r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ec332b81a27117ce9c16b67a5a8e4fac
b6d2afa2c859d000ad830d3d8d73f57bac6ffce2
1dc32c78e4e850303813338fd4e9616a41c8c05d1063748a1e76a92c397a5e8f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1DC32C78E4E850303813338FD4E9616A41C8C05D1063748A1E76A92C397A5E8F"
Last-Modified: Mon, 20 Mar 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3576
Expires: Tue, 21 Mar 2023 09:24:05 GMT
Date: Tue, 21 Mar 2023 08:24:29 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 00e304a3fc0c2f01af0e94fcefe0ca40
833969e75e5e13e823c8d97ee59a9821eb157ee3
c2b7f7ae4861f2dd16867de54c7e47d95582de77887f523841d9683a369d20a7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C2B7F7AE4861F2DD16867DE54C7E47D95582DE77887F523841D9683A369D20A7"
Last-Modified: Sun, 19 Mar 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11026
Expires: Tue, 21 Mar 2023 11:28:15 GMT
Date: Tue, 21 Mar 2023 08:24:29 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4e6141892ec4705c6a0134f3157b969d
4169fdea42b0fa9cb565e14b8e8fdb293575c78e
905537ef3e3a4a9030391b44bd6ac6bb5d7c9ec752b1821d683dfbf483096163
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "905537EF3E3A4A9030391B44BD6AC6BB5D7C9EC752B1821D683DFBF483096163"
Last-Modified: Sun, 19 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5873
Expires: Tue, 21 Mar 2023 10:02:22 GMT
Date: Tue, 21 Mar 2023 08:24:29 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 84db75194692d4afe13196bda6f22da8
4c1f49bc973a4917f146d93c8d598344edc021f6
a3bec66f95b3bdf1d310c726e8ed05f7b06c1901c62381a94582d581844d2c23
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Alert, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 21 Mar 2023 07:27:23 GMT
content-type: application/json
age: 3426
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: +gciQqFswnkVD1+2U4CZUs+0Xr3/gC8a4s9KcvobG51xXR6ph27wdd2ObCEZmOATj2lw01wKTsM=
x-amz-request-id: 8A5NMTAB2QS51M3G
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 21 Mar 2023 07:53:06 GMT
age: 1883
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 21 Mar 2023 08:24:29 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, ETag, Content-Type, Cache-Control, Pragma, Alert, Last-Modified, Retry-After, Backoff, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 21 Mar 2023 08:17:22 GMT
age: 428
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
baliparadisecrew.com/mtb_login/login.php?online_id=4d657e99ad9d51ec13d6bcbae&country&iso
45.32.117.78301 Moved Permanently 312 B URL HTTP/1.1 baliparadisecrew.com/mtb_login/login.php?online_id=4d657e99ad9d51ec13d6bcbae&country&iso
IP 45.32.117.78:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 41c6a2c28fc0beb36c1381d90c01298a
ef101ee4318381228e7fae07bb3c0b08e0053564
33a215790b82179139d20c2b150746d15c286aa06e5844a40cf6cdceb3c014f7
GET /mtb_login/login.php?online_id=4d657e99ad9d51ec13d6bcbae&country&iso HTTP/1.1
Host: baliparadisecrew.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Tue, 21 Mar 2023 08:24:30 GMT
Server: Apache
Location: https://baliparadisecrew.com/mtb_login/login.php?online_id=4d657e99ad9d51ec13d6bcbae&country&iso
Content-Length: 312
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4c195a3fc0c2abb831630cef1dcfa770
eda338de3063640556177b9db364c33193d7f6dc
c22eb0537cd79666b82fe61dd77fe9b0b3c059a4c65d405412acfc2c6800b444
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C22EB0537CD79666B82FE61DD77FE9B0B3C059A4C65D405412ACFC2C6800B444"
Last-Modified: Sun, 19 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4590
Expires: Tue, 21 Mar 2023 09:41:00 GMT
Date: Tue, 21 Mar 2023 08:24:30 GMT
Connection: keep-alive
push.services.mozilla.com/
35.163.49.154101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.163.49.154:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: xPAXXd6lON9vb0XQpYnpfQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 0XgcGLOnQuyynZ4Be4eFcLN1onY=
baliparadisecrew.com/mtb_login/login.php?online_id=4d657e99ad9d51ec13d6bcbae&country&iso
45.32.117.78301 Moved Permanently 316 B URL HTTP/1.1 baliparadisecrew.com/mtb_login/login.php?online_id=4d657e99ad9d51ec13d6bcbae&country&iso
IP 45.32.117.78:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 937061d4dc6031cff05e9af333e097a0
89e20a139a45e25d47dad76ef5b95c2cfdf70540
3fff71586cef2e25226ff5a699c94f286f1bde63714fb7af93d470eee60aed9a
GET /mtb_login/login.php?online_id=4d657e99ad9d51ec13d6bcbae&country&iso HTTP/1.1
Host: baliparadisecrew.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 301 Moved Permanently
Date: Tue, 21 Mar 2023 08:24:30 GMT
Server: Apache
Location: https://www.baliparadisecrew.com/mtb_login/login.php?online_id=4d657e99ad9d51ec13d6bcbae&country&iso
Content-Length: 316
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash de95776582936b8e129e876cf6d80fa8
0233251e1cf0123f1260d980d7c8ef92718723f9
49c07da2ab4ebd66bd166bf0e20dd084b38973cd40c79f85eb283d15a1ccac36
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "49C07DA2AB4EBD66BD166BF0E20DD084B38973CD40C79F85EB283D15A1CCAC36"
Last-Modified: Sun, 19 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4650
Expires: Tue, 21 Mar 2023 09:42:01 GMT
Date: Tue, 21 Mar 2023 08:24:31 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash de95776582936b8e129e876cf6d80fa8
0233251e1cf0123f1260d980d7c8ef92718723f9
49c07da2ab4ebd66bd166bf0e20dd084b38973cd40c79f85eb283d15a1ccac36
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "49C07DA2AB4EBD66BD166BF0E20DD084B38973CD40C79F85EB283D15A1CCAC36"
Last-Modified: Sun, 19 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4650
Expires: Tue, 21 Mar 2023 09:42:01 GMT
Date: Tue, 21 Mar 2023 08:24:31 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash de95776582936b8e129e876cf6d80fa8
0233251e1cf0123f1260d980d7c8ef92718723f9
49c07da2ab4ebd66bd166bf0e20dd084b38973cd40c79f85eb283d15a1ccac36
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "49C07DA2AB4EBD66BD166BF0E20DD084B38973CD40C79F85EB283D15A1CCAC36"
Last-Modified: Sun, 19 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4650
Expires: Tue, 21 Mar 2023 09:42:01 GMT
Date: Tue, 21 Mar 2023 08:24:31 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash de95776582936b8e129e876cf6d80fa8
0233251e1cf0123f1260d980d7c8ef92718723f9
49c07da2ab4ebd66bd166bf0e20dd084b38973cd40c79f85eb283d15a1ccac36
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "49C07DA2AB4EBD66BD166BF0E20DD084B38973CD40C79F85EB283D15A1CCAC36"
Last-Modified: Sun, 19 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4650
Expires: Tue, 21 Mar 2023 09:42:01 GMT
Date: Tue, 21 Mar 2023 08:24:31 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3db1704b-1ecd-4198-a98e-0353d4671a5c.jpeg
34.120.237.76200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3db1704b-1ecd-4198-a98e-0353d4671a5c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2a940b362660fdee25faaa51e08c439b
85fa91b5c4e6ddc1f3cf45eb6a4a3facfc6ad68c
18b99e3e890fdc959421c895ce343b8b3ed88819c83fa0009823e8ded23458f1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3db1704b-1ecd-4198-a98e-0353d4671a5c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8195
x-amzn-requestid: c6844a50-a6b2-4ef4-ad28-f1a0fbcec14f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CDFESEDGoAMFQ8A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6417821b-22fa560d4b7811c233fe07fa;Sampled=0
x-amzn-remapped-date: Sun, 19 Mar 2023 21:43:55 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: hZeMhs-Z5fNn0pvRUSkNcGau_K6EG9EQtDktbLUth0uEveafUgCxeQ==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 85ee490c179dc0af42b771f11421073e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 20 Mar 2023 22:07:00 GMT
