firefox.settings.services.mozilla.com/v1/
143.204.55.115200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bdb8b66c705a7b996496d780f50c00b5
403ae92039fcc933870f51f913f78ccaf9652256
c923ed2539f4ce9f4d43743c402fbb2060a52a4cbedbf14c5f5742ab718073d6
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Length, Content-Type, Retry-After, Backoff
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 18 Oct 2022 19:51:31 GMT
Expires: Tue, 18 Oct 2022 20:24:27 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: EWhQ-D1_DAmQNPrO6C8dF61Br7Degd_UBpGZK5TflBF4g1_2d8dKJg==
Age: 3569
kewirausahaanberusaha.blogspot.com/2022/01/lemari-apa-yang-bisa-masuk-saku.html?m=1
142.250.74.161301 Moved Permanently 223 B URL HTTP/1.1 kewirausahaanberusaha.blogspot.com/2022/01/lemari-apa-yang-bisa-masuk-saku.html?m=1
IP 142.250.74.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 64e5bef2d69ddc32de548dca7ae954b1
cde62c32659afbd904f37948b7a37e8cd0596ab9
31eff71d0e12f14d70b23129f6e1545ca928a8ea68fc453910c33d0aa088e97c
GET /2022/01/lemari-apa-yang-bisa-masuk-saku.html?m=1 HTTP/1.1
Host: kewirausahaanberusaha.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Location: https://kewirausahaanberusaha.blogspot.com/2022/01/lemari-apa-yang-bisa-masuk-saku.html?m=1
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Tue, 18 Oct 2022 20:51:00 GMT
Expires: Tue, 18 Oct 2022 20:51:00 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 223
Server: GSE
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 66155b620c27c14aced991b34be0d1a0
2d489f39edc932199e2d8e03b40c1a5c95b993d2
1a500079242f4472c1e8dafd352c6c6078a7228a1993208d2fe1e27dd00644ea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1A500079242F4472C1E8DAFD352C6C6078A7228A1993208D2FE1E27DD00644EA"
Last-Modified: Mon, 17 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3717
Expires: Tue, 18 Oct 2022 21:52:57 GMT
Date: Tue, 18 Oct 2022 20:51:00 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 533e1d53f291993ed5886f88a85c6e55
eb4396e8422f71168d32ac6ff3ef49496f625e62
0d1b73b2a228fe76bf14688e603741025a40803971e05570f873b28788334b33
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0D1B73B2A228FE76BF14688E603741025A40803971E05570F873B28788334B33"
Last-Modified: Mon, 17 Oct 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11556
Expires: Wed, 19 Oct 2022 00:03:36 GMT
Date: Tue, 18 Oct 2022 20:51:00 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 9ohlxXNK7N3yucil8TfBuOFjm2XyEasqLjtQOB3wQln2p1I/VP3kl3/JB46XZhzjK5MM5sFBzws=
x-amz-request-id: W9Z9GT69GGRHCM8A
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 18 Oct 2022 20:03:59 GMT
age: 2821
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 8564a0091bd6b351eb5a3fd8c295419c
fbe183d7101ec9f05fb1a3c342ee9672ea6a35ff
9aad43fb35575ac0ba9b7002be2ec147154ab8283abea1019e4b61a9b168a4f5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 18 Oct 2022 20:51:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 18 Oct 2022 20:51:00 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.115200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Tue, 18 Oct 2022 20:43:40 GMT
Cache-Control: max-age=3600
Expires: Tue, 18 Oct 2022 20:54:10 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Pp0po1eJ8Y_c_qTsqcold8hff_5n4pu5ogvk1hDnaWbIcFcx0LhBmw==
Age: 441
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 8564a0091bd6b351eb5a3fd8c295419c
fbe183d7101ec9f05fb1a3c342ee9672ea6a35ff
9aad43fb35575ac0ba9b7002be2ec147154ab8283abea1019e4b61a9b168a4f5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 18 Oct 2022 20:51:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash c9b278637bdca251f78b46e4a0850473
a48fe5095fc27af1c6b6628149d9e8f655295621
eea38f271e134a85a7b586631a8831888ab81f0edb33120b26bd35cdfa032e52
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2832
Cache-Control: max-age=129776
Content-Type: application/ocsp-response
Date: Tue, 18 Oct 2022 20:51:01 GMT
Etag: "634e5e95-1d7"
Expires: Thu, 20 Oct 2022 08:53:57 GMT
Last-Modified: Tue, 18 Oct 2022 08:06:45 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471
