r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash b7407cc102d62a5acd5e61f8a79bed36
c2f4890a62454e514962b55b7fc14228339c8e90
be282de92da261128a7c8471f3067466aa9930fd0ab2a2cdda8cd2d6ce2bbd74
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BE282DE92DA261128A7C8471F3067466AA9930FD0AB2A2CDDA8CD2D6CE2BBD74"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18291
Expires: Thu, 09 Feb 2023 13:54:13 GMT
Date: Thu, 09 Feb 2023 08:49:22 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 565c1bbc5c1c40be1988b3bf6fd9dc1a
cfdba5bc597130461dd67bf6cda53183be592493
60ceb36a8329c92fc49a3caf50daf511a38e01eac21a07d7a0a838166bea058d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "60CEB36A8329C92FC49A3CAF50DAF511A38E01EAC21A07D7A0A838166BEA058D"
Last-Modified: Mon, 06 Feb 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11859
Expires: Thu, 09 Feb 2023 12:07:01 GMT
Date: Thu, 09 Feb 2023 08:49:22 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 09 Feb 2023 08:36:47 GMT
content-type: application/json
age: 755
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash cc14b0d2f7c451f6431dc87ba54d1d60
bab8bfda6fa3e2f17125353f5147211787dc25d0
b58fe18a5cc8fe5aaf49ba7eadd0ef34692892e68e9c52eb5bb56ea27e1300ad
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B58FE18A5CC8FE5AAF49BA7EADD0EF34692892E68E9C52EB5BB56EA27E1300AD"
Last-Modified: Mon, 06 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13349
Expires: Thu, 09 Feb 2023 12:31:51 GMT
Date: Thu, 09 Feb 2023 08:49:22 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
IP
File type PEM certificate\012- , ASCII text
Hash e76071a28ee566dababb3834f46d68ed
aebb4e68c1ba2de0f90025283e8ed8470944fde0
78b6df2627172e5b35476bc31020f02898cdc412aaf4337af2c3b049a60912b6
GET /chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 5QtgeEB6kcB1VvDEfAQbQqPFbMzsqGbIZIDHLFUCdZSXSfrWirqaoiBHJw2lmGsNAxk8cdcguQo=
x-amz-request-id: 68T1JMN35HD5F70Q
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 09 Feb 2023 08:46:20 GMT
age: 182
last-modified: Sun, 29 Jan 2023 18:44:47 GMT
etag: "e76071a28ee566dababb3834f46d68ed"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 09 Feb 2023 08:49:22 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
yzufy.blogspot.ca/search/label/sms%20gratis
302 Moved Temporarily 195 B URL HTTP/1.1 yzufy.blogspot.ca/search/label/sms%20gratis
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash a916c6a226407910b9ff5fd2b52a8db9
8223574bceac146dc66db0dc9bc5c3c949c475f4
2c91aba524eeb1889a9439aafe70ff3214571a6d8055ecbb0f14af240fccf802
Analyzer Verdict Alert fortinet Malware
GET /search/label/sms%20gratis HTTP/1.1
Host: yzufy.blogspot.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Moved Temporarily
Location: http://yzufy.blogspot.com/search/label/sms%20gratis
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Thu, 09 Feb 2023 08:49:22 GMT
Expires: Thu, 09 Feb 2023 08:49:22 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 195
Server: GSE
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Content-Type, Pragma, ETag, Retry-After, Backoff, Expires, Alert, Cache-Control, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 09 Feb 2023 08:14:53 GMT
age: 2070
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 248ce16379b12f11927ecc3142aec450
fa5b189f2d9182479170cb61cc1723571e437bd2
a8d259b331bdefb00625b9bf057d44d0b3290fda0734c57eda187b04e23d59d4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8D259B331BDEFB00625B9BF057D44D0B3290FDA0734C57EDA187B04E23D59D4"
Last-Modified: Wed, 08 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3683
Expires: Thu, 09 Feb 2023 09:50:46 GMT
Date: Thu, 09 Feb 2023 08:49:23 GMT
Connection: keep-alive
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: UqlcZoXLaT0FFGv5faMSqQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: vE3chJq+NjMVwqt63BRxxU/2EiQ=
yzufy.blogspot.com/search/label/sms%20gratis
200 OK 14 kB URL HTTP/1.1 yzufy.blogspot.com/search/label/sms%20gratis
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (4353)
Hash 57b28d53dd292cbbe04e38614c9d27eb
b0e19bc0b12c12ec68c59222352b27f44a8b1896
51ab25006cc488515da0de236f845100682b638b8b32e5604d7c328306e9c4a6
Analyzer Verdict Alert fortinet Malware
GET /search/label/sms%20gratis HTTP/1.1
Host: yzufy.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Expires: Thu, 09 Feb 2023 08:49:23 GMT
Date: Thu, 09 Feb 2023 08:49:23 GMT
Cache-Control: private, max-age=0
Last-Modified: Tue, 06 Dec 2022 12:43:56 GMT
ETag: W/"71a51a1614a4af15b0df635759e41e7706e67ed0d543615b74ec316ae9054136"
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 14251
Server: GSE
yzufy.blogspot.com/js/cookienotice.js
200 OK 2.0 kB URL HTTP/1.1 yzufy.blogspot.com/js/cookienotice.js
IP
Hash c4e1ed83d89245089b8a1203be20a377
f3940e1215b89300ef97d57a25993f25243b8688
afa801a129ff6fc98533118275db8a7d4a38fc91f8ab55ed4c19b864255e68d2
Analyzer Verdict Alert fortinet Malware
GET /js/cookienotice.js HTTP/1.1
Host: yzufy.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://yzufy.blogspot.com/search/label/sms%20gratis
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 2026
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Sun, 05 Feb 2023 09:36:56 GMT
Expires: Sun, 12 Feb 2023 09:36:56 GMT
Cache-Control: public, max-age=604800
Last-Modified: Sun, 05 Feb 2023 05:49:36 GMT
Content-Type: text/javascript
Age: 342748
code.jquery.com/jquery-1.5.js
200 OK 61 kB URL HTTP/1.1 code.jquery.com/jquery-1.5.js
IP
Hash b24a803b0eb9a263d744c1cbaa11c0d3
a0cfba2a0dd8c030e90db9390e9bb0bde1f5cd34
7ce7095bbae9a035294f40a8b2b9e68fde077e6b70efbb618546e93a420677f0
GET /jquery-1.5.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://yzufy.blogspot.com/
HTTP/1.1 200 OK
Date: Thu, 09 Feb 2023 08:49:24 GMT
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 60561
Content-Type: application/javascript; charset=utf-8
Last-Modified: Wed, 16 Feb 2022 10:50:39 GMT
Accept-Ranges: bytes
Server: nginx
ETag: W/"620cd6ff-33c0a"
Cache-Control: max-age=315360000, public
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
X-HW: 1675932564.dop230.sk1.t,1675932564.cds214.sk1.c
connect.facebook.net/en_US/all.js
301 Moved Permanently 0 B URL HTTP/1.1 connect.facebook.net/en_US/all.js
