8C:4A:39:3D:0C:98:E8:8C:18:4B:3D:8A
ValidityFri, 30 Dec 2022 00:00:00 GMT - Sat, 30 Dec 2023 23:59:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
GET /font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://sakitiwasan.blogspot.com
DNT: 1
Connection: keep-alive
Referer: https://maxcdn.bootstrapcdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 01 Oct 2023 10:02:48 GMT
content-type: font/woff2
content-length: 77160
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: "af7ae505a9eed503f8b8e6982036873e"
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 06/15/2023 15:40:53
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 752
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: bd76a99dac9336b547a88f5366f7bcec
cdn-cache: HIT
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 80f3df45fe6bb500-OSL
alt-svc: h3=":443"; ma=86400
fonts.gstatic.com/s/nunito/v26/XRXV3I6Li01BKofINeaB.woff2
200 OK 39 kB URL GET HTTP/3 fonts.gstatic.com/s/nunito/v26/XRXV3I6Li01BKofINeaB.woff2
IP
Requested by https://sakitiwasan.blogspot.com/2022/01/butas-na-butas-na-kamay.html
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint3D:35:56:30:C0:0F:0C:7F:20:BA:7D:A8:48:DB:24:1B:15:F5:48:27
ValidityMon, 04 Sep 2023 08:23:09 GMT - Mon, 27 Nov 2023 08:23:08 GMT
File type Web Open Font Format (Version 2), TrueType, length 39124, version 1.0\012- data
Hash 86b73ab5f530be7984b704414f2a711d
8e297794ed7b6f5ea476d14b5270df12e8f3e42a
1a48b70f97555c13f84b8f088a417f9179d99b5101250819350acaf6e91bb92f
GET /s/nunito/v26/XRXV3I6Li01BKofINeaB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://sakitiwasan.blogspot.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 39124
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 27 Sep 2023 03:40:41 GMT
expires: Thu, 26 Sep 2024 03:40:41 GMT
cache-control: public, max-age=31536000
age: 368527
last-modified: Thu, 14 Sep 2023 00:02:20 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
tracking-protection.cdn.mozilla.net/base-fingerprinting-track-digest256/111.0/1683905755
3.6 kB URL tracking-protection.cdn.mozilla.net/base-fingerprinting-track-digest256/111.0/1683905755
IP
Hash 84a28e1e64a4aca618879e590fb29c47
ddea829bfd334fe48e25374f36119c6ce19bdfeb
e87ee13b3afbcefcfd7f87bdd26b12aa18b79437ebd4a3cf689f78aefa0a7d1e
GET /base-fingerprinting-track-digest256/111.0/1683905755 HTTP/1.1
Host: tracking-protection.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: close
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: none
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
x-amz-id-2: kt8GLTTln4HAPhpTNjc82io82DvI10xD1BbZevkZ7R7CaEOkEFRWIYikd1BxunaaEzSsp6ZyDPk=
x-amz-request-id: P1X45EWJTBX8BBN7
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
content-length: 3637
via: 1.1 google
date: Sat, 30 Sep 2023 11:39:32 GMT
age: 80596
last-modified: Fri, 12 May 2023 15:46:52 GMT
etag: "84a28e1e64a4aca618879e590fb29c47"
content-type: application/octet-stream
cache-control: public,max-age=86400
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
471 B IP
Hash 3c85c63522b8d9311fd17b60cc3f0245
05c4621bf02336bf463bc9247c63e2cf7ea7afca
3c7cbe3679e411d320ca86d457cfc507d2f4b8e127d8d2748b9758fd79b0c7b4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 01 Oct 2023 10:02:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tracking-protection.cdn.mozilla.net/content-email-track-digest256/111.0/1683905755
8.9 kB URL tracking-protection.cdn.mozilla.net/content-email-track-digest256/111.0/1683905755
IP
Hash b9c2809ffc057abb94df0750c8cb57dd
e8ab5e486a0b53147eb8d66ca4585a06c5bbd210
b9816319448d2ccb8ef6a6e2aaefe13a9fa96335bdc1fd57c281dfe7ff95ede9
GET /content-email-track-digest256/111.0/1683905755 HTTP/1.1
Host: tracking-protection.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: close
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: none
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
x-amz-id-2: VlSTx0ygJqKuyhvq7/YOGwbTQ4aSXMEqD+z99BqzRe74gZCFaYs1Yvtufv627wBkc5Dyowp409c=
x-amz-request-id: XTF22Z713HE5JQ72
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
content-length: 8853
via: 1.1 google
date: Sat, 30 Sep 2023 22:31:57 GMT
age: 41451
last-modified: Fri, 12 May 2023 15:46:57 GMT
etag: "b9c2809ffc057abb94df0750c8cb57dd"
content-type: application/octet-stream
cache-control: public,max-age=86400
alt-svc: clear
X-Firefox-Spdy: h2
tracking-protection.cdn.mozilla.net/content-track-digest256/111.0/1683905755
15 kB URL tracking-protection.cdn.mozilla.net/content-track-digest256/111.0/1683905755
IP
Hash d78d9f71f82fcce3a0d9079ec988ed05
13f8a07b0437728b11cefeda36b6211262d3af16
7449b095579811871ecad49889db2ae188486b18ab96f903a20941e34cfef7ee
GET /content-track-digest256/111.0/1683905755 HTTP/1.1
Host: tracking-protection.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: close
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: none
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
x-amz-id-2: 9X59I0K7WTvreIwKvujiB+xILjX7kqeKp4QqRC+mLeTVGEQ6+JXqU+ZAghNE8x8sd76L6YPVq4f3JQno8ZAbidjaubIhpWowP+30QX3iykg=
x-amz-request-id: ATKB2GQTH2XQX2XV
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
content-length: 15382
via: 1.1 google
date: Sat, 30 Sep 2023 16:22:21 GMT
age: 63628
last-modified: Fri, 12 May 2023 15:46:39 GMT
etag: "d78d9f71f82fcce3a0d9079ec988ed05"
content-type: application/octet-stream
cache-control: public,max-age=86400
alt-svc: clear
X-Firefox-Spdy: h2
tracking-protection.cdn.mozilla.net/google-trackwhite-digest256/111.0/1683905755
1.5 MB URL tracking-protection.cdn.mozilla.net/google-trackwhite-digest256/111.0/1683905755
IP
Size 1.5 MB (1470328 bytes)
Hash 2146c997750a1c7e55eb69a5a1a5e5b4
69ba29aca5c6a4bea1365e895b3c5b31df31220a
507d674f59748ff86ff629a2eb98b3cd343aec0a21e58089793341dc96361188
GET /google-trackwhite-digest256/111.0/1683905755 HTTP/1.1
Host: tracking-protection.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: close
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: none
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
x-amz-id-2: 5iJcvj0L+ddfqbajNuEcHCcju+ilgW1ScHe0QVsz3WnY7swxsnRwnWx20R9/JSqTKePcBq50Yo8=
x-amz-request-id: NY6T992MWBPBKH0F
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
via: 1.1 google
date: Sun, 01 Oct 2023 00:22:48 GMT
age: 34801
last-modified: Fri, 12 May 2023 15:46:50 GMT
etag: "2146c997750a1c7e55eb69a5a1a5e5b4"
content-type: application/octet-stream
content-length: 1470328
cache-control: public,max-age=86400
alt-svc: clear
X-Firefox-Spdy: h2
tracking-protection.cdn.mozilla.net/mozstd-trackwhite-digest256/111.0/1684443982
345 kB URL tracking-protection.cdn.mozilla.net/mozstd-trackwhite-digest256/111.0/1684443982
IP
Size 345 kB (344663 bytes)
Hash aacf54fd5b2994c73b3e4e5e13f4b5a2
10494f54553c768432a556492e655aa774456927
bee12d3c1d013147f78ee8ce7d9fa5e83679cc650763c6f4f49a10ff2d4537e5
GET /mozstd-trackwhite-digest256/111.0/1684443982 HTTP/1.1
Host: tracking-protection.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: close
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: none
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
x-amz-id-2: K3cf2n34984IKw2n6gpdi7Cvwm1MXA5XbsYp1uPK8yIFVLYtdHQu93HsfUXwlUl4e3A+OZxqvM9ganXVnxvywc60V/x/Xl4E
x-amz-request-id: KMWD9S3NVJBPZCKC
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
content-length: 344663
via: 1.1 google
date: Sat, 30 Sep 2023 11:30:30 GMT
age: 81139
last-modified: Thu, 18 May 2023 21:16:46 GMT
etag: "aacf54fd5b2994c73b3e4e5e13f4b5a2"
content-type: application/octet-stream
cache-control: public,max-age=86400
alt-svc: clear
X-Firefox-Spdy: h2
tracking-protection.cdn.mozilla.net/social-track-digest256/111.0/1683905755
2.2 kB URL tracking-protection.cdn.mozilla.net/social-track-digest256/111.0/1683905755
IP
Hash f901679cf935d4b6067610a7287d0b99
fffa5389bec50a175f18deaf8933401edc4bd262
d553a4537f796d580ea8f696062c19540f1d332e2b478942f6ddea3952c6df4c
GET /social-track-digest256/111.0/1683905755 HTTP/1.1
Host: tracking-protection.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: close
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: none
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
x-amz-id-2: npYwfYztkKHLc8nw6OGBjcN1RN4KSqlwRQTswUuEsUB9gNuEcMdu09ASelNB4NHv2XYli1GEavM=
x-amz-request-id: 0X1331S7F0WZS6C9
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
content-length: 2197
via: 1.1 google
date: Sun, 01 Oct 2023 06:10:23 GMT
age: 13946
last-modified: Fri, 12 May 2023 15:46:42 GMT
etag: "f901679cf935d4b6067610a7287d0b99"
content-type: application/octet-stream
cache-control: public,max-age=86400
alt-svc: clear
X-Firefox-Spdy: h2
stackpath.bootstrapcdn.com/bootstrap/4.4.1/js/bootstrap.min.js
200 OK 27 kB URL GET HTTP/2 stackpath.bootstrapcdn.com/bootstrap/4.4.1/js/bootstrap.min.js
IP
Requested by https://sakitiwasan.blogspot.com/2022/01/butas-na-butas-na-kamay.html
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint5B:F7:8F:50:AD:E5:5B:5E:8C:4A:39:3D:0C:98:E8:8C:18:4B:3D:8A
ValidityFri, 30 Dec 2022 00:00:00 GMT - Sat, 30 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (59729)
Hash 61f338f870fcd0ff46362ef109d28533
b3c116c65e6f053aaab45e5619a78ec00271a50f
5aa53525abc5c5200c70b3f6588388f86076cd699284c23cda64e92c372a1548
GET /bootstrap/4.4.1/js/bootstrap.min.js HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sakitiwasan.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 01 Oct 2023 10:02:47 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
cdn-edgestorageid: 601, 617, 617
last-modified: Mon, 25 Jan 2021 22:04:09 GMT
cdn-cachedat: 2021-08-02 20:41:18
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cache-control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
cdn-requestid: fb30ac8ee0a783b135d5ac14a4ec479a
cdn-status: 200
cdn-cache: HIT
cf-cache-status: HIT
age: 2661393
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 80f3df40ef5cb521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
tracking-protection.cdn.mozilla.net/social-tracking-protection-facebook-digest256/111.0/1683905755
468 B URL tracking-protection.cdn.mozilla.net/social-tracking-protection-facebook-digest256/111.0/1683905755
IP
Hash 092bf11bed810e853f65d296f1e8b9e3
fed3b3a85aaf2bf1790fb115201b0dfdefe3982c
8c89c977f2c3f91b1050c645843453edc3d5bfcbe5e4af4b945b385f1b60046f
GET /social-tracking-protection-facebook-digest256/111.0/1683905755 HTTP/1.1
Host: tracking-protection.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: close
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: none
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
x-amz-id-2: aEkEFS3E4vO2KtIgAqvvkcigLpJ7yw3Dqn4+bGI3JmtPuuyyNJDlcBhmgChQL8iQNomFBkrpAfw=
x-amz-request-id: 04VPQ4TY1DSZ2WM2
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
content-length: 468
via: 1.1 google
date: Sat, 30 Sep 2023 16:21:44 GMT
age: 63665
last-modified: Fri, 12 May 2023 15:46:44 GMT
etag: "092bf11bed810e853f65d296f1e8b9e3"
content-type: application/octet-stream
cache-control: public,max-age=86400
alt-svc: clear
X-Firefox-Spdy: h2
tracking-protection.cdn.mozilla.net/social-tracking-protection-linkedin-digest256/111.0/1683905755
148 B URL tracking-protection.cdn.mozilla.net/social-tracking-protection-linkedin-digest256/111.0/1683905755
IP
Hash 90a72e82e4192224c509d557fd1d0d0c
19fe3346057c74364b7a2a2c1de0011a19c153d8
1024a91771abf18dd0a4de9dcc166ba7f9d224c803b6a5854f3f2db8d9a3c4a2
GET /social-tracking-protection-linkedin-digest256/111.0/1683905755 HTTP/1.1
Host: tracking-protection.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: close
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: none
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
x-amz-id-2: 53WIr69778yEukEyMUSfDFuZGVQp5pNq1W47D7YWtJMLZqmEO8iz6jfMVnTG/ZsplNeogw7QRZM3nX4OoS+/kbYnqAEsenexeyX2n9Koe8s=
x-amz-request-id: TKFPSGFWKET4EY0Q
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
content-length: 148
via: 1.1 google
date: Sat, 30 Sep 2023 21:42:35 GMT
age: 44414
last-modified: Fri, 12 May 2023 15:46:46 GMT
etag: "90a72e82e4192224c509d557fd1d0d0c"
content-type: application/octet-stream
cache-control: public,max-age=86400
alt-svc: clear
X-Firefox-Spdy: h2
tracking-protection.cdn.mozilla.net/social-tracking-protection-twitter-digest256/111.0/1683905755
244 B URL tracking-protection.cdn.mozilla.net/social-tracking-protection-twitter-digest256/111.0/1683905755
IP
Hash 44186218fd668b3ffe6d95bc9c2acf06
e5b11bad035d82c42f2783024bb40fb2fa00d7e6
6d7715ed174a8438063ca39237b2e0c7e204dd68d0396866bc898a7e7aa70372
GET /social-tracking-protection-twitter-digest256/111.0/1683905755 HTTP/1.1
Host: tracking-protection.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: close
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: none
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
x-amz-id-2: MQoCFQiAdDli51+47tWGe9DzPSIn6eIYu2L6Ug7OjNi+vitAIOmv3iDzlUXL/6h8aJtpMxXHU9N1Vks79fEm0aimp4OfmbJJPh6q5oJHkF4=
x-amz-request-id: 3JHTF08VS33E35CA
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
content-length: 244
via: 1.1 google
date: Sat, 30 Sep 2023 15:42:30 GMT
age: 66019
last-modified: Fri, 12 May 2023 15:46:45 GMT
etag: "44186218fd668b3ffe6d95bc9c2acf06"
content-type: application/octet-stream
cache-control: public,max-age=86400
alt-svc: clear
X-Firefox-Spdy: h2
notionsshrivelcustomer.com/bade0b1ea33c24096f9f72959e267fb2/invoke.js
200 OK 11 kB URL GET HTTP/1.1 notionsshrivelcustomer.com/bade0b1ea33c24096f9f72959e267fb2/invoke.js
IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://sakitiwasan.blogspot.com/2022/01/butas-na-butas-na-kamay.html
Certificate IssuerLet's Encrypt
Subjectnotionsshrivelcustomer.com
Fingerprint7D:86:F6:B4:10:05:B3:28:6D:54:B4:6C:40:0F:E9:EB:7F:3F:EB:51
ValiditySat, 12 Aug 2023 06:39:13 GMT - Fri, 10 Nov 2023 06:39:12 GMT
File type exported SGML document, ASCII text, with very long lines (29682), with no line terminators
Hash 07188ab6c678cee92c6c0a8f618aed80
022b6989e3d5b5a83e47ca673281cacb2d5ffc32
7cb5de56dcb1b2b043a52896cf3b7835b7eda66ae0f4842fb9da802773e6c84a
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /bade0b1ea33c24096f9f72959e267fb2/invoke.js HTTP/1.1
Host: notionsshrivelcustomer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sakitiwasan.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 01 Oct 2023 10:02:49 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: bacc1402e3d9954d6734041261dc2cf8
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ocsp.r2m03.amazontrust.com/
471 B URL ocsp.r2m03.amazontrust.com/
IP
Hash 963e8d7fcec5bb927127d3b7a64c70e8
5dedc55629233d323c3f7e10f882990eef5febf4
8f83511267b7cb1c0702295d4a2610f65ed1a9e1f91a2d7995e210a787cd7cb2
POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Sun, 01 Oct 2023 10:02:49 GMT
Last-Modified: Sun, 01 Oct 2023 08:30:42 GMT
Server: ECAcc (ska/F757)
X-Cache: Miss from cloudfront
Via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: yGGKj5Y9WixgeY-2t2QGL88M8ZVZTtMQThwv9b7B9vawcyR6hq9NfA==
Age: 5527
professionalswebcheck.com/stats
200 OK 40 B URL GET HTTP/2 professionalswebcheck.com/stats
IP
Requested by https://sakitiwasan.blogspot.com/2022/01/butas-na-butas-na-kamay.html
Certificate IssuerAmazon
Subjectprofessionalswebcheck.com
Fingerprint75:E9:08:FD:96:58:C7:98:43:E8:21:27:A8:E9:B9:A4:55:28:F2:0C
ValidityWed, 30 Aug 2023 00:00:00 GMT - Fri, 27 Sep 2024 23:59:59 GMT
File type ASCII text, with no line terminators
Hash f36dad5340e1948e1f2a26696007c37b
7ae1475bb8243f59b4886e939a320351a52fcbe3
c14e7011146e8db45aaf17417095c299aa9dcbecad653a22f92d787f35d22003
GET /stats HTTP/1.1
Host: professionalswebcheck.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sakitiwasan.blogspot.com
DNT: 1
Connection: keep-alive
Referer: https://sakitiwasan.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 01 Oct 2023 10:02:49 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://sakitiwasan.blogspot.com
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=591f5d8a-51d8-4ab4-a20d-fb9312ce363c:2:1; expires=Wed, 28 Sep 2033 10:02:49 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
professionalswebcheck.com/stats
200 OK 40 B URL GET HTTP/2 professionalswebcheck.com/stats
IP
Requested by https://sakitiwasan.blogspot.com/2022/01/butas-na-butas-na-kamay.html
Certificate IssuerAmazon
Subjectprofessionalswebcheck.com
Fingerprint75:E9:08:FD:96:58:C7:98:43:E8:21:27:A8:E9:B9:A4:55:28:F2:0C
ValidityWed, 30 Aug 2023 00:00:00 GMT - Fri, 27 Sep 2024 23:59:59 GMT
File type ASCII text, with no line terminators
Hash 6dc23efc061d48218eb1517bf7b9921e
fd99231166b2d4f035ea1e820ada02f77c82152a