kewirausahaanberusaha.blogspot.com/2022/01/lemari-apa-yang-bisa-masuk-saku.html?m=1
142.250.74.161200 OK 64 kB URL HTTP/2 kewirausahaanberusaha.blogspot.com/2022/01/lemari-apa-yang-bisa-masuk-saku.html?m=1
IP 142.250.74.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (55772)
Hash 777797dde5811abb464e2b03fb8b7ded
b7606d2650af2c0cd92a9c9134fb75d190761c90
60d037a61e1413c198f7527758d6c81067a9b8d332ad3426ead59a2460127398
GET /2022/01/lemari-apa-yang-bisa-masuk-saku.html?m=1 HTTP/1.1
Host: kewirausahaanberusaha.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
expires: Tue, 18 Oct 2022 20:51:01 GMT
date: Tue, 18 Oct 2022 20:51:01 GMT
cache-control: private, max-age=0
last-modified: Tue, 11 Oct 2022 07:29:56 GMT
etag: W/"0f618f8ad01ec619f7c676a3dcc3cccdbcfe146a439ea6c93f132165cdbc92a6"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 63969
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 19e7990cd87b450055801628f57bfe40
8869bbbf322291dfd468fe01553509760a764aba
4858bc26a8d7222655553e101042583abbdbcd2b988f8c59db688bab3da48801
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 18 Oct 2022 20:51:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 2ebad6cc34d16c56f4b918120cbb566d
d1e4eb944b2e9a8780c96c0138383798aa87b5c1
2ae4f821b98e7d0ecc0a5480d483976d0cf7f3ce9e7afcef24413f6a03c2c1c1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 18 Oct 2022 20:51:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2202012125655814
142.250.74.98200 OK 55 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2202012125655814
IP 142.250.74.98:0
File type ASCII text, with very long lines (2776)
Hash 039e033aee2f9c9e6162a359d4826bc3
510c3f9e8f15cdaf7af4f96714f949eff8220bb5
4891e1762507da1641a36bc1353622ebf5d52af5fcaf50a802ecc896e5aef997
GET /pagead/js/adsbygoogle.js?client=ca-pub-2202012125655814 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://kewirausahaanberusaha.blogspot.com
Connection: keep-alive
Referer: https://kewirausahaanberusaha.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 18 Oct 2022 20:51:01 GMT
expires: Tue, 18 Oct 2022 20:51:01 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 4049805392606155591
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 55147
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
apis.google.com/js/platform.js
142.250.74.174200 OK 20 kB URL HTTP/2 apis.google.com/js/platform.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1277)
Hash b5a31516be83fe4f962609045d824f88
939a49a9858bf23561279f9ca2d1941d3256c66f
edb661aa461800e97e3847608a8b2d81cfe345f69a6f84abaa001d8a60500328
GET /js/platform.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kewirausahaanberusaha.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 20361
date: Tue, 18 Oct 2022 20:51:01 GMT
expires: Tue, 18 Oct 2022 20:51:01 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "40c22a9ccbd70870"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4af978ed384d1b449afb6e52cf6c07f8
9432342b0140f4ac9e46a7c0d8d4e40adbc7f424
4024a6bb501e385d8aaa75795af5fbc5a4c776a65a86ceae9e7ff7f8804d309e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 18 Oct 2022 20:51:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4af978ed384d1b449afb6e52cf6c07f8
9432342b0140f4ac9e46a7c0d8d4e40adbc7f424
4024a6bb501e385d8aaa75795af5fbc5a4c776a65a86ceae9e7ff7f8804d309e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 18 Oct 2022 20:51:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash c190204159a1cbcfa30e3b35639f47ef
37f20a9f9e47377d8036d8cf8f2b5393d7e2a2d5
54acc7148382a5219d0c0d0ca5aa83c6fe65d6269415adc56a69d1c89373d9c8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 18 Oct 2022 20:51:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash c190204159a1cbcfa30e3b35639f47ef
37f20a9f9e47377d8036d8cf8f2b5393d7e2a2d5
54acc7148382a5219d0c0d0ca5aa83c6fe65d6269415adc56a69d1c89373d9c8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 18 Oct 2022 20:51:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.blogger.com/static/v1/jsbin/3469866930-comment_from_post_iframe.js