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /en_US/all.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://yzufy.blogspot.com/
HTTP/1.1 301 Moved Permanently
Location: https://connect.facebook.net/en_US/all.js
Content-Type: text/plain
Server: proxygen-bolt
Date: Thu, 09 Feb 2023 08:49:24 GMT
Connection: keep-alive
Content-Length: 0
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 986afab4bad851da3c4a2b8db670c876
c58b7142ce3bebda918b77649973715dbd71b4d2
24e4025e6576d86e781fd0861a0a87338b7b5d52b9e559ae76ca52755cc3a865
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 08:49:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/charts/loader.js
200 OK 20 kB URL HTTP/2 www.gstatic.com/charts/loader.js
IP
File type ASCII text, with very long lines (2134)
Hash f3341efa0432876b1697ccec98c33b01
55044e79afbe25d119b7b87dc7b5d1b3ec0c607a
6672904faeb4f203e0109279aa99d88f9e8690d2d696d80309ef50a974f88c77
GET /charts/loader.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://yzufy.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: gzip
access-control-allow-credentials: true
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gviz
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gviz"
report-to: {"group":"gviz","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gviz"}]}
content-length: 19937
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 Feb 2023 08:13:41 GMT
expires: Thu, 09 Feb 2023 09:13:41 GMT
cache-control: public, max-age=3600
last-modified: Wed, 23 Jun 2021 18:41:30 GMT
content-type: text/javascript
age: 2143
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 79408ca7246d1453a4d940001108528c
6485fceacb572c95bf5c2cdcb9a1330047c4cd85
935033a1e7f7c5a165aa3014a893514fe733d2f82709845aca5c3cda704e0731
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 08:49:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 79408ca7246d1453a4d940001108528c
6485fceacb572c95bf5c2cdcb9a1330047c4cd85
935033a1e7f7c5a165aa3014a893514fe733d2f82709845aca5c3cda704e0731
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 08:49:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.blogger.com/static/v1/widgets/2975350028-css_bundle_v2.css
200 OK 7.8 kB URL HTTP/2 www.blogger.com/static/v1/widgets/2975350028-css_bundle_v2.css
IP
File type ASCII text, with very long lines (35959)
Hash 5aa2d3297bdc86bc81322aedecbb5e79
1c0a3c007e41726e167e79b70ddea76198650884
feae1fac625d0f30b5f10fa00b62df1a5600cd2178062c427e55f289b29cc630
GET /static/v1/widgets/2975350028-css_bundle_v2.css HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://yzufy.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 7776
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 08 Feb 2023 16:38:36 GMT
expires: Thu, 08 Feb 2024 16:38:36 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 07 Feb 2023 20:16:52 GMT
content-type: text/css
age: 58248
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
apis.google.com/js/platform.js
200 OK 21 kB URL HTTP/2 apis.google.com/js/platform.js
IP
File type ASCII text, with very long lines (1429)
Hash 2354fa28c58e16af89e7da6224aeca93
6bd3430a81730ed77c5d53f5406ddb40306ecabd
dc35ae752b7be035bd3a3bd4ae205e41afce5fa8f88e1bfe0e9524610df10f3b
GET /js/platform.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://yzufy.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 20950
date: Thu, 09 Feb 2023 08:49:24 GMT
expires: Thu, 09 Feb 2023 08:49:24 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "03884666a30c671f"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.blogger.com/static/v1/widgets/4056224860-widgets.js
200 OK 57 kB URL HTTP/2 www.blogger.com/static/v1/widgets/4056224860-widgets.js
IP
File type ASCII text, with very long lines (2221)
Hash 3111894a1cadb69770cf801999144225
a0fccd45a5b0ee66afa14ce2ec78a33433a38270
4dc31995fe450b07b159d7e1e4a5b22aac30865f0299d80aade55ba26905ed08
GET /static/v1/widgets/4056224860-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://yzufy.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 56559
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 08 Feb 2023 02:10:45 GMT
expires: Thu, 08 Feb 2024 02:10:45 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 07 Feb 2023 20:16:52 GMT
content-type: text/javascript
age: 110319
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
adhiprimanacomtwitter.googlecode.com/files/adhiprimana.com%20twitter%20melayang.js
404 Not Found 1.6 kB URL HTTP/1.1 adhiprimanacomtwitter.googlecode.com/files/adhiprimana.com%20twitter%20melayang.js
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1136)
Hash 65a7bc2f3fbf21161cf0bfefa06cf4bb
bc920c8d1d2d656fa63c2b653faf4e0c6b910810
9b955b0ab05920731bdb444fd3f43ef94e34939fed2fda4c6eed69a9a4d39684
GET /files/adhiprimana.com%20twitter%20melayang.js HTTP/1.1
Host: adhiprimanacomtwitter.googlecode.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://yzufy.blogspot.com/
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=UTF-8
Referrer-Policy: no-referrer
Content-Length: 1606
Date: Thu, 09 Feb 2023 08:49:24 GMT
elmubarok.googlecode.com/files/floating1.js
404 Not Found 1.6 kB URL HTTP/1.1 elmubarok.googlecode.com/files/floating1.js
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1136)
Hash 680fec967ab8d903556a8a7dd00b5c45
68872c7574b5463fb8c3f05a10204f2eab741630
ccfc7484ec378d537548bffc56340abe3dc36a10b7489a8617255d02db351b41
GET /files/floating1.js HTTP/1.1
Host: elmubarok.googlecode.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://yzufy.blogspot.com/
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=UTF-8
Referrer-Policy: no-referrer
Content-Length: 1579
Date: Thu, 09 Feb 2023 08:49:24 GMT
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 986afab4bad851da3c4a2b8db670c876
c58b7142ce3bebda918b77649973715dbd71b4d2
24e4025e6576d86e781fd0861a0a87338b7b5d52b9e559ae76ca52755cc3a865
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 08:49:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 79408ca7246d1453a4d940001108528c
6485fceacb572c95bf5c2cdcb9a1330047c4cd85
935033a1e7f7c5a165aa3014a893514fe733d2f82709845aca5c3cda704e0731