age: 37051
etag: "85fa91b5c4e6ddc1f3cf45eb6a4a3facfc6ad68c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0e5e49ed-9ec4-4b75-b7ba-3c4c213d5d27.jpeg
34.120.237.76200 OK 4.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0e5e49ed-9ec4-4b75-b7ba-3c4c213d5d27.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d0e5cb0b321323913460ba1efd6b7b63
701eb0eb86c6673bbb6e85cf933bea53187b6048
150d0e93b808b222fcb4b58f0f4a78a403517b84461cb3029fc71c30930bb11b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0e5e49ed-9ec4-4b75-b7ba-3c4c213d5d27.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4712
x-amzn-requestid: 3c0b3a28-a1a9-4ba0-94ad-29156c2d83c4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: B9yGEE8SIAMF-LQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641563c0-1937b8bc1e42142720eddd7b;Sampled=0
x-amzn-remapped-date: Sat, 18 Mar 2023 07:09:52 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: AiPPel5fJZ56l-XoDAdJnwrcvrSU1bIO6365983POkVVXhlCnSK7Yg==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 5292c0d5844327feadb38f1efe42ebc6.cloudfront.net (CloudFront), 1.1 google
date: Mon, 20 Mar 2023 13:26:29 GMT
age: 68282
etag: "701eb0eb86c6673bbb6e85cf933bea53187b6048"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F21a85835-c7c4-48a2-afb8-600f570f7ef8.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F21a85835-c7c4-48a2-afb8-600f570f7ef8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 25023a307b323b4565ee2560c9f16ed1
e8becaaf74fcda8fe5187f589b3cf2f3fa870d93
9f976686d5a33122af889ede6456ed86c0dac867448cc3d81aaac45dfe5e946d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F21a85835-c7c4-48a2-afb8-600f570f7ef8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9062
x-amzn-requestid: d24fccfa-439a-4bcf-a984-456cb90b0bb7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ByllJFJlIAMFZ1g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6410e953-05321b2649fdc7a838e1b49a;Sampled=0
x-amzn-remapped-date: Tue, 14 Mar 2023 21:38:27 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: veRZaSgr0vSCPERll8DuDLjQVFx-dM9BIRLKAiVuiZbySy5UYyVfxA==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 ae06b19943a6bad1c1b12b79f7339498.cloudfront.net (CloudFront), 1.1 google
date: Tue, 21 Mar 2023 03:32:14 GMT
age: 17537
etag: "e8becaaf74fcda8fe5187f589b3cf2f3fa870d93"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F70f478f5-dd81-4fcb-a03b-ac51035145db.jpeg
34.120.237.76200 OK 7.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F70f478f5-dd81-4fcb-a03b-ac51035145db.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 01dce111a114c023773678c1ec6cba61
666d47c4e5415edbc489a3117b2f054129784ade
0a3d5ef914a64a3356ef8c08b9ab7be43ab335213966878c867ff1317de8bb36
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F70f478f5-dd81-4fcb-a03b-ac51035145db.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7949
x-amzn-requestid: 5c950a43-5210-4cf2-9491-b4b832f89b8e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: B6e1jHDhIAMFYEw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641411bc-0ac0201f46a7a49c32970994;Sampled=0
x-amzn-remapped-date: Fri, 17 Mar 2023 07:07:40 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: OdX7fyUWm70y1Hkk38d27SP8Bak3cN21l7YXNWqrLJsuw098oDO4-A==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 3236f234d59c0fda99b416088c283260.cloudfront.net (CloudFront), 1.1 google
date: Tue, 21 Mar 2023 08:12:41 GMT
age: 710
etag: "666d47c4e5415edbc489a3117b2f054129784ade"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c5536c4-c443-404a-b2e5-48f229253ca8.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c5536c4-c443-404a-b2e5-48f229253ca8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 97a37cecfd90072794d657e2074620cb
34c456db4f8b0bd7e3affe31a7cf02e4596a8188
889d4f26715418088c8747251ee068dfdb5c8d5024b1d43862012cb31acf9650
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c5536c4-c443-404a-b2e5-48f229253ca8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13522
x-amzn-requestid: d39593de-64b8-44f6-9160-7aa61c26ed88
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CGWI8E-YoAMFm4g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6418d09f-7ad0b7e7747de71b5f751226;Sampled=0
x-amzn-remapped-date: Mon, 20 Mar 2023 21:31:11 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: h2u_sdWiqNN_tsFGKEGI1VvDWOVL9DwWbbi-MCemYMikc34WHt3qAg==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 9825a45e2b387a61504c0c3df20048ee.cloudfront.net (CloudFront), 1.1 google
date: Mon, 20 Mar 2023 21:45:17 GMT
age: 38354
etag: "34c456db4f8b0bd7e3affe31a7cf02e4596a8188"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faacc3f97-56a5-4bb4-802f-dc4b529c41d3.jpeg
34.120.237.76200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faacc3f97-56a5-4bb4-802f-dc4b529c41d3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 59df3b8c484422b14b057fddfd99beb3
d7347bcac5fc585b802d9be262c9536d0f72a498
c05014345e897447f7bdcc3b7d267137bbf76758e8fecfbabcb20d09889769f6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faacc3f97-56a5-4bb4-802f-dc4b529c41d3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6632
x-amzn-requestid: e51ff988-1417-4d22-8540-82914428fdcd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CBFaIHZ8IAMF3lQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6416b5da-744c064c55ad8d3401855d0f;Sampled=0
x-amzn-remapped-date: Sun, 19 Mar 2023 07:12:26 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: FsFKERMeCkoD4DFnD-sjKYiRB8izHSQszlkxg7L7jaBgGy4ASvpkkQ==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 618052a0d9c86c1a3bf663f82d041d1c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 20 Mar 2023 12:37:46 GMT
age: 71205
etag: "d7347bcac5fc585b802d9be262c9536d0f72a498"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.baliparadisecrew.com/mtb_login/login.php?online_id=4d657e99ad9d51ec13d6bcbae&country&iso
45.32.117.78200 OK 10 kB URL HTTP/1.1 www.baliparadisecrew.com/mtb_login/login.php?online_id=4d657e99ad9d51ec13d6bcbae&country&iso
IP 45.32.117.78:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1364), with CRLF, LF line terminators
Hash e12f8a793ab6e5aa4ae0a981a3d7b7b7
f40c7edc7528e756a74d29e314d9b736f56ec0ef
399bc0898e878299d79c85eb22a6cc3fedc292ea2d230f72ad190d1802f8e131
GET /mtb_login/login.php?online_id=4d657e99ad9d51ec13d6bcbae&country&iso HTTP/1.1
Host: www.baliparadisecrew.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Date: Tue, 21 Mar 2023 08:24:32 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Encoding: gzip
Vary: Accept-Encoding
Set-Cookie: ci_session=13426f25353145b550daaff81f2050d826eb99e3; expires=Tue, 21-Mar-2023 10:24:32 GMT; Max-Age=7200; path=/; HttpOnly
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.7/js/bootstrap.min.js
104.17.25.14200 OK 8.7 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.7/js/bootstrap.min.js
IP 104.17.25.14:0
File type ASCII text, with very long lines (32033)
Hash 76414c3526ac371cfa2bc8bfb3c12d55
656685d9714d0e3e1ba3f0031e3b573029f9cfbc
0740f3cbd3996283f7a1883aec212ea3d1f611f77e42763ca606e634fd74c19e
GET /ajax/libs/twitter-bootstrap/3.3.7/js/bootstrap.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.baliparadisecrew.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 21 Mar 2023 08:24:32 GMT
content-type: application/javascript; charset=utf-8
content-length: 8722
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb04010-90b5"