b6c4bbea7a1a8dbd6f09e24ffafef0fd299b9549937d557f0183713689e17165
GET /stats HTTP/1.1
Host: professionalswebcheck.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sakitiwasan.blogspot.com
DNT: 1
Connection: keep-alive
Referer: https://sakitiwasan.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 01 Oct 2023 10:02:49 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://sakitiwasan.blogspot.com
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=3bad3acd-2bee-4e82-9b29-8c8046fde59d:1:1; expires=Wed, 28 Sep 2033 10:02:49 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.id.Wa9mas0DB2s.es5.O/am=AICmAxA/d=1/excm=_b,_tp,commentformiframeview/ed=1/dg=0/wt=2/ujg=1/rs=AEy-KP2_aF3JY3DFUV9RhXUvIQgWIkKFxQ/m=_b,_tp
200 OK 64 kB URL GET HTTP/3 www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.id.Wa9mas0DB2s.es5.O/am=AICmAxA/d=1/excm=_b,_tp,commentformiframeview/ed=1/dg=0/wt=2/ujg=1/rs=AEy-KP2_aF3JY3DFUV9RhXUvIQgWIkKFxQ/m=_b,_tp
IP
Requested by https://www.blogger.com/comment/frame/2271042777992815774?po=5915569345929479435&hl=id&skin=contempo&blogspotRpcToken=4868284
Certificate IssuerGoogle Trust Services LLC
Subject*.blogger.com
FingerprintCB:2E:4E:04:8F:48:B1:A1:1A:F4:F6:E1:8A:18:2F:F9:B5:A6:DD:60
ValidityMon, 04 Sep 2023 08:16:44 GMT - Mon, 27 Nov 2023 08:16:43 GMT
File type ASCII text, with very long lines (2507)
Hash 60d0104948c4c69fc94d88d70c96f89e
e6b2ad9c81ccc2e95f04b2bdf9c70466d5ce8805
faa7466a070e80a5ee5687d95d1f86d1e9e803536b7b5e6881b50a632c605fe4
GET /_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.id.Wa9mas0DB2s.es5.O/am=AICmAxA/d=1/excm=_b,_tp,commentformiframeview/ed=1/dg=0/wt=2/ujg=1/rs=AEy-KP2_aF3JY3DFUV9RhXUvIQgWIkKFxQ/m=_b,_tp HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/blogger-boq-js-css-signers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="boq-infra/blogger-boq-js-css-signers"
report-to: {"group":"boq-infra/blogger-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/blogger-boq-js-css-signers"}]}
content-length: 64010
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 29 Sep 2023 03:34:56 GMT
expires: Sat, 28 Sep 2024 03:34:56 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Thu, 28 Sep 2023 09:10:34 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 196073
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.blogger.com/comment/frame/2271042777992815774?po=5915569345929479435&hl=id&skin=contempo&blogspotRpcToken=4868284
200 OK 35 kB URL GET HTTP/3 www.blogger.com/comment/frame/2271042777992815774?po=5915569345929479435&hl=id&skin=contempo&blogspotRpcToken=4868284
IP
Requested by https://sakitiwasan.blogspot.com/2022/01/butas-na-butas-na-kamay.html
Certificate IssuerGoogle Trust Services LLC
Subject*.blogger.com
FingerprintCB:2E:4E:04:8F:48:B1:A1:1A:F4:F6:E1:8A:18:2F:F9:B5:A6:DD:60
ValidityMon, 04 Sep 2023 08:16:44 GMT - Mon, 27 Nov 2023 08:16:43 GMT
File type gzip compressed data, max compression\012- data
Hash 4b1eb3cd4c2b06dd4afb7ce38eb95962
b80c35f913b585b2be69bbf381b0f1c2c23a82c1
7886cd767b4b20359b136986fce5cdc2452eefcd791ff8499a1318aa0abb5af6
GET /comment/frame/2271042777992815774?po=5915569345929479435&hl=id&skin=contempo&blogspotRpcToken=4868284 HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sakitiwasan.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: text/html; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-ua-compatible: IE=edge
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 01 Oct 2023 10:02:49 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-site
content-security-policy: script-src 'nonce-Ru3R3oCb2hAlTjo4vVK6Gg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/BloggerCommentUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /_/BloggerCommentUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/BloggerCommentUi/cspreport
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
set-cookie: NID=511=UZmUWneUGNBdq2OxTQf_ybeBxnxIluyFdy0YI0zxAcXwViRLsX_feCiXxo0oeK7uQNlDzr70vlEJTNfm-7YHruQ18-onQq0FHjvKWIQMXE0bfJUSPUKgVdq1znAK5xqA9uCUClzgvFMmzkJKnT7MSh6mFs1xiodScnOOFcTA5DQ; expires=Mon, 01-Apr-2024 10:02:49 GMT; path=/; domain=.blogger.com; Secure; HttpOnly
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
fonts.gstatic.com/s/nunito/v26/XRXV3I6Li01BKofINeaB.woff2
200 OK 39 kB URL GET HTTP/3 fonts.gstatic.com/s/nunito/v26/XRXV3I6Li01BKofINeaB.woff2
IP
Requested by https://sakitiwasan.blogspot.com/2022/01/butas-na-butas-na-kamay.html
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint3D:35:56:30:C0:0F:0C:7F:20:BA:7D:A8:48:DB:24:1B:15:F5:48:27
ValidityMon, 04 Sep 2023 08:23:09 GMT - Mon, 27 Nov 2023 08:23:08 GMT
File type Web Open Font Format (Version 2), TrueType, length 39124, version 1.0\012- data
Hash 86b73ab5f530be7984b704414f2a711d
8e297794ed7b6f5ea476d14b5270df12e8f3e42a
1a48b70f97555c13f84b8f088a417f9179d99b5101250819350acaf6e91bb92f
GET /s/nunito/v26/XRXV3I6Li01BKofINeaB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://sakitiwasan.blogspot.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 39124
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 27 Sep 2023 03:40:41 GMT
expires: Thu, 26 Sep 2024 03:40:41 GMT
cache-control: public, max-age=31536000
age: 368529
last-modified: Thu, 14 Sep 2023 00:02:20 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
200 OK 16 kB URL GET HTTP/3 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
Requested by https://sakitiwasan.blogspot.com/2022/01/butas-na-butas-na-kamay.html
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint3D:35:56:30:C0:0F:0C:7F:20:BA:7D:A8:48:DB:24:1B:15:F5:48:27
ValidityMon, 04 Sep 2023 08:23:09 GMT - Mon, 27 Nov 2023 08:23:08 GMT
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://sakitiwasan.blogspot.com
DNT: 1
Connection: keep-alive
Referer: https://sakitiwasan.blogspot.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 30 Sep 2023 16:00:01 GMT
expires: Sun, 29 Sep 2024 16:00:01 GMT
cache-control: public, max-age=31536000
age: 64969
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
suchbasementdarn.com/14/62/21/14622158e4e4a6ad1157b2b52a568a65.js
200 OK 29 kB URL GET HTTP/1.1 suchbasementdarn.com/14/62/21/14622158e4e4a6ad1157b2b52a568a65.js
IP
Requested by https://sakitiwasan.blogspot.com/2022/01/butas-na-butas-na-kamay.html
Certificate IssuerLet's Encrypt
Subjectsuchbasementdarn.com
FingerprintFC:AA:8C:EE:CC:84:05:5C:69:89:20:38:2F:DD:BF:62:29:71:E1:88
ValidityWed, 27 Sep 2023 00:33:16 GMT - Tue, 26 Dec 2023 00:33:15 GMT
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (65536), with no line terminators
Hash 40ee7e45a627fa8dea846e14f0daa629
bb600d2fc167e1a96e4edbd859d7cdfd60b74894
1e9e8e0df9f71c34938925123e3ef4adae8959159c0899cb1f36d702118bfec7
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /14/62/21/14622158e4e4a6ad1157b2b52a568a65.js HTTP/1.1
Host: suchbasementdarn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sakitiwasan.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 01 Oct 2023 10:02:49 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 7fae043477f5432a12d5ae4ecc335ce3
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.id.Wa9mas0DB2s.es5.O/ck=boq-blogger.BloggerCommentUi.ruK-BFYYDeI.L.F4.O/am=AICmAxA/d=1/exm=_b,_tp/excm=_b,_tp,commentformiframeview/ed=1/wt=2/ujg=1/rs=AEy-KP1UYS7mORq5d2nFmUngXZ4E-uZu5w/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=ws9Tlc,n73qwf,GkRiKb,e5qFLc,IZT63,vfuNJf,UUJqVe,O1Gjze,byfTOb,lsjVmc,xUdipf,OTA3Ae,COQbmf,fKUV3e,aurFic,U0aPgd,ZwDk9d,V3dDOb,mI3LFb,WO9ee,eD1YLc,gZjhIf,O6y8ed,PrPYRd,MpJwZc,LEikZe,NwH0H,OmgaI,lazG7b,XVMNvd,L1AAkb,KUM7Z,Mlhmy,hc6Ubd,lwddkf,gychg,w9hDv,EEDORb,RMhBfe,SdcwHb,aW3pY,SpsfSb,EFQ78c,Ulmmrd,ZfAoz,mdR7q,wmnU7d,xQtZb,Z5uLle,JNoxi,kWgXee,MI6k7c,kjKdXe,BVgquf,ovKuLd,hKSk3e,MdUzUe,yDVVkb,zbML3c,KG2eXe,zr1jrb,VwDzFe,Uas9Hd,A7fCU,pjICDe
200 OK 101 kB URL GET HTTP/3 www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.id.Wa9mas0DB2s.es5.O/ck=boq-blogger.BloggerCommentUi.ruK-BFYYDeI.L.F4.O/am=AICmAxA/d=1/exm=_b,_tp/excm=_b,_tp,commentformiframeview/ed=1/wt=2/ujg=1/rs=AEy-KP1UYS7mORq5d2nFmUngXZ4E-uZu5w/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=ws9Tlc,n73qwf,GkRiKb,e5qFLc,IZT63,vfuNJf,UUJqVe,O1Gjze,byfTOb,lsjVmc,xUdipf,OTA3Ae,COQbmf,fKUV3e,aurFic,U0aPgd,ZwDk9d,V3dDOb,mI3LFb,WO9ee,eD1YLc,gZjhIf,O6y8ed,PrPYRd,MpJwZc,LEikZe,NwH0H,OmgaI,lazG7b,XVMNvd,L1AAkb,KUM7Z,Mlhmy,hc6Ubd,lwddkf,gychg,w9hDv,EEDORb,RMhBfe,SdcwHb,aW3pY,SpsfSb,EFQ78c,Ulmmrd,ZfAoz,mdR7q,wmnU7d,xQtZb,Z5uLle,JNoxi,kWgXee,MI6k7c,kjKdXe,BVgquf,ovKuLd,hKSk3e,MdUzUe,yDVVkb,zbML3c,KG2eXe,zr1jrb,VwDzFe,Uas9Hd,A7fCU,pjICDe
IP
Requested by https://www.blogger.com/comment/frame/2271042777992815774?po=5915569345929479435&hl=id&skin=contempo&blogspotRpcToken=4868284
Certificate IssuerGoogle Trust Services LLC
Subject*.blogger.com
FingerprintCB:2E:4E:04:8F:48:B1:A1:1A:F4:F6:E1:8A:18:2F:F9:B5:A6:DD:60
ValidityMon, 04 Sep 2023 08:16:44 GMT - Mon, 27 Nov 2023 08:16:43 GMT
File type ASCII text, with very long lines (2219)
Size 101 kB (100663 bytes)
Hash 0555620b725046ddfa3c5bfe162c9793
2b7db2ab1a7a59c9888c975d10dfbe8c5812879e
83ea019b6f567d3ea8bf90c317529efb2293143c61539f622ca0eb8fb0e87e3b
GET /_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.id.Wa9mas0DB2s.es5.O/ck=boq-blogger.BloggerCommentUi.ruK-BFYYDeI.L.F4.O/am=AICmAxA/d=1/exm=_b,_tp/excm=_b,_tp,commentformiframeview/ed=1/wt=2/ujg=1/rs=AEy-KP1UYS7mORq5d2nFmUngXZ4E-uZu5w/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=ws9Tlc,n73qwf,GkRiKb,e5qFLc,IZT63,vfuNJf,UUJqVe,O1Gjze,byfTOb,lsjVmc,xUdipf,OTA3Ae,COQbmf,fKUV3e,aurFic,U0aPgd,ZwDk9d,V3dDOb,mI3LFb,WO9ee,eD1YLc,gZjhIf,O6y8ed,PrPYRd,MpJwZc,LEikZe,NwH0H,OmgaI,lazG7b,XVMNvd,L1AAkb,KUM7Z,Mlhmy,hc6Ubd,lwddkf,gychg,w9hDv,EEDORb,RMhBfe,SdcwHb,aW3pY,SpsfSb,EFQ78c,Ulmmrd,ZfAoz,mdR7q,wmnU7d,xQtZb,Z5uLle,JNoxi,kWgXee,MI6k7c,kjKdXe,BVgquf,ovKuLd,hKSk3e,MdUzUe,yDVVkb,zbML3c,KG2eXe,zr1jrb,VwDzFe,Uas9Hd,A7fCU,pjICDe HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/blogger-boq-js-css-signers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="boq-infra/blogger-boq-js-css-signers"
report-to: {"group":"boq-infra/blogger-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/blogger-boq-js-css-signers"}]}
content-length: 100663
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 29 Sep 2023 03:49:28 GMT
expires: Sat, 28 Sep 2024 03:49:28 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Thu, 28 Sep 2023 05:22:32 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 195202
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.id.Wa9mas0DB2s.es5.O/ck=boq-blogger.BloggerCommentUi.ruK-BFYYDeI.L.F4.O/am=AICmAxA/d=1/exm=A7fCU,BVgquf,COQbmf,EEDORb,EFQ78c,GkRiKb,IZT63,JNoxi,KG2eXe,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,Mlhmy,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,PrPYRd,RMhBfe,SdcwHb,SpsfSb,U0aPgd,UUJqVe,Uas9Hd,Ulmmrd,V3dDOb,VwDzFe,WO9ee,XVMNvd,Z5uLle,ZfAoz,ZwDk9d,_b,_tp,aW3pY,aurFic,byfTOb,e5qFLc,eD1YLc,fKUV3e,gZjhIf,gychg,hKSk3e,hc6Ubd,kWgXee,kjKdXe,lazG7b,lsjVmc,lwddkf,mI3LFb,mdR7q,n73qwf,ovKuLd,pjICDe,vfuNJf,w9hDv,wmnU7d,ws9Tlc,xQtZb,xUdipf,yDVVkb,zbML3c,zr1jrb/excm=_b,_tp,commentformiframeview/ed=1/wt=2/ujg=1/rs=AEy-KP1UYS7mORq5d2nFmUngXZ4E-uZu5w/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=VXdfxd,fgib1c,YwHGTd,pxq3x
200 OK 26 kB URL GET HTTP/3 www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.id.Wa9mas0DB2s.es5.O/ck=boq-blogger.BloggerCommentUi.ruK-BFYYDeI.L.F4.O/am=AICmAxA/d=1/exm=A7fCU,BVgquf,COQbmf,EEDORb,EFQ78c,GkRiKb,IZT63,JNoxi,KG2eXe,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,Mlhmy,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,PrPYRd,RMhBfe,SdcwHb,SpsfSb,U0aPgd,UUJqVe,Uas9Hd,Ulmmrd,V3dDOb,VwDzFe,WO9ee,XVMNvd,Z5uLle,ZfAoz,ZwDk9d,_b,_tp,aW3pY,aurFic,byfTOb,e5qFLc,eD1YLc,fKUV3e,gZjhIf,gychg,hKSk3e,hc6Ubd,kWgXee,kjKdXe,lazG7b,lsjVmc,lwddkf,mI3LFb,mdR7q,n73qwf,ovKuLd,pjICDe,vfuNJf,w9hDv,wmnU7d,ws9Tlc,xQtZb,xUdipf,yDVVkb,zbML3c,zr1jrb/excm=_b,_tp,commentformiframeview/ed=1/wt=2/ujg=1/rs=AEy-KP1UYS7mORq5d2nFmUngXZ4E-uZu5w/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=VXdfxd,fgib1c,YwHGTd,pxq3x
IP
Requested by https://www.blogger.com/comment/frame/2271042777992815774?po=5915569345929479435&hl=id&skin=contempo&blogspotRpcToken=4868284
Certificate IssuerGoogle Trust Services LLC
Subject*.blogger.com
FingerprintCB:2E:4E:04:8F:48:B1:A1:1A:F4:F6:E1:8A:18:2F:F9:B5:A6:DD:60
ValidityMon, 04 Sep 2023 08:16:44 GMT - Mon, 27 Nov 2023 08:16:43 GMT
File type ASCII text, with very long lines (1127)
Hash 8367df30e2db3d010b68c8ccac7d9a32
fb53129851b307d4552dfbe3f96c925fe0fe4e11
24d9091d44d42b771f28acf40f259e6b45f3737f079cfd6c67c70498085bbf73
GET /_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.id.Wa9mas0DB2s.es5.O/ck=boq-blogger.BloggerCommentUi.ruK-BFYYDeI.L.F4.O/am=AICmAxA/d=1/exm=A7fCU,BVgquf,COQbmf,EEDORb,EFQ78c,GkRiKb,IZT63,JNoxi,KG2eXe,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,Mlhmy,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,PrPYRd,RMhBfe,SdcwHb,SpsfSb,U0aPgd,UUJqVe,Uas9Hd,Ulmmrd,V3dDOb,VwDzFe,WO9ee,XVMNvd,Z5uLle,ZfAoz,ZwDk9d,_b,_tp,aW3pY,aurFic,byfTOb,e5qFLc,eD1YLc,fKUV3e,gZjhIf,gychg,hKSk3e,hc6Ubd,kWgXee,kjKdXe,lazG7b,lsjVmc,lwddkf,mI3LFb,mdR7q,n73qwf,ovKuLd,pjICDe,vfuNJf,w9hDv,wmnU7d,ws9Tlc,xQtZb,xUdipf,yDVVkb,zbML3c,zr1jrb/excm=_b,_tp,commentformiframeview/ed=1/wt=2/ujg=1/rs=AEy-KP1UYS7mORq5d2nFmUngXZ4E-uZu5w/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=VXdfxd,fgib1c,YwHGTd,pxq3x HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/blogger-boq-js-css-signers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="boq-infra/blogger-boq-js-css-signers"
report-to: {"group":"boq-infra/blogger-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/blogger-boq-js-css-signers"}]}
content-length: 26244
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 29 Sep 2023 03:49:28 GMT
expires: Sat, 28 Sep 2024 03:49:28 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Thu, 28 Sep 2023 05:22:32 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 195202
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
professionalswebcheck.com/stats
200 OK 40 B URL GET HTTP/2 professionalswebcheck.com/stats
IP
Requested by https://sakitiwasan.blogspot.com/2022/01/butas-na-butas-na-kamay.html
Certificate IssuerAmazon
Subjectprofessionalswebcheck.com
Fingerprint75:E9:08:FD:96:58:C7:98:43:E8:21:27:A8:E9:B9:A4:55:28:F2:0C
ValidityWed, 30 Aug 2023 00:00:00 GMT - Fri, 27 Sep 2024 23:59:59 GMT
File type ASCII text, with no line terminators
Hash 6dc23efc061d48218eb1517bf7b9921e
fd99231166b2d4f035ea1e820ada02f77c82152a
b6c4bbea7a1a8dbd6f09e24ffafef0fd299b9549937d557f0183713689e17165
GET /stats HTTP/1.1
Host: professionalswebcheck.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sakitiwasan.blogspot.com
DNT: 1
Connection: keep-alive
Referer: https://sakitiwasan.blogspot.com/
Cookie: uid_id2=3bad3acd-2bee-4e82-9b29-8c8046fde59d:1:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 01 Oct 2023 10:02:50 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://sakitiwasan.blogspot.com
vary: Origin
access-control-allow-credentials: true
X-Firefox-Spdy: h2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
200 OK 20 kB URL GET HTTP/2 maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
IP
Requested by https://sakitiwasan.blogspot.com/2022/01/butas-na-butas-na-kamay.html
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint5B:F7:8F:50:AD:E5:5B:5E:8C:4A:39:3D:0C:98:E8:8C:18:4B:3D:8A
ValidityFri, 30 Dec 2022 00:00:00 GMT - Sat, 30 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (30837)
Hash 269550530cc127b6aa5a35925a7de6ce
512c7d79033e3028a9be61b540cf1a6870c896f8
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
GET /font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sakitiwasan.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 01 Oct 2023 10:02:47 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"269550530cc127b6aa5a35925a7de6ce"
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 05/01/2023 15:40:29
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 722
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: b9f68144baab9564a7e8739a4135280d
cdn-cache: HIT
cf-cache-status: HIT
age: 6412565