216.58.207.201200 OK 6.6 kB URL HTTP/2 www.blogger.com/static/v1/jsbin/3469866930-comment_from_post_iframe.js
IP 216.58.207.201:0
File type ASCII text, with very long lines (1441)
Hash f60e5037324bf7fd2256c16929886f09
aae4b1aea3737e0268e3578dd1d0e7cfe6c6d66b
71846da8d45274b77549b110389ab3dbcb8ce042051b5c39547909c1c343dfde
GET /static/v1/jsbin/3469866930-comment_from_post_iframe.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kewirausahaanberusaha.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 6573
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 12 Oct 2022 06:42:19 GMT
expires: Thu, 12 Oct 2023 06:42:19 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 11 Oct 2022 22:04:59 GMT
content-type: text/javascript
age: 569322
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15736, version 1.0\012- data
Hash 479970ffb74f2117317f9d24d9e317fe
81c796737cbe44d4a719777f0aff14b73a3efb1e
48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3
GET /s/roboto/v20/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://kewirausahaanberusaha.blogspot.com
Connection: keep-alive
Referer: https://kewirausahaanberusaha.blogspot.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15736
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 12 Oct 2022 15:25:02 GMT
expires: Thu, 12 Oct 2023 15:25:02 GMT
cache-control: public, max-age=31536000
age: 537959
last-modified: Wed, 24 Jul 2019 01:18:36 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15816, version 1.0\012- data
Hash 2735a3a69b509faf3577afd25bdf552e
8621aff863b67040010ccc183da5b9079ce6fd1d
b4d07892cde715d50bb69c1982df496385d1dfd8f9d1867c31f19a3c8634cfae
GET /s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://kewirausahaanberusaha.blogspot.com
Connection: keep-alive
Referer: https://kewirausahaanberusaha.blogspot.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15816
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 18 Oct 2022 06:03:10 GMT
expires: Wed, 18 Oct 2023 06:03:10 GMT
cache-control: public, max-age=31536000
age: 53271
last-modified: Wed, 24 Jul 2019 01:19:00 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 19e7990cd87b450055801628f57bfe40
8869bbbf322291dfd468fe01553509760a764aba
4858bc26a8d7222655553e101042583abbdbcd2b988f8c59db688bab3da48801
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 18 Oct 2022 20:51:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.blogger.com/static/v1/widgets/1583485740-widgets.js
216.58.207.201200 OK 57 kB URL HTTP/2 www.blogger.com/static/v1/widgets/1583485740-widgets.js
IP 216.58.207.201:0
File type ASCII text, with very long lines (2221)
Hash 51e9765a21d04965e256c5c0391baa23
64a603f8621455aca30ce9ffbcf57ec255a1c606
d3ffeaf05e015d956c69cc71a2f40f0a2336989bf0f09df1fef010cfa75b64bd
GET /static/v1/widgets/1583485740-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kewirausahaanberusaha.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 56805
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 17 Oct 2022 21:42:38 GMT
expires: Tue, 17 Oct 2023 21:42:38 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 17 Oct 2022 14:51:43 GMT
content-type: text/javascript
age: 83303
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4af978ed384d1b449afb6e52cf6c07f8
9432342b0140f4ac9e46a7c0d8d4e40adbc7f424
4024a6bb501e385d8aaa75795af5fbc5a4c776a65a86ceae9e7ff7f8804d309e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 18 Oct 2022 20:51:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash cc71911d4c07bede48cfda542aba33f0
6332e65663215375ab3a4fd4e02d9557ef739b0d
c9078ff8f478fa763f2521bc0d1db2c4d4d48aa21c6f249331e236b6b53a0ecb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 18 Oct 2022 20:51:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash c190204159a1cbcfa30e3b35639f47ef
37f20a9f9e47377d8036d8cf8f2b5393d7e2a2d5
54acc7148382a5219d0c0d0ca5aa83c6fe65d6269415adc56a69d1c89373d9c8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 18 Oct 2022 20:51:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/html/r20221013/r20190131/zrt_lookup.html