last-modified: Mon, 04 May 2020 16:17:20 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 374575
expires: Sun, 10 Mar 2024 08:24:32 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wOdx71C%2BjuW%2BFqLhKfHI0CZBND3cJy2YHS0g6Ug2k4n77uGJJCJLyGVLXfUEKVDb%2BUvW1xXgFAXTEivVVlFlRBej1bt4V1jAsAVWLU5IMwwT5tp3ybTaNMQNapgScFNsWKlA7FwO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7ab4cc94cbdfb511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/OwlCarousel2/2.3.4/assets/owl.carousel.min.css
104.17.25.14200 OK 845 B URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/OwlCarousel2/2.3.4/assets/owl.carousel.min.css
IP 104.17.25.14:0
File type ASCII text, with very long lines (3184)
Hash 156afaf08dd47df971d3a40926c19974
d3f886560b55ff3c39d628ef16a71ca49cb7ecfb
e4f93dd20cb7feb2c6d408b396e194928381545d24584431ab341ed094fb31fa
GET /ajax/libs/OwlCarousel2/2.3.4/assets/owl.carousel.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.baliparadisecrew.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 21 Mar 2023 08:24:32 GMT
content-type: text/css; charset=utf-8
content-length: 845
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03cf0-d17"
last-modified: Mon, 04 May 2020 16:04:00 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 381335
expires: Sun, 10 Mar 2024 08:24:32 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8DRnPfjqV44CAxSc2K6wk6%2FkJi9uhZT6hYsD3q5ammEXdN5A70Iyc2Spj1Fpp5iGo2H9DLA4stet5vbhGBQEYaZ3xFg5YYBrzifFJUM78R4eZdc7%2B6T97p5cijFcJ0nHQRNvvBxd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7ab4cc94bbd7b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/OwlCarousel2/2.3.4/owl.carousel.min.js
104.17.25.14200 OK 10 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/OwlCarousel2/2.3.4/owl.carousel.min.js
IP 104.17.25.14:0
File type ASCII text, with very long lines (31997)
Hash da09af9c30411ac4ea58fa932c2bcdf1
3021a222be0168efcad5db279a305485935aeff5
19e819601b91eb75c0609dd6343a344f280a94b83e06e58595bafff5b12ca7f4
GET /ajax/libs/OwlCarousel2/2.3.4/owl.carousel.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.baliparadisecrew.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 21 Mar 2023 08:24:32 GMT
content-type: application/javascript; charset=utf-8
content-length: 10158
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03cf0-ad36"
last-modified: Mon, 04 May 2020 16:04:00 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1333632
expires: Sun, 10 Mar 2024 08:24:32 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GlhS4p29zJbHZC8pDhdyFld8VSCD5Q4FhBTSK8EsBhvhWC9SMhhSJoGZVEw%2BEk3X4ftgEi2%2FbN1bho3adnjzT%2FzSWFTVITs12S%2B5ZcX1oe%2Ftv9kBUq8gXbyatyxI7qajYSri35Y5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7ab4cc94cbe2b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/magnific-popup.js/1.1.0/jquery.magnific-popup.min.js
104.17.25.14200 OK 6.5 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/magnific-popup.js/1.1.0/jquery.magnific-popup.min.js
IP 104.17.25.14:0
File type ASCII text, with very long lines (20087)
Hash 6cfa1ffc4889c0035506daea0275c825
2dcc44c7670dd51b8e8c7c12088d24cdffa64237
02abade26ab9e805db1edf9ccd3067e49eeff131adf44fdfd6c3aae8ca3c1581
GET /ajax/libs/magnific-popup.js/1.1.0/jquery.magnific-popup.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.baliparadisecrew.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 21 Mar 2023 08:24:32 GMT
content-type: application/javascript; charset=utf-8
content-length: 6546
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ed4-4ef8"
last-modified: Mon, 04 May 2020 16:12:04 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 2183625
expires: Sun, 10 Mar 2024 08:24:32 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KeSsrACmBsFHjgPCxATtgg%2BORXAgnsMdNryJ1dGNLHemGCrDQ4KzfR1ZUw8G%2F6PgBNHvENQGcl5hRAvFT8MFtyZqczYmQqcx%2F3k1iT8LiJ4lAsmA0bC6lt6Dzpo3xsYYJ59zGKn1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7ab4cc94cbebb511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/OwlCarousel2/2.3.4/assets/owl.theme.default.min.css
104.17.25.14200 OK 331 B URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/OwlCarousel2/2.3.4/assets/owl.theme.default.min.css
IP 104.17.25.14:0
File type ASCII text, with very long lines (846)
Hash c9eb6550c91c2a2f505af3b9acfbd9f5
9db062adb9e1f8b45ba84af5e55dd38587ddabc6
c64f83ee7947be6b299005510b64a85d5dd88998275f1ca498e27bad15ba35bc
GET /ajax/libs/OwlCarousel2/2.3.4/assets/owl.theme.default.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.baliparadisecrew.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 21 Mar 2023 08:24:32 GMT
content-type: text/css; charset=utf-8
content-length: 331
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03cf0-3f5"
last-modified: Mon, 04 May 2020 16:04:00 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 14390372
expires: Sun, 10 Mar 2024 08:24:32 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jEjekB7wHzfziS3p61ER1n1bvQx9AHOY96HsWvomky9N3JI02hw46p9iq48wf039dM9hm9%2BcwYZv5%2BaBV3WZBhYuWokorc%2BpjZ0psWAd7EXVlTdFRyYpQ6%2Fd%2BXCjn4RytVp7pGux"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7ab4cc94cbf1b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/magnific-popup.js/1.1.0/magnific-popup.min.css
104.17.25.14200 OK 1.3 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/magnific-popup.js/1.1.0/magnific-popup.min.css
IP 104.17.25.14:0
File type ASCII text, with very long lines (5259), with no line terminators
Hash 61a2bf49c274907cb7c423ee7e577a2f
8e84fdaed011407912d3566446a79bf373481764
28b184ed88d2def77e206fb8e8987308d3520ae8662e6fc70049f25f697b5f14
GET /ajax/libs/magnific-popup.js/1.1.0/magnific-popup.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.baliparadisecrew.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 21 Mar 2023 08:24:32 GMT
content-type: text/css; charset=utf-8
content-length: 1283
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ed4-148b"
last-modified: Mon, 04 May 2020 16:12:04 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 4693745
expires: Sun, 10 Mar 2024 08:24:32 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wq9aYteBCk753RraHfvTg3tOfYT7qmaXL9Xilq8G0O8RevTDxZDMs%2FwoBd7SEhlcR1LlqHcbkZZib0bf7rgjRIDEdaAtCWowagk1INbwuqyRdBuwov7YQNB%2FseWmhfimbkTRRriq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7ab4cc94cbefb511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/jquery/3.2.1/jquery.min.js
104.17.25.14200 OK 27 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery/3.2.1/jquery.min.js
IP 104.17.25.14:0
File type ASCII text, with very long lines (32058)
Hash b51f9d778be466703e73aceee13d836d
cc5cd9dd2b48712dcf90f14a1ff19d729c43e378
f1e36d8f99614eef048fe3cb4275f3234536bff3e3b1b8f763f14a8a0cadab45
GET /ajax/libs/jquery/3.2.1/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.baliparadisecrew.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 21 Mar 2023 08:24:32 GMT
content-type: application/javascript; charset=utf-8
content-length: 27277
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-15283"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 983957
expires: Sun, 10 Mar 2024 08:24:32 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rF6RbKuNmAXRQJk2vml4kbLhhKfIvndvfbNV63CvO6mAI4eU7QnRiqBUvIF8UWLgy2Rt8zX8Lxged4ekGCi%2Fluk5bjvBln3jiPG%2B6cYQreeZy3cXQ6jSF4IlWHQa5blB9iuW6Moc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7ab4cc94dbf9b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 8252dadd968ec1f294252ff1328a1f08
8612446f27ae9ce296270c969845a784dcc7569b
84717d4c360be2750d3e28827fa865c9616395cd3463ac03245b57baa8887e35