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 08:49:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.AMZ27oQJoUI.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9dsXwz2g0gTMdQFEKa7ZoVvtQf4g/cb=gapi.loaded_0?le=scs
200 OK 61 kB URL HTTP/2 apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.AMZ27oQJoUI.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9dsXwz2g0gTMdQFEKa7ZoVvtQf4g/cb=gapi.loaded_0?le=scs
IP
File type ASCII text, with very long lines (1448)
Hash 62f98a42acaa85f40e228f65e5ee2361
a41c1755a6a2708340b74638f11ebdeed8e977db
54acbd2f18406888cbe8ee3fc76b512081c7c1c0102a4b1f7eef6cd11fc60f15
GET /_/scs/abc-static/_/js/k=gapi.lb.en.AMZ27oQJoUI.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9dsXwz2g0gTMdQFEKa7ZoVvtQf4g/cb=gapi.loaded_0?le=scs HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://yzufy.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 60741
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 Feb 2023 02:19:08 GMT
expires: Fri, 09 Feb 2024 02:19:08 GMT
cache-control: public, max-age=31536000
age: 23416
last-modified: Sat, 07 Jan 2023 15:19:07 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
2.bp.blogspot.com/-SFX6J7sIQhg/UMWgBuFEGeI/AAAAAAAABkg/wPXTR9CqS-0/s1600/close-1.gif
200 OK 1.6 kB URL HTTP/1.1 2.bp.blogspot.com/-SFX6J7sIQhg/UMWgBuFEGeI/AAAAAAAABkg/wPXTR9CqS-0/s1600/close-1.gif
IP
File type GIF image data, version 89a, 50 x 14\012- data
Hash f776e9a5d6db350271e3b3b3c306811f
612ca4a68b1fccdb2a5ebe296672feb679bddd03
d9e9907b5a2ee535f789f8594db2f5fe2bfaa508c73d6613a6cdc2a9026f56b0
GET /-SFX6J7sIQhg/UMWgBuFEGeI/AAAAAAAABkg/wPXTR9CqS-0/s1600/close-1.gif HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://yzufy.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="close-1.gif"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 1580
X-XSS-Protection: 0
Date: Thu, 09 Feb 2023 08:49:24 GMT
Expires: Wed, 08 Feb 2023 20:15:41 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v10d7"
Content-Type: image/gif
Age: 0
pagead2.googlesyndication.com/pagead/js/google_top_exp.js
200 OK 67 B URL HTTP/1.1 pagead2.googlesyndication.com/pagead/js/google_top_exp.js
IP
Hash 9bbc3ca32ec951a484589ce0e6b4db73
753d6f6183b33b2dee5dde2208fca91c17f5bb13
b8f16a16d2a7ea39a9cc079fdbe3af7d31393d62a853668bdd549e0a0311cb3c
GET /pagead/js/google_top_exp.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://yzufy.blogspot.com/
HTTP/1.1 200 OK
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: cafe
Content-Length: 67
X-XSS-Protection: 0
Date: Thu, 09 Feb 2023 08:46:56 GMT
Expires: Thu, 23 Feb 2023 08:46:56 GMT
Cache-Control: public, max-age=1209600
ETag: 13036835877489095579
Content-Type: text/javascript; charset=UTF-8
Age: 148
ocsp.digicert.com/
200 OK 471 B IP
Hash 39f72ee961e1afed82fed52212ec6b65
557eae661c60433cfbbe14dbca5df31259e0c59b
b527888545839ca25e30f2fe8d409f3de6ab08d98a974dd14626b728e5ead13c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6341
Cache-Control: max-age=94502
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 08:49:24 GMT
Etag: "63e368f5-1d7"
Expires: Fri, 10 Feb 2023 11:04:26 GMT
Last-Modified: Wed, 08 Feb 2023 09:18:45 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471
connect.facebook.net/en_US/all.js
200 OK 1.7 kB URL HTTP/2 connect.facebook.net/en_US/all.js
IP
File type ASCII text, with very long lines (1957)
Hash 504aaf3da06655fdae34faf4364b6ae4
42c76876f31f34a361f0525b309c1ab1f3b5a30f
3d6dc46c65cb99d9d297d0fa7e06c408c7e89d48ba2f2d11ef11f1841e865cdc
GET /en_US/all.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://yzufy.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 151541cd0afe3cd5de06cdc96c0a5ee2
etag: "e2bf86920859db4554941c9f50b1573d"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Thu, 09 Feb 2023 08:50:34 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
x-frame-options: DENY
origin-agent-cluster: ?0
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: UEqvPaBmVf2uNPr0Nktq5A==
x-fb-debug: IgGA3ml/pqQB71oan5X2BZ9cdbX/FiFZ3EYa9vM9pj3yptZNZuRGnXO1GUnpm956EGYRPwws9EBq1E4sb1Fn0A==
content-length: 1685
x-fb-trip-id: 1679558926
date: Thu, 09 Feb 2023 08:49:24 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
sholeh4u.xtgem.com/files/gambar/Saudi_arabia.png
200 OK 9.0 kB URL HTTP/1.1 sholeh4u.xtgem.com/files/gambar/Saudi_arabia.png
IP
File type GIF image data, version 89a, 68 x 50\012- data
Hash e6dbcc77a395644085c6d47ffdfb6b10
6b891e8dc83cce9658b92f1d9dcf4b540f5e39b9
81449dab600c70f404b46b7eb67c671a7d26efa48ca1544fa2f057ca27258154
GET /files/gambar/Saudi_arabia.png HTTP/1.1
Host: sholeh4u.xtgem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://yzufy.blogspot.com/
HTTP/1.1 200 OK
Date: Thu, 09 Feb 2023 08:49:24 GMT
Set-Cookie: _xta_uid=3e8900315bc7b006a8bc1ee33907e8bd; expires=Sat, 08-Feb-2025 08:49:24 GMT; Max-Age=63072000; path=/; domain=.xtgem.com; httponly
Cache-Control: max-age=2592000
Expires: Sat, 11 Mar 2023 08:49:24 GMT
X-Ngz: 1
Last-Modified: Fri, 18 Dec 2009 12:06:23 GMT
ETag: "2353-47aff917d4dc0"
Content-Length: 9043
Connection: close
Content-Type: image/gif
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 44fc0cb48c26edb9ce36736707b9182a
62de7faa3e8171c0d38a2e03a604d2545a3ede7f
9e511ad6ed9e7c5f28f573422e3891d2f4e5c2ba5107f7eda808c529a95931a2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 08:49:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
sholeh4u.xtgem.com/files/gambar/korea.png
200 OK 9.4 kB URL HTTP/1.1 sholeh4u.xtgem.com/files/gambar/korea.png
IP
File type GIF image data, version 89a, 68 x 50\012- data
Hash b7d99fe5c7b2bbc056ed030ca33607d4
95ac38e0ff4ec2285ded6eaa0441135f1cb8bd77
b4a4c4bd11a82ac09458d95ec62b86a00a506b36d2b6ddc5d35ee9f59c3a4c8c
GET /files/gambar/korea.png HTTP/1.1
Host: sholeh4u.xtgem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://yzufy.blogspot.com/
HTTP/1.1 200 OK
Date: Thu, 09 Feb 2023 08:49:24 GMT
Set-Cookie: _xta_uid=afbed5b399378994f60a8426f14f51b2; expires=Sat, 08-Feb-2025 08:49:24 GMT; Max-Age=63072000; path=/; domain=.xtgem.com; httponly
Cache-Control: max-age=2592000
Expires: Sat, 11 Mar 2023 08:49:24 GMT
X-Ngz: 1
Last-Modified: Fri, 18 Dec 2009 12:06:54 GMT
ETag: "24d2-47aff93565380"
Content-Length: 9426
Connection: close