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 80f3df40ff74b521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.id.Wa9mas0DB2s.es5.O/ck=boq-blogger.BloggerCommentUi.ruK-BFYYDeI.L.F4.O/am=AICmAxA/d=1/exm=A7fCU,BVgquf,COQbmf,EEDORb,EFQ78c,GkRiKb,IZT63,JNoxi,KG2eXe,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,Mlhmy,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,PrPYRd,RMhBfe,SdcwHb,SpsfSb,U0aPgd,UUJqVe,Uas9Hd,Ulmmrd,V3dDOb,VXdfxd,VwDzFe,WO9ee,XVMNvd,YwHGTd,Z5uLle,ZfAoz,ZwDk9d,_b,_tp,aW3pY,aurFic,byfTOb,e5qFLc,eD1YLc,fKUV3e,fgib1c,gZjhIf,gychg,hKSk3e,hc6Ubd,kWgXee,kjKdXe,lazG7b,lsjVmc,lwddkf,mI3LFb,mdR7q,n73qwf,ovKuLd,pjICDe,pxq3x,vfuNJf,w9hDv,wmnU7d,ws9Tlc,xQtZb,xUdipf,yDVVkb,zbML3c,zr1jrb/excm=_b,_tp,commentformiframeview/ed=1/wt=2/ujg=1/rs=AEy-KP1UYS7mORq5d2nFmUngXZ4E-uZu5w/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=RqjULd
200 OK 6.3 kB URL GET HTTP/3 www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.id.Wa9mas0DB2s.es5.O/ck=boq-blogger.BloggerCommentUi.ruK-BFYYDeI.L.F4.O/am=AICmAxA/d=1/exm=A7fCU,BVgquf,COQbmf,EEDORb,EFQ78c,GkRiKb,IZT63,JNoxi,KG2eXe,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,Mlhmy,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,PrPYRd,RMhBfe,SdcwHb,SpsfSb,U0aPgd,UUJqVe,Uas9Hd,Ulmmrd,V3dDOb,VXdfxd,VwDzFe,WO9ee,XVMNvd,YwHGTd,Z5uLle,ZfAoz,ZwDk9d,_b,_tp,aW3pY,aurFic,byfTOb,e5qFLc,eD1YLc,fKUV3e,fgib1c,gZjhIf,gychg,hKSk3e,hc6Ubd,kWgXee,kjKdXe,lazG7b,lsjVmc,lwddkf,mI3LFb,mdR7q,n73qwf,ovKuLd,pjICDe,pxq3x,vfuNJf,w9hDv,wmnU7d,ws9Tlc,xQtZb,xUdipf,yDVVkb,zbML3c,zr1jrb/excm=_b,_tp,commentformiframeview/ed=1/wt=2/ujg=1/rs=AEy-KP1UYS7mORq5d2nFmUngXZ4E-uZu5w/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=RqjULd
IP
Requested by https://www.blogger.com/comment/frame/2271042777992815774?po=5915569345929479435&hl=id&skin=contempo&blogspotRpcToken=4868284
Certificate IssuerGoogle Trust Services LLC
Subject*.blogger.com
FingerprintCB:2E:4E:04:8F:48:B1:A1:1A:F4:F6:E1:8A:18:2F:F9:B5:A6:DD:60
ValidityMon, 04 Sep 2023 08:16:44 GMT - Mon, 27 Nov 2023 08:16:43 GMT
File type ASCII text, with very long lines (2956)
Hash de24a7d4df2e4a6256262d192bc924ff
08ad8b7945a632c74d41486bb935926ced9f073a
b32de0ba4d0551f750fbe2a9a729f37fbf855ae876996dd2cfc67fae8045dcfe
GET /_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.id.Wa9mas0DB2s.es5.O/ck=boq-blogger.BloggerCommentUi.ruK-BFYYDeI.L.F4.O/am=AICmAxA/d=1/exm=A7fCU,BVgquf,COQbmf,EEDORb,EFQ78c,GkRiKb,IZT63,JNoxi,KG2eXe,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,Mlhmy,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,PrPYRd,RMhBfe,SdcwHb,SpsfSb,U0aPgd,UUJqVe,Uas9Hd,Ulmmrd,V3dDOb,VXdfxd,VwDzFe,WO9ee,XVMNvd,YwHGTd,Z5uLle,ZfAoz,ZwDk9d,_b,_tp,aW3pY,aurFic,byfTOb,e5qFLc,eD1YLc,fKUV3e,fgib1c,gZjhIf,gychg,hKSk3e,hc6Ubd,kWgXee,kjKdXe,lazG7b,lsjVmc,lwddkf,mI3LFb,mdR7q,n73qwf,ovKuLd,pjICDe,pxq3x,vfuNJf,w9hDv,wmnU7d,ws9Tlc,xQtZb,xUdipf,yDVVkb,zbML3c,zr1jrb/excm=_b,_tp,commentformiframeview/ed=1/wt=2/ujg=1/rs=AEy-KP1UYS7mORq5d2nFmUngXZ4E-uZu5w/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=RqjULd HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/blogger-boq-js-css-signers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="boq-infra/blogger-boq-js-css-signers"
report-to: {"group":"boq-infra/blogger-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/blogger-boq-js-css-signers"}]}
content-length: 6255
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 29 Sep 2023 03:49:28 GMT
expires: Sat, 28 Sep 2024 03:49:28 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Thu, 28 Sep 2023 05:22:32 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 195202
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.id.Wa9mas0DB2s.es5.O/ck=boq-blogger.BloggerCommentUi.ruK-BFYYDeI.L.F4.O/am=AICmAxA/d=1/exm=A7fCU,BVgquf,COQbmf,EEDORb,EFQ78c,GkRiKb,IZT63,JNoxi,KG2eXe,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,Mlhmy,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,PrPYRd,RMhBfe,RqjULd,SdcwHb,SpsfSb,U0aPgd,UUJqVe,Uas9Hd,Ulmmrd,V3dDOb,VXdfxd,VwDzFe,WO9ee,XVMNvd,YwHGTd,Z5uLle,ZfAoz,ZwDk9d,_b,_tp,aW3pY,aurFic,byfTOb,e5qFLc,eD1YLc,fKUV3e,fgib1c,gZjhIf,gychg,hKSk3e,hc6Ubd,kWgXee,kjKdXe,lazG7b,lsjVmc,lwddkf,mI3LFb,mdR7q,n73qwf,ovKuLd,pjICDe,pxq3x,vfuNJf,w9hDv,wmnU7d,ws9Tlc,xQtZb,xUdipf,yDVVkb,zbML3c,zr1jrb/excm=_b,_tp,commentformiframeview/ed=1/wt=2/ujg=1/rs=AEy-KP1UYS7mORq5d2nFmUngXZ4E-uZu5w/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=bm51tf
200 OK 685 B URL GET HTTP/3 www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.id.Wa9mas0DB2s.es5.O/ck=boq-blogger.BloggerCommentUi.ruK-BFYYDeI.L.F4.O/am=AICmAxA/d=1/exm=A7fCU,BVgquf,COQbmf,EEDORb,EFQ78c,GkRiKb,IZT63,JNoxi,KG2eXe,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,Mlhmy,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,PrPYRd,RMhBfe,RqjULd,SdcwHb,SpsfSb,U0aPgd,UUJqVe,Uas9Hd,Ulmmrd,V3dDOb,VXdfxd,VwDzFe,WO9ee,XVMNvd,YwHGTd,Z5uLle,ZfAoz,ZwDk9d,_b,_tp,aW3pY,aurFic,byfTOb,e5qFLc,eD1YLc,fKUV3e,fgib1c,gZjhIf,gychg,hKSk3e,hc6Ubd,kWgXee,kjKdXe,lazG7b,lsjVmc,lwddkf,mI3LFb,mdR7q,n73qwf,ovKuLd,pjICDe,pxq3x,vfuNJf,w9hDv,wmnU7d,ws9Tlc,xQtZb,xUdipf,yDVVkb,zbML3c,zr1jrb/excm=_b,_tp,commentformiframeview/ed=1/wt=2/ujg=1/rs=AEy-KP1UYS7mORq5d2nFmUngXZ4E-uZu5w/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=bm51tf
IP
Requested by https://www.blogger.com/comment/frame/2271042777992815774?po=5915569345929479435&hl=id&skin=contempo&blogspotRpcToken=4868284
Certificate IssuerGoogle Trust Services LLC
Subject*.blogger.com
FingerprintCB:2E:4E:04:8F:48:B1:A1:1A:F4:F6:E1:8A:18:2F:F9:B5:A6:DD:60
ValidityMon, 04 Sep 2023 08:16:44 GMT - Mon, 27 Nov 2023 08:16:43 GMT
File type ASCII text, with very long lines (756)
Hash b67c9fd0e1b4e62e07d78ef27ed28f7b
8a2729d8cd0b153f79bee64c02db938d52852eaf
e2d9aeee03996d407cf16a0b07363e41a2dc0e09a3ff5dbcc575cf629a100cd5
GET /_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.id.Wa9mas0DB2s.es5.O/ck=boq-blogger.BloggerCommentUi.ruK-BFYYDeI.L.F4.O/am=AICmAxA/d=1/exm=A7fCU,BVgquf,COQbmf,EEDORb,EFQ78c,GkRiKb,IZT63,JNoxi,KG2eXe,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,Mlhmy,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,PrPYRd,RMhBfe,RqjULd,SdcwHb,SpsfSb,U0aPgd,UUJqVe,Uas9Hd,Ulmmrd,V3dDOb,VXdfxd,VwDzFe,WO9ee,XVMNvd,YwHGTd,Z5uLle,ZfAoz,ZwDk9d,_b,_tp,aW3pY,aurFic,byfTOb,e5qFLc,eD1YLc,fKUV3e,fgib1c,gZjhIf,gychg,hKSk3e,hc6Ubd,kWgXee,kjKdXe,lazG7b,lsjVmc,lwddkf,mI3LFb,mdR7q,n73qwf,ovKuLd,pjICDe,pxq3x,vfuNJf,w9hDv,wmnU7d,ws9Tlc,xQtZb,xUdipf,yDVVkb,zbML3c,zr1jrb/excm=_b,_tp,commentformiframeview/ed=1/wt=2/ujg=1/rs=AEy-KP1UYS7mORq5d2nFmUngXZ4E-uZu5w/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=bm51tf HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/blogger-boq-js-css-signers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="boq-infra/blogger-boq-js-css-signers"
report-to: {"group":"boq-infra/blogger-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/blogger-boq-js-css-signers"}]}
content-length: 685
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 29 Sep 2023 03:49:28 GMT
expires: Sat, 28 Sep 2024 03:49:28 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Thu, 28 Sep 2023 05:22:32 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 195202
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
suchbasementdarn.com/watch.265288557828.js?key=b386b856125e0686abeea3c7fe7bdbc8&kw=%5B%22butas%22%2C%22na%22%2C%22butas%22%2C%22na%22%2C%22kamay%22%5D&refer=https%3A%2F%2Fsakitiwasan.blogspot.com%2F2022%2F01%2Fbutas-na-butas-na-kamay.html&tz=0&dev=e&res=14.2079&uuid=591f5d8a-51d8-4ab4-a20d-fb9312ce363c%3A2%3A1
307 Temporary Redirect 0 B URL GET HTTP/1.1 suchbasementdarn.com/watch.265288557828.js?key=b386b856125e0686abeea3c7fe7bdbc8&kw=%5B%22butas%22%2C%22na%22%2C%22butas%22%2C%22na%22%2C%22kamay%22%5D&refer=https%3A%2F%2Fsakitiwasan.blogspot.com%2F2022%2F01%2Fbutas-na-butas-na-kamay.html&tz=0&dev=e&res=14.2079&uuid=591f5d8a-51d8-4ab4-a20d-fb9312ce363c%3A2%3A1
IP
Requested by https://sakitiwasan.blogspot.com/2022/01/butas-na-butas-na-kamay.html
Certificate IssuerLet's Encrypt
Subjectsuchbasementdarn.com
FingerprintFC:AA:8C:EE:CC:84:05:5C:69:89:20:38:2F:DD:BF:62:29:71:E1:88
ValidityWed, 27 Sep 2023 00:33:16 GMT - Tue, 26 Dec 2023 00:33:15 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /watch.265288557828.js?key=b386b856125e0686abeea3c7fe7bdbc8&kw=%5B%22butas%22%2C%22na%22%2C%22butas%22%2C%22na%22%2C%22kamay%22%5D&refer=https%3A%2F%2Fsakitiwasan.blogspot.com%2F2022%2F01%2Fbutas-na-butas-na-kamay.html&tz=0&dev=e&res=14.2079&uuid=591f5d8a-51d8-4ab4-a20d-fb9312ce363c%3A2%3A1 HTTP/1.1
Host: suchbasementdarn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sakitiwasan.blogspot.com
DNT: 1
Connection: keep-alive
Referer: https://sakitiwasan.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.21.6
Date: Sun, 01 Oct 2023 10:02:50 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://sakitiwasan.blogspot.com
Access-Control-Allow-Origin: https://sakitiwasan.blogspot.com
Access-Control-Allow-Credentials: true
Location: https://suchbasementdarn.com/watch.265288557828.js?key=b386b856125e0686abeea3c7fe7bdbc8&kw=%5B%22butas%22%2C%22na%22%2C%22butas%22%2C%22na%22%2C%22kamay%22%5D&refer=https%3A%2F%2Fsakitiwasan.blogspot.com%2F2022%2F01%2Fbutas-na-butas-na-kamay.html&tz=0&dev=e&res=14.2079&uuid=591f5d8a-51d8-4ab4-a20d-fb9312ce363c%3A2%3A1&shu=2a008f2675de67abcd61f2f5cdda459745dcb3245d3ba4653d9f2ce8bc2b4540e783c87342ff5710685f4f331a78686fbee86cd42d3a522dc70b33fa725e17ca8c2028d026779511eb1d7d42e0b8526c9ae5f3e6f28c764c6288056162ea5b62e35148&pst=1696154630&rmtc=t
Set-Cookie: u_pl=15321457; expires=Mon, 02 Oct 2023 10:02:50 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNTMyMTQ1NywiayI6ImIzODZiODU2MTI1ZTA2ODZhYmVlYTNjN2ZlN2JkYmM4Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxMjczNTUxLCJwaWQiOjE1NjEzNiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjIzLCJwdCI6NCwicGsiOiJqN2gxMTR4diIsImNwa3MiOnsgIjI4IjoiMTQ2MjIxNThlNGU0YTZhZDExNTdiMmI1MmE1NjhhNjUifSwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjE3OTA4ODk0OCwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMjQzODYsImJuIjoiRmlyZWZveCIsImJ2IjoiMTExLjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9zYWtpdGl3YXNhbi5ibG9nc3BvdC5jb20vMjAyMi8wMS9idXRhcy1uYS1idXRhcy1uYS1rYW1heS5odG1sIn19.aAD43SSea1UGIhtv7xO05dbi5gnOYtmMWN7jj3jFjZQ; expires=Sun, 01 Oct 2023 10:03:50 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 3527f76c9ec57912b0b07e0ee605d1a7
Strict-Transport-Security: max-age=0; includeSubdomains
disgracefulforeword.com/watch.1040664514262.js?key=bade0b1ea33c24096f9f72959e267fb2&kw=%5B%22butas%22%2C%22na%22%2C%22butas%22%2C%22na%22%2C%22kamay%22%5D&refer=https%3A%2F%2Fsakitiwasan.blogspot.com%2F2022%2F01%2Fbutas-na-butas-na-kamay.html&tz=0&dev=e&res=14.2079&uuid=3bad3acd-2bee-4e82-9b29-8c8046fde59d%3A1%3A1
307 Temporary Redirect 0 B URL GET HTTP/1.1 disgracefulforeword.com/watch.1040664514262.js?key=bade0b1ea33c24096f9f72959e267fb2&kw=%5B%22butas%22%2C%22na%22%2C%22butas%22%2C%22na%22%2C%22kamay%22%5D&refer=https%3A%2F%2Fsakitiwasan.blogspot.com%2F2022%2F01%2Fbutas-na-butas-na-kamay.html&tz=0&dev=e&res=14.2079&uuid=3bad3acd-2bee-4e82-9b29-8c8046fde59d%3A1%3A1
IP
Requested by https://sakitiwasan.blogspot.com/2022/01/butas-na-butas-na-kamay.html
Certificate IssuerLet's Encrypt
Subjectdisgracefulforeword.com
FingerprintD1:31:71:E2:9E:86:02:4F:BF:58:36:33:3A:9E:F4:1C:3A:03:5C:85
ValidityWed, 27 Sep 2023 00:38:02 GMT - Tue, 26 Dec 2023 00:38:01 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /watch.1040664514262.js?key=bade0b1ea33c24096f9f72959e267fb2&kw=%5B%22butas%22%2C%22na%22%2C%22butas%22%2C%22na%22%2C%22kamay%22%5D&refer=https%3A%2F%2Fsakitiwasan.blogspot.com%2F2022%2F01%2Fbutas-na-butas-na-kamay.html&tz=0&dev=e&res=14.2079&uuid=3bad3acd-2bee-4e82-9b29-8c8046fde59d%3A1%3A1 HTTP/1.1
Host: disgracefulforeword.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sakitiwasan.blogspot.com
DNT: 1
Connection: keep-alive
Referer: https://sakitiwasan.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.21.6
Date: Sun, 01 Oct 2023 10:02:50 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://sakitiwasan.blogspot.com
Access-Control-Allow-Origin: https://sakitiwasan.blogspot.com
Access-Control-Allow-Credentials: true
Location: https://disgracefulforeword.com/watch.1040664514262.js?key=bade0b1ea33c24096f9f72959e267fb2&kw=%5B%22butas%22%2C%22na%22%2C%22butas%22%2C%22na%22%2C%22kamay%22%5D&refer=https%3A%2F%2Fsakitiwasan.blogspot.com%2F2022%2F01%2Fbutas-na-butas-na-kamay.html&tz=0&dev=e&res=14.2079&uuid=3bad3acd-2bee-4e82-9b29-8c8046fde59d%3A1%3A1&shu=32c66c410b3d9698034bafbe4ad69e266ddc6f5920f1b49ed074d8776bc550d89f9fbdc65a2adf0b6f6d7b2a90d86b1f6d2aed2be5642931464f34a309619f1a48883f8a9631841146936b05e85ca2cffd8c0f66447b709c6430cbd5ac4d3ab0&pst=1696154630&rmtc=t
Set-Cookie: u_pl=15321677; expires=Mon, 02 Oct 2023 10:02:50 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNTMyMTY3NywiayI6ImJhZGUwYjFlYTMzYzI0MDk2ZjlmNzI5NTllMjY3ZmIyIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjozOTc3ODEsInBpZCI6MTU2MTM2LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjMsImFpZCI6NSwicHQiOjQsInBrIjoiZGFuYjUyNWF1IiwiY3BrcyI6eyAiMjgiOiI4NzhmZTM3M2VmYzMxZGY2MzgwMDY2MTRjYWVmNzYzMSIsIjI5IjoiZjNkODkyNzZhZjZhMWM2Nzg4MmU0NjZhZDQyY2M4NGMifSwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjE3OTA4ODk0OCwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMjQzODYsImJuIjoiRmlyZWZveCIsImJ2IjoiMTExLjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9zYWtpdGl3YXNhbi5ibG9nc3BvdC5jb20vMjAyMi8wMS9idXRhcy1uYS1idXRhcy1uYS1rYW1heS5odG1sIn19.KbV1VtO2NXC89PWbaJVOc8dvwwogsqZ9We2yGqtasIQ; expires=Sun, 01 Oct 2023 10:03:50 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: f3714816cb50af16f46fc10e46b963d9
Strict-Transport-Security: max-age=0; includeSubdomains
suchbasementdarn.com/watch.265288557828.js?key=b386b856125e0686abeea3c7fe7bdbc8&kw=%5B%22butas%22%2C%22na%22%2C%22butas%22%2C%22na%22%2C%22kamay%22%5D&refer=https%3A%2F%2Fsakitiwasan.blogspot.com%2F2022%2F01%2Fbutas-na-butas-na-kamay.html&tz=0&dev=e&res=14.2079&uuid=591f5d8a-51d8-4ab4-a20d-fb9312ce363c%3A2%3A1&shu=2a008f2675de67abcd61f2f5cdda459745dcb3245d3ba4653d9f2ce8bc2b4540e783c87342ff5710685f4f331a78686fbee86cd42d3a522dc70b33fa725e17ca8c2028d026779511eb1d7d42e0b8526c9ae5f3e6f28c764c6288056162ea5b62e35148&pst=1696154630&rmtc=t
200 OK 2.1 kB URL GET HTTP/1.1 suchbasementdarn.com/watch.265288557828.js?key=b386b856125e0686abeea3c7fe7bdbc8&kw=%5B%22butas%22%2C%22na%22%2C%22butas%22%2C%22na%22%2C%22kamay%22%5D&refer=https%3A%2F%2Fsakitiwasan.blogspot.com%2F2022%2F01%2Fbutas-na-butas-na-kamay.html&tz=0&dev=e&res=14.2079&uuid=591f5d8a-51d8-4ab4-a20d-fb9312ce363c%3A2%3A1&shu=2a008f2675de67abcd61f2f5cdda459745dcb3245d3ba4653d9f2ce8bc2b4540e783c87342ff5710685f4f331a78686fbee86cd42d3a522dc70b33fa725e17ca8c2028d026779511eb1d7d42e0b8526c9ae5f3e6f28c764c6288056162ea5b62e35148&pst=1696154630&rmtc=t
IP
Requested by https://sakitiwasan.blogspot.com/2022/01/butas-na-butas-na-kamay.html
Certificate IssuerLet's Encrypt
Subjectsuchbasementdarn.com
FingerprintFC:AA:8C:EE:CC:84:05:5C:69:89:20:38:2F:DD:BF:62:29:71:E1:88
ValidityWed, 27 Sep 2023 00:33:16 GMT - Tue, 26 Dec 2023 00:33:15 GMT
File type HTML document text\012- HTML document, ASCII text, with very long lines (2651)
Hash 3d83acfb2d438ae4bafcfd0bcf636174
51c2bd262bc7037766238f928000803bb0f22d1a
70d21b0e692c0c90d7e0019fcde2e9a438f336185571989af498ffea8073b82c
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /watch.265288557828.js?key=b386b856125e0686abeea3c7fe7bdbc8&kw=%5B%22butas%22%2C%22na%22%2C%22butas%22%2C%22na%22%2C%22kamay%22%5D&refer=https%3A%2F%2Fsakitiwasan.blogspot.com%2F2022%2F01%2Fbutas-na-butas-na-kamay.html&tz=0&dev=e&res=14.2079&uuid=591f5d8a-51d8-4ab4-a20d-fb9312ce363c%3A2%3A1&shu=2a008f2675de67abcd61f2f5cdda459745dcb3245d3ba4653d9f2ce8bc2b4540e783c87342ff5710685f4f331a78686fbee86cd42d3a522dc70b33fa725e17ca8c2028d026779511eb1d7d42e0b8526c9ae5f3e6f28c764c6288056162ea5b62e35148&pst=1696154630&rmtc=t HTTP/1.1
Host: suchbasementdarn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sakitiwasan.blogspot.com
Referer: https://sakitiwasan.blogspot.com/
DNT: 1
Connection: keep-alive
Cookie: u_pl=15321457; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNTMyMTQ1NywiayI6ImIzODZiODU2MTI1ZTA2ODZhYmVlYTNjN2ZlN2JkYmM4Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxMjczNTUxLCJwaWQiOjE1NjEzNiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjIzLCJwdCI6NCwicGsiOiJqN2gxMTR4diIsImNwa3MiOnsgIjI4IjoiMTQ2MjIxNThlNGU0YTZhZDExNTdiMmI1MmE1NjhhNjUifSwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjE3OTA4ODk0OCwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMjQzODYsImJuIjoiRmlyZWZveCIsImJ2IjoiMTExLjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9zYWtpdGl3YXNhbi5ibG9nc3BvdC5jb20vMjAyMi8wMS9idXRhcy1uYS1idXRhcy1uYS1rYW1heS5odG1sIn19.aAD43SSea1UGIhtv7xO05dbi5gnOYtmMWN7jj3jFjZQ