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2023 08:24:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 3ac4671deeca3302950bd5fce7f4ce3f
62b5d0c548949ee8d932231fcd01196cefc896aa
e4adf52f426f89cbc5a61507b21d33c817e5b8cee1e2709fe3ffecc1ec0c8731
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2023 08:24:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 8535613a8a8fd6ee9e928b3539dcfccd
75d939e05c094dda5410c98b8264d7c3270a6672
b09eaa3afbf3c651a41228d2297ff907b3f98102bce5277c7b9a1af8a1f346f3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2023 08:24:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=UA-220879069-1
142.250.74.168200 OK 45 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-220879069-1
IP 142.250.74.168:0
File type ASCII text, with very long lines (2206)
Hash ee2017c3dfe39ebd3518926dd2379a29
456cd593f2a175f36f8503b8b1b724cb193d7974
f5e91599babfcdde68f869b32b45bfa524a5ac0a7d3fcc8f682ebabab2194a4a
GET /gtag/js?id=UA-220879069-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.baliparadisecrew.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 21 Mar 2023 08:24:32 GMT
expires: Tue, 21 Mar 2023 08:24:32 GMT
cache-control: private, max-age=900
last-modified: Tue, 21 Mar 2023 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44648
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.com/recaptcha/api.js?render=6Ldmw7EUAAAAABLEE7bQc-bzgVmdcf20q7sN2JMV
142.250.74.164400 Bad Request 119 B URL HTTP/2 www.google.com/recaptcha/api.js?render=6Ldmw7EUAAAAABLEE7bQc-bzgVmdcf20q7sN2JMV
IP 142.250.74.164:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 96612d2b1b529ecfcf09798c3eb100bf
4f32d5d3ccf4d44ae71309dfa8d6f9d396614a27
7c58bfa17d0c600b7455e6bfb3d8371fbf93da20a7a53ed1efad37d692f1cba0
GET /recaptcha/api.js?render=6Ldmw7EUAAAAABLEE7bQc-bzgVmdcf20q7sN2JMV HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.baliparadisecrew.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 400 Bad Request
content-type: text/html; charset=UTF-8
content-encoding: gzip
date: Tue, 21 Mar 2023 08:24:32 GMT
expires: Tue, 21 Mar 2023 08:24:32 GMT
cache-control: private, max-age=0
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 119
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 8252dadd968ec1f294252ff1328a1f08
8612446f27ae9ce296270c969845a784dcc7569b
84717d4c360be2750d3e28827fa865c9616395cd3463ac03245b57baa8887e35
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2023 08:24:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 3ac4671deeca3302950bd5fce7f4ce3f
62b5d0c548949ee8d932231fcd01196cefc896aa
e4adf52f426f89cbc5a61507b21d33c817e5b8cee1e2709fe3ffecc1ec0c8731
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2023 08:24:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash bfa45bb31acdcad04104ab759ca396b0
f8290df5a249f0dd192fec38584618205b2d4bc7
97b4f123c07d8ccbbb7f6757f55e2b2b055ea296a29f52a729efdc996e9c8592
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2023 08:24:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.baliparadisecrew.com//public/css/color.css
45.32.117.78200 OK 3.5 kB URL HTTP/1.1 www.baliparadisecrew.com//public/css/color.css
IP 45.32.117.78:0
File type ASCII text, with very long lines (3475), with no line terminators
Hash 8f72400fd0f4473f62d4cd211f8f613e
97d7e59240e448803583450904bcb89c5b9dae27
127f30ab570aaa8491a9e96589c0b8b0c2d58bc9df228752c44f94434b3252a0
GET //public/css/color.css HTTP/1.1
Host: www.baliparadisecrew.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.baliparadisecrew.com/mtb_login/login.php?online_id=4d657e99ad9d51ec13d6bcbae&country&iso
Cookie: ci_session=13426f25353145b550daaff81f2050d826eb99e3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 21 Mar 2023 08:24:32 GMT
Server: Apache
Last-Modified: Sat, 31 Aug 2019 03:50:05 GMT
Accept-Ranges: bytes
Content-Length: 3475
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
www.baliparadisecrew.com//public/css/sm-core-css.css
45.32.117.78200 OK 887 B URL HTTP/1.1 www.baliparadisecrew.com//public/css/sm-core-css.css
IP 45.32.117.78:0
File type troff or preprocessor input, ASCII text
Hash a969035e88fe398ad70c4bc9b2cb5911
ad6788c1d0aa1b193e6d4df78ffb17f9578a96dd
979bddf384e612e43d9adf9acc93dd1aaba02cf7ea54cd0cf2ea4381e6a63ef0
GET //public/css/sm-core-css.css HTTP/1.1
Host: www.baliparadisecrew.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.baliparadisecrew.com/mtb_login/login.php?online_id=4d657e99ad9d51ec13d6bcbae&country&iso
Cookie: ci_session=13426f25353145b550daaff81f2050d826eb99e3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 21 Mar 2023 08:24:33 GMT
Server: Apache
Last-Modified: Tue, 20 Aug 2019 04:16:12 GMT
Accept-Ranges: bytes
Content-Length: 887
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
www.baliparadisecrew.com//public/css/materialize.css
45.32.117.78200 OK 6.9 kB URL HTTP/1.1 www.baliparadisecrew.com//public/css/materialize.css
IP 45.32.117.78:0
File type ASCII text, with very long lines (6894), with no line terminators
Hash 053bb429a7eede933e86e78ab15224fa
956a06833455cbfa5326a1bbd2f6af639b913cf8
83549f7a4c6fe8b3a98e22e78f5cd024168b967d3dce0ac3cbe9a937371de043
GET //public/css/materialize.css HTTP/1.1
Host: www.baliparadisecrew.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.baliparadisecrew.com/mtb_login/login.php?online_id=4d657e99ad9d51ec13d6bcbae&country&iso
Cookie: ci_session=13426f25353145b550daaff81f2050d826eb99e3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 21 Mar 2023 08:24:33 GMT
Server: Apache
Last-Modified: Tue, 20 Aug 2019 04:16:12 GMT
Accept-Ranges: bytes
Content-Length: 6894
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
www.baliparadisecrew.com//public/css/sm-simple.css
45.32.117.78200 OK 5.6 kB URL HTTP/1.1 www.baliparadisecrew.com//public/css/sm-simple.css
IP 45.32.117.78:0
Hash 699ef18fcfba4924e8b9ac0d502c61ff
517352f55255aa4015ac768b07ab5aef180d5dd2
53f1250a511f9e46cc257f12080e82b7fad0786296c0708601dd47926b7b721f
GET //public/css/sm-simple.css HTTP/1.1
Host: www.baliparadisecrew.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.baliparadisecrew.com/mtb_login/login.php?online_id=4d657e99ad9d51ec13d6bcbae&country&iso
Cookie: ci_session=13426f25353145b550daaff81f2050d826eb99e3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 21 Mar 2023 08:24:33 GMT
Server: Apache
Last-Modified: Fri, 26 Nov 2021 02:15:44 GMT
Accept-Ranges: bytes
Content-Length: 5616
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
www.baliparadisecrew.com/public/css/index.css
45.32.117.78200 OK 11 kB URL HTTP/1.1 www.baliparadisecrew.com/public/css/index.css
IP 45.32.117.78:0
Hash 02956c77b0408819c64fb1ffc99a6864
183f158544ea063763ef8cc401c5fbd79f98fd01
d2dfea17275743a7f7eb596a974325e669e7986c7d816652dea47b5e445f1972
GET /public/css/index.css HTTP/1.1
Host: www.baliparadisecrew.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.baliparadisecrew.com/mtb_login/login.php?online_id=4d657e99ad9d51ec13d6bcbae&country&iso
Cookie: ci_session=13426f25353145b550daaff81f2050d826eb99e3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 21 Mar 2023 08:24:33 GMT
Server: Apache
Last-Modified: Tue, 20 Aug 2019 04:16:12 GMT
Accept-Ranges: bytes
Content-Length: 11054
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
www.baliparadisecrew.com//public/css/bootstrap.css
45.32.117.78200 OK 146 kB URL HTTP/1.1 www.baliparadisecrew.com//public/css/bootstrap.css
IP 45.32.117.78:0
File type ASCII text, with very long lines (540)
Size 146 kB (145947 bytes)
Hash c9a97a1ada0075104d56aa85d03a4d92
1cfd8f04bdecb157063cdb56a45a64598c99c8e5