Content-Type: image/gif
www.blogblog.com/1kt/awesomeinc/tabs_gradient_light.png
200 OK 182 B URL HTTP/1.1 www.blogblog.com/1kt/awesomeinc/tabs_gradient_light.png
IP
File type PNG image data, 20 x 200, 8-bit/color RGBA, non-interlaced\012- data
Hash a3c2c1c288eca66ee27f75ea41dcd96f
77dbd443ccabca3cfb43a48a2ccb44f752f5a77a
5e516df49b160c3efcb1ea09dd4c5f5b7c99a23a18a2a882acc379179bdbaacd
GET /1kt/awesomeinc/tabs_gradient_light.png HTTP/1.1
Host: www.blogblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://yzufy.blogspot.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 182
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Mon, 06 Feb 2023 12:46:31 GMT
Expires: Mon, 13 Feb 2023 12:46:31 GMT
Cache-Control: public, max-age=604800
Last-Modified: Sun, 05 Feb 2023 20:52:10 GMT
Content-Type: image/png
Age: 244973
sholeh4u.xtgem.com/files/gambar/England.png
200 OK 7.6 kB URL HTTP/1.1 sholeh4u.xtgem.com/files/gambar/England.png
IP
File type GIF image data, version 89a, 75 x 50\012- data
Hash fd4870a1f8c1a44e34c3a115f0401271
b43cefb858527581706ffcb4c93d61217b1459eb
ff55cc26d8271176436877218a7226c08bf57af15c2fca1250fd8d2ea83ce29a
GET /files/gambar/England.png HTTP/1.1
Host: sholeh4u.xtgem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://yzufy.blogspot.com/
HTTP/1.1 200 OK
Date: Thu, 09 Feb 2023 08:49:24 GMT
Set-Cookie: _xta_uid=47a905c50f93994bd68de96744876ab6; expires=Sat, 08-Feb-2025 08:49:24 GMT; Max-Age=63072000; path=/; domain=.xtgem.com; httponly
Cache-Control: max-age=2592000
Expires: Sat, 11 Mar 2023 08:49:24 GMT
X-Ngz: 1
Last-Modified: Fri, 18 Dec 2009 12:04:28 GMT
ETag: "1ddf-47aff8aa28b00"
Content-Length: 7647
Connection: close
Content-Type: image/gif
ocsp.digicert.com/
200 OK 471 B IP
Hash 39f72ee961e1afed82fed52212ec6b65
557eae661c60433cfbbe14dbca5df31259e0c59b
b527888545839ca25e30f2fe8d409f3de6ab08d98a974dd14626b728e5ead13c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6341
Cache-Control: max-age=94502
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 08:49:24 GMT
Etag: "63e368f5-1d7"
Expires: Fri, 10 Feb 2023 11:04:26 GMT
Last-Modified: Wed, 08 Feb 2023 09:18:45 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471
www.blogger.com/dyn-css/authorization.css?targetBlogID=4813988365692252197&zx=8fe75ee8-ebde-4d70-82c5-8581341b506e
200 OK 21 B URL HTTP/2 www.blogger.com/dyn-css/authorization.css?targetBlogID=4813988365692252197&zx=8fe75ee8-ebde-4d70-82c5-8581341b506e
IP
File type very short file (no magic)
Hash a62e4d501434033d5d177e67d3aafdd0
34f7300c9ed47334cf10826d57af785321e3138b
b0cabcbfed4b1830ab1956efbd2eec32289a968323cb854a47ef98360ed0f522
GET /dyn-css/authorization.css?targetBlogID=4813988365692252197&zx=8fe75ee8-ebde-4d70-82c5-8581341b506e HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://yzufy.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 09 Feb 2023 08:49:24 GMT
last-modified: Thu, 09 Feb 2023 08:49:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-length: 21
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
sholeh4u.xtgem.com/files/gambar/malaysia.png
200 OK 9.5 kB URL HTTP/1.1 sholeh4u.xtgem.com/files/gambar/malaysia.png
IP
File type GIF image data, version 89a, 68 x 50\012- data
Hash 9fdfae38daa489c9b6cc1ddf7765c747
56b6934375a1671389eb92dafceea0b3fd95f724
e216f16915f9960f2ad52e5aa3e20cad19ab47956085c6bed7417d6ff915bee0
GET /files/gambar/malaysia.png HTTP/1.1
Host: sholeh4u.xtgem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://yzufy.blogspot.com/
HTTP/1.1 200 OK
Date: Thu, 09 Feb 2023 08:49:24 GMT
Set-Cookie: _xta_uid=cc2f2174b834a2855c3f91657816ce9c; expires=Sat, 08-Feb-2025 08:49:24 GMT; Max-Age=63072000; path=/; domain=.xtgem.com; httponly
Cache-Control: max-age=2592000
Expires: Sat, 11 Mar 2023 08:49:24 GMT
X-Ngz: 1
Last-Modified: Fri, 18 Dec 2009 12:05:30 GMT
ETag: "24ef-47aff8e549680"
Content-Length: 9455
Connection: close
Content-Type: image/gif
sholeh4u.xtgem.com/files/gambar/denmark.png
200 OK 7.4 kB URL HTTP/1.1 sholeh4u.xtgem.com/files/gambar/denmark.png
IP
File type GIF image data, version 89a, 68 x 50\012- data
Hash e8cc8427866d39a2e213539db8004b6c
bbdbe53a536895478257b2516b792014d01ae239
6d499a9240cd16e7bdf75b1f509094002256ed85ceb45ce25221d8cee7b308b2
GET /files/gambar/denmark.png HTTP/1.1
Host: sholeh4u.xtgem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://yzufy.blogspot.com/
HTTP/1.1 200 OK
Date: Thu, 09 Feb 2023 08:49:24 GMT
Set-Cookie: _xta_uid=6132d6c80ca4a9783fc13384ce391b58; expires=Sat, 08-Feb-2025 08:49:24 GMT; Max-Age=63072000; path=/; domain=.xtgem.com; httponly
Cache-Control: max-age=2592000
Expires: Sat, 11 Mar 2023 08:49:24 GMT
X-Ngz: 1
Last-Modified: Fri, 18 Dec 2009 12:04:01 GMT
ETag: "1cba-47aff89068e40"
Content-Length: 7354
Connection: close
Content-Type: image/gif
sholeh4u.xtgem.com/files/gambar/russia.png
200 OK 6.1 kB URL HTTP/1.1 sholeh4u.xtgem.com/files/gambar/russia.png
IP
File type GIF image data, version 89a, 68 x 50\012- data
Hash 4e4b43334d2d32031cd666497a245084
7500664ff66e60cc5e42e90bae7e19d7c4b0544d
e192f9e29e0b46b971d76c6c7109c82f8b5d349db4682bf3bbc5f56d91592539
GET /files/gambar/russia.png HTTP/1.1
Host: sholeh4u.xtgem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://yzufy.blogspot.com/
HTTP/1.1 200 OK
Date: Thu, 09 Feb 2023 08:49:24 GMT
Set-Cookie: _xta_uid=cba417ad7603d628a6d28162565a3d59; expires=Sat, 08-Feb-2025 08:49:24 GMT; Max-Age=63072000; path=/; domain=.xtgem.com; httponly
Cache-Control: max-age=2592000
Expires: Sat, 11 Mar 2023 08:49:24 GMT
X-Ngz: 1
Last-Modified: Fri, 18 Dec 2009 12:05:55 GMT
ETag: "1803-47aff8fd20ec0"
Content-Length: 6147
Connection: close
Content-Type: image/gif
bdv.bidvertiser.com/BidVertiser.dbm?pid=448967%26bid=1111882
200 OK 9.0 kB URL HTTP/1.1 bdv.bidvertiser.com/BidVertiser.dbm?pid=448967%26bid=1111882
IP
File type ASCII text, with CRLF line terminators
Hash 0d489677aaa27440619b64706f2cafe9
b87bf2207059e1db5a939e804c7e586e7b8ad125
0dab6095a7e07c26dc21102cfb0e3e81eda68ed0681d34b23719bd31bc188539
GET /BidVertiser.dbm?pid=448967%26bid=1111882 HTTP/1.1
Host: bdv.bidvertiser.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://yzufy.blogspot.com/
HTTP/1.1 200 OK
Content-Type: text/javascript
Pragma: no-cache