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 01 Oct 2023 10:02:50 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://sakitiwasan.blogspot.com
Access-Control-Allow-Origin: https://sakitiwasan.blogspot.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=591f5d8a-51d8-4ab4-a20d-fb9312ce363c:2:1; expires=Sun, 08 Oct 2023 10:02:50 GMT; secure; SameSite=None
iprc4f8e85612d843e435c4dc3b2a1b744d4=3569808; expires=Sun, 01 Oct 2023 14:02:50 GMT; secure; SameSite=None
pdhtkv=true; expires=Mon, 02 Oct 2023 10:02:50 GMT; secure; SameSite=None
uncs=1; expires=Mon, 02 Oct 2023 10:02:50 GMT; secure; SameSite=None
pdhtkv23=true; expires=Mon, 02 Oct 2023 10:02:50 GMT; secure; SameSite=None
uncs23=1; expires=Mon, 02 Oct 2023 10:02:50 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: e388a48258646c60da0189e3f9b09fb5
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
disgracefulforeword.com/watch.1040664514262.js?key=bade0b1ea33c24096f9f72959e267fb2&kw=%5B%22butas%22%2C%22na%22%2C%22butas%22%2C%22na%22%2C%22kamay%22%5D&refer=https%3A%2F%2Fsakitiwasan.blogspot.com%2F2022%2F01%2Fbutas-na-butas-na-kamay.html&tz=0&dev=e&res=14.2079&uuid=3bad3acd-2bee-4e82-9b29-8c8046fde59d%3A1%3A1&shu=32c66c410b3d9698034bafbe4ad69e266ddc6f5920f1b49ed074d8776bc550d89f9fbdc65a2adf0b6f6d7b2a90d86b1f6d2aed2be5642931464f34a309619f1a48883f8a9631841146936b05e85ca2cffd8c0f66447b709c6430cbd5ac4d3ab0&pst=1696154630&rmtc=t
200 OK 2.0 kB URL GET HTTP/1.1 disgracefulforeword.com/watch.1040664514262.js?key=bade0b1ea33c24096f9f72959e267fb2&kw=%5B%22butas%22%2C%22na%22%2C%22butas%22%2C%22na%22%2C%22kamay%22%5D&refer=https%3A%2F%2Fsakitiwasan.blogspot.com%2F2022%2F01%2Fbutas-na-butas-na-kamay.html&tz=0&dev=e&res=14.2079&uuid=3bad3acd-2bee-4e82-9b29-8c8046fde59d%3A1%3A1&shu=32c66c410b3d9698034bafbe4ad69e266ddc6f5920f1b49ed074d8776bc550d89f9fbdc65a2adf0b6f6d7b2a90d86b1f6d2aed2be5642931464f34a309619f1a48883f8a9631841146936b05e85ca2cffd8c0f66447b709c6430cbd5ac4d3ab0&pst=1696154630&rmtc=t
IP
Requested by https://sakitiwasan.blogspot.com/2022/01/butas-na-butas-na-kamay.html
Certificate IssuerLet's Encrypt
Subjectdisgracefulforeword.com
FingerprintD1:31:71:E2:9E:86:02:4F:BF:58:36:33:3A:9E:F4:1C:3A:03:5C:85
ValidityWed, 27 Sep 2023 00:38:02 GMT - Tue, 26 Dec 2023 00:38:01 GMT
File type HTML document, ASCII text, with very long lines (2501)
Hash eabff685a512ba883e4d68781bfcf58d
f1021065e23604e29d69f4eee00ca2777d8d3255
ebe82a987a1a8b0a1fe6dfc41e86ba9498f55b680803a641e9e1b8b73724c936
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /watch.1040664514262.js?key=bade0b1ea33c24096f9f72959e267fb2&kw=%5B%22butas%22%2C%22na%22%2C%22butas%22%2C%22na%22%2C%22kamay%22%5D&refer=https%3A%2F%2Fsakitiwasan.blogspot.com%2F2022%2F01%2Fbutas-na-butas-na-kamay.html&tz=0&dev=e&res=14.2079&uuid=3bad3acd-2bee-4e82-9b29-8c8046fde59d%3A1%3A1&shu=32c66c410b3d9698034bafbe4ad69e266ddc6f5920f1b49ed074d8776bc550d89f9fbdc65a2adf0b6f6d7b2a90d86b1f6d2aed2be5642931464f34a309619f1a48883f8a9631841146936b05e85ca2cffd8c0f66447b709c6430cbd5ac4d3ab0&pst=1696154630&rmtc=t HTTP/1.1
Host: disgracefulforeword.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sakitiwasan.blogspot.com
Referer: https://sakitiwasan.blogspot.com/
DNT: 1
Connection: keep-alive
Cookie: u_pl=15321677; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNTMyMTY3NywiayI6ImJhZGUwYjFlYTMzYzI0MDk2ZjlmNzI5NTllMjY3ZmIyIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjozOTc3ODEsInBpZCI6MTU2MTM2LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjMsImFpZCI6NSwicHQiOjQsInBrIjoiZGFuYjUyNWF1IiwiY3BrcyI6eyAiMjgiOiI4NzhmZTM3M2VmYzMxZGY2MzgwMDY2MTRjYWVmNzYzMSIsIjI5IjoiZjNkODkyNzZhZjZhMWM2Nzg4MmU0NjZhZDQyY2M4NGMifSwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjE3OTA4ODk0OCwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMjQzODYsImJuIjoiRmlyZWZveCIsImJ2IjoiMTExLjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9zYWtpdGl3YXNhbi5ibG9nc3BvdC5jb20vMjAyMi8wMS9idXRhcy1uYS1idXRhcy1uYS1rYW1heS5odG1sIn19.KbV1VtO2NXC89PWbaJVOc8dvwwogsqZ9We2yGqtasIQ
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 01 Oct 2023 10:02:50 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://sakitiwasan.blogspot.com
Access-Control-Allow-Origin: https://sakitiwasan.blogspot.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=3bad3acd-2bee-4e82-9b29-8c8046fde59d:1:1; expires=Sun, 08 Oct 2023 10:02:50 GMT; secure; SameSite=None
iprcb404509239d5475eca83dc6422229af5=4471471; expires=Mon, 02 Oct 2023 10:02:50 GMT; secure; SameSite=None
pdhtkv=true; expires=Mon, 02 Oct 2023 10:02:50 GMT; secure; SameSite=None
uncs=1; expires=Mon, 02 Oct 2023 10:02:50 GMT; secure; SameSite=None
pdhtkv5=true; expires=Mon, 02 Oct 2023 10:02:50 GMT; secure; SameSite=None
uncs5=1; expires=Mon, 02 Oct 2023 10:02:50 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d714a53d259a59cc00526ed3d573143b
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
sakitiwasan.blogspot.com/2022/01/epekto-at-sakit-ng-paninigarilyo.html
200 OK 36 kB URL GET HTTP/3 sakitiwasan.blogspot.com/2022/01/epekto-at-sakit-ng-paninigarilyo.html
IP
Requested by https://sakitiwasan.blogspot.com/2022/01/butas-na-butas-na-kamay.html
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (4754)
Hash dba6b29d367ce16efb81d9a9544ba2fb
c0c682f01b1335ad3418fc00c3887e176da16d27
8c41612dc210445760890675a8a1ec045af8d6095be6193beaec7d57909c1e44
GET /2022/01/epekto-at-sakit-ng-paninigarilyo.html HTTP/1.1
Host: sakitiwasan.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://sakitiwasan.blogspot.com/2022/01/butas-na-butas-na-kamay.html
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: text/html; charset=UTF-8
expires: Sun, 01 Oct 2023 10:02:50 GMT
date: Sun, 01 Oct 2023 10:02:50 GMT
cache-control: private, max-age=0
last-modified: Tue, 21 Mar 2023 00:34:50 GMT
etag: W/"32ec247f2d73d7c3ccd2b06f30d348ea4ec3241b74809aca4f91d653f2720c45"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 35978
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ocsp.pki.goog/gts1c3
471 B IP
Hash 7e1c6f82a914c276168604d142587812
19fed7e51f26f4cdeacb843c7eb50e2a72135ace
c8207f66547a7d239cf1b4aaede33b325e62af95bd24a7501f7d3d051efe837d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 01 Oct 2023 10:02:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
formationwallet.com/pixel/purst?dl=0&th=0&sc=0&rs=3682&rd=3682&fd=581&bv=22.10.v.10&tmpl=136
200 OK 0 B URL GET HTTP/1.1 formationwallet.com/pixel/purst?dl=0&th=0&sc=0&rs=3682&rd=3682&fd=581&bv=22.10.v.10&tmpl=136
IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://sakitiwasan.blogspot.com/2022/01/butas-na-butas-na-kamay.html
Certificate IssuerLet's Encrypt
Subjectformationwallet.com
FingerprintFB:1B:95:13:DB:5E:B2:BD:D9:2C:E1:1E:D6:05:5D:BA:63:17:4D:14
ValiditySat, 23 Sep 2023 00:48:03 GMT - Fri, 22 Dec 2023 00:48:02 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /pixel/purst?dl=0&th=0&sc=0&rs=3682&rd=3682&fd=581&bv=22.10.v.10&tmpl=136 HTTP/1.1
Host: formationwallet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sakitiwasan.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 01 Oct 2023 10:02:50 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
friendshipmale.com/sfp.js
200 OK 28 kB URL GET HTTP/2 friendshipmale.com/sfp.js
IP
Requested by https://sakitiwasan.blogspot.com/2022/01/butas-na-butas-na-kamay.html
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint08:6F:D8:CB:9E:0C:0A:98:2E:C5:CD:21:8E:0B:76:2B:50:6F:B6:37
ValiditySat, 18 Feb 2023 00:00:00 GMT - Sat, 17 Feb 2024 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Hash 2d0450888479d4ddda305bd96206b240
5b4595aab1cd3f854718e05db9be0c65a12ab2f6
44de073e74ff24c6b1c0fe1f3ac5b33d793560e85ef24fb6ce89e76c2cf90af6
GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sakitiwasan.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 01 Oct 2023 10:02:50 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 187a793666df9383865a12009dd1f721
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Sun, 01 Oct 2023 10:02:50 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BWUP5ZFiQsQoVvc1YkXj%2BvekM%2FkYzISEdhM9insgATu38DWkGfBGdIEeUhbr6lbbVaytcPaY4vHNugs8TdD7cyKwZBQymWE2CPHYeIIqIW2l4SU3h%2FoKhbHEIFFI9ghXzezEMhw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 80f3df522bc90b56-AMS
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
sakitiwasan.blogspot.com/2022/01/halamang-gamot-gamot-sa-sakit-ng-tiyan.html
200 OK 35 kB URL GET HTTP/3 sakitiwasan.blogspot.com/2022/01/halamang-gamot-gamot-sa-sakit-ng-tiyan.html
IP
Requested by https://sakitiwasan.blogspot.com/2022/01/butas-na-butas-na-kamay.html
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (4754)
Hash 7a87ba76cb6cc6c366aae41fa90fd2b1
7cf411fcd71f45b59c8da81130b1ef3497114396
d09251198ebc9fad6926857cf74e3d8f624599f92fcffe38eec1bcaff1942205
GET /2022/01/halamang-gamot-gamot-sa-sakit-ng-tiyan.html HTTP/1.1
Host: sakitiwasan.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://sakitiwasan.blogspot.com/2022/01/butas-na-butas-na-kamay.html
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: text/html; charset=UTF-8
expires: Sun, 01 Oct 2023 10:02:50 GMT
date: Sun, 01 Oct 2023 10:02:50 GMT
cache-control: private, max-age=0
last-modified: Tue, 21 Mar 2023 00:34:50 GMT
etag: W/"32ec247f2d73d7c3ccd2b06f30d348ea4ec3241b74809aca4f91d653f2720c45"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 35177
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ocsp.pki.goog/gts1c3
472 B IP
Hash 62e6063b7b1cc3410e4d01fdecb349df
5edbb51328f36a1b63553aa98c6805bc30b47d23
25aa6c0eca98f86bc93f33be327114a66cb1d3f91b2bb9bc57b8342a4648574b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 01 Oct 2023 10:02:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
472 B IP
Hash 62e6063b7b1cc3410e4d01fdecb349df
5edbb51328f36a1b63553aa98c6805bc30b47d23
25aa6c0eca98f86bc93f33be327114a66cb1d3f91b2bb9bc57b8342a4648574b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 01 Oct 2023 10:02:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
play.google.com/log?format=json&hasfast=true&authuser=0
200 OK 0 B URL OPTIONS HTTP/2 play.google.com/log?format=json&hasfast=true&authuser=0
IP
Requested by https://www.blogger.com/comment/frame/2271042777992815774?po=5915569345929479435&hl=id&skin=contempo&blogspotRpcToken=4868284
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintBB:B9:27:FB:7D:F3:A7:1A:57:CC:23:F8:42:E9:10:BE:59:7E:1F:D4
ValidityMon, 04 Sep 2023 08:17:06 GMT - Mon, 27 Nov 2023 08:17:05 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Referer: https://www.blogger.com/
Origin: https://www.blogger.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: https://www.blogger.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Sun, 01 Oct 2023 10:02:51 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: CONSENT=PENDING+606; expires=Tue, 30-Sep-2025 10:02:51 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 01 Oct 2023 10:02:51 GMT
cache-control: private
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/pxZcVU8Dk73FyvFvdCgp2MSG/recaptcha__en.js
200 OK 187 kB URL GET HTTP/2 www.gstatic.com/recaptcha/releases/pxZcVU8Dk73FyvFvdCgp2MSG/recaptcha__en.js
IP
Requested by https://www.blogger.com/comment/frame/2271042777992815774?po=5915569345929479435&hl=id&skin=contempo&blogspotRpcToken=4868284
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint3D:35:56:30:C0:0F:0C:7F:20:BA:7D:A8:48:DB:24:1B:15:F5:48:27
ValidityMon, 04 Sep 2023 08:23:09 GMT - Mon, 27 Nov 2023 08:23:08 GMT
File type ASCII text, with very long lines (664)
Size 187 kB (187176 bytes)
Hash 50b2895773ea02bd03be4fe5230fad6f
a913962afbcfc933ed779165c6173e03077122e4
7b32785db8941f4503dfeb24b076e81c895483ae097c2354e058101d5282cae5
GET /recaptcha/releases/pxZcVU8Dk73FyvFvdCgp2MSG/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
Origin: https://www.blogger.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 187176
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 01 Oct 2023 09:34:05 GMT
expires: Mon, 30 Sep 2024 09:34:05 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 22 Sep 2023 04:03:44 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 1726
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
play.google.com/log?format=json&hasfast=true&authuser=0
200 OK 131 B URL OPTIONS HTTP/2 play.google.com/log?format=json&hasfast=true&authuser=0
IP
Requested by https://www.blogger.com/comment/frame/2271042777992815774?po=5915569345929479435&hl=id&skin=contempo&blogspotRpcToken=4868284
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintBB:B9:27:FB:7D:F3:A7:1A:57:CC:23:F8:42:E9:10:BE:59:7E:1F:D4
ValidityMon, 04 Sep 2023 08:17:06 GMT - Mon, 27 Nov 2023 08:17:05 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash ca0b7e866005f6774d284b9f438ebfd2
53644f5ee3640189bdb223473ba6a2d46606c556
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
POST /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
X-Goog-AuthUser: 0
Content-Type: application/x-www-form-urlencoded;charset=utf-8
Content-Length: 869
Origin: https://www.blogger.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.blogger.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web
content-type: text/plain; charset=UTF-8
content-encoding: gzip
date: Sun, 01 Oct 2023 10:02:51 GMT
server: Playlog
cache-control: private
content-length: 131
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: CONSENT=PENDING+490; expires=Tue, 30-Sep-2025 10:02:51 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 01 Oct 2023 10:02:51 GMT
X-Firefox-Spdy: h2
3.bp.blogspot.com/-th_cCFZpzJA/U3tGQYRu3eI/AAAAAAAAAFw/mNmup1hK1uI/s1600/180001_BnHover.jpg
200 OK 45 kB URL GET HTTP/2 3.bp.blogspot.com/-th_cCFZpzJA/U3tGQYRu3eI/AAAAAAAAAFw/mNmup1hK1uI/s1600/180001_BnHover.jpg
IP
Requested by https://sakitiwasan.blogspot.com/2022/01/butas-na-butas-na-kamay.html
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Google], baseline, precision 8, 600x337, components 3\012- data
Hash d573ef3cd1a87ae4bf3a940c4359c21c
a3db817ec30892863dad11de43a1ad7d0703de81
390bfc1e1210bf5f84a7a9345134bbae210ee590a0f05a205cab3156df8fc5e6
GET /-th_cCFZpzJA/U3tGQYRu3eI/AAAAAAAAAFw/mNmup1hK1uI/s1600/180001_BnHover.jpg HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sakitiwasan.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v154"
expires: Mon, 02 Oct 2023 10:02:51 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="180001_BnHover.jpg"
x-content-type-options: nosniff
date: Sun, 01 Oct 2023 10:02:51 GMT
server: fife
content-length: 45208
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.cloudimagesb.com/cti/5c/10/b0/5c10b0b28e7a0e9d7e61bd8d09bee3db/1658920078.png
200 OK 106 kB URL GET HTTP/2 cdn.cloudimagesb.com/cti/5c/10/b0/5c10b0b28e7a0e9d7e61bd8d09bee3db/1658920078.png
IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://sakitiwasan.blogspot.com/2022/01/butas-na-butas-na-kamay.html
Certificate IssuerLet's Encrypt
Subjectcdn.cloudimagesb.com
Fingerprint62:DE:BA:BA:30:E9:EE:15:E9:24:B9:C5:BF:E1:7E:39:8B:20:E5:42
ValiditySun, 24 Sep 2023 23:04:02 GMT - Sat, 23 Dec 2023 23:04:01 GMT
File type PNG image data, 728 x 90, 8-bit/color RGBA, non-interlaced\012- data
Size 106 kB (105910 bytes)
Hash a36b92bb68d9b579458560ba9b94862a
782d2932ccd3a56e5aad1cca7e6e7fb4a3cf23d6
9de12cf85ad80cae34d8bdaeb59169d75e3bd4f8b931ec90ea2c3be166647c0e
GET /cti/5c/10/b0/5c10b0b28e7a0e9d7e61bd8d09bee3db/1658920078.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 01 Oct 2023 10:02:51 GMT
content-type: image/png
content-length: 105910
server: nginx/1.21.6
last-modified: Wed, 27 Jul 2022 11:08:06 GMT
etag: "62e11c96-19db6"
expires: Tue, 03 Oct 2023 10:02:51 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
471 B IP
Hash 6a4c5dede1d33d524b7ce901b28de558
0e92b162ea957b4190dc2d6c985bdb6e26d7b851
23b967e563fe3d8cf1ad1b870e7d0a79ffebf2bcccfd6705b7ee69b57069475b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 01 Oct 2023 10:02:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
471 B IP
Hash 6a4c5dede1d33d524b7ce901b28de558
0e92b162ea957b4190dc2d6c985bdb6e26d7b851
23b967e563fe3d8cf1ad1b870e7d0a79ffebf2bcccfd6705b7ee69b57069475b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 01 Oct 2023 10:02:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
471 B IP
Hash 6a4c5dede1d33d524b7ce901b28de558
0e92b162ea957b4190dc2d6c985bdb6e26d7b851