fac36d331edb26252141cf1c018cf8f1beea918b2a9c5ed226288ae6d4847950
GET //public/css/bootstrap.css HTTP/1.1
Host: www.baliparadisecrew.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.baliparadisecrew.com/mtb_login/login.php?online_id=4d657e99ad9d51ec13d6bcbae&country&iso
Cookie: ci_session=13426f25353145b550daaff81f2050d826eb99e3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 21 Mar 2023 08:24:32 GMT
Server: Apache
Last-Modified: Fri, 26 Nov 2021 02:36:45 GMT
Accept-Ranges: bytes
Content-Length: 145947
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
www.baliparadisecrew.com//public/js/jquery.contactus.min.js
45.32.117.78200 OK 14 kB URL HTTP/1.1 www.baliparadisecrew.com//public/js/jquery.contactus.min.js
IP 45.32.117.78:0
File type ASCII text, with very long lines (13933), with no line terminators
Hash 0e98b6bfcaa5b8fef47d0cde840df6e6
bbb0cdbaaa0c385f5046b60a17f611406efa20ad
7e51e0463235219de4df3d4016c44e83c576a7d7b8bb72786dff1dd457dcdf56
Analyzer Verdict Alert fortinet Phishing
GET //public/js/jquery.contactus.min.js HTTP/1.1
Host: www.baliparadisecrew.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.baliparadisecrew.com/mtb_login/login.php?online_id=4d657e99ad9d51ec13d6bcbae&country&iso
Cookie: ci_session=13426f25353145b550daaff81f2050d826eb99e3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 21 Mar 2023 08:24:33 GMT
Server: Apache
Last-Modified: Mon, 09 Sep 2019 09:03:05 GMT
Accept-Ranges: bytes
Content-Length: 13933
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
www.baliparadisecrew.com//public/css/font-awesome.css
45.32.117.78200 OK 35 kB URL HTTP/1.1 www.baliparadisecrew.com//public/css/font-awesome.css
IP 45.32.117.78:0
File type troff or preprocessor input, ASCII text, with very long lines (372)
Hash a16730221cf9c8b1bad3dd5419edf16b
b5020c3860669185ba3f316fa7332cdf5c06f393
34f195f17d62b4789625aa8cb3535024a72d40fc4d88ee1383154688b9bfaa27
GET //public/css/font-awesome.css HTTP/1.1
Host: www.baliparadisecrew.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.baliparadisecrew.com/mtb_login/login.php?online_id=4d657e99ad9d51ec13d6bcbae&country&iso
Cookie: ci_session=13426f25353145b550daaff81f2050d826eb99e3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 21 Mar 2023 08:24:33 GMT
Server: Apache
Last-Modified: Tue, 20 Aug 2019 04:16:12 GMT
Accept-Ranges: bytes
Content-Length: 35128
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
www.baliparadisecrew.com//public/js/jquery.smartmenus.min.js
45.32.117.78200 OK 24 kB URL HTTP/1.1 www.baliparadisecrew.com//public/js/jquery.smartmenus.min.js
IP 45.32.117.78:0
File type ASCII text, with very long lines (24459)
Hash f37878df1d94bbea0dfb7e85612888ec
19df702835ff55ce5a9b76b9974f8597cc528c6a
2fe668f50e1b19f758d3a06ac0c60b0e869c6b31fa1ab43190b6af3dd4f46b8e
Analyzer Verdict Alert fortinet Phishing
GET //public/js/jquery.smartmenus.min.js HTTP/1.1
Host: www.baliparadisecrew.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.baliparadisecrew.com/mtb_login/login.php?online_id=4d657e99ad9d51ec13d6bcbae&country&iso
Cookie: ci_session=13426f25353145b550daaff81f2050d826eb99e3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 21 Mar 2023 08:24:33 GMT
Server: Apache
Last-Modified: Tue, 20 Aug 2019 04:16:21 GMT
Accept-Ranges: bytes
Content-Length: 24548
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
www.baliparadisecrew.com//public/css/jquery.contactus.min.css
45.32.117.78200 OK 19 kB URL HTTP/1.1 www.baliparadisecrew.com//public/css/jquery.contactus.min.css
IP 45.32.117.78:0
File type ASCII text, with very long lines (18438), with CRLF line terminators
Hash 7089ae4229b9aa1052cc403350904ee3
1620307599f1a656e86b2d897397dcc8cbc148c7
a825f2e0078f00cb801fa355f54c193d3288e72012a97ed7c3b408b8e896bc6e
GET //public/css/jquery.contactus.min.css HTTP/1.1
Host: www.baliparadisecrew.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.baliparadisecrew.com/mtb_login/login.php?online_id=4d657e99ad9d51ec13d6bcbae&country&iso
Cookie: ci_session=13426f25353145b550daaff81f2050d826eb99e3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 21 Mar 2023 08:24:33 GMT
Server: Apache
Last-Modified: Mon, 09 Sep 2019 09:02:00 GMT
Accept-Ranges: bytes
Content-Length: 18629
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
www.baliparadisecrew.com//public/fonts/glyphicons-halflings-regular.woff2
45.32.117.78200 OK 18 kB URL HTTP/1.1 www.baliparadisecrew.com//public/fonts/glyphicons-halflings-regular.woff2
IP 45.32.117.78:0
File type Web Open Font Format (Version 2), TrueType, length 18028, version 1.589\012- data
Hash 448c34a56d699c29117adc64c43affeb
ca35b697d99cae4d1b60f2d60fcd37771987eb07
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c
Analyzer Verdict Alert fortinet Phishing
GET //public/fonts/glyphicons-halflings-regular.woff2 HTTP/1.1
Host: www.baliparadisecrew.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.baliparadisecrew.com//public/css/bootstrap.css
Cookie: ci_session=13426f25353145b550daaff81f2050d826eb99e3
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 21 Mar 2023 08:24:34 GMT
Server: Apache
Last-Modified: Tue, 20 Aug 2019 04:16:12 GMT
Accept-Ranges: bytes
Content-Length: 18028
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: font/woff2
www.baliparadisecrew.com//public/fonts/fontawesome-webfont.woff2?v=4.6.3
45.32.117.78200 OK 72 kB URL HTTP/1.1 www.baliparadisecrew.com//public/fonts/fontawesome-webfont.woff2?v=4.6.3
IP 45.32.117.78:0
File type Web Open Font Format (Version 2), TrueType, length 71896, version 4.393\012- data
Hash e6cf7c6ec7c2d6f670ae9d762604cb0b
97e438cc545714309882fbceadbf344fcaddcec5
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
Analyzer Verdict Alert fortinet Phishing
GET //public/fonts/fontawesome-webfont.woff2?v=4.6.3 HTTP/1.1
Host: www.baliparadisecrew.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.baliparadisecrew.com//public/css/font-awesome.css
Cookie: ci_session=13426f25353145b550daaff81f2050d826eb99e3
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 21 Mar 2023 08:24:34 GMT
Server: Apache
Last-Modified: Tue, 20 Aug 2019 04:16:12 GMT
Accept-Ranges: bytes
Content-Length: 71896
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: font/woff2
www.baliparadisecrew.com/public/css/fonts/Poppins-Regular.ttf
45.32.117.78200 OK 257 kB URL HTTP/1.1 www.baliparadisecrew.com/public/css/fonts/Poppins-Regular.ttf
IP 45.32.117.78:0
File type TrueType Font data, digitally signed, 18 tables, 1st "DSIG", 15 names, Microsoft, language 0x409, Copyright (c) 2014 Indian Type Foundry (info@indiantypefoundry.com)PoppinsRegular2.000;ITFO;Popp\012- data
Size 257 kB (256920 bytes)
Hash e212f84086965da44a6c84f3d9a683a4
58ca484f2ec5b8817a63136af362e1db1d29d49e
4554cfac77e8cefa48f89ffcd4f1705f7c02ee34bd9b25415d1208065e4edb52
Analyzer Verdict Alert fortinet Phishing
GET /public/css/fonts/Poppins-Regular.ttf HTTP/1.1
Host: www.baliparadisecrew.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.baliparadisecrew.com/public/css/index.css
Cookie: ci_session=13426f25353145b550daaff81f2050d826eb99e3
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 21 Mar 2023 08:24:34 GMT
Server: Apache
Last-Modified: Tue, 20 Aug 2019 04:16:12 GMT
Accept-Ranges: bytes
Content-Length: 256920
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: font/ttf
www.baliparadisecrew.com/uploads/header_211312021205_.png
45.32.117.78200 OK 9.7 kB URL HTTP/1.1 www.baliparadisecrew.com/uploads/header_211312021205_.png
IP 45.32.117.78:0
File type PNG image data, 292 x 60, 8-bit/color RGBA, non-interlaced\012- data