Cache-Control: no-store
Expires: -1
Connection: close
Content-Length: 9014
bdv.bidvertiser.com/BidVertiser.dbm?pid=448967%26bid=1111876
200 OK 9.0 kB URL HTTP/1.1 bdv.bidvertiser.com/BidVertiser.dbm?pid=448967%26bid=1111876
IP
File type ASCII text, with CRLF line terminators
Hash 0d489677aaa27440619b64706f2cafe9
b87bf2207059e1db5a939e804c7e586e7b8ad125
0dab6095a7e07c26dc21102cfb0e3e81eda68ed0681d34b23719bd31bc188539
GET /BidVertiser.dbm?pid=448967%26bid=1111876 HTTP/1.1
Host: bdv.bidvertiser.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://yzufy.blogspot.com/
HTTP/1.1 200 OK
Content-Type: text/javascript
Pragma: no-cache
Cache-Control: no-store
Expires: -1
Connection: close
Content-Length: 9014
themes.googleusercontent.com/image?id=19aLMMHI-WXcxsojpERe8MlodYlS7yd1qQU1wcTStU21I3bbY7bmlrvVCWE474_XXwWjd
301 Moved Permanently 0 B URL HTTP/1.1 themes.googleusercontent.com/image?id=19aLMMHI-WXcxsojpERe8MlodYlS7yd1qQU1wcTStU21I3bbY7bmlrvVCWE474_XXwWjd
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /image?id=19aLMMHI-WXcxsojpERe8MlodYlS7yd1qQU1wcTStU21I3bbY7bmlrvVCWE474_XXwWjd HTTP/1.1
Host: themes.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://yzufy.blogspot.com/
HTTP/1.1 301 Moved Permanently
Content-Type: application/binary
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Date: Thu, 09 Feb 2023 08:49:24 GMT
Location: https://themes.googleusercontent.com/image?id=19aLMMHI-WXcxsojpERe8MlodYlS7yd1qQU1wcTStU21I3bbY7bmlrvVCWE474_XXwWjd
Server: ESF
Content-Length: 0
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 433af7e1e2f0f14adb78a739bbae1832
fab933db47af9ab3f4f86befee579ac9972b82fd
a6be621f8cdc57bd55a8e73ff58a34b6a816eb558cb88b49cc031222042f82a0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 08:49:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adhiprimanacomtwitter.googlecode.com/files/adhiprimana.com%20twitter%20melayang.js
404 Not Found 1.6 kB URL HTTP/1.1 adhiprimanacomtwitter.googlecode.com/files/adhiprimana.com%20twitter%20melayang.js
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1136)
Hash 65a7bc2f3fbf21161cf0bfefa06cf4bb
bc920c8d1d2d656fa63c2b653faf4e0c6b910810
9b955b0ab05920731bdb444fd3f43ef94e34939fed2fda4c6eed69a9a4d39684
GET /files/adhiprimana.com%20twitter%20melayang.js HTTP/1.1
Host: adhiprimanacomtwitter.googlecode.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://yzufy.blogspot.com/
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=UTF-8
Referrer-Policy: no-referrer
Content-Length: 1606
Date: Thu, 09 Feb 2023 08:49:24 GMT
www.facebook.com/widgets/like.php?href=http%3A%2F%2Fwww.facebook.com%2FNSAFM%3Fref%3Dhl&layout=standard&show_faces=true&width=53&action=like&colorscheme=light&height=80
301 Moved Permanently 0 B URL HTTP/1.1 www.facebook.com/widgets/like.php?href=http%3A%2F%2Fwww.facebook.com%2FNSAFM%3Fref%3Dhl&layout=standard&show_faces=true&width=53&action=like&colorscheme=light&height=80
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /widgets/like.php?href=http%3A%2F%2Fwww.facebook.com%2FNSAFM%3Fref%3Dhl&layout=standard&show_faces=true&width=53&action=like&colorscheme=light&height=80 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://yzufy.blogspot.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Location: https://www.facebook.com/widgets/like.php?href=http%3A%2F%2Fwww.facebook.com%2FNSAFM%3Fref%3Dhl&layout=standard&show_faces=true&width=53&action=like&colorscheme=light&height=80
Content-Type: text/plain
Server: proxygen-bolt
Date: Thu, 09 Feb 2023 08:49:24 GMT
Connection: keep-alive
Content-Length: 0
lh4.ggpht.com/_jn57XA2jLxY/SmCHl1YEsxI/AAAAAAAAAXQ/HshHClEVcvY/tabs.png
200 OK 2.1 kB URL HTTP/1.1 lh4.ggpht.com/_jn57XA2jLxY/SmCHl1YEsxI/AAAAAAAAAXQ/HshHClEVcvY/tabs.png
IP
File type PNG image data, 30 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash 687bd0ada6894c4dd0527c3a2a5a8543
be77fb2085607dd677501254bee16323d4306953
691b9c1bf463f04b1742fb06d7ec488f7b3d81cf6abc43371b267e50ca7bb0c9
GET /_jn57XA2jLxY/SmCHl1YEsxI/AAAAAAAAAXQ/HshHClEVcvY/tabs.png HTTP/1.1
Host: lh4.ggpht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://yzufy.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="tabs.png"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 2129
X-XSS-Protection: 0
Date: Thu, 09 Feb 2023 08:49:24 GMT
Expires: Mon, 23 Jan 2023 22:22:54 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v174"
Content-Type: image/png
Age: 0
www.facebook.com/widgets/like.php?href=http%3A%2F%2Fwww.facebook.com%2FNSAFM%3Fref%3Dhl&layout=standard&show_faces=true&width=53&action=like&colorscheme=light&height=80
200 OK 0 B URL HTTP/2 www.facebook.com/widgets/like.php?href=http%3A%2F%2Fwww.facebook.com%2FNSAFM%3Fref%3Dhl&layout=standard&show_faces=true&width=53&action=like&colorscheme=light&height=80
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /widgets/like.php?href=http%3A%2F%2Fwww.facebook.com%2FNSAFM%3Fref%3Dhl&layout=standard&show_faces=true&width=53&action=like&colorscheme=light&height=80 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://yzufy.blogspot.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html;charset=utf-8
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-xss-protection: 0
x-fb-debug: s21etfGf1WTIk3gDLtbUkva0Du5Bbsw/QeOaANd6w56BWHTjoKDKHx6pJuzHsO8gEWZCI+49R2PWuFKxqgabAw==
content-length: 0
date: Thu, 09 Feb 2023 08:49:24 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
s10.histats.com/js15.js
200 OK 4.4 kB IP
File type HTML document, ASCII text, with very long lines (11088), with no line terminators
Hash 0c3fdf54a35d66a1e272956af95d34af
fd6cf4aa04104d6b48831bbf88bc6256fd5012c3
3adb20fd3b841e10b308345d164ac790a96228c3eac3e063efa505ae3c7d4cf6
GET /js15.js HTTP/1.1
Host: s10.histats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://yzufy.blogspot.com/
HTTP/1.1 200 OK
date: Thu, 09 Feb 2023 08:45:00 GMT
etag: "980881274"
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
x-request-id: 180258814
content-type: text/javascript
content-length: 4405
content-encoding: gzip
vary: Accept-Encoding
x-cdn-pop: sbg
x-cdn-pop-ip: 137.74.120.0/27
x-cacheable: Matched cache
accept-ranges: bytes
x-iplb-request-id: 5B5A2A9A:5193_2E69C9F0:0050_63E4B394_44E98:2DB95