23b967e563fe3d8cf1ad1b870e7d0a79ffebf2bcccfd6705b7ee69b57069475b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 01 Oct 2023 10:02:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.cloudimagesb.com/cti/8d/12/a5/8d12a54715d7ce4e44c95b5e98fd5960/1690556665.mp4
200 OK 150 kB URL GET HTTP/2 cdn.cloudimagesb.com/cti/8d/12/a5/8d12a54715d7ce4e44c95b5e98fd5960/1690556665.mp4
IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://sakitiwasan.blogspot.com/2022/01/butas-na-butas-na-kamay.html
Certificate IssuerLet's Encrypt
Subjectcdn.cloudimagesb.com
Fingerprint62:DE:BA:BA:30:E9:EE:15:E9:24:B9:C5:BF:E1:7E:39:8B:20:E5:42
ValiditySun, 24 Sep 2023 23:04:02 GMT - Sat, 23 Dec 2023 23:04:01 GMT
File type ISO Media, MP4 v2 [ISO 14496-14]\012- data
Size 150 kB (150220 bytes)
Hash 053f05c61b5246d61754487bfe471255
278c885da9062dd9119863b8f93242b9543a7fff
1b3138efe4269e5532f6d0bd2928ed1d5844bf083c7f110020fecb1977701cdc
GET /cti/8d/12/a5/8d12a54715d7ce4e44c95b5e98fd5960/1690556665.mp4 HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 01 Oct 2023 10:02:51 GMT
content-type: video/mp4
content-length: 150220
server: nginx/1.21.6
last-modified: Fri, 28 Jul 2023 15:04:33 GMT
etag: "64c3d901-24acc"
expires: Tue, 03 Oct 2023 10:02:51 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
zerodecisive.com/sbar.json?key=f3d89276af6a1c67882e466ad42cc84c&uuid=3bad3acd-2bee-4e82-9b29-8c8046fde59d%3A1%3A1
200 OK 2.3 kB URL GET HTTP/1.1 zerodecisive.com/sbar.json?key=f3d89276af6a1c67882e466ad42cc84c&uuid=3bad3acd-2bee-4e82-9b29-8c8046fde59d%3A1%3A1
IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://sakitiwasan.blogspot.com/2022/01/butas-na-butas-na-kamay.html
Certificate IssuerLet's Encrypt
Subjectzerodecisive.com
Fingerprint98:B4:22:87:B3:35:E0:EA:CE:E5:F6:53:EF:55:FD:77:EB:AF:91:48
ValiditySat, 23 Sep 2023 00:39:05 GMT - Fri, 22 Dec 2023 00:39:04 GMT
File type JSON data\012- , ASCII text, with very long lines (5827), with no line terminators
Hash 8203f1d98eb20bfece5aa98fbb906a5f
1e03cf0a97edd626effe4a0f6de3026b02e758ea
334b87bdccb73973bc5acdcb3f6eb04b305b6387744588b7592e5e1b28ba352f
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /sbar.json?key=f3d89276af6a1c67882e466ad42cc84c&uuid=3bad3acd-2bee-4e82-9b29-8c8046fde59d%3A1%3A1 HTTP/1.1
Host: zerodecisive.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sakitiwasan.blogspot.com
DNT: 1
Connection: keep-alive
Referer: https://sakitiwasan.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 01 Oct 2023 10:02:51 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://sakitiwasan.blogspot.com
Access-Control-Allow-Origin: https://sakitiwasan.blogspot.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=16706101; expires=Mon, 02 Oct 2023 10:02:51 GMT; secure; SameSite=None
uid_id2=3bad3acd-2bee-4e82-9b29-8c8046fde59d:1:1; expires=Sun, 08 Oct 2023 10:02:51 GMT; secure; SameSite=None
pdhtkv=true; expires=Mon, 02 Oct 2023 10:02:51 GMT; secure; SameSite=None
uncs=1; expires=Mon, 02 Oct 2023 10:02:51 GMT; secure; SameSite=None
pdhtkv29=true; expires=Mon, 02 Oct 2023 10:02:51 GMT; secure; SameSite=None
uncs29=1; expires=Mon, 02 Oct 2023 10:02:51 GMT; secure; SameSite=None
slecf3d89276af6a1c67882e466ad42cc84c=[4626370]; expires=Sun, 01 Oct 2023 10:02:56 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: dc383a20ee9e662583d9678be080538d
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
i.ytimg.com/vi/1fy_P8EzUjA/maxresdefault.jpg
404 Not Found 1.1 kB URL GET HTTP/2 i.ytimg.com/vi/1fy_P8EzUjA/maxresdefault.jpg
IP
Requested by https://sakitiwasan.blogspot.com/2022/01/butas-na-butas-na-kamay.html
Certificate IssuerGoogle Trust Services LLC
Subjectedgestatic.com
Fingerprint83:6D:53:72:1E:39:D8:A0:10:4A:F9:34:A4:A7:2B:90:D7:0A:51:64
ValidityMon, 04 Sep 2023 08:16:59 GMT - Mon, 27 Nov 2023 08:16:58 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 120x90, components 3\012- data
Hash e2ddfee11ae7edcae257da47f3a78a70
6e902fa6302eb30cd204579bca6a59b37233e262
20e9aab22032d85684d7d916a1013f7c577a132a5b10ea3fd3578e8d0b28a711
GET /vi/1fy_P8EzUjA/maxresdefault.jpg HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sakitiwasan.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
vary: Origin
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: image/jpeg
date: Sun, 01 Oct 2023 10:02:51 GMT
expires: Sun, 01 Oct 2023 10:03:21 GMT
cache-control: public, max-age=30
x-content-type-options: nosniff
server: sffe
content-length: 1097
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
i.ytimg.com/vi/sZt3luJur-I/hqdefault.jpg
200 OK 29 kB URL GET HTTP/2 i.ytimg.com/vi/sZt3luJur-I/hqdefault.jpg
IP
Requested by https://sakitiwasan.blogspot.com/2022/01/butas-na-butas-na-kamay.html
Certificate IssuerGoogle Trust Services LLC
Subjectedgestatic.com
Fingerprint83:6D:53:72:1E:39:D8:A0:10:4A:F9:34:A4:A7:2B:90:D7:0A:51:64
ValidityMon, 04 Sep 2023 08:16:59 GMT - Mon, 27 Nov 2023 08:16:58 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x360, components 3\012- data
Hash b11ebe5cd43b049601d006c882bfb970
7ad2548843d7e8b0156bbe2222985b2d8d8953f4
be24b7a3d9821b2a70297ce98abcaae07cfd122f979997e4aac90f471a4d052e
GET /vi/sZt3luJur-I/hqdefault.jpg HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sakitiwasan.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/jpeg
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 29150
date: Sun, 01 Oct 2023 10:02:51 GMT
expires: Sun, 01 Oct 2023 12:02:51 GMT
cache-control: public, max-age=7200
etag: "1615639118"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
i.ytimg.com/vi/sZt3luJur-I/mqdefault.jpg
200 OK 15 kB URL GET HTTP/2 i.ytimg.com/vi/sZt3luJur-I/mqdefault.jpg
IP
Requested by https://sakitiwasan.blogspot.com/2022/01/butas-na-butas-na-kamay.html
Certificate IssuerGoogle Trust Services LLC
Subjectedgestatic.com
Fingerprint83:6D:53:72:1E:39:D8:A0:10:4A:F9:34:A4:A7:2B:90:D7:0A:51:64
ValidityMon, 04 Sep 2023 08:16:59 GMT - Mon, 27 Nov 2023 08:16:58 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 320x180, components 3\012- data
Hash 1f6cb421a66e8cda52b5be3cda8ac3fb
1010e138292a678a312255db4c64df06dd4d7986
f601dbcbd2827faa198f30ab72ed84e10e668f601d3102b88e35510dc33a6784
GET /vi/sZt3luJur-I/mqdefault.jpg HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sakitiwasan.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/jpeg
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 14784
date: Sun, 01 Oct 2023 10:02:51 GMT
expires: Sun, 01 Oct 2023 12:02:51 GMT
cache-control: public, max-age=7200
etag: "1615639118"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
471 B IP
Hash 6a4c5dede1d33d524b7ce901b28de558
0e92b162ea957b4190dc2d6c985bdb6e26d7b851
23b967e563fe3d8cf1ad1b870e7d0a79ffebf2bcccfd6705b7ee69b57069475b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 01 Oct 2023 10:02:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i.pinimg.com/originals/5b/3f/8a/5b3f8a41628f18d1703d86601e32e803.gif
200 OK 178 kB URL GET HTTP/2 i.pinimg.com/originals/5b/3f/8a/5b3f8a41628f18d1703d86601e32e803.gif
IP
Requested by https://sakitiwasan.blogspot.com/2022/01/butas-na-butas-na-kamay.html
Certificate IssuerDigiCert Inc
Subject*.pinterest.com
Fingerprint4D:02:6D:A8:DF:FA:2E:1C:D3:43:46:EF:CF:92:F1:7A:41:8F:BA:0B
ValidityMon, 31 Jul 2023 00:00:00 GMT - Wed, 07 Aug 2024 23:59:59 GMT
File type GIF image data, version 89a, 360 x 270\012- data
Size 178 kB (178063 bytes)
Hash c5315fb198334e463107b3024c31b920
7b3061a005fe99544ba97782fb9f36ed1d52a57f
6792dd65861047bbc3dacef2d19f75e46217aeb05ae1f9e7f345cdf1f925f17f
GET /originals/5b/3f/8a/5b3f8a41628f18d1703d86601e32e803.gif HTTP/1.1
Host: i.pinimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sakitiwasan.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
etag: "c5315fb198334e463107b3024c31b920"
content-type: image/gif
cache-control: max-age=31536000, immutable
accept-ranges: bytes
vary: Origin
x-cdn: fastly
alt-svc: h3=":443";ma=600
date: Sun, 01 Oct 2023 10:02:51 GMT
content-length: 178063
X-Firefox-Spdy: h2
i.pinimg.com/originals/67/04/e9/6704e9ae31085d576ba443a427d7b680.jpg
200 OK 32 kB URL GET HTTP/2 i.pinimg.com/originals/67/04/e9/6704e9ae31085d576ba443a427d7b680.jpg
IP
Requested by https://sakitiwasan.blogspot.com/2022/01/butas-na-butas-na-kamay.html
Certificate IssuerDigiCert Inc
Subject*.pinterest.com
Fingerprint4D:02:6D:A8:DF:FA:2E:1C:D3:43:46:EF:CF:92:F1:7A:41:8F:BA:0B
ValidityMon, 31 Jul 2023 00:00:00 GMT - Wed, 07 Aug 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 480x360, components 3\012- data
Hash 1f3715d3150ee3b104247f8dec617f32
a7ea26a86db9b2e6e0f3e503748e92ddc65d94e4
743c98235b93ba5bd830f19002b59238afa83c5b63a006219918d1e6393e0c8a
GET /originals/67/04/e9/6704e9ae31085d576ba443a427d7b680.jpg HTTP/1.1
Host: i.pinimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sakitiwasan.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
etag: "1f3715d3150ee3b104247f8dec617f32"
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
vary: Origin
x-cdn: fastly
alt-svc: h3=":443";ma=600
date: Sun, 01 Oct 2023 10:02:51 GMT
content-length: 31672
X-Firefox-Spdy: h2
zerodecisive.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSTYgcRRSu3iweFA%2BRXHIQ5iCo4M529%2FTMdJuDmMSR4JrERNGbVFdVz1a2uqup6p6eXS9LAhI8jSevvd%2FsZlGXoGfxh1lvC0JGPCziHgRBPAlCjiIzuzr4oHnve99r%2BN5X78Od8oS4KOlx7029JZWiq%2B2m23jhPc%2B71FiTWTlsDMPO%2B53gUsMMXvbcqOm%2B2HhdsA296rue63qu1%2BhJIxI9XPU8r%2BlC5geR14zcZuA3vXaAofk%2FtqUDSx3wwQl5BpJPnzx4GECyCbL0i6vCbhQ6f%2Bm1tFS00AYDvv9OtpHpKkO6KBPjIMn2z6ah7aPeN9DZ3lww9OC%2FwVhOifPbr4iz%2FTOViAd7p0JjBZEh5k%2BhGkwg1ASSTsD0PUj%2BiACM4%2FoNZOmD69pUdPOUpTN2SpYf%2FwVZTcnyLxeQpQ8vKzls3NaqLKTOLIZJDTmcQPYnyMtDFFtLkNUhWHEXkv9AVh%2BvIUt3b1ilIfnxc62Y8hZlfMWPhVgJROivRLEfrYQsdINOwkU74nOHpJxAJhMoMQK1DsrZJx2UiYMyd5Dy40aXBWHIwzangjE%2FTrwwCZIgosxNmNuKfJRstsMIRT4CUyMws43cbGNDjmDK72DXa1i%2BBFtMifPWXQx4jUoQVJagogSVJKgKgmpQ73FlfVs%2F4MqWsXeW%2FbPcqse66O%2FQPV30RUZ28hNyfm7e33%2B0sSGOG0mLh5Hf7dCkQz3W6YahL4JOh%2FLAZywMGKysIe3SfNUtOSVPnP8JuZySJfo7YnoIqw7B5DnQ8lnQatz1XdD1cRC62Mq%2BYjITuRGpFEb4QTNWum9zXTSZTsF1jbxYRrHp7KgTcnEuq%2FfJBIIdkbMAMzVyU%2BOO%2FJ6gr%2B6Pb%2BmK7N7SlSVf3sgLmcotOnvv2wUthPPZG2Kz0oZfu2pHn77KZsSsPHhb2GKNZlxmfUs%2Bvyw5F6anDRPk62v2XRHfLO365dJkZb5280rvWpobYa3U2QR0drvLP4PJKXn6zkfzW37%2BwgeQZgJT1kjLhVapD8Hybdh80bOawKgFjnMHVVmPjR8vmkoSKLHANK5hxdG3f%2F7706LesffRNw5ocQ9ZWmNgagxUDapGsOW5cZGbo1d%2BbM0DsXLGsTLObqyM%2BvjUXCuPG6IrOlEUuEGXu24ccN%2F32oLRVkAj6vtJF4WdiotXjv4BAAD%2F%2FwEAAP%2F%2FVPmoW5gEAAA%3D
200 OK 7 B URL GET HTTP/1.1 zerodecisive.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSTYgcRRSu3iweFA%2BRXHIQ5iCo4M529%2FTMdJuDmMSR4JrERNGbVFdVz1a2uqup6p6eXS9LAhI8jSevvd%2FsZlGXoGfxh1lvC0JGPCziHgRBPAlCjiIzuzr4oHnve99r%2BN5X78Od8oS4KOlx7029JZWiq%2B2m23jhPc%2B71FiTWTlsDMPO%2B53gUsMMXvbcqOm%2B2HhdsA296rue63qu1%2BhJIxI9XPU8r%2BlC5geR14zcZuA3vXaAofk%2FtqUDSx3wwQl5BpJPnzx4GECyCbL0i6vCbhQ6f%2Bm1tFS00AYDvv9OtpHpKkO6KBPjIMn2z6ah7aPeN9DZ3lww9OC%2FwVhOifPbr4iz%2FTOViAd7p0JjBZEh5k%2BhGkwg1ASSTsD0PUj%2BiACM4%2FoNZOmD69pUdPOUpTN2SpYf%2FwVZTcnyLxeQpQ8vKzls3NaqLKTOLIZJDTmcQPYnyMtDFFtLkNUhWHEXkv9AVh%2BvIUt3b1ilIfnxc62Y8hZlfMWPhVgJROivRLEfrYQsdINOwkU74nOHpJxAJhMoMQK1DsrZJx2UiYMyd5Dy40aXBWHIwzangjE%2FTrwwCZIgosxNmNuKfJRstsMIRT4CUyMws43cbGNDjmDK72DXa1i%2BBFtMifPWXQx4jUoQVJagogSVJKgKgmpQ73FlfVs%2F4MqWsXeW%2FbPcqse66O%2FQPV30RUZ28hNyfm7e33%2B0sSGOG0mLh5Hf7dCkQz3W6YahL4JOh%2FLAZywMGKysIe3SfNUtOSVPnP8JuZySJfo7YnoIqw7B5DnQ8lnQatz1XdD1cRC62Mq%2BYjITuRGpFEb4QTNWum9zXTSZTsF1jbxYRrHp7KgTcnEuq%2FfJBIIdkbMAMzVyU%2BOO%2FJ6gr%2B6Pb%2BmK7N7SlSVf3sgLmcotOnvv2wUthPPZG2Kz0oZfu2pHn77KZsSsPHhb2GKNZlxmfUs%2Bvyw5F6anDRPk62v2XRHfLO365dJkZb5280rvWpobYa3U2QR0drvLP4PJKXn6zkfzW37%2BwgeQZgJT1kjLhVapD8Hybdh80bOawKgFjnMHVVmPjR8vmkoSKLHANK5hxdG3f%2F7706LesffRNw5ocQ9ZWmNgagxUDapGsOW5cZGbo1d%2BbM0DsXLGsTLObqyM%2BvjUXCuPG6IrOlEUuEGXu24ccN%2F32oLRVkAj6vtJF4WdiotXjv4BAAD%2F%2FwEAAP%2F%2FVPmoW5gEAAA%3D
IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://sakitiwasan.blogspot.com/2022/01/butas-na-butas-na-kamay.html
Certificate IssuerLet's Encrypt
Subjectzerodecisive.com
Fingerprint98:B4:22:87:B3:35:E0:EA:CE:E5:F6:53:EF:55:FD:77:EB:AF:91:48
ValiditySat, 23 Sep 2023 00:39:05 GMT - Fri, 22 Dec 2023 00:39:04 GMT
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSTYgcRRSu3iweFA%2BRXHIQ5iCo4M529%2FTMdJuDmMSR4JrERNGbVFdVz1a2uqup6p6eXS9LAhI8jSevvd%2FsZlGXoGfxh1lvC0JGPCziHgRBPAlCjiIzuzr4oHnve99r%2BN5X78Od8oS4KOlx7029JZWiq%2B2m23jhPc%2B71FiTWTlsDMPO%2B53gUsMMXvbcqOm%2B2HhdsA296rue63qu1%2BhJIxI9XPU8r%2BlC5geR14zcZuA3vXaAofk%2FtqUDSx3wwQl5BpJPnzx4GECyCbL0i6vCbhQ6f%2Bm1tFS00AYDvv9OtpHpKkO6KBPjIMn2z6ah7aPeN9DZ3lww9OC%2FwVhOifPbr4iz%2FTOViAd7p0JjBZEh5k%2BhGkwg1ASSTsD0PUj%2BiACM4%2FoNZOmD69pUdPOUpTN2SpYf%2FwVZTcnyLxeQpQ8vKzls3NaqLKTOLIZJDTmcQPYnyMtDFFtLkNUhWHEXkv9AVh%2BvIUt3b1ilIfnxc62Y8hZlfMWPhVgJROivRLEfrYQsdINOwkU74nOHpJxAJhMoMQK1DsrZJx2UiYMyd5Dy40aXBWHIwzangjE%2FTrwwCZIgosxNmNuKfJRstsMIRT4CUyMws43cbGNDjmDK72DXa1i%2BBFtMifPWXQx4jUoQVJagogSVJKgKgmpQ73FlfVs%2F4MqWsXeW%2FbPcqse66O%2FQPV30RUZ28hNyfm7e33%2B0sSGOG0mLh5Hf7dCkQz3W6YahL4JOh%2FLAZywMGKysIe3SfNUtOSVPnP8JuZySJfo7YnoIqw7B5DnQ8lnQatz1XdD1cRC62Mq%2BYjITuRGpFEb4QTNWum9zXTSZTsF1jbxYRrHp7KgTcnEuq%2FfJBIIdkbMAMzVyU%2BOO%2FJ6gr%2B6Pb%2BmK7N7SlSVf3sgLmcotOnvv2wUthPPZG2Kz0oZfu2pHn77KZsSsPHhb2GKNZlxmfUs%2Bvyw5F6anDRPk62v2XRHfLO365dJkZb5280rvWpobYa3U2QR0drvLP4PJKXn6zkfzW37%2BwgeQZgJT1kjLhVapD8Hybdh80bOawKgFjnMHVVmPjR8vmkoSKLHANK5hxdG3f%2F7706LesffRNw5ocQ9ZWmNgagxUDapGsOW5cZGbo1d%2BbM0DsXLGsTLObqyM%2BvjUXCuPG6IrOlEUuEGXu24ccN%2F32oLRVkAj6vtJF4WdiotXjv4BAAD%2F%2FwEAAP%2F%2FVPmoW5gEAAA%3D HTTP/1.1
Host: zerodecisive.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sakitiwasan.blogspot.com/
Cookie: u_pl=16706101; uid_id2=3bad3acd-2bee-4e82-9b29-8c8046fde59d:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecf3d89276af6a1c67882e466ad42cc84c=[4626370]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 01 Oct 2023 10:02:52 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 2f94195780a97274c3618e80ef88b747
Strict-Transport-Security: max-age=0; includeSubdomains
www.gstatic.com/recaptcha/releases/pxZcVU8Dk73FyvFvdCgp2MSG/styles__ltr.css
200 OK 25 kB URL GET HTTP/3 www.gstatic.com/recaptcha/releases/pxZcVU8Dk73FyvFvdCgp2MSG/styles__ltr.css
IP
Requested by https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu&co=aHR0cHM6Ly93d3cuYmxvZ2dlci5jb206NDQz&hl=en&v=pxZcVU8Dk73FyvFvdCgp2MSG&size=invisible&cb=vh9hpgco92mt
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint3D:35:56:30:C0:0F:0C:7F:20:BA:7D:A8:48:DB:24:1B:15:F5:48:27
ValidityMon, 04 Sep 2023 08:23:09 GMT - Mon, 27 Nov 2023 08:23:08 GMT
File type ASCII text, with very long lines (56398), with no line terminators
Hash eb4bc511f79f7a1573b45f5775b3a99b
d910fb51ad7316aa54f055079374574698e74b35
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
GET /recaptcha/releases/pxZcVU8Dk73FyvFvdCgp2MSG/styles__ltr.css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 24606
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 01 Oct 2023 04:19:59 GMT
expires: Mon, 30 Sep 2024 04:19:59 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 22 Sep 2023 04:03:44 GMT
content-type: text/css
vary: Accept-Encoding
age: 20573
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.gstatic.com/recaptcha/releases/pxZcVU8Dk73FyvFvdCgp2MSG/recaptcha__en.js
200 OK 187 kB URL GET HTTP/2 www.gstatic.com/recaptcha/releases/pxZcVU8Dk73FyvFvdCgp2MSG/recaptcha__en.js
IP
Requested by https://www.blogger.com/comment/frame/2271042777992815774?po=5915569345929479435&hl=id&skin=contempo&blogspotRpcToken=4868284
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint3D:35:56:30:C0:0F:0C:7F:20:BA:7D:A8:48:DB:24:1B:15:F5:48:27
ValidityMon, 04 Sep 2023 08:23:09 GMT - Mon, 27 Nov 2023 08:23:08 GMT
File type ASCII text, with very long lines (664)
Size 187 kB (187176 bytes)
Hash 50b2895773ea02bd03be4fe5230fad6f
a913962afbcfc933ed779165c6173e03077122e4
7b32785db8941f4503dfeb24b076e81c895483ae097c2354e058101d5282cae5
GET /recaptcha/releases/pxZcVU8Dk73FyvFvdCgp2MSG/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 187176
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 01 Oct 2023 09:34:05 GMT
expires: Mon, 30 Sep 2024 09:34:05 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 22 Sep 2023 04:03:44 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 1727
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
i.pinimg.com/736x/fc/35/ab/fc35ab551449c584c35f47cd28a4aef4.jpg
200 OK 65 kB URL GET HTTP/2 i.pinimg.com/736x/fc/35/ab/fc35ab551449c584c35f47cd28a4aef4.jpg
IP
Requested by https://sakitiwasan.blogspot.com/2022/01/butas-na-butas-na-kamay.html
Certificate IssuerDigiCert Inc
Subject*.pinterest.com
Fingerprint4D:02:6D:A8:DF:FA:2E:1C:D3:43:46:EF:CF:92:F1:7A:41:8F:BA:0B