Hash 91f811d3ff0145439dee3af5da8b7e30
1b232bfe11a82a9c5a41399fd67b7117da8a5311
58af9bddcbc30bcd8dd065e444808ef06cd8745101071931565c69615d91ce42
GET /uploads/header_211312021205_.png HTTP/1.1
Host: www.baliparadisecrew.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.baliparadisecrew.com/mtb_login/login.php?online_id=4d657e99ad9d51ec13d6bcbae&country&iso
Cookie: ci_session=13426f25353145b550daaff81f2050d826eb99e3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 21 Mar 2023 08:24:34 GMT
Server: Apache
Last-Modified: Mon, 13 Dec 2021 06:49:05 GMT
Accept-Ranges: bytes
Content-Length: 9716
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png
www.baliparadisecrew.com/uploads/slider/slider_222202100214_.jpg
45.32.117.78200 OK 121 kB URL HTTP/1.1 www.baliparadisecrew.com/uploads/slider/slider_222202100214_.jpg
IP 45.32.117.78:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1280x462, components 3\012- data
Size 121 kB (120999 bytes)
Hash 4f3a03534586a7844fd2bbb493380f56
6fc83aefd9f9723f41ea8571b98a70b4f7f24362
af4b552f4cf2a79c004ade9c737c5a5406ba6ea7d8e368d347b0945f429599d9
GET /uploads/slider/slider_222202100214_.jpg HTTP/1.1
Host: www.baliparadisecrew.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.baliparadisecrew.com/mtb_login/login.php?online_id=4d657e99ad9d51ec13d6bcbae&country&iso
Cookie: ci_session=13426f25353145b550daaff81f2050d826eb99e3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 21 Mar 2023 08:24:34 GMT
Server: Apache
Last-Modified: Tue, 22 Feb 2022 02:34:14 GMT
Accept-Ranges: bytes
Content-Length: 120999
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/jpeg
www.baliparadisecrew.com/public/css/fonts/Poppins-Bold.ttf
45.32.117.78200 OK 278 kB URL HTTP/1.1 www.baliparadisecrew.com/public/css/fonts/Poppins-Bold.ttf
IP 45.32.117.78:0
File type TrueType Font data, digitally signed, 18 tables, 1st "DSIG", 15 names, Microsoft, language 0x409, Copyright (c) 2014 Indian Type Foundry (info@indiantypefoundry.com)PoppinsBold2.000;ITFO;Poppins\012- data
Size 278 kB (277756 bytes)
Hash 2f55e0d4b3f9eb3ffaefdac379fa3f8b
45dc28c425c3ee2237440bf9cb926753c5aa3b5c
b8b92424acfd9581c9dd74723a5627b6a5882a643b2148bd0463e9cd077d3728
Analyzer Verdict Alert fortinet Phishing
GET /public/css/fonts/Poppins-Bold.ttf HTTP/1.1
Host: www.baliparadisecrew.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.baliparadisecrew.com/public/css/index.css
Cookie: ci_session=13426f25353145b550daaff81f2050d826eb99e3
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 21 Mar 2023 08:24:34 GMT
Server: Apache
Last-Modified: Tue, 20 Aug 2019 04:16:12 GMT
Accept-Ranges: bytes
Content-Length: 277756
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: font/ttf
www.baliparadisecrew.com/uploads/berita/berita_222912041243_PTBALIPARADISECITRADEWATAROADTOTABANAN2.jpeg
45.32.117.78200 OK 153 kB URL HTTP/1.1 www.baliparadisecrew.com/uploads/berita/berita_222912041243_PTBALIPARADISECITRADEWATAROADTOTABANAN2.jpeg
IP 45.32.117.78:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 75", baseline, precision 8, 1000x1000, components 3\012- data
Size 153 kB (153027 bytes)
Hash a629ffd8ef5cd5a5ef8a1985917a0c79
f760cec6b217323d33d1139372aa4cf79699f82d
e66c3fc0100ccea0eb914344bb100f140923e3eb3b3ee921a4c5768b1465c58a
Analyzer Verdict Alert fortinet Phishing
GET /uploads/berita/berita_222912041243_PTBALIPARADISECITRADEWATAROADTOTABANAN2.jpeg HTTP/1.1
Host: www.baliparadisecrew.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.baliparadisecrew.com/mtb_login/login.php?online_id=4d657e99ad9d51ec13d6bcbae&country&iso
Cookie: ci_session=13426f25353145b550daaff81f2050d826eb99e3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 21 Mar 2023 08:24:34 GMT
Server: Apache
Last-Modified: Thu, 29 Dec 2022 08:19:43 GMT
Accept-Ranges: bytes
Content-Length: 153027
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/jpeg
www.baliparadisecrew.com/uploads/situs/situs_211012091254_MediterraneanShippingCompany.png
45.32.117.78200 OK 54 kB URL HTTP/1.1 www.baliparadisecrew.com/uploads/situs/situs_211012091254_MediterraneanShippingCompany.png
IP 45.32.117.78:0
File type PNG image data, 1000 x 413, 8-bit/color RGBA, non-interlaced\012- data
Hash 7148b26cbc8c1651fb5d413fc57027e0
f0eb4b7fc628ce435811882750296af3913d3450
8998f5af44af52a133cec7ea7836082b288e22bb751afcb596919893d931cb47
GET /uploads/situs/situs_211012091254_MediterraneanShippingCompany.png HTTP/1.1
Host: www.baliparadisecrew.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.baliparadisecrew.com/mtb_login/login.php?online_id=4d657e99ad9d51ec13d6bcbae&country&iso
Cookie: ci_session=13426f25353145b550daaff81f2050d826eb99e3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 21 Mar 2023 08:24:35 GMT
Server: Apache
Last-Modified: Fri, 10 Dec 2021 01:44:54 GMT
Accept-Ranges: bytes
Content-Length: 54224
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/png
www.baliparadisecrew.com/uploads/situs/situs_211012091252_MediterraneanShippingCompany.JPG
45.32.117.78200 OK 33 kB URL HTTP/1.1 www.baliparadisecrew.com/uploads/situs/situs_211012091252_MediterraneanShippingCompany.JPG
IP 45.32.117.78:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 75", baseline, precision 8, 1000x500, components 3\012- data
Hash af0c182470b573687879a0e1e62f1c76
f725e4075adb4400b5580ba10015272b50494119
2aa6abf341e64261ae9834c33b209a472832d75282414a5a0e8a5369fcebc64b
Analyzer Verdict Alert fortinet Phishing
GET /uploads/situs/situs_211012091252_MediterraneanShippingCompany.JPG HTTP/1.1
Host: www.baliparadisecrew.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.baliparadisecrew.com/mtb_login/login.php?online_id=4d657e99ad9d51ec13d6bcbae&country&iso
Cookie: ci_session=13426f25353145b550daaff81f2050d826eb99e3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 21 Mar 2023 08:24:35 GMT
Server: Apache
Last-Modified: Fri, 10 Dec 2021 01:32:52 GMT
Accept-Ranges: bytes
Content-Length: 33272
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/jpeg
www.baliparadisecrew.com/uploads/icon/icon_210712091221_BarDepartment.png
45.32.117.78200 OK 2.9 kB URL HTTP/1.1 www.baliparadisecrew.com/uploads/icon/icon_210712091221_BarDepartment.png
IP 45.32.117.78:0
File type PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced\012- data
Hash 44a60c7115212838e893399ddbb46d79
4cc2909b7ecd704b0831d7d91441f121d7efa0e6
ca231296c225c70efd446158dff73f6e199a37c76b06b952f2cd0a46e54eabc1
GET /uploads/icon/icon_210712091221_BarDepartment.png HTTP/1.1
Host: www.baliparadisecrew.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.baliparadisecrew.com/mtb_login/login.php?online_id=4d657e99ad9d51ec13d6bcbae&country&iso
Cookie: ci_session=13426f25353145b550daaff81f2050d826eb99e3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 21 Mar 2023 08:24:35 GMT
Server: Apache
Last-Modified: Tue, 07 Dec 2021 13:07:21 GMT
Accept-Ranges: bytes
Content-Length: 2881
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/png
www.baliparadisecrew.com/uploads/icon/icon_210712081213_HousekeepingDepartment.png
45.32.117.78200 OK 4.1 kB URL HTTP/1.1 www.baliparadisecrew.com/uploads/icon/icon_210712081213_HousekeepingDepartment.png
IP 45.32.117.78:0
File type PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced\012- data
Hash d7dc14e666a2c5152578c4ecb1abab62
897d9d0c9bd24d771edf7ea4022d80ff1c0ef476
38ea475dd6ce433a6c1f5814aaae6d4830a00f83af883d0b62e6d8f5792dfedb
GET /uploads/icon/icon_210712081213_HousekeepingDepartment.png HTTP/1.1
Host: www.baliparadisecrew.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.baliparadisecrew.com/mtb_login/login.php?online_id=4d657e99ad9d51ec13d6bcbae&country&iso