142.250.74.162200 OK 4.4 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/html/r20221013/r20190131/zrt_lookup.html
IP 142.250.74.162:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1731)
Hash 682bf699cccbc0ff817e1fcb7b95262a
11ad3edf0008f52b733c2d6d7199e1f052318d58
bd42f773d589f85cf6884d7893746d5d4e0c082f78e1c80511cf3aefa1c69a0f
GET /pagead/html/r20221013/r20190131/zrt_lookup.html HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kewirausahaanberusaha.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4420
x-xss-protection: 0
date: Tue, 18 Oct 2022 06:16:43 GMT
expires: Tue, 01 Nov 2022 06:16:43 GMT
cache-control: public, max-age=1209600
age: 52458
etag: 9671129459699598864
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
push.services.mozilla.com/
44.240.140.78101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.240.140.78:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: hot2m+VDS6rgVpHwfdttnQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: pSbrNE4xCPdt8bW+uw+dxu2xr4k=
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash b64bbd620bb8776454c5126fead0f0d1
548a6d00e62a93d9121ebba6f82aadd8e9f2b4bf
69ae14c05dccd189d12cb7ea0d3626943d5c67a204a62bf4a1d488c06aa6d02a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 18 Oct 2022 20:51:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash d10d6b2b6fe85a52d6e4f650d58a0260
9658c9fef7ee313e823b304b325b8594310ed752
488f2bfeef899c3f8a80ad1f0b732ea4054c57dec1939f947370b93fb9c15c63
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 18 Oct 2022 20:51:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash cc71911d4c07bede48cfda542aba33f0
6332e65663215375ab3a4fd4e02d9557ef739b0d
c9078ff8f478fa763f2521bc0d1db2c4d4d48aa21c6f249331e236b6b53a0ecb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 18 Oct 2022 20:51:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
partner.googleadservices.com/gampad/cookie.js?domain=kewirausahaanberusaha.blogspot.com&callback=_gfp_s_&client=ca-pub-2202012125655814&gpid_exp=1
172.217.21.162200 OK 250 B URL HTTP/2 partner.googleadservices.com/gampad/cookie.js?domain=kewirausahaanberusaha.blogspot.com&callback=_gfp_s_&client=ca-pub-2202012125655814&gpid_exp=1
IP 172.217.21.162:0
File type ASCII text, with very long lines (391), with no line terminators
Hash abdfc05c31128b76dc2c0a2c58c50d72
ddb871570780350085a640970a3adacfdf49690a
7635e5a34588b6f7f5267beae6a02bc918f76a585b3d56800999e243ab1f319c
GET /gampad/cookie.js?domain=kewirausahaanberusaha.blogspot.com&callback=_gfp_s_&client=ca-pub-2202012125655814&gpid_exp=1 HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kewirausahaanberusaha.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Tue, 18 Oct 2022 20:51:01 GMT
server: cafe
cache-control: private
content-length: 250
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.no/adsid/integrator.js?domain=kewirausahaanberusaha.blogspot.com
142.250.74.162200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=kewirausahaanberusaha.blogspot.com
IP 142.250.74.162:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=kewirausahaanberusaha.blogspot.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kewirausahaanberusaha.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Tue, 18 Oct 2022 20:51:01 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.com/adsid/integrator.js?domain=kewirausahaanberusaha.blogspot.com
142.250.74.98200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=kewirausahaanberusaha.blogspot.com
IP 142.250.74.98:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=kewirausahaanberusaha.blogspot.com HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kewirausahaanberusaha.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Tue, 18 Oct 2022 20:51:01 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash b64bbd620bb8776454c5126fead0f0d1
548a6d00e62a93d9121ebba6f82aadd8e9f2b4bf
69ae14c05dccd189d12cb7ea0d3626943d5c67a204a62bf4a1d488c06aa6d02a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 18 Oct 2022 20:51:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash d10d6b2b6fe85a52d6e4f650d58a0260