ValidityMon, 31 Jul 2023 00:00:00 GMT - Wed, 07 Aug 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 638x479, components 3\012- data
Hash f3ff77996e9b8cbaf08b6277570f36f8
a0051bb85a2e4e2017de88b2ddb05d56fd6f9a87
24c9995e4d7c2198f87650fc62b8d041742e54d462d6306cce9f4f2f714eda4a
GET /736x/fc/35/ab/fc35ab551449c584c35f47cd28a4aef4.jpg HTTP/1.1
Host: i.pinimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sakitiwasan.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
etag: "f3ff77996e9b8cbaf08b6277570f36f8"
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
vary: Origin
x-cdn: fastly
alt-svc: h3=":443";ma=600
date: Sun, 01 Oct 2023 10:02:52 GMT
content-length: 65259
X-Firefox-Spdy: h2
i.pinimg.com/originals/c6/ce/fa/c6cefa3cd73c639b695f4cf941976262.jpg
200 OK 91 kB URL GET HTTP/2 i.pinimg.com/originals/c6/ce/fa/c6cefa3cd73c639b695f4cf941976262.jpg
IP
Requested by https://sakitiwasan.blogspot.com/2022/01/butas-na-butas-na-kamay.html
Certificate IssuerDigiCert Inc
Subject*.pinterest.com
Fingerprint4D:02:6D:A8:DF:FA:2E:1C:D3:43:46:EF:CF:92:F1:7A:41:8F:BA:0B
ValidityMon, 31 Jul 2023 00:00:00 GMT - Wed, 07 Aug 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, progressive, precision 8, 960x717, components 3\012- data
Hash 163d23a322cf1b19eefc874dbed96296
24b6b050cd3382ccb1f7f881520192c68511a1b2
857ee9e6332bea5f6bdfc061081b74139d95a648959c3371c7a8acf6d9ee5f23
GET /originals/c6/ce/fa/c6cefa3cd73c639b695f4cf941976262.jpg HTTP/1.1
Host: i.pinimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sakitiwasan.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
etag: "163d23a322cf1b19eefc874dbed96296"
cache-control: max-age=31536000, immutable
content-type: image/jpeg
accept-ranges: bytes
vary: Origin
x-cdn: fastly
alt-svc: h3=":443";ma=600
date: Sun, 01 Oct 2023 10:02:52 GMT
content-length: 90596
X-Firefox-Spdy: h2
sakitiwasan.blogspot.com/favicon.ico
200 OK 412 B URL GET HTTP/3 sakitiwasan.blogspot.com/favicon.ico
IP
Requested by https://sakitiwasan.blogspot.com/2022/01/butas-na-butas-na-kamay.html
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint37:39:0F:F8:47:2E:23:CF:70:6A:2D:5A:34:A0:98:7E:C9:0F:5A:84
ValidityMon, 04 Sep 2023 08:22:52 GMT - Mon, 27 Nov 2023 08:22:51 GMT
File type MS Windows icon resource - 2 icons, 32x32, 8 bits/pixel, 16x16, 8 bits/pixel\012- data
Hash 59a0c7b6e4848ccdabcea0636efda02b
30ef5c54b8bbc3487ea2b4c45cd11ea2932e4340
a1495da3cf3db37bf105a12658636ff628fee7b73975b9200049af7747e60b1f
GET /favicon.ico HTTP/1.1
Host: sakitiwasan.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sakitiwasan.blogspot.com/2022/01/butas-na-butas-na-kamay.html
Cookie: dom3ic8zudi28v8lr6fgphwffqoz0j6c=3bad3acd-2bee-4e82-9b29-8c8046fde59d%3A1%3A1; ppu_main_14622158e4e4a6ad1157b2b52a568a65=1; ppu_idelay_14622158e4e4a6ad1157b2b52a568a65=1; sb_main_f3d89276af6a1c67882e466ad42cc84c=1; sb_count_f3d89276af6a1c67882e466ad42cc84c=1; pbpr0tpuw4isk85t8yg3jb2lj5vqf=zerodecisive.com
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: image/x-icon; charset=UTF-8
expires: Sun, 01 Oct 2023 10:02:52 GMT
date: Sun, 01 Oct 2023 10:02:52 GMT
cache-control: private, max-age=86400
last-modified: Tue, 21 Mar 2023 00:34:50 GMT
etag: W/"32ec247f2d73d7c3ccd2b06f30d348ea4ec3241b74809aca4f91d653f2720c45"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 412
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.gstatic.com/recaptcha/api2/logo_48.png
200 OK 2.2 kB URL GET HTTP/3 www.gstatic.com/recaptcha/api2/logo_48.png
IP
Requested by https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu&co=aHR0cHM6Ly93d3cuYmxvZ2dlci5jb206NDQz&hl=en&v=pxZcVU8Dk73FyvFvdCgp2MSG&size=invisible&cb=vh9hpgco92mt
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint3D:35:56:30:C0:0F:0C:7F:20:BA:7D:A8:48:DB:24:1B:15:F5:48:27
ValidityMon, 04 Sep 2023 08:23:09 GMT - Mon, 27 Nov 2023 08:23:08 GMT
File type PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash ef9941290c50cd3866e2ba6b793f010d
4736508c795667dcea21f8d864233031223b7832
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
GET /recaptcha/api2/logo_48.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/recaptcha/releases/pxZcVU8Dk73FyvFvdCgp2MSG/styles__ltr.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 2228
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 29 Sep 2023 14:42:45 GMT
expires: Fri, 06 Oct 2023 14:42:45 GMT
cache-control: public, max-age=604800
age: 156007
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
200 OK 15 kB URL GET HTTP/3 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
Requested by https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu&co=aHR0cHM6Ly93d3cuYmxvZ2dlci5jb206NDQz&hl=en&v=pxZcVU8Dk73FyvFvdCgp2MSG&size=invisible&cb=vh9hpgco92mt
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint3D:35:56:30:C0:0F:0C:7F:20:BA:7D:A8:48:DB:24:1B:15:F5:48:27
ValidityMon, 04 Sep 2023 08:23:09 GMT - Mon, 27 Nov 2023 08:23:08 GMT
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 30 Sep 2023 16:00:01 GMT
expires: Sun, 29 Sep 2024 16:00:01 GMT
cache-control: public, max-age=31536000
age: 64971
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
200 OK 16 kB URL GET HTTP/3 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
Requested by https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu&co=aHR0cHM6Ly93d3cuYmxvZ2dlci5jb206NDQz&hl=en&v=pxZcVU8Dk73FyvFvdCgp2MSG&size=invisible&cb=vh9hpgco92mt
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint3D:35:56:30:C0:0F:0C:7F:20:BA:7D:A8:48:DB:24:1B:15:F5:48:27
ValidityMon, 04 Sep 2023 08:23:09 GMT - Mon, 27 Nov 2023 08:23:08 GMT
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 26 Sep 2023 23:15:14 GMT
expires: Wed, 25 Sep 2024 23:15:14 GMT
cache-control: public, max-age=31536000
age: 384458
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.gstatic.com/recaptcha/releases/pxZcVU8Dk73FyvFvdCgp2MSG/recaptcha__en.js
200 OK 187 kB URL GET HTTP/2 www.gstatic.com/recaptcha/releases/pxZcVU8Dk73FyvFvdCgp2MSG/recaptcha__en.js
IP
Requested by https://www.blogger.com/comment/frame/2271042777992815774?po=5915569345929479435&hl=id&skin=contempo&blogspotRpcToken=4868284
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint3D:35:56:30:C0:0F:0C:7F:20:BA:7D:A8:48:DB:24:1B:15:F5:48:27
ValidityMon, 04 Sep 2023 08:23:09 GMT - Mon, 27 Nov 2023 08:23:08 GMT
File type ASCII text, with very long lines (664)
Size 187 kB (187176 bytes)
Hash 50b2895773ea02bd03be4fe5230fad6f
a913962afbcfc933ed779165c6173e03077122e4
7b32785db8941f4503dfeb24b076e81c895483ae097c2354e058101d5282cae5
GET /recaptcha/releases/pxZcVU8Dk73FyvFvdCgp2MSG/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 187176
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 01 Oct 2023 09:34:05 GMT
expires: Mon, 30 Sep 2024 09:34:05 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 22 Sep 2023 04:03:44 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 1727
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.id.Wa9mas0DB2s.es5.O/ck=boq-blogger.BloggerCommentUi.ruK-BFYYDeI.L.F4.O/am=AICmAxA/d=1/exm=A7fCU,BVgquf,COQbmf,EEDORb,EFQ78c,GkRiKb,IZT63,JNoxi,KG2eXe,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,Mlhmy,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,PrPYRd,RMhBfe,RqjULd,SdcwHb,SpsfSb,U0aPgd,UUJqVe,Uas9Hd,Ulmmrd,V3dDOb,VXdfxd,VwDzFe,WO9ee,XVMNvd,YwHGTd,Z5uLle,ZfAoz,ZwDk9d,_b,_tp,aW3pY,aurFic,bm51tf,byfTOb,e5qFLc,eD1YLc,fKUV3e,fgib1c,gZjhIf,gychg,hKSk3e,hc6Ubd,kWgXee,kjKdXe,lazG7b,lsjVmc,lwddkf,mI3LFb,mdR7q,n73qwf,ovKuLd,pjICDe,pxq3x,vfuNJf,w9hDv,wmnU7d,ws9Tlc,xQtZb,xUdipf,yDVVkb,zbML3c,zr1jrb/excm=_b,_tp,commentformiframeview/ed=1/wt=2/ujg=1/rs=AEy-KP1UYS7mORq5d2nFmUngXZ4E-uZu5w/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=Wt6vjf,hhhU8,FCpbqb,WhJNk
200 OK 1.7 kB URL GET HTTP/3 www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.id.Wa9mas0DB2s.es5.O/ck=boq-blogger.BloggerCommentUi.ruK-BFYYDeI.L.F4.O/am=AICmAxA/d=1/exm=A7fCU,BVgquf,COQbmf,EEDORb,EFQ78c,GkRiKb,IZT63,JNoxi,KG2eXe,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,Mlhmy,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,PrPYRd,RMhBfe,RqjULd,SdcwHb,SpsfSb,U0aPgd,UUJqVe,Uas9Hd,Ulmmrd,V3dDOb,VXdfxd,VwDzFe,WO9ee,XVMNvd,YwHGTd,Z5uLle,ZfAoz,ZwDk9d,_b,_tp,aW3pY,aurFic,bm51tf,byfTOb,e5qFLc,eD1YLc,fKUV3e,fgib1c,gZjhIf,gychg,hKSk3e,hc6Ubd,kWgXee,kjKdXe,lazG7b,lsjVmc,lwddkf,mI3LFb,mdR7q,n73qwf,ovKuLd,pjICDe,pxq3x,vfuNJf,w9hDv,wmnU7d,ws9Tlc,xQtZb,xUdipf,yDVVkb,zbML3c,zr1jrb/excm=_b,_tp,commentformiframeview/ed=1/wt=2/ujg=1/rs=AEy-KP1UYS7mORq5d2nFmUngXZ4E-uZu5w/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=Wt6vjf,hhhU8,FCpbqb,WhJNk
IP
Requested by https://www.blogger.com/comment/frame/2271042777992815774?po=5915569345929479435&hl=id&skin=contempo&blogspotRpcToken=4868284
Certificate IssuerGoogle Trust Services LLC
Subject*.blogger.com
FingerprintCB:2E:4E:04:8F:48:B1:A1:1A:F4:F6:E1:8A:18:2F:F9:B5:A6:DD:60
ValidityMon, 04 Sep 2023 08:16:44 GMT - Mon, 27 Nov 2023 08:16:43 GMT
File type ASCII text, with very long lines (732)
Hash 3f4bb56caf28be01777ade921c4bac40
a172890e558c27af463e319dfd42cb3ff083ecd1
dad8bfe95848d324f3bc1c5c004e75c33928f539c3fbe00aa8f13649ce5bbd5f
GET /_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.id.Wa9mas0DB2s.es5.O/ck=boq-blogger.BloggerCommentUi.ruK-BFYYDeI.L.F4.O/am=AICmAxA/d=1/exm=A7fCU,BVgquf,COQbmf,EEDORb,EFQ78c,GkRiKb,IZT63,JNoxi,KG2eXe,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,Mlhmy,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,PrPYRd,RMhBfe,RqjULd,SdcwHb,SpsfSb,U0aPgd,UUJqVe,Uas9Hd,Ulmmrd,V3dDOb,VXdfxd,VwDzFe,WO9ee,XVMNvd,YwHGTd,Z5uLle,ZfAoz,ZwDk9d,_b,_tp,aW3pY,aurFic,bm51tf,byfTOb,e5qFLc,eD1YLc,fKUV3e,fgib1c,gZjhIf,gychg,hKSk3e,hc6Ubd,kWgXee,kjKdXe,lazG7b,lsjVmc,lwddkf,mI3LFb,mdR7q,n73qwf,ovKuLd,pjICDe,pxq3x,vfuNJf,w9hDv,wmnU7d,ws9Tlc,xQtZb,xUdipf,yDVVkb,zbML3c,zr1jrb/excm=_b,_tp,commentformiframeview/ed=1/wt=2/ujg=1/rs=AEy-KP1UYS7mORq5d2nFmUngXZ4E-uZu5w/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=Wt6vjf,hhhU8,FCpbqb,WhJNk HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/blogger-boq-js-css-signers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="boq-infra/blogger-boq-js-css-signers"
report-to: {"group":"boq-infra/blogger-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/blogger-boq-js-css-signers"}]}
content-length: 1667
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 29 Sep 2023 03:49:32 GMT
expires: Sat, 28 Sep 2024 03:49:32 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Thu, 28 Sep 2023 05:22:32 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 195200
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
zerodecisive.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.yourwebbars.com%2Fsb%2Fnotifications%2Fcams%2FmyDirtyHobby%2Ffirst-guestion%2F2%2Findex.html&l=3730&fd=966
200 OK 0 B URL GET HTTP/1.1 zerodecisive.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.yourwebbars.com%2Fsb%2Fnotifications%2Fcams%2FmyDirtyHobby%2Ffirst-guestion%2F2%2Findex.html&l=3730&fd=966
IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://sakitiwasan.blogspot.com/2022/01/butas-na-butas-na-kamay.html
Certificate IssuerLet's Encrypt
Subjectzerodecisive.com
Fingerprint98:B4:22:87:B3:35:E0:EA:CE:E5:F6:53:EF:55:FD:77:EB:AF:91:48
ValiditySat, 23 Sep 2023 00:39:05 GMT - Fri, 22 Dec 2023 00:39:04 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.yourwebbars.com%2Fsb%2Fnotifications%2Fcams%2FmyDirtyHobby%2Ffirst-guestion%2F2%2Findex.html&l=3730&fd=966 HTTP/1.1
Host: zerodecisive.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sakitiwasan.blogspot.com/
Cookie: u_pl=16706101; uid_id2=3bad3acd-2bee-4e82-9b29-8c8046fde59d:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecf3d89276af6a1c67882e466ad42cc84c=[4626370]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 01 Oct 2023 10:02:53 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
www.blogger.com/static/v1/v-css/3268905543-lightbox_bundle.css
200 OK 6.5 kB URL GET HTTP/3 www.blogger.com/static/v1/v-css/3268905543-lightbox_bundle.css
IP
Requested by https://sakitiwasan.blogspot.com/2022/01/butas-na-butas-na-kamay.html
Certificate IssuerGoogle Trust Services LLC
Subject*.blogger.com
FingerprintCB:2E:4E:04:8F:48:B1:A1:1A:F4:F6:E1:8A:18:2F:F9:B5:A6:DD:60
ValidityMon, 04 Sep 2023 08:16:44 GMT - Mon, 27 Nov 2023 08:16:43 GMT
File type ASCII text, with very long lines (35889), with no line terminators
Hash e287450e0a5c5a5625f7ba3716c1b0cf
3287eee808b2a77f7e4ea16b148f4cd173cddb66
5ee6fb081a76cfc34678b67e894a1fa91ed96857c4d94710cb1a8cea5ea1d76b
GET /static/v1/v-css/3268905543-lightbox_bundle.css HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sakitiwasan.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 6501
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 01 Oct 2023 08:41:02 GMT
expires: Mon, 30 Sep 2024 08:41:02 GMT
cache-control: public, max-age=31536000
last-modified: Sat, 30 Sep 2023 09:52:18 GMT
content-type: text/css
vary: Accept-Encoding
age: 4911
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cdn.creative-bars1.com/sb/notifications/cams/myDirtyHobby/first-guestion/2/images/squirty_dark.png
200 OK 50 kB URL GET HTTP/2 cdn.creative-bars1.com/sb/notifications/cams/myDirtyHobby/first-guestion/2/images/squirty_dark.png
IP
Requested by https://sakitiwasan.blogspot.com/2022/01/butas-na-butas-na-kamay.html
Certificate IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint48:B7:50:3B:95:5B:52:CB:74:D5:D6:39:E2:DD:12:9D:05:51:D6:87
ValidityWed, 23 Aug 2023 16:10:20 GMT - Tue, 21 Nov 2023 16:10:19 GMT
File type PNG image data, 366 x 296, 8-bit/color RGBA, non-interlaced\012- data
Hash 35228dc66913ce1336aae0a4fd00fe83
d4215b2163f10ffcf35310be4cfe6803655f8867
646bd4e4075c2717066961cfedeb8ab8b38634d1df9d49b0dcfb027c47296572
GET /sb/notifications/cams/myDirtyHobby/first-guestion/2/images/squirty_dark.png HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 01 Oct 2023 10:02:53 GMT
content-type: image/png
content-length: 49657
last-modified: Thu, 06 Jul 2023 16:19:12 GMT
etag: "64a6e980-c1f9"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 327831
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YN5Ok8raNRIYt%2Fe0ofZs2guBoUaYcUa7ttNVKt19apwXwrsBIesWjKYIw5y2lzVs8ydGowR8wgawSCORPcGdoCCEIMEpPfrNUaY5wu1gFH%2BMenFG1Gx9YAOC0hLgr5T53i79s99TJZRV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 80f3df622efb892a-LHR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/notifications/cams/myDirtyHobby/first-guestion/2/images/1.png
200 OK 13 kB URL GET HTTP/2 cdn.creative-bars1.com/sb/notifications/cams/myDirtyHobby/first-guestion/2/images/1.png
IP
Requested by https://sakitiwasan.blogspot.com/2022/01/butas-na-butas-na-kamay.html
Certificate IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint48:B7:50:3B:95:5B:52:CB:74:D5:D6:39:E2:DD:12:9D:05:51:D6:87
ValidityWed, 23 Aug 2023 16:10:20 GMT - Tue, 21 Nov 2023 16:10:19 GMT
File type PNG image data, 432 x 123, 8-bit/color RGBA, non-interlaced\012- data
Hash e1aa72d699d0759e7c96837fcba50e7d
34e29ba97d29fa626e196f18eb30145b367aafea
0e76b6a03ae53e655c5341ee2f700825bb50861d2103d984348646cc5b3dd4d6
GET /sb/notifications/cams/myDirtyHobby/first-guestion/2/images/1.png HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 01 Oct 2023 10:02:53 GMT
content-type: image/png
content-length: 13329
last-modified: Thu, 06 Jul 2023 16:19:12 GMT
etag: "64a6e980-3411"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 240208
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i3hdmgkjC8YxJNgoJBBYy3vN5xC6l49nG%2BCGroq1YaXyJWpfMLAYSF0gTbif%2FyNukfRf3cMtcgdcD7z4xgOKKndBcJ8DIRpBtHQj5ckoQIIUopGTcw4Pt19z2RexoUjy6mx3WGIydVUZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 80f3df62cfe9892a-LHR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/notifications/cams/myDirtyHobby/first-guestion/2/videos/301.mp4
206 Partial Content 291 kB URL GET HTTP/2 cdn.creative-bars1.com/sb/notifications/cams/myDirtyHobby/first-guestion/2/videos/301.mp4
IP
Requested by https://sakitiwasan.blogspot.com/2022/01/butas-na-butas-na-kamay.html
Certificate IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint48:B7:50:3B:95:5B:52:CB:74:D5:D6:39:E2:DD:12:9D:05:51:D6:87
ValidityWed, 23 Aug 2023 16:10:20 GMT - Tue, 21 Nov 2023 16:10:19 GMT
File type ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data
Size 291 kB (290562 bytes)
Hash 744e43cca8a5d865bf24077b0c1d461e
1829aa949240bd692e2e767e045cd8b12d5e9977
d2604a299eb4c9de680d84d1093a0e2bcb7897e7d8dd00e8d9240c4049497a4d