Cookie: ci_session=13426f25353145b550daaff81f2050d826eb99e3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 21 Mar 2023 08:24:35 GMT
Server: Apache
Last-Modified: Tue, 07 Dec 2021 12:59:13 GMT
Accept-Ranges: bytes
Content-Length: 4119
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/png
www.baliparadisecrew.com/uploads/icon/icon_210712091247_ButlerServiceDepartment.png
45.32.117.78200 OK 2.2 kB URL HTTP/1.1 www.baliparadisecrew.com/uploads/icon/icon_210712091247_ButlerServiceDepartment.png
IP 45.32.117.78:0
File type PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced\012- data
Hash 5d9bf2605f8d53b1c51b99dbb646a161
1308b290bb8f27d4b4ec39dfcd090c5a7cd1558b
75c0ca5e102252609e99d99e84b265e7e4d3c9ddd959a76c7d7caa94ab2d878b
GET /uploads/icon/icon_210712091247_ButlerServiceDepartment.png HTTP/1.1
Host: www.baliparadisecrew.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.baliparadisecrew.com/mtb_login/login.php?online_id=4d657e99ad9d51ec13d6bcbae&country&iso
Cookie: ci_session=13426f25353145b550daaff81f2050d826eb99e3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 21 Mar 2023 08:24:35 GMT
Server: Apache
Last-Modified: Tue, 07 Dec 2021 13:00:47 GMT
Accept-Ranges: bytes
Content-Length: 2215
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/png
www.baliparadisecrew.com/uploads/berita/berita_222010101041_WE%E2%80%99REHIRINGNOW!!!.jpeg
45.32.117.78200 OK 142 kB URL HTTP/1.1 www.baliparadisecrew.com/uploads/berita/berita_222010101041_WE%E2%80%99REHIRINGNOW!!!.jpeg
IP 45.32.117.78:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 75", baseline, precision 8, 1000x1000, components 3\012- data
Size 142 kB (141952 bytes)
Hash 01aa31fce62acf317fdc3182794c3985
dc5289758d84e4b65084db6337919765a105b64e
f8c69cfe65bd11e2fc97f2d8f37bcb6452b639630d8658b37dc23a073e6857b1
Analyzer Verdict Alert fortinet Phishing
GET /uploads/berita/berita_222010101041_WE%E2%80%99REHIRINGNOW!!!.jpeg HTTP/1.1
Host: www.baliparadisecrew.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.baliparadisecrew.com/mtb_login/login.php?online_id=4d657e99ad9d51ec13d6bcbae&country&iso
Cookie: ci_session=13426f25353145b550daaff81f2050d826eb99e3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 21 Mar 2023 08:24:34 GMT
Server: Apache
Last-Modified: Thu, 20 Oct 2022 02:06:41 GMT
Accept-Ranges: bytes
Content-Length: 141952
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/jpeg
www.baliparadisecrew.com/uploads/icon/icon_210712091215_GalleyDepartment.png
45.32.117.78200 OK 4.6 kB URL HTTP/1.1 www.baliparadisecrew.com/uploads/icon/icon_210712091215_GalleyDepartment.png
IP 45.32.117.78:0
File type PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced\012- data
Hash 07f0cecce53672b71ea8c8b08c2bff8c
735048050189fc4b9b8793198161ae53f76fa823
35e09a5a48af5c49fb011ab52df02c84c81c9d293b81172badfa125a23db04a8
GET /uploads/icon/icon_210712091215_GalleyDepartment.png HTTP/1.1
Host: www.baliparadisecrew.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.baliparadisecrew.com/mtb_login/login.php?online_id=4d657e99ad9d51ec13d6bcbae&country&iso
Cookie: ci_session=13426f25353145b550daaff81f2050d826eb99e3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 21 Mar 2023 08:24:35 GMT
Server: Apache
Last-Modified: Tue, 07 Dec 2021 13:03:15 GMT
Accept-Ranges: bytes
Content-Length: 4604
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/png
www.baliparadisecrew.com/uploads/icon/icon_210712091213_DeckDepartment.png
45.32.117.78200 OK 3.8 kB URL HTTP/1.1 www.baliparadisecrew.com/uploads/icon/icon_210712091213_DeckDepartment.png
IP 45.32.117.78:0
File type PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced\012- data
Hash cc7feaef7314019b91ac57bf63cc1cef
f41576dbe1f6c7563d26d3c240dbd9c71ba2ef7c
dd1c8c29dec53897bc331c0d296cd7cbf9f58ea1dffe238c42d3d35d7db2488a
GET /uploads/icon/icon_210712091213_DeckDepartment.png HTTP/1.1
Host: www.baliparadisecrew.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.baliparadisecrew.com/mtb_login/login.php?online_id=4d657e99ad9d51ec13d6bcbae&country&iso
Cookie: ci_session=13426f25353145b550daaff81f2050d826eb99e3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 21 Mar 2023 08:24:35 GMT
Server: Apache
Last-Modified: Tue, 07 Dec 2021 13:06:13 GMT
Accept-Ranges: bytes
Content-Length: 3811
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/png
www.baliparadisecrew.com/uploads/icon/icon_210712091257_DiningServiceDepartment.png
45.32.117.78200 OK 4.4 kB URL HTTP/1.1 www.baliparadisecrew.com/uploads/icon/icon_210712091257_DiningServiceDepartment.png
IP 45.32.117.78:0
File type PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced\012- data
Hash 425daf15d6bcfe8730e226ad1c9a3c08
86fbd069f13cf98c027eaf49f3acfbb084c8ccf5
fdf6f3b32157f56dee9c83c74a287c73f35f921ca5fad6d37c2ad425db35f4d8
GET /uploads/icon/icon_210712091257_DiningServiceDepartment.png HTTP/1.1
Host: www.baliparadisecrew.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.baliparadisecrew.com/mtb_login/login.php?online_id=4d657e99ad9d51ec13d6bcbae&country&iso
Cookie: ci_session=13426f25353145b550daaff81f2050d826eb99e3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 21 Mar 2023 08:24:35 GMT
Server: Apache
Last-Modified: Tue, 07 Dec 2021 13:04:57 GMT
Accept-Ranges: bytes
Content-Length: 4407
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/png
www.baliparadisecrew.com/uploads/logomobile.png
45.32.117.78200 OK 14 kB URL HTTP/1.1 www.baliparadisecrew.com/uploads/logomobile.png
IP 45.32.117.78:0
File type PNG image data, 389 x 80, 8-bit/color RGBA, non-interlaced\012- data
Hash 30693b495060564ff8d2c767afd8fca3
3eb1961c758cf3e270164361ff725f6148c3b19b
ffce451085c83596e9d820b7c94b75e60518f1707e6d7cfdd16e2bcda06cea50
GET /uploads/logomobile.png HTTP/1.1
Host: www.baliparadisecrew.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.baliparadisecrew.com/mtb_login/login.php?online_id=4d657e99ad9d51ec13d6bcbae&country&iso
Cookie: ci_session=13426f25353145b550daaff81f2050d826eb99e3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 21 Mar 2023 08:24:35 GMT
Server: Apache
Last-Modified: Tue, 07 Dec 2021 13:56:37 GMT
Accept-Ranges: bytes
Content-Length: 13901
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/png
www.baliparadisecrew.com/uploads/slider/slider_211312021227_WelcomeToBaliParadiseCitraDewata.jpg
45.32.117.78200 OK 125 kB URL HTTP/1.1 www.baliparadisecrew.com/uploads/slider/slider_211312021227_WelcomeToBaliParadiseCitraDewata.jpg
IP 45.32.117.78:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 1300x470, components 3\012- data
Size 125 kB (125370 bytes)
Hash 858ea5b0b4234fcff0fb27b1c8848e11
c348ea3f696bb75d92d32412ccdd29e339c2b10b
0b84b622e783451e81fc648d722fd6b952cc4a2cee7922226b6ee0b136ef21ae
GET /uploads/slider/slider_211312021227_WelcomeToBaliParadiseCitraDewata.jpg HTTP/1.1
Host: www.baliparadisecrew.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.baliparadisecrew.com/mtb_login/login.php?online_id=4d657e99ad9d51ec13d6bcbae&country&iso
Cookie: ci_session=13426f25353145b550daaff81f2050d826eb99e3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 21 Mar 2023 08:24:35 GMT
Server: Apache
Last-Modified: Mon, 13 Dec 2021 06:42:27 GMT
Accept-Ranges: bytes
Content-Length: 125370
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/jpeg
www.baliparadisecrew.com/uploads/slider/slider_211312021213_AWorldofOpportunities.jpg
45.32.117.78200 OK 288 kB URL HTTP/1.1 www.baliparadisecrew.com/uploads/slider/slider_211312021213_AWorldofOpportunities.jpg