x-iplb-instance: 42474
themes.googleusercontent.com/image?id=19aLMMHI-WXcxsojpERe8MlodYlS7yd1qQU1wcTStU21I3bbY7bmlrvVCWE474_XXwWjd
200 OK 472 B URL HTTP/2 themes.googleusercontent.com/image?id=19aLMMHI-WXcxsojpERe8MlodYlS7yd1qQU1wcTStU21I3bbY7bmlrvVCWE474_XXwWjd
IP
Hash 433af7e1e2f0f14adb78a739bbae1832
fab933db47af9ab3f4f86befee579ac9972b82fd
a6be621f8cdc57bd55a8e73ff58a34b6a816eb558cb88b49cc031222042f82a0
GET /image?id=19aLMMHI-WXcxsojpERe8MlodYlS7yd1qQU1wcTStU21I3bbY7bmlrvVCWE474_XXwWjd HTTP/1.1
Host: themes.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://yzufy.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v1"
expires: Fri, 10 Feb 2023 08:49:24 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Thu, 09 Feb 2023 08:49:24 GMT
server: fife
content-length: 158652
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 68273225f74fbf7493f395610d7a73fc
5a8779ef5656aeeba23b365aad60b7901c5dd7fc
c83f285a1f3df0f7ac758a68ee95cc3d2671f80264c2e143cc0561cc574e3f19
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C83F285A1F3DF0F7AC758A68EE95CC3D2671F80264C2E143CC0561CC574E3F19"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2251
Expires: Thu, 09 Feb 2023 09:26:55 GMT
Date: Thu, 09 Feb 2023 08:49:24 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 68273225f74fbf7493f395610d7a73fc
5a8779ef5656aeeba23b365aad60b7901c5dd7fc
c83f285a1f3df0f7ac758a68ee95cc3d2671f80264c2e143cc0561cc574e3f19
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C83F285A1F3DF0F7AC758A68EE95CC3D2671F80264C2E143CC0561CC574E3F19"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2251
Expires: Thu, 09 Feb 2023 09:26:55 GMT
Date: Thu, 09 Feb 2023 08:49:24 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 68273225f74fbf7493f395610d7a73fc
5a8779ef5656aeeba23b365aad60b7901c5dd7fc
c83f285a1f3df0f7ac758a68ee95cc3d2671f80264c2e143cc0561cc574e3f19
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C83F285A1F3DF0F7AC758A68EE95CC3D2671F80264C2E143CC0561CC574E3F19"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2251
Expires: Thu, 09 Feb 2023 09:26:55 GMT
Date: Thu, 09 Feb 2023 08:49:24 GMT
Connection: keep-alive
yzufy.blogspot.com/search/label/clickjacking.js
200 OK 4.8 kB URL HTTP/1.1 yzufy.blogspot.com/search/label/clickjacking.js
IP
Hash 3f1e9709249d85c544cf5338421c5cb4
ff2c619df833f345879597baeeae5eae873bc189
6616e69fbebadde48a26b0472c48af920ee2cac554b2058d7bd6b627a8033b02
Analyzer Verdict Alert fortinet Malware
GET /search/label/clickjacking.js HTTP/1.1
Host: yzufy.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://yzufy.blogspot.com/search/label/sms%20gratis
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Expires: Thu, 09 Feb 2023 08:49:24 GMT
Date: Thu, 09 Feb 2023 08:49:24 GMT
Cache-Control: private, max-age=0
Last-Modified: Tue, 06 Dec 2022 12:43:56 GMT
ETag: W/"71a51a1614a4af15b0df635759e41e7706e67ed0d543615b74ec316ae9054136"
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 14241
Server: GSE
www6.cbox.ws/box/?boxid=639232&boxtag=bdmc50&sec=form
204 No Content 0 B URL HTTP/1.1 www6.cbox.ws/box/?boxid=639232&boxtag=bdmc50&sec=form
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /box/?boxid=639232&boxtag=bdmc50&sec=form HTTP/1.1
Host: www6.cbox.ws
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://yzufy.blogspot.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 204 No Content
Server: nginx
Date: Thu, 09 Feb 2023 08:49:24 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
P3P: CP="NOI DSP COR NID CURa OUR NOR"
Expires: Fri, 09 Feb 2024 08:49:24 GMT
Cache-Control: public, max-age=31536000
X-Cache: MISS
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc03326d1-bbfd-4654-a9db-ac431757b9f6.jpeg
200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc03326d1-bbfd-4654-a9db-ac431757b9f6.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 764b732e88dd1e9c1824529b24b3dffc
2ba954a51c2972b267ae0536e343e608aa9aa7f4
a1efdf03b14bb05cf8e407b92476592c35fa2d27c5e66705322abdb4c6412a06
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc03326d1-bbfd-4654-a9db-ac431757b9f6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8150
x-amzn-requestid: 3834493a-4162-4cc9-b67c-541cc9be895b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fwD8IH0TIAMFWqQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dcb380-3746ff7b0a6894366efa848e;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 07:10:56 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: I3qmC4D6qdsheK8VO3oKbPDU7XV1r9_XEPMcExKnvATDkVUsJHjHbg==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Thu, 09 Feb 2023 01:59:42 GMT
age: 24582
etag: "2ba954a51c2972b267ae0536e343e608aa9aa7f4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5cee0a4c-d2ba-4c9d-8ba5-2b4c94c98035.png
200 OK 5.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5cee0a4c-d2ba-4c9d-8ba5-2b4c94c98035.png
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b5d772db4ded57c20c60afa587324afe
caaf5472af022dfc83c5cc7d0b304083f72b9a93
30b95ed40ca5da3155a6d25132d69956fb7be65aa001d993e581efc0a9044b7d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5cee0a4c-d2ba-4c9d-8ba5-2b4c94c98035.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5878
x-amzn-requestid: a1edb6b2-0c7f-4f40-8eef-df9dbf08d568
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fwCqJG3jIAMFqtQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dcb173-20d3fbb92ec206647c246811;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 07:02:11 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: -2EB8Ak8ze-Oc6E31VBdW9ZT-BZaXayGtDCa1y33yc1rXjBlDiE8rw==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 21:46:34 GMT
age: 39770
etag: "caaf5472af022dfc83c5cc7d0b304083f72b9a93"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9614e0f-1b62-40ec-b140-9464c5527d5e.jpeg
200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9614e0f-1b62-40ec-b140-9464c5527d5e.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 403cadd5f6beb14f5d2a4dd9eafc68d3
4724b4929c1afcc134ead274238725e4ce729b26
13d7b7ca88de8341e3ec835a5a7d8c79bc50a136aff8eb90aa3c2267f3e8cc08
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9614e0f-1b62-40ec-b140-9464c5527d5e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5241