GET /sb/notifications/cams/myDirtyHobby/first-guestion/2/videos/301.mp4 HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 206 Partial Content
date: Sun, 01 Oct 2023 10:02:53 GMT
content-type: video/mp4
content-length: 290562
last-modified: Thu, 06 Jul 2023 16:19:15 GMT
etag: "64a6e983-46f02"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 327831
content-range: bytes 0-290561/290562
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bI%2B3tnY3p%2BdMV2zdpY9l9kK0qSiZ%2By1jfGJVUIUFeyUo3w7eUgdlBFUZ4GYp5PP2DQBPtG3Mg%2B6v5f5Njx6iTMvhXDuHZw8lncc1%2BrCteNyonOM3UdubBd6xLAFvbugIP4v4MDGspVUi"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 80f3df622ef5892a-LHR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
471 B IP
Hash a54a5c46cf0075183b41728d6037fcd7
546534d37346d0ae0da7fc6700d3ef3251f9fe2e
b93c0483477585c2ab7688a62b6319227fce57d2c05f9548da1f37e1223263ae
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 01 Oct 2023 10:02:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.blogger.com/static/v1/jsbin/3769133935-lbx.js
200 OK 122 kB URL GET HTTP/3 www.blogger.com/static/v1/jsbin/3769133935-lbx.js
IP
Requested by https://sakitiwasan.blogspot.com/2022/01/butas-na-butas-na-kamay.html
Certificate IssuerGoogle Trust Services LLC
Subject*.blogger.com
FingerprintCB:2E:4E:04:8F:48:B1:A1:1A:F4:F6:E1:8A:18:2F:F9:B5:A6:DD:60
ValidityMon, 04 Sep 2023 08:16:44 GMT - Mon, 27 Nov 2023 08:16:43 GMT
File type HTML document, ASCII text, with very long lines (1308)
Size 122 kB (122109 bytes)
Hash c27a00a2d2be5a24a75dec06e0e5c844
d84c50f07d8b3932f9974708d5870a79a38e0656
0679cc1defd3e1fec2fb863d3d3f9ef2227d778444f36252846fcb3abd257af6
GET /static/v1/jsbin/3769133935-lbx.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sakitiwasan.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 122109
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 01 Oct 2023 06:38:57 GMT
expires: Mon, 30 Sep 2024 06:38:57 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 28 Sep 2023 22:53:23 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 12236
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
zerodecisive.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fcams%2FmyDirtyHobby%2Ffirst-guestion%2F2%2Fcss%2Fanimate.css&l=79249&fd=392
200 OK 0 B URL GET HTTP/1.1 zerodecisive.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fcams%2FmyDirtyHobby%2Ffirst-guestion%2F2%2Fcss%2Fanimate.css&l=79249&fd=392
IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://sakitiwasan.blogspot.com/2022/01/butas-na-butas-na-kamay.html
Certificate IssuerLet's Encrypt
Subjectzerodecisive.com
Fingerprint98:B4:22:87:B3:35:E0:EA:CE:E5:F6:53:EF:55:FD:77:EB:AF:91:48
ValiditySat, 23 Sep 2023 00:39:05 GMT - Fri, 22 Dec 2023 00:39:04 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fcams%2FmyDirtyHobby%2Ffirst-guestion%2F2%2Fcss%2Fanimate.css&l=79249&fd=392 HTTP/1.1
Host: zerodecisive.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sakitiwasan.blogspot.com/
Cookie: u_pl=16706101; uid_id2=3bad3acd-2bee-4e82-9b29-8c8046fde59d:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecf3d89276af6a1c67882e466ad42cc84c=[4626370]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 01 Oct 2023 10:02:53 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
zerodecisive.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fcams%2FmyDirtyHobby%2Ffirst-guestion%2F2%2Fcss%2Fstyles.css&l=5449&fd=437
200 OK 0 B URL GET HTTP/1.1 zerodecisive.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fcams%2FmyDirtyHobby%2Ffirst-guestion%2F2%2Fcss%2Fstyles.css&l=5449&fd=437
IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://sakitiwasan.blogspot.com/2022/01/butas-na-butas-na-kamay.html
Certificate IssuerLet's Encrypt
Subjectzerodecisive.com
Fingerprint98:B4:22:87:B3:35:E0:EA:CE:E5:F6:53:EF:55:FD:77:EB:AF:91:48
ValiditySat, 23 Sep 2023 00:39:05 GMT - Fri, 22 Dec 2023 00:39:04 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fcams%2FmyDirtyHobby%2Ffirst-guestion%2F2%2Fcss%2Fstyles.css&l=5449&fd=437 HTTP/1.1
Host: zerodecisive.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sakitiwasan.blogspot.com/
Cookie: u_pl=16706101; uid_id2=3bad3acd-2bee-4e82-9b29-8c8046fde59d:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecf3d89276af6a1c67882e466ad42cc84c=[4626370]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 01 Oct 2023 10:02:53 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
lh3.googleusercontent.com/blogger_img_proxy/ALY8t1vGzwgPFyc4ri_RBXqMgYPKUlzkUVZwDy7SSSw1OhIzX7jTWTfV84AiuoUqx1532C-q96HpJ7pwFXd0Ywii2C0KjmHb76cSgFGkTZrdEZE2TZQr2w64EDCy8Dg7WxmWJLfuVkxaycYC4IBPN16P9ZI=w750
200 OK 38 kB URL GET HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ALY8t1vGzwgPFyc4ri_RBXqMgYPKUlzkUVZwDy7SSSw1OhIzX7jTWTfV84AiuoUqx1532C-q96HpJ7pwFXd0Ywii2C0KjmHb76cSgFGkTZrdEZE2TZQr2w64EDCy8Dg7WxmWJLfuVkxaycYC4IBPN16P9ZI=w750
IP
Requested by https://sakitiwasan.blogspot.com/2022/01/butas-na-butas-na-kamay.html
Certificate IssuerGoogle Trust Services LLC
Subject*.googleusercontent.com
Fingerprint25:24:05:0B:D2:5F:DF:ED:3B:BE:B8:47:80:C5:AE:2B:51:94:69:F5
ValidityMon, 04 Sep 2023 08:23:19 GMT - Mon, 27 Nov 2023 08:23:18 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x360, components 3\012- data
Hash a9ed1480cdfbee1a0c5d84c5229b1895
e09d0ce3cc32761c41c86b0fd9b9e4dbbda97fb1
ee49b8d97c277e1e10485abcce866678bdaeb42acb8344016bc62f9026398324
GET /blogger_img_proxy/ALY8t1vGzwgPFyc4ri_RBXqMgYPKUlzkUVZwDy7SSSw1OhIzX7jTWTfV84AiuoUqx1532C-q96HpJ7pwFXd0Ywii2C0KjmHb76cSgFGkTZrdEZE2TZQr2w64EDCy8Dg7WxmWJLfuVkxaycYC4IBPN16P9ZI=w750 HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sakitiwasan.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
expires: Mon, 02 Oct 2023 10:02:53 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
x-content-type-options: nosniff
date: Sun, 01 Oct 2023 10:02:53 GMT
server: fife
content-length: 37793
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.com/recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu
200 OK 668 B URL GET HTTP/2 www.google.com/recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu
IP
Requested by https://www.blogger.com/comment/frame/2271042777992815774?po=5915569345929479435&hl=id&skin=contempo&blogspotRpcToken=4868284
Certificate IssuerGoogle Trust Services LLC
Subjectwww.google.com
FingerprintD2:77:FE:08:C6:61:6A:42:5C:1F:85:13:DA:23:B2:B8:46:20:45:88
ValidityMon, 04 Sep 2023 08:23:29 GMT - Mon, 27 Nov 2023 08:23:28 GMT
File type ASCII text, with very long lines (1034), with no line terminators
Hash df0bc754af927bb244918cbb772d93e7
4ac96c88de7235c659124b6c08358cb066ea34c5
c00b3507c85e6613b894db99771f3d4b5d46a7b493c04bbdee1be2b368c8c05c
GET /recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
expires: Sun, 01 Oct 2023 10:02:50 GMT
date: Sun, 01 Oct 2023 10:02:50 GMT
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
471 B IP
Hash a54a5c46cf0075183b41728d6037fcd7
546534d37346d0ae0da7fc6700d3ef3251f9fe2e
b93c0483477585c2ab7688a62b6319227fce57d2c05f9548da1f37e1223263ae
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 01 Oct 2023 10:02:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
unseenreport.com/pxf.gif?uuid=3bad3acd-2bee-4e82-9b29-8c8046fde59d&eb=a996fe56ed028c08f89591a4a8a9c431&te=4cb725660c43031e3b06c75892d96c5a&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A109.0)%20Gecko%2F20100101%20Firefox%2F111.0&dev=e&res=14.2079&b_frame=0&pk=14622158e4e4a6ad1157b2b52a568a65&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=10
200 OK 1 B URL GET HTTP/1.1 unseenreport.com/pxf.gif?uuid=3bad3acd-2bee-4e82-9b29-8c8046fde59d&eb=a996fe56ed028c08f89591a4a8a9c431&te=4cb725660c43031e3b06c75892d96c5a&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A109.0)%20Gecko%2F20100101%20Firefox%2F111.0&dev=e&res=14.2079&b_frame=0&pk=14622158e4e4a6ad1157b2b52a568a65&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=10
IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://sakitiwasan.blogspot.com/2022/01/butas-na-butas-na-kamay.html
Certificate IssuerLet's Encrypt
Subject*.unseenreport.com
FingerprintBE:8C:78:D1:BA:58:B8:88:10:09:32:1D:31:7A:D9:4A:09:BF:6C:7A
ValiditySat, 23 Sep 2023 07:33:12 GMT - Fri, 22 Dec 2023 07:33:11 GMT
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /pxf.gif?uuid=3bad3acd-2bee-4e82-9b29-8c8046fde59d&eb=a996fe56ed028c08f89591a4a8a9c431&te=4cb725660c43031e3b06c75892d96c5a&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A109.0)%20Gecko%2F20100101%20Firefox%2F111.0&dev=e&res=14.2079&b_frame=0&pk=14622158e4e4a6ad1157b2b52a568a65&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=10 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sakitiwasan.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 01 Oct 2023 10:02:54 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 0bd697baaa61f954a0a109ca0c6b3f21
Strict-Transport-Security: max-age=0; includeSubdomains
zerodecisive.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSTYgcRRSu3iweFA%2BRXHIQ5iCo4M529%2FTM9JiDmMSR4JrERNGbVFdVz1a2uqup6p6eXS9LAhI8jSevvd%2FsZlGXoGfxh15vC0JGPCziHgRBPAlCjiIzuzr4oHnve99r%2BN5X78Od4oS4KOhx%2F029JZWiq%2B2m23jhPc%2B71FiTaTFqjMLO%2B53gUsMMX%2FbcXtN9sfG6YBt61Xc91%2FVcr9GXRsR6tOp5XtOFzA56XrPnNgO%2F6bUDjMz%2FsS0cWOqAD0%2FIM5B8%2BuTBwwCS1UiTL64Ku5Hr7KXXkkLRXBsM%2Bf476UaqyxTJooyNgzjdP5uGto%2F630Cne3PB0MP%2FBiM5Jc5vvyJK989UIhrunQqNFESKiD%2BFclhDqBqS1mD6HiR%2FRADGcf0G0uTBdW1KunnK0hk7JcuP%2F4Isp2T5lwtIk4eXlRw1bmtV5FKnFqO4ghzVkIMaWXGIfGsJsjwEy%2B9C8h%2FI6uM1pMnuDas0JD9%2BrhVR3qKMr%2FiRECuBCP2VXuT3VkIWukEn5qLd43OHpKwh4xpKjEGtg2L2SQdF7KDIHCT8uNFlQRjysM2pYMyPYi%2BMgzjoUebGzG31fBRstsMYeTYGU2Mws43MbGNDjmGK72DXK1i%2BBJtPifPWXQx5hVIQlJagpASlJChzgnJY7XFlfVs94MoWkXeW%2FbPcqiY6H%2BzQPZ0PREp2shNyfm7e33%2B0sSGOG3GLhz2%2F26Fxh3qs0w1DXwSdDuWBz1gYMFhZQdql%2BapbckqeOP8TMjklS%2FR3RPQQVh2CyXOgxbOg5aTru6DrkyB0sZV%2BxWQqMiMSKYzwg2ak9MBmOm8ynYDrClm%2BjHzT2VEn5OJcVv%2BTGoIdkbMAMxUyU%2BGO%2FJ5goO5PbumS7N7SpSVf3shymcgtOnvv2znNhfPZG2Kz1IZfu2rHn77KZsSsPHhb2HyNplymA0s%2Bvyw5F6avDRPk62v2XRHdLOz65cKkRbZ280r%2FWpIZYa3UaQ06u93ln8HklDx956P5LT9%2F4QNIU8MUFZJioVXqQ7BsGzZb9KwmMGqBo8xBWVQT40eLppIESiwwjSpYcfTtn%2F%2F%2BtKh37H0MjAOa30OaVBiaCkNVgaoxbHFukmfm6JUfW%2FNApJxJpIyzGymjPj4118rjBmOuoF7U9YTgot1iLOiwMOrEraArwjZvI7dTcfHK0T8AAAD%2F%2FwEAAP%2F%2Fq94AS5gEAAA%3D
200 OK 7 B URL GET HTTP/1.1 zerodecisive.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSTYgcRRSu3iweFA%2BRXHIQ5iCo4M529%2FTM9JiDmMSR4JrERNGbVFdVz1a2uqup6p6eXS9LAhI8jSevvd%2FsZlGXoGfxh15vC0JGPCziHgRBPAlCjiIzuzr4oHnve99r%2BN5X78Od4oS4KOhx%2F029JZWiq%2B2m23jhPc%2B71FiTaTFqjMLO%2B53gUsMMX%2FbcXtN9sfG6YBt61Xc91%2FVcr9GXRsR6tOp5XtOFzA56XrPnNgO%2F6bUDjMz%2FsS0cWOqAD0%2FIM5B8%2BuTBwwCS1UiTL64Ku5Hr7KXXkkLRXBsM%2Bf476UaqyxTJooyNgzjdP5uGto%2F630Cne3PB0MP%2FBiM5Jc5vvyJK989UIhrunQqNFESKiD%2BFclhDqBqS1mD6HiR%2FRADGcf0G0uTBdW1KunnK0hk7JcuP%2F4Isp2T5lwtIk4eXlRw1bmtV5FKnFqO4ghzVkIMaWXGIfGsJsjwEy%2B9C8h%2FI6uM1pMnuDas0JD9%2BrhVR3qKMr%2FiRECuBCP2VXuT3VkIWukEn5qLd43OHpKwh4xpKjEGtg2L2SQdF7KDIHCT8uNFlQRjysM2pYMyPYi%2BMgzjoUebGzG31fBRstsMYeTYGU2Mws43MbGNDjmGK72DXK1i%2BBJtPifPWXQx5hVIQlJagpASlJChzgnJY7XFlfVs94MoWkXeW%2FbPcqiY6H%2BzQPZ0PREp2shNyfm7e33%2B0sSGOG3GLhz2%2F26Fxh3qs0w1DXwSdDuWBz1gYMFhZQdql%2BapbckqeOP8TMjklS%2FR3RPQQVh2CyXOgxbOg5aTru6DrkyB0sZV%2BxWQqMiMSKYzwg2ak9MBmOm8ynYDrClm%2BjHzT2VEn5OJcVv%2BTGoIdkbMAMxUyU%2BGO%2FJ5goO5PbumS7N7SpSVf3shymcgtOnvv2znNhfPZG2Kz1IZfu2rHn77KZsSsPHhb2HyNplymA0s%2Bvyw5F6avDRPk62v2XRHdLOz65cKkRbZ280r%2FWpIZYa3UaQ06u93ln8HklDx956P5LT9%2F4QNIU8MUFZJioVXqQ7BsGzZb9KwmMGqBo8xBWVQT40eLppIESiwwjSpYcfTtn%2F%2F%2BtKh37H0MjAOa30OaVBiaCkNVgaoxbHFukmfm6JUfW%2FNApJxJpIyzGymjPj4118rjBmOuoF7U9YTgot1iLOiwMOrEraArwjZvI7dTcfHK0T8AAAD%2F%2FwEAAP%2F%2Fq94AS5gEAAA%3D
IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://sakitiwasan.blogspot.com/2022/01/butas-na-butas-na-kamay.html
Certificate IssuerLet's Encrypt
Subjectzerodecisive.com
Fingerprint98:B4:22:87:B3:35:E0:EA:CE:E5:F6:53:EF:55:FD:77:EB:AF:91:48
ValiditySat, 23 Sep 2023 00:39:05 GMT - Fri, 22 Dec 2023 00:39:04 GMT
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSTYgcRRSu3iweFA%2BRXHIQ5iCo4M529%2FTM9JiDmMSR4JrERNGbVFdVz1a2uqup6p6eXS9LAhI8jSevvd%2FsZlGXoGfxh15vC0JGPCziHgRBPAlCjiIzuzr4oHnve99r%2BN5X78Od4oS4KOhx%2F029JZWiq%2B2m23jhPc%2B71FiTaTFqjMLO%2B53gUsMMX%2FbcXtN9sfG6YBt61Xc91%2FVcr9GXRsR6tOp5XtOFzA56XrPnNgO%2F6bUDjMz%2FsS0cWOqAD0%2FIM5B8%2BuTBwwCS1UiTL64Ku5Hr7KXXkkLRXBsM%2Bf476UaqyxTJooyNgzjdP5uGto%2F630Cne3PB0MP%2FBiM5Jc5vvyJK989UIhrunQqNFESKiD%2BFclhDqBqS1mD6HiR%2FRADGcf0G0uTBdW1KunnK0hk7JcuP%2F4Isp2T5lwtIk4eXlRw1bmtV5FKnFqO4ghzVkIMaWXGIfGsJsjwEy%2B9C8h%2FI6uM1pMnuDas0JD9%2BrhVR3qKMr%2FiRECuBCP2VXuT3VkIWukEn5qLd43OHpKwh4xpKjEGtg2L2SQdF7KDIHCT8uNFlQRjysM2pYMyPYi%2BMgzjoUebGzG31fBRstsMYeTYGU2Mws43MbGNDjmGK72DXK1i%2BBJtPifPWXQx5hVIQlJagpASlJChzgnJY7XFlfVs94MoWkXeW%2FbPcqiY6H%2BzQPZ0PREp2shNyfm7e33%2B0sSGOG3GLhz2%2F26Fxh3qs0w1DXwSdDuWBz1gYMFhZQdql%2BapbckqeOP8TMjklS%2FR3RPQQVh2CyXOgxbOg5aTru6DrkyB0sZV%2BxWQqMiMSKYzwg2ak9MBmOm8ynYDrClm%2BjHzT2VEn5OJcVv%2BTGoIdkbMAMxUyU%2BGO%2FJ5goO5PbumS7N7SpSVf3shymcgtOnvv2znNhfPZG2Kz1IZfu2rHn77KZsSsPHhb2HyNplymA0s%2Bvyw5F6avDRPk62v2XRHdLOz65cKkRbZ280r%2FWpIZYa3UaQ06u93ln8HklDx956P5LT9%2F4QNIU8MUFZJioVXqQ7BsGzZb9KwmMGqBo8xBWVQT40eLppIESiwwjSpYcfTtn%2F%2F%2BtKh37H0MjAOa30OaVBiaCkNVgaoxbHFukmfm6JUfW%2FNApJxJpIyzGymjPj4118rjBmOuoF7U9YTgot1iLOiwMOrEraArwjZvI7dTcfHK0T8AAAD%2F%2FwEAAP%2F%2Fq94AS5gEAAA%3D HTTP/1.1
Host: zerodecisive.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sakitiwasan.blogspot.com/
Cookie: u_pl=16706101; uid_id2=3bad3acd-2bee-4e82-9b29-8c8046fde59d:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecf3d89276af6a1c67882e466ad42cc84c=[4626370]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 01 Oct 2023 10:02:54 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: be17356eb2f73d905881053dab5b0bec
Strict-Transport-Security: max-age=0; includeSubdomains
zerodecisive.com/pixel/sbs?c=1
200 OK 0 B URL GET HTTP/1.1 zerodecisive.com/pixel/sbs?c=1
IP
Requested by https://sakitiwasan.blogspot.com/2022/01/butas-na-butas-na-kamay.html
Certificate IssuerLet's Encrypt
Subjectzerodecisive.com
Fingerprint98:B4:22:87:B3:35:E0:EA:CE:E5:F6:53:EF:55:FD:77:EB:AF:91:48
ValiditySat, 23 Sep 2023 00:39:05 GMT - Fri, 22 Dec 2023 00:39:04 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /pixel/sbs?c=1 HTTP/1.1
Host: zerodecisive.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sakitiwasan.blogspot.com/
Cookie: u_pl=16706101; uid_id2=3bad3acd-2bee-4e82-9b29-8c8046fde59d:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecf3d89276af6a1c67882e466ad42cc84c=[4626370]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 01 Oct 2023 10:02:54 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
unseenreport.com/pxf.gif?uuid=3bad3acd-2bee-4e82-9b29-8c8046fde59d&eb=a996fe56ed028c08f89591a4a8a9c431&te=4cb725660c43031e3b06c75892d96c5a&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A109.0)%20Gecko%2F20100101%20Firefox%2F111.0&dev=e&res=14.2079&b_frame=0&pk=f3d89276af6a1c67882e466ad42cc84c&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=10
200 OK 1 B URL GET HTTP/1.1 unseenreport.com/pxf.gif?uuid=3bad3acd-2bee-4e82-9b29-8c8046fde59d&eb=a996fe56ed028c08f89591a4a8a9c431&te=4cb725660c43031e3b06c75892d96c5a&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A109.0)%20Gecko%2F20100101%20Firefox%2F111.0&dev=e&res=14.2079&b_frame=0&pk=f3d89276af6a1c67882e466ad42cc84c&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=10
IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://sakitiwasan.blogspot.com/2022/01/butas-na-butas-na-kamay.html
Certificate IssuerLet's Encrypt
Subject*.unseenreport.com
FingerprintBE:8C:78:D1:BA:58:B8:88:10:09:32:1D:31:7A:D9:4A:09:BF:6C:7A
ValiditySat, 23 Sep 2023 07:33:12 GMT - Fri, 22 Dec 2023 07:33:11 GMT
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /pxf.gif?uuid=3bad3acd-2bee-4e82-9b29-8c8046fde59d&eb=a996fe56ed028c08f89591a4a8a9c431&te=4cb725660c43031e3b06c75892d96c5a&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A109.0)%20Gecko%2F20100101%20Firefox%2F111.0&dev=e&res=14.2079&b_frame=0&pk=f3d89276af6a1c67882e466ad42cc84c&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=10 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sakitiwasan.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 01 Oct 2023 10:02:54 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 16d447d29e460929c4905c1395a87df1
Strict-Transport-Security: max-age=0; includeSubdomains
cdn.creative-bars1.com/sb/notifications/cams/myDirtyHobby/first-guestion/2/js/script.js