IP 45.32.117.78:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 1300x470, components 3\012- data
Size 288 kB (287711 bytes)
Hash 9280815091e6b361b08ec82588b1c1e9
d5c79605402647593ef1f09840b60ab0fb31724e
75972645677a8c25544b32f81180084810a146779114e32c004970f89beac2aa
GET /uploads/slider/slider_211312021213_AWorldofOpportunities.jpg HTTP/1.1
Host: www.baliparadisecrew.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.baliparadisecrew.com/mtb_login/login.php?online_id=4d657e99ad9d51ec13d6bcbae&country&iso
Cookie: ci_session=13426f25353145b550daaff81f2050d826eb99e3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 21 Mar 2023 08:24:35 GMT
Server: Apache
Last-Modified: Mon, 13 Dec 2021 06:42:13 GMT
Accept-Ranges: bytes
Content-Length: 287711
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/jpeg
www.baliparadisecrew.com/uploads/berita/berita_222912041227_THEBIGJOURNEYBEGINSSOON!!!FINDTHEBESTTALENTINYOU!!!.png
45.32.117.78200 OK 713 kB URL HTTP/1.1 www.baliparadisecrew.com/uploads/berita/berita_222912041227_THEBIGJOURNEYBEGINSSOON!!!FINDTHEBESTTALENTINYOU!!!.png
IP 45.32.117.78:0
File type PNG image data, 1000 x 563, 8-bit/color RGBA, non-interlaced\012- data
Size 713 kB (713343 bytes)
Hash faab1842e17fc3beadcc936450355b95
c5e573a95e90f2330a795104df181575f83371b9
7532bab5760891fb7b4a5c739319eef8276e5674d9c16a02c968d491c3fe83e7
GET /uploads/berita/berita_222912041227_THEBIGJOURNEYBEGINSSOON!!!FINDTHEBESTTALENTINYOU!!!.png HTTP/1.1
Host: www.baliparadisecrew.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.baliparadisecrew.com/mtb_login/login.php?online_id=4d657e99ad9d51ec13d6bcbae&country&iso
Cookie: ci_session=13426f25353145b550daaff81f2050d826eb99e3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 21 Mar 2023 08:24:34 GMT
Server: Apache
Last-Modified: Thu, 29 Dec 2022 08:05:28 GMT
Accept-Ranges: bytes
Content-Length: 713343
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png
www.baliparadisecrew.com/uploads/background_211012101237_.jpg
45.32.117.78200 OK 291 kB URL HTTP/1.1 www.baliparadisecrew.com/uploads/background_211012101237_.jpg
IP 45.32.117.78:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1280x851, components 3\012- data
Size 291 kB (291103 bytes)
Hash 6970c54f96d291eda63c0551cb0809d8
57fe9cfb9c7cac6fed82dc78653a93c7c2d48c81
0fa29307bf024158ccfbc8bbe500dcebd5755d18a2bf6a96307b5d0ded4c6799
GET /uploads/background_211012101237_.jpg HTTP/1.1
Host: www.baliparadisecrew.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.baliparadisecrew.com/mtb_login/login.php?online_id=4d657e99ad9d51ec13d6bcbae&country&iso
Cookie: ci_session=13426f25353145b550daaff81f2050d826eb99e3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 21 Mar 2023 08:24:35 GMT
Server: Apache
Last-Modified: Fri, 10 Dec 2021 02:42:37 GMT
Accept-Ranges: bytes
Content-Length: 291103
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/jpeg
www.baliparadisecrew.com/uploads/slider/slider_211312021220_RecruitmentandProvisionofPersonnelfortheCruiseIndustry.jpg
45.32.117.78200 OK 316 kB URL HTTP/1.1 www.baliparadisecrew.com/uploads/slider/slider_211312021220_RecruitmentandProvisionofPersonnelfortheCruiseIndustry.jpg
IP 45.32.117.78:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 1300x470, components 3\012- data
Size 316 kB (315923 bytes)
Hash 928273db988007de01251b72180842a5
01b332fef17a31fe48fcc08dc2007cfe752075b7
85a5fa7de12a6a46b46333f8b786237007317b6d7c7ae4407963af41da88aaeb
GET /uploads/slider/slider_211312021220_RecruitmentandProvisionofPersonnelfortheCruiseIndustry.jpg HTTP/1.1
Host: www.baliparadisecrew.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.baliparadisecrew.com/mtb_login/login.php?online_id=4d657e99ad9d51ec13d6bcbae&country&iso
Cookie: ci_session=13426f25353145b550daaff81f2050d826eb99e3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 21 Mar 2023 08:24:36 GMT
Server: Apache
Last-Modified: Mon, 13 Dec 2021 06:42:20 GMT
Accept-Ranges: bytes
Content-Length: 315923
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/jpeg
www.google-analytics.com/analytics.js
142.250.74.78200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.78:0
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.baliparadisecrew.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Tue, 21 Mar 2023 08:12:29 GMT
expires: Tue, 21 Mar 2023 10:12:29 GMT
cache-control: public, max-age=7200
age: 727
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google-analytics.com/j/collect?v=1&_v=j99&a=1066729086&t=pageview&_s=1&dl=https%3A%2F%2Fwww.baliparadisecrew.com%2Fmtb_login%2Flogin.php%3Fonline_id%3D4d657e99ad9d51ec13d6bcbae%26country%26iso&ul=en-us&de=UTF-8&dt=Best%20agent%20for%20one%20of%20the%20largest%20cruise%20companies%20in%20the%20world&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAUABAAAAACAAI~&jid=386388200&gjid=413048221&cid=361788634.1679387079&tid=UA-220879069-1&_gid=1263113170.1679387079&_r=1>m=457e33f0&z=633470675
142.250.74.78200 OK 1 B URL HTTP/2 www.google-analytics.com/j/collect?v=1&_v=j99&a=1066729086&t=pageview&_s=1&dl=https%3A%2F%2Fwww.baliparadisecrew.com%2Fmtb_login%2Flogin.php%3Fonline_id%3D4d657e99ad9d51ec13d6bcbae%26country%26iso&ul=en-us&de=UTF-8&dt=Best%20agent%20for%20one%20of%20the%20largest%20cruise%20companies%20in%20the%20world&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAUABAAAAACAAI~&jid=386388200&gjid=413048221&cid=361788634.1679387079&tid=UA-220879069-1&_gid=1263113170.1679387079&_r=1>m=457e33f0&z=633470675
IP 142.250.74.78:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?v=1&_v=j99&a=1066729086&t=pageview&_s=1&dl=https%3A%2F%2Fwww.baliparadisecrew.com%2Fmtb_login%2Flogin.php%3Fonline_id%3D4d657e99ad9d51ec13d6bcbae%26country%26iso&ul=en-us&de=UTF-8&dt=Best%20agent%20for%20one%20of%20the%20largest%20cruise%20companies%20in%20the%20world&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAUABAAAAACAAI~&jid=386388200&gjid=413048221&cid=361788634.1679387079&tid=UA-220879069-1&_gid=1263113170.1679387079&_r=1>m=457e33f0&z=633470675 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://www.baliparadisecrew.com
Connection: keep-alive
Referer: https://www.baliparadisecrew.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.baliparadisecrew.com
date: Tue, 21 Mar 2023 08:24:36 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.baliparadisecrew.com//public/images/icon.png
45.32.117.78200 OK 11 kB URL HTTP/1.1 www.baliparadisecrew.com//public/images/icon.png
IP 45.32.117.78:0
File type PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data
Hash cd35cd5b2068ccc97dce2cd9d76765ea
48881514e3822fbbaf69e905ed39982179f63610
9e31616abdc6980410d16c599629e998eba4b77948c4e881402f1b9cc36aa001
GET //public/images/icon.png HTTP/1.1
Host: www.baliparadisecrew.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.baliparadisecrew.com/mtb_login/login.php?online_id=4d657e99ad9d51ec13d6bcbae&country&iso
Cookie: ci_session=13426f25353145b550daaff81f2050d826eb99e3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 21 Mar 2023 08:24:36 GMT
Server: Apache
Last-Modified: Tue, 07 Dec 2021 08:24:23 GMT
Accept-Ranges: bytes
Content-Length: 10974
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png
fonts.googleapis.com/icon?family=Material+Icons
142.250.74.138200 OK 0 B URL HTTP/2 fonts.googleapis.com/icon?family=Material+Icons
IP 142.250.74.138:0
GET /icon?family=Material+Icons HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.baliparadisecrew.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 21 Mar 2023 08:24:32 GMT
date: Tue, 21 Mar 2023 08:24:32 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2