9658c9fef7ee313e823b304b325b8594310ed752
488f2bfeef899c3f8a80ad1f0b732ea4054c57dec1939f947370b93fb9c15c63
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 18 Oct 2022 20:51:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ff706e349ef1945cc398c282a50c2c4b
daae52f7b4683161fd3c07620f642d20cc621537
3ac2297412695354a0c69b3abe8dcd45e3a7f834cfb54218e8d2a762e20ea67f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3AC2297412695354A0C69B3ABE8DCD45E3A7F834CFB54218E8D2A762E20EA67F"
Last-Modified: Tue, 18 Oct 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20225
Expires: Wed, 19 Oct 2022 02:28:07 GMT
Date: Tue, 18 Oct 2022 20:51:02 GMT
Connection: keep-alive
www.blogger.com/dyn-css/authorization.css?targetBlogID=2436965391951803644&zx=164eab76-cac1-41d7-b3cb-f93530d9b825
216.58.207.201200 OK 21 B URL HTTP/2 www.blogger.com/dyn-css/authorization.css?targetBlogID=2436965391951803644&zx=164eab76-cac1-41d7-b3cb-f93530d9b825
IP 216.58.207.201:0
File type very short file (no magic)
Hash a62e4d501434033d5d177e67d3aafdd0
34f7300c9ed47334cf10826d57af785321e3138b
b0cabcbfed4b1830ab1956efbd2eec32289a968323cb854a47ef98360ed0f522
GET /dyn-css/authorization.css?targetBlogID=2436965391951803644&zx=164eab76-cac1-41d7-b3cb-f93530d9b825 HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kewirausahaanberusaha.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 18 Oct 2022 20:51:02 GMT
last-modified: Tue, 18 Oct 2022 20:51:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-length: 21
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
machineryvegetable.com/60a82b7609d4bcae21d81c089ad5627b/invoke.js
192.243.61.225200 OK 9.3 kB URL HTTP/1.1 machineryvegetable.com/60a82b7609d4bcae21d81c089ad5627b/invoke.js
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type Unicode text, UTF-8 text, with very long lines (25054), with no line terminators
Hash 2946fb78ee6a0855898a591d2f286df9
de3ec30e13037f7f61365e33fd93ca0e7d958544
10b165b9afb9f2c693596072b19fd6395ec3edb5680341f61f5088cf4373c9c7
GET /60a82b7609d4bcae21d81c089ad5627b/invoke.js HTTP/1.1
Host: machineryvegetable.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kewirausahaanberusaha.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Tue, 18 Oct 2022 20:51:02 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ed92c8991e2fb21e4d79fed2e63f4dab
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 42812d3f44ded0aff3f3bd6af584b333
f98e2681013fa424d076ce5fd4cf27c8f40c2ba8
9126685a5cdda4639796632366d3a2935317cf7a51d724d5bb56e315f5142262
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 18 Oct 2022 20:51:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu
142.250.74.164200 OK 666 B URL HTTP/2 www.google.com/recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu
IP 142.250.74.164:0
File type ASCII text, with very long lines (1034), with no line terminators
Hash 1ee4fcc6bc5d4a74841bde5e2be52621
c04bd68b2e519e021037dd1e4d624189b46a374d
00913f63ee8bc6cbc6499378b6039e4e82b017b956000524296a2f842f2a3122
GET /recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Tue, 18 Oct 2022 20:51:02 GMT
date: Tue, 18 Oct 2022 20:51:02 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 666
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
play.google.com/log?format=json&hasfast=true&authuser=0
216.58.207.206200 OK 0 B URL HTTP/2 play.google.com/log?format=json&hasfast=true&authuser=0
IP 216.58.207.206:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Referer: https://www.blogger.com/
Origin: https://www.blogger.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.blogger.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Tue, 18 Oct 2022 20:51:02 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: CONSENT=PENDING+105; expires=Thu, 17-Oct-2024 20:51:02 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 18 Oct 2022 20:51:02 GMT
cache-control: private
X-Firefox-Spdy: h2
play.google.com/log?format=json&hasfast=true&authuser=0