200 OK 2.1 kB URL GET HTTP/2 cdn.creative-bars1.com/sb/notifications/cams/myDirtyHobby/first-guestion/2/js/script.js
IP
Requested by https://sakitiwasan.blogspot.com/2022/01/butas-na-butas-na-kamay.html
Certificate IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint48:B7:50:3B:95:5B:52:CB:74:D5:D6:39:E2:DD:12:9D:05:51:D6:87
ValidityWed, 23 Aug 2023 16:10:20 GMT - Tue, 21 Nov 2023 16:10:19 GMT
File type Unicode text, UTF-8 text, with very long lines (2262), with no line terminators
Hash 8cd88fe18208fc8e5d406687989200e7
922c1904ee33b8911f6961cfc8d4030b28622b39
361affcef051092e504ed82fbc639e8c20b82e0c56496ee7514ff46121f79f83
GET /sb/notifications/cams/myDirtyHobby/first-guestion/2/js/script.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sakitiwasan.blogspot.com
DNT: 1
Connection: keep-alive
Referer: https://sakitiwasan.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 01 Oct 2023 10:02:53 GMT
content-type: application/javascript
last-modified: Thu, 06 Jul 2023 16:19:13 GMT
etag: W/"64a6e981-815"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KoPuylxZ%2FuMvyn6ZhWD%2FVyvx0Ha5QwuFcOkYrfqklIZ88ma%2BiquZbqbXHyrcGJCZVPYjSig0b4%2FVFgwLYseavI1PCpTum3mCuWRqTnlNUDeNL6o2XIgyefSkWtTGXseUWV1DQ0z10IYH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 80f3df621b1676dd-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Nunito:400,700
200 OK 3.3 kB URL GET HTTP/2 fonts.googleapis.com/css?family=Nunito:400,700
IP
Requested by https://sakitiwasan.blogspot.com/2022/01/butas-na-butas-na-kamay.html
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintBE:40:3A:A6:DE:CC:A7:8B:75:43:68:F2:F9:56:63:71:49:61:06:49
ValidityMon, 04 Sep 2023 08:23:18 GMT - Mon, 27 Nov 2023 08:23:17 GMT
File type ASCII text, with very long lines (3388), with no line terminators
Hash 6efbb6699785c49f06e0518092e386c7
de2ddf92504c2cd5c645bf1d5ab205ef355a16b7
f59d53da7547cd8b4feed2530fa3f3ea2aa714bc72f970314bb2c48558cae2d4
GET /css?family=Nunito:400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sakitiwasan.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 01 Oct 2023 10:02:47 GMT
date: Sun, 01 Oct 2023 10:02:47 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/notifications/cams/myDirtyHobby/first-guestion/2/css/styles.css
200 OK 5.4 kB URL GET HTTP/2 cdn.creative-bars1.com/sb/notifications/cams/myDirtyHobby/first-guestion/2/css/styles.css
IP
Requested by https://sakitiwasan.blogspot.com/2022/01/butas-na-butas-na-kamay.html
Certificate IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint48:B7:50:3B:95:5B:52:CB:74:D5:D6:39:E2:DD:12:9D:05:51:D6:87
ValidityWed, 23 Aug 2023 16:10:20 GMT - Tue, 21 Nov 2023 16:10:19 GMT
File type ASCII text, with very long lines (6163), with no line terminators
Hash 25943eb2ae6febfd6e4713d2dc97d1e9
51ebe188fc725e09c9f1b8c3600216e1ca149a47
c8811fe16fd8e9cc060dce07c30ab66c2935768eaac8d1874c964072d84f1297
GET /sb/notifications/cams/myDirtyHobby/first-guestion/2/css/styles.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sakitiwasan.blogspot.com
DNT: 1
Connection: keep-alive
Referer: https://sakitiwasan.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 01 Oct 2023 10:02:53 GMT
content-type: text/css
last-modified: Thu, 06 Jul 2023 17:04:49 GMT
etag: W/"64a6f431-1549"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s0XzZ%2BkvLvOh8VyPT2M2ZpdXLwGTH89nmjXjX4eUiiZvpHm2SDdLHfBmFdGI4n5%2B31VHX1z0d4zYtJbNodBluy%2Bb2cZxuEtz%2FKxAIDhxI7D6NWvsEcwH0x9a2LEA9h2azE9zCGJF7lLl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 80f3df61cab476dd-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
zerodecisive.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fcams%2FmyDirtyHobby%2Ffirst-guestion%2F2%2Fjs%2Fscript.js&l=2067&fd=492
200 OK 0 B URL GET HTTP/1.1 zerodecisive.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fcams%2FmyDirtyHobby%2Ffirst-guestion%2F2%2Fjs%2Fscript.js&l=2067&fd=492
IP
Requested by https://sakitiwasan.blogspot.com/2022/01/butas-na-butas-na-kamay.html
Certificate IssuerLet's Encrypt
Subjectzerodecisive.com
Fingerprint98:B4:22:87:B3:35:E0:EA:CE:E5:F6:53:EF:55:FD:77:EB:AF:91:48
ValiditySat, 23 Sep 2023 00:39:05 GMT - Fri, 22 Dec 2023 00:39:04 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fcams%2FmyDirtyHobby%2Ffirst-guestion%2F2%2Fjs%2Fscript.js&l=2067&fd=492 HTTP/1.1
Host: zerodecisive.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sakitiwasan.blogspot.com/
Cookie: u_pl=16706101; uid_id2=3bad3acd-2bee-4e82-9b29-8c8046fde59d:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecf3d89276af6a1c67882e466ad42cc84c=[4626370]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 01 Oct 2023 10:02:54 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
disgracefulforeword.com/f3/d8/92/f3d89276af6a1c67882e466ad42cc84c.js
200 OK 37 kB URL GET HTTP/1.1 disgracefulforeword.com/f3/d8/92/f3d89276af6a1c67882e466ad42cc84c.js
IP
Requested by https://sakitiwasan.blogspot.com/2022/01/butas-na-butas-na-kamay.html
Certificate IssuerLet's Encrypt
Subjectdisgracefulforeword.com
FingerprintD1:31:71:E2:9E:86:02:4F:BF:58:36:33:3A:9E:F4:1C:3A:03:5C:85
ValidityWed, 27 Sep 2023 00:38:02 GMT - Tue, 26 Dec 2023 00:38:01 GMT
File type ASCII text, with very long lines (37123), with no line terminators
Hash 32c06d53d1a30af7291eec1ffc743341
e4f450544a8ae241805eb27961d6e03cbb2eb4ad
af20f95aa0d004ca8621fcb679a1b2a818416ffab0d51dd1642d5b990f8a35e0
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /f3/d8/92/f3d89276af6a1c67882e466ad42cc84c.js HTTP/1.1
Host: disgracefulforeword.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sakitiwasan.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 01 Oct 2023 10:02:50 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 383567b9eb8aeced69db1ff29a218248
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
use.fontawesome.com/releases/v5.10.1/css/all.css
200 OK 56 kB URL GET HTTP/2 use.fontawesome.com/releases/v5.10.1/css/all.css
IP
Requested by https://sakitiwasan.blogspot.com/2022/01/butas-na-butas-na-kamay.html
Certificate IssuerGoogle Trust Services LLC
Subjectuse.fontawesome.com
Fingerprint23:04:2D:9B:C5:BA:9D:AA:AC:6A:FD:14:B0:96:18:D6:EB:A5:B3:65
ValidityFri, 01 Sep 2023 05:27:58 GMT - Thu, 30 Nov 2023 05:27:57 GMT
File type ASCII text, with very long lines (56331)
Hash 41661137a86847913a9a84b5245cb379
be4b62c0a84ebf689b09e619c1c88d54fecef880
7dd70534588132b35f58be8e700190cfa8c380d4d1c67acb11de2f25815649c1
GET /releases/v5.10.1/css/all.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sakitiwasan.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 01 Oct 2023 10:02:47 GMT
content-type: text/css
x-amz-id-2: vwFVto8/rmTSDtwbxg0APkP1rsdMmxlbmlf6VWtkjUSWR8EUYLRdfm0P39LaKpUoR26bHKtRuwE=
x-amz-request-id: 2N3BA5ECRRZRS9NT
last-modified: Wed, 30 Jun 2021 15:35:46 GMT
etag: W/"41661137a86847913a9a84b5245cb379"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 1831143
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rNd1zxp8Mh9LvO%2BxTwfdBPGqGS3HUBbWYJvBFraxzl%2BrLbeHRtUXy7dLZJ2PxommuMptsPusAUSLDTA2H3CuckyjQfPwkixy%2FukQ0eEQzgT01dNsuh5YCi8TxlI4uXDIS8F0hUci"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 80f3df41891023c3-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/notifications/cams/myDirtyHobby/first-guestion/2/css/animate.css
200 OK 79 kB URL GET HTTP/2 cdn.creative-bars1.com/sb/notifications/cams/myDirtyHobby/first-guestion/2/css/animate.css
IP
Requested by https://sakitiwasan.blogspot.com/2022/01/butas-na-butas-na-kamay.html
Certificate IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint48:B7:50:3B:95:5B:52:CB:74:D5:D6:39:E2:DD:12:9D:05:51:D6:87
ValidityWed, 23 Aug 2023 16:10:20 GMT - Tue, 21 Nov 2023 16:10:19 GMT
Hash e1d8acd5ee9d1a90ea09313cbd8f2b02
8a8327b115d1356715e63270d1ce6d46124c7b1a
3028c87fc798ac3741f02079034e6c23462afc0c5e6c8d321188ce3716c8472a
GET /sb/notifications/cams/myDirtyHobby/first-guestion/2/css/animate.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sakitiwasan.blogspot.com
DNT: 1
Connection: keep-alive
Referer: https://sakitiwasan.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 01 Oct 2023 10:02:53 GMT
content-type: text/css
last-modified: Thu, 06 Jul 2023 16:19:10 GMT
etag: W/"64a6e97e-13591"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4J0ODB047yFLYcJ6wCxP56pMiiXobDB6mjoPzNgY3vg5aK8gTlh%2B46VxjatKSY6bFHx6fA%2FVV8KGQKJhytlYlonFX26o8q8aY6h9OlxyqKjvZW%2BIrR%2F%2F2SSj%2F8VdeWWApECk6Oh0DPOT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 80f3df622b1a76dd-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/notifications/cams/myDirtyHobby/first-guestion/2/images/close.svg
200 OK 1.3 kB URL GET HTTP/2 cdn.creative-bars1.com/sb/notifications/cams/myDirtyHobby/first-guestion/2/images/close.svg
IP
Requested by https://sakitiwasan.blogspot.com/2022/01/butas-na-butas-na-kamay.html
Certificate IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint48:B7:50:3B:95:5B:52:CB:74:D5:D6:39:E2:DD:12:9D:05:51:D6:87
ValidityWed, 23 Aug 2023 16:10:20 GMT - Tue, 21 Nov 2023 16:10:19 GMT
File type SVG Scalable Vector Graphics image\012- XML document text\012- exported SGML document, ASCII text, with very long lines (1374), with no line terminators
Hash 5ff33e884803785a8002a2aa5fa03b0e
a04406f2592e23e648bee499477f823da0c48362
6ba65121162b5b03e75501501ddaa928f73be8d1fe81c032a4879561de63ff58
GET /sb/notifications/cams/myDirtyHobby/first-guestion/2/images/close.svg HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 01 Oct 2023 10:02:53 GMT
content-type: image/svg+xml
last-modified: Thu, 06 Jul 2023 16:19:12 GMT
etag: W/"64a6e980-4ff"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 327831
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0ErTw%2BoRxKNAvP0DW9w6D2%2FnGU4pFZ9Ld3FW5t4B3SObPf%2BjtenrKELSOwtDrOFYs9jYJYCwHgf9mUozVrzqNf7w13v1Ci%2BOmrNaCqU8UkbNtg65kqPSTGzG4sL8YB1hF1ZbrIOnF6Qu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 80f3df622ef3892a-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.yourwebbars.com/sb/notifications/cams/myDirtyHobby/first-guestion/2/index.html
200 OK 3.7 kB URL GET HTTP/2 cdn.yourwebbars.com/sb/notifications/cams/myDirtyHobby/first-guestion/2/index.html
IP
Requested by https://sakitiwasan.blogspot.com/2022/01/butas-na-butas-na-kamay.html
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint84:82:6E:35:03:D4:C4:FC:BA:08:CD:C8:E6:A3:97:A9:20:2F:F5:49
ValiditySun, 23 Jul 2023 00:00:00 GMT - Mon, 22 Jul 2024 23:59:59 GMT
File type HTML document text\012- HTML document, ASCII text, with very long lines (3950), with no line terminators
Hash 6a4309bd94c5faa2ebe4f892dbbf9074
907ee478f3c50fa1f7afabc834e37f5a4f4eddeb
73eb0a1eae79e7a74fa988557a298100e6abb3d1edb7e28c9d62df9762582aa3
GET /sb/notifications/cams/myDirtyHobby/first-guestion/2/index.html HTTP/1.1
Host: cdn.yourwebbars.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sakitiwasan.blogspot.com
DNT: 1
Connection: keep-alive
Referer: https://sakitiwasan.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 01 Oct 2023 10:02:52 GMT
content-type: text/html
last-modified: Thu, 06 Jul 2023 16:19:08 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VNRtcenDJhOf%2B%2BJD8REb7EqU7FwJKUthqHVipcFQaalxZotlYa6oPfNq4o41%2FAcutEaM6Ii%2F1cQA%2Ba%2BAQHrJvvoRTBYp8vTCmhvazxImDqswa21PkHcOL6UII5%2FdQ2EVxUfikGg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 80f3df5c1f9eb4ee-OSL
content-encoding: br
X-Firefox-Spdy: h2
stackpath.bootstrapcdn.com/bootstrap/4.4.1/css/bootstrap.min.css
200 OK 160 kB URL GET HTTP/2 stackpath.bootstrapcdn.com/bootstrap/4.4.1/css/bootstrap.min.css
IP
Requested by https://sakitiwasan.blogspot.com/2022/01/butas-na-butas-na-kamay.html
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint5B:F7:8F:50:AD:E5:5B:5E:8C:4A:39:3D:0C:98:E8:8C:18:4B:3D:8A
ValidityFri, 30 Dec 2022 00:00:00 GMT - Sat, 30 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (65324)
Size 160 kB (159515 bytes)
Hash 7cc40c199d128af6b01e74a28c5900b0
d305110fb79113a961394b433d851a3410342b8c
2ff5b959fa9f6b4b1d04d20a37d706e90039176ab1e2a202994d9580baeebfd6
GET /bootstrap/4.4.1/css/bootstrap.min.css HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sakitiwasan.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 01 Oct 2023 10:02:47 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
last-modified: Mon, 25 Jan 2021 22:04:09 GMT
cdn-cachedat: 08/03/2021 15:16:56
cdn-edgestorageid: 601
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-proxyver: 1.0
cdn-status: 200
cdn-requestid: d6b43e13ddbcd4f60dded6d39b2abed5
cdn-cache: HIT
cf-cache-status: HIT
age: 14739719
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 80f3df40ef4fb521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
notionsshrivelcustomer.com/b386b856125e0686abeea3c7fe7bdbc8/invoke.js
200 OK 30 kB URL GET HTTP/1.1 notionsshrivelcustomer.com/b386b856125e0686abeea3c7fe7bdbc8/invoke.js
IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://sakitiwasan.blogspot.com/2022/01/butas-na-butas-na-kamay.html
Certificate IssuerLet's Encrypt
Subjectnotionsshrivelcustomer.com
Fingerprint7D:86:F6:B4:10:05:B3:28:6D:54:B4:6C:40:0F:E9:EB:7F:3F:EB:51
ValiditySat, 12 Aug 2023 06:39:13 GMT - Fri, 10 Nov 2023 06:39:12 GMT
File type exported SGML document, ASCII text, with very long lines (29641), with no line terminators
Hash e2a0dbc58725fc533046be55fe94b37b
c3b6492f1e6ec6bd50372ade37bf4364daa87ae2
fe19ecfc4de99145f0bf5f2d2a27d95eb5e707dacbc22bcb857a79bf04b768d6
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /b386b856125e0686abeea3c7fe7bdbc8/invoke.js HTTP/1.1
Host: notionsshrivelcustomer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sakitiwasan.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 01 Oct 2023 10:02:49 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 9c306797fea9e0ec7a2bd3e542f5d285
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
www.google.com/recaptcha/api2/webworker.js?hl=en&v=pxZcVU8Dk73FyvFvdCgp2MSG
200 OK 102 B URL GET HTTP/3 www.google.com/recaptcha/api2/webworker.js?hl=en&v=pxZcVU8Dk73FyvFvdCgp2MSG
IP
Requested by https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu&co=aHR0cHM6Ly93d3cuYmxvZ2dlci5jb206NDQz&hl=en&v=pxZcVU8Dk73FyvFvdCgp2MSG&size=invisible&cb=vh9hpgco92mt
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintBB:B9:27:FB:7D:F3:A7:1A:57:CC:23:F8:42:E9:10:BE:59:7E:1F:D4
ValidityMon, 04 Sep 2023 08:17:06 GMT - Mon, 27 Nov 2023 08:17:05 GMT
File type ASCII text, with no line terminators
Hash 262952e0bca92032cec53f94c508abb6
c35967e69b90fc41cad2decfd42670a31cb8ea69
5bd3fcac620ef1b86850c77ac1fc5fcc02fe744cc5ac5f999421cf03f4127a75
GET /recaptcha/api2/webworker.js?hl=en&v=pxZcVU8Dk73FyvFvdCgp2MSG HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu&co=aHR0cHM6Ly93d3cuYmxvZ2dlci5jb206NDQz&hl=en&v=pxZcVU8Dk73FyvFvdCgp2MSG&size=invisible&cb=vh9hpgco92mt
Sec-Fetch-Dest: worker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: text/javascript; charset=UTF-8
expires: Sun, 01 Oct 2023 10:02:52 GMT
date: Sun, 01 Oct 2023 10:02:52 GMT
cache-control: private, max-age=300
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.google.com/recaptcha/api2/anchor?ar=1&k=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu&co=aHR0cHM6Ly93d3cuYmxvZ2dlci5jb206NDQz&hl=en&v=pxZcVU8Dk73FyvFvdCgp2MSG&size=invisible&cb=vh9hpgco92mt
200 OK 54 kB URL GET HTTP/3 www.google.com/recaptcha/api2/anchor?ar=1&k=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu&co=aHR0cHM6Ly93d3cuYmxvZ2dlci5jb206NDQz&hl=en&v=pxZcVU8Dk73FyvFvdCgp2MSG&size=invisible&cb=vh9hpgco92mt
IP
Requested by https://www.blogger.com/comment/frame/2271042777992815774?po=5915569345929479435&hl=id&skin=contempo&blogspotRpcToken=4868284
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintBB:B9:27:FB:7D:F3:A7:1A:57:CC:23:F8:42:E9:10:BE:59:7E:1F:D4
ValidityMon, 04 Sep 2023 08:17:06 GMT - Mon, 27 Nov 2023 08:17:05 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (45164)
Hash 05e8262aa33610e94f573c4eec7cfadc
711e9a7949ae91d54522fc1e21b95f3e627827e9
8468f68661618db8115433a8077f5a7444e30fb67e07e02152caa6e510af34f3
GET /recaptcha/api2/anchor?ar=1&k=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu&co=aHR0cHM6Ly93d3cuYmxvZ2dlci5jb206NDQz&hl=en&v=pxZcVU8Dk73FyvFvdCgp2MSG&size=invisible&cb=vh9hpgco92mt HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: text/html; charset=utf-8
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 01 Oct 2023 10:02:51 GMT
content-security-policy: script-src 'nonce-HJqY50D9MgP0lG-DoD3dTg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
142.250.74.1
35.157.129.203
104.18.10.207
151.101.244.84
0.0.0.0