x-amzn-requestid: 3ffb8a54-178e-4574-9662-8dc7696203fd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ACiy0FOqIAMFaKw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e41811-26219fa14a85f6e81e4cf129;Sampled=0
x-amzn-remapped-date: Wed, 08 Feb 2023 21:45:53 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 8U_d5u2rtXAyLLBhRZ3BbQkFOc5gxZIPhnyL5XOvjGV6-8KqWyn8FQ==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 21:45:53 GMT
etag: "4724b4929c1afcc134ead274238725e4ce729b26"
content-type: image/jpeg
age: 39811
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f087272-940e-484d-ad9d-2c67bcd6dccd.jpeg
200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f087272-940e-484d-ad9d-2c67bcd6dccd.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash bb7c8b758fe17f6c06ce2bebb5008495
032d747cf20951f6ca6fd51489fefd7c09c4948d
835d89e028ec4c85a845f2835cb5eddb9653937f6736e2713b671419474608ed
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f087272-940e-484d-ad9d-2c67bcd6dccd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12811
x-amzn-requestid: be33f9ef-31cb-4572-9f22-0a433423e195
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AChzZFiWIAMFgmA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e4167b-70ed2a756b8da4372ccc1f83;Sampled=0
x-amzn-remapped-date: Wed, 08 Feb 2023 21:39:07 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: JpeDqbyAp9qLkVVqTKxmVy96vqBfyK4-GDiWdgkAjQlUN4Fu160VLA==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 21:45:55 GMT
etag: "032d747cf20951f6ca6fd51489fefd7c09c4948d"
content-type: image/jpeg
age: 39809
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4930c104-0ac3-49ae-9506-13702874f821.jpeg
200 OK 3.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4930c104-0ac3-49ae-9506-13702874f821.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2c1f5626e7ff7e681468c3c5820f3633
a8bb267f929b734a53b3dab0283c717270f6eb43
38d81274cc9f71f149091f72494c74872d99909c69d612a595c930c4755c4da3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4930c104-0ac3-49ae-9506-13702874f821.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3474
x-amzn-requestid: 1b0f88cf-460b-4ed2-8235-86c9e3e3ff93
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ffW2uG3LIAMF3cg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d604f7-42e5c38315bdbd47615985b6;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 05:32:39 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: j7JqKdXPBH0hFdoy4Qj0ttGzX93CyNdiv6Tn5h1F_zwNhxwb4IYBTA==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 22:28:34 GMT
age: 37250
etag: "a8bb267f929b734a53b3dab0283c717270f6eb43"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3ab2faf0-d9a7-41a6-b5cf-bf6189f66342.jpeg
200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3ab2faf0-d9a7-41a6-b5cf-bf6189f66342.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9203cfb9f0c1c958dd008eac55a9d3c4
6bdd1047590dd3fb54c15d5d6d38e7c86274b203
09770229be5ff3037708543e3204c66de84253b3a858a83a0e1672a04c0e9cb1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3ab2faf0-d9a7-41a6-b5cf-bf6189f66342.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11760
x-amzn-requestid: b2863a01-4714-4554-a478-5402467b3448
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AChJKHc_oAMFwlw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e4156d-1c5a3edf37bc7cc937c800d2;Sampled=0
x-amzn-remapped-date: Wed, 08 Feb 2023 21:34:37 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: y-1zzLzVegi0T-SAyTpUuFD6iVVYbuL5u71dc74BY2l7PrxVu-am5w==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 21:34:37 GMT
etag: "6bdd1047590dd3fb54c15d5d6d38e7c86274b203"
content-type: image/jpeg
age: 40487
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
kumpulblogger.com/mac.php?b=183402
404 Not Found 315 B URL HTTP/1.1 kumpulblogger.com/mac.php?b=183402
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
GET /mac.php?b=183402 HTTP/1.1
Host: kumpulblogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://yzufy.blogspot.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 404 Not Found
Date: Thu, 09 Feb 2023 08:49:24 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=75
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
bdv.bidvertiser.com/BidVertiser.dbm?pid=448967&bid=1111882&RD=0175790966436&DIF=1&bd_ref_v=yzufy.blogspot.com&tref=1&win_name=null&docref=&jsrand=0175790966436&js1loc=-&loctitle=%20Belajar%20Ngulik%3A%20sms%20gratis%20undefined
200 OK 87 kB URL HTTP/1.1 bdv.bidvertiser.com/BidVertiser.dbm?pid=448967&bid=1111882&RD=0175790966436&DIF=1&bd_ref_v=yzufy.blogspot.com&tref=1&win_name=null&docref=&jsrand=0175790966436&js1loc=-&loctitle=%20Belajar%20Ngulik%3A%20sms%20gratis%20undefined
IP
Hash 8b5eb4847a88bfbcfd52fcf821967479
42a87a1e425de8c224e501d7c26c4eab1eb07480
abf981b6513c2b7da4e4103ba0a9efedcfe741da4e04833016321f152eddfab0
GET /BidVertiser.dbm?pid=448967&bid=1111882&RD=0175790966436&DIF=1&bd_ref_v=yzufy.blogspot.com&tref=1&win_name=null&docref=&jsrand=0175790966436&js1loc=-&loctitle=%20Belajar%20Ngulik%3A%20sms%20gratis%20undefined HTTP/1.1
Host: bdv.bidvertiser.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://yzufy.blogspot.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Thursday, 09-Feb-2023 08:49:25 GMT
Cache-Control: no-store
Last-Modified: Wednesday, 09-Feb-2022 08:49:25 GMT
P3P: policyref="http://www.bidvertiser.com/bdv/bidvertiser/p3p.xml", CP="NOI DEV PSA PSD IVA OTP OUR OTR IND OTC"
Content-Type: text/html; charset=utf-8
Content-Len: 333
CONNECTION: Close
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash a1d86c0ad2e32468f61d915e8ea3474c
3a6b7b7f26c1d57217677a52050b8241bc45ded4
f613f134e0bc497dfbb902d42f37402e09dfc9e3ed188f7a22f25803210caccf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F613F134E0BC497DFBB902D42F37402E09DFC9E3ED188F7A22F25803210CACCF"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5740
Expires: Thu, 09 Feb 2023 10:25:05 GMT
Date: Thu, 09 Feb 2023 08:49:25 GMT
Connection: keep-alive