216.58.207.206200 OK 131 B URL HTTP/2 play.google.com/log?format=json&hasfast=true&authuser=0
IP 216.58.207.206:0
File type JSON data\012- , ASCII text, with no line terminators
Hash babb6f090aeebc6f421624475b4aefff
06079b7547949822c118224e51604f4c5ebf80c8
b2fe8b91f31edc7284cc9690e90dd4a38d985598374df68967d917590beb55dd
POST /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
X-Goog-AuthUser: 0
Content-Type: application/x-www-form-urlencoded;charset=utf-8
Content-Length: 2974
Origin: https://www.blogger.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.blogger.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web
content-type: text/plain; charset=UTF-8
content-encoding: gzip
date: Tue, 18 Oct 2022 20:51:02 GMT
server: Playlog
cache-control: private
content-length: 131
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: CONSENT=PENDING+404; expires=Thu, 17-Oct-2024 20:51:02 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 18 Oct 2022 20:51:02 GMT
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/recaptcha__en.js
142.250.74.163200 OK 402 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/recaptcha__en.js
IP 142.250.74.163:0
File type ASCII text, with very long lines (608)
Size 402 kB (401632 bytes)
Hash af538c6d81d575aac0416963bea7b208
22a080678c77639132902a5ef3ead0b4d06b3120
396c964c85a9b2e9a380bb18b1f6d51960f2bc7f7d4fd2bcf4754fc0ac443cd0
GET /recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
Origin: https://www.blogger.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 401632
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 17 Oct 2022 17:40:38 GMT
expires: Tue, 17 Oct 2023 17:40:38 GMT
cache-control: public, max-age=31536000
last-modified: Sun, 02 Oct 2022 20:02:07 GMT
content-type: text/javascript
age: 97824
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash 32940147b6a47c03acbcc91d286d32e7
ffb98bb3965fc258d534cba9da9c626cd74ae4e6
aa93e9851ae9e0a24d0560e3dda73b35198a2c5222eb249111b31bcc2b1096ec
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=147601
Date: Tue, 18 Oct 2022 20:51:02 GMT
Etag: "634e9c89-1d7"
Expires: Thu, 20 Oct 2022 13:51:03 GMT
Last-Modified: Tue, 18 Oct 2022 12:31:05 GMT
Server: ECS (nyb/1D1A)
X-Cache: Miss from cloudfront
Via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: R3w8r0sYgshi_DQCpAG5SQqagv42B_t3cSJJfRMhsq3cytfmF9TDiw==
Age: 4798
simplewebanalysis.com/stats
18.193.142.27200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 18.193.142.27:0
File type ASCII text, with no line terminators
Hash 082c898d5019bee7f4b8f7571664c48e
8159d24205161b8187147a41ccb8eb62e2084919
4ad07d270453940a2bf1d30a946175def190fed2e8064e52f589a1ac5666818f
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://kewirausahaanberusaha.blogspot.com
Connection: keep-alive
Referer: https://kewirausahaanberusaha.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 18 Oct 2022 20:51:02 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://kewirausahaanberusaha.blogspot.com
access-control-allow-credentials: true
set-cookie: uid_id2=e66edaaa-b440-47bc-9080-adb0681c472f:3:1; expires=Fri, 15 Oct 2032 20:51:02 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f6637f55204507ec161c2c3607e19e97
1bb5cc809a55c88c65e073d143705e064b308a1d
f5ece658076a7735e6c3e2b20dc2bc12996c48ed8d5254f65386f3a2d4ea3ea4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F5ECE658076A7735E6C3E2B20DC2BC12996C48ED8D5254F65386F3A2D4EA3EA4"
Last-Modified: Mon, 17 Oct 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3818
Expires: Tue, 18 Oct 2022 21:54:40 GMT
Date: Tue, 18 Oct 2022 20:51:02 GMT
Connection: keep-alive
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.195200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 15 Oct 2022 12:31:58 GMT
expires: Sun, 15 Oct 2023 12:31:58 GMT
cache-control: public, max-age=31536000
age: 289144
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 14 Oct 2022 00:48:31 GMT
expires: Sat, 14 Oct 2023 00:48:31 GMT
cache-control: public, max-age=31536000
age: 417751
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 0fcfa6b657f8e34f9eeaf49d51ccbc73