s4.histats.com/stats/1762092.php?1762092&@f16&@g1&@h1&@i1&@j1675932622995&@k0&@l1&@mBelajar%20Ngulik%3A%20sms%20gratis&@n0&@o1000&@q0&@r0&@s408&@ten-US&@u1280&@b1:-186333665&@b3:1675932623&@b4:js15.js&@b5:0&@a-_0.2.1&@vhttp%3A%2F%2Fyzufy.blogspot.com%2Fsearch%2Flabel%2Fsms%20gratis&@w
200 OK 103 B URL HTTP/1.1 s4.histats.com/stats/1762092.php?1762092&@f16&@g1&@h1&@i1&@j1675932622995&@k0&@l1&@mBelajar%20Ngulik%3A%20sms%20gratis&@n0&@o1000&@q0&@r0&@s408&@ten-US&@u1280&@b1:-186333665&@b3:1675932623&@b4:js15.js&@b5:0&@a-_0.2.1&@vhttp%3A%2F%2Fyzufy.blogspot.com%2Fsearch%2Flabel%2Fsms%20gratis&@w
IP
File type ASCII text, with no line terminators
Hash 4d96edffe098c81b72a7523282e151b3
3d9aa331c3298e1bc35137afb21f98ab54bd3a29
491a980366bb69e550ea45d90258877cca039498781e1e7156c6ae44d794b30f
GET /stats/1762092.php?1762092&@f16&@g1&@h1&@i1&@j1675932622995&@k0&@l1&@mBelajar%20Ngulik%3A%20sms%20gratis&@n0&@o1000&@q0&@r0&@s408&@ten-US&@u1280&@b1:-186333665&@b3:1675932623&@b4:js15.js&@b5:0&@a-_0.2.1&@vhttp%3A%2F%2Fyzufy.blogspot.com%2Fsearch%2Flabel%2Fsms%20gratis&@w HTTP/1.1
Host: s4.histats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://yzufy.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 09 Feb 2023 08:49:25 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 103
Connection: close
bdv.bidvertiser.com/bidvertiser.dbm?pid=448967&bid=1111876&RD=6071376124283&DIF=2
200 OK 6.2 kB URL HTTP/1.1 bdv.bidvertiser.com/bidvertiser.dbm?pid=448967&bid=1111876&RD=6071376124283&DIF=2
IP
Hash 52c7ba748d5abaa438a335413c9cef0f
2b6398cce1ee23572c46889ea2a3994dbbeb278b
0780aaf53e2c7053a823bfa1382b87ef0db2a600052e4d01d7dddd688abb3a9d
GET /bidvertiser.dbm?pid=448967&bid=1111876&RD=6071376124283&DIF=2 HTTP/1.1
Host: bdv.bidvertiser.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://yzufy.blogspot.com/
HTTP/1.1 200 OK
Date: Thursday, 09-Feb-2023 08:49:25 GMT
Cache-Control: no-store
Last-Modified: Wednesday, 09-Feb-2022 08:49:25 GMT
P3P: policyref="http://www.bidvertiser.com/bdv/bidvertiser/p3p.xml", CP="NOI DEV PSA PSD IVA OTP OUR OTR IND OTC"
Content-Type: text/javascript; charset=utf-8
Content-Len: 333
CONNECTION: Close
yzufy.blogspot.com/b/stats?style=BLACK_TRANSPARENT&timeRange=ALL_TIME&token=APq4FmCq2TMLwR2IEAnlhxDquk76aHvGrbLVPbokW-c1_LK_P6xbpeHryIFhLNQmFGc8yatCzcyxsAWxu4rhf4XdrqHqYKVdnw
200 OK 256 B URL HTTP/1.1 yzufy.blogspot.com/b/stats?style=BLACK_TRANSPARENT&timeRange=ALL_TIME&token=APq4FmCq2TMLwR2IEAnlhxDquk76aHvGrbLVPbokW-c1_LK_P6xbpeHryIFhLNQmFGc8yatCzcyxsAWxu4rhf4XdrqHqYKVdnw
IP
File type JSON data\012- , ASCII text, with very long lines (410), with no line terminators
Hash 24bf2f8c11739c481b740206fda9ceb2
c9d1964175e3cc751583fee67713f66fd6294586
9d70feb9e9220e4bcc89c26cd15c8373755e8f10cc00aad3d171502fb3740006
GET /b/stats?style=BLACK_TRANSPARENT&timeRange=ALL_TIME&token=APq4FmCq2TMLwR2IEAnlhxDquk76aHvGrbLVPbokW-c1_LK_P6xbpeHryIFhLNQmFGc8yatCzcyxsAWxu4rhf4XdrqHqYKVdnw HTTP/1.1
Host: yzufy.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://yzufy.blogspot.com/search/label/sms%20gratis
Cookie: HstCfa1762092=1675932622995; HstCla1762092=1675932622995; HstCmu1762092=1675932622995; HstPn1762092=1; HstPt1762092=1; HstCnv1762092=1; HstCns1762092=1
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Thu, 09 Feb 2023 08:49:26 GMT
Expires: Thu, 09 Feb 2023 08:49:26 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 256
Server: GSE
yzufy.blogspot.com/search/label/clickjacking.js
200 OK 4.8 kB URL HTTP/1.1 yzufy.blogspot.com/search/label/clickjacking.js
IP
Hash ad05b4d816413ac9a8bd8b530a03c64e
6026a32f1acd97e563ffa4ab01f205bad5703c75
aa5ea46002daa58650b0552b49ec81a7c1b000e2c0c25c933fb2459bb71e8638
Analyzer Verdict Alert fortinet Malware
GET /search/label/clickjacking.js HTTP/1.1
Host: yzufy.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://yzufy.blogspot.com/search/label/sms%20gratis
Cookie: HstCfa1762092=1675932622995; HstCla1762092=1675932622995; HstCmu1762092=1675932622995; HstPn1762092=1; HstPt1762092=1; HstCnv1762092=1; HstCns1762092=1
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Expires: Thu, 09 Feb 2023 08:49:25 GMT
Date: Thu, 09 Feb 2023 08:49:25 GMT
Cache-Control: private, max-age=0
Last-Modified: Tue, 06 Dec 2022 12:43:56 GMT
ETag: W/"71a51a1614a4af15b0df635759e41e7706e67ed0d543615b74ec316ae9054136"
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 14241
Server: GSE
bdv.bidvertiser.com/BidVertiser.dbm?pid=448967&bid=1111876&RD=5359808553166&DIF=1&bd_ref_v=yzufy.blogspot.com&tref=1&win_name=null&docref=&jsrand=5359808553166&js1loc=-&loctitle=%20Belajar%20Ngulik%3A%20sms%20gratis%20undefined
200 OK 0 B URL HTTP/1.1 bdv.bidvertiser.com/BidVertiser.dbm?pid=448967&bid=1111876&RD=5359808553166&DIF=1&bd_ref_v=yzufy.blogspot.com&tref=1&win_name=null&docref=&jsrand=5359808553166&js1loc=-&loctitle=%20Belajar%20Ngulik%3A%20sms%20gratis%20undefined
IP
GET /BidVertiser.dbm?pid=448967&bid=1111876&RD=5359808553166&DIF=1&bd_ref_v=yzufy.blogspot.com&tref=1&win_name=null&docref=&jsrand=5359808553166&js1loc=-&loctitle=%20Belajar%20Ngulik%3A%20sms%20gratis%20undefined HTTP/1.1
Host: bdv.bidvertiser.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://yzufy.blogspot.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Thursday, 09-Feb-2023 08:49:24 GMT
Cache-Control: no-store
Last-Modified: Wednesday, 09-Feb-2022 08:49:24 GMT
P3P: policyref="http://www.bidvertiser.com/bdv/bidvertiser/p3p.xml", CP="NOI DEV PSA PSD IVA OTP OUR OTR IND OTC"
Content-Type: text/html; charset=utf-8
Content-Len: 333
CONNECTION: Close
bdv.bidvertiser.com/bidvertiser.dbm?pid=448967&bid=1111882&RD=29840760864955&DIF=2
200 OK 0 B URL HTTP/1.1 bdv.bidvertiser.com/bidvertiser.dbm?pid=448967&bid=1111882&RD=29840760864955&DIF=2
IP
GET /bidvertiser.dbm?pid=448967&bid=1111882&RD=29840760864955&DIF=2 HTTP/1.1
Host: bdv.bidvertiser.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://yzufy.blogspot.com/
HTTP/1.1 200 OK
Date: Thursday, 09-Feb-2023 08:49:25 GMT
Cache-Control: no-store
Last-Modified: Wednesday, 09-Feb-2022 08:49:25 GMT
P3P: policyref="http://www.bidvertiser.com/bdv/bidvertiser/p3p.xml", CP="NOI DEV PSA PSD IVA OTP OUR OTR IND OTC"
Content-Type: text/javascript; charset=utf-8
Content-Len: 333
CONNECTION: Close
216.58.207.193
93.184.220.29
54.36.158.42
23.36.76.226
157.240.205.11
31.13.72.36
149.56.240.127
0.0.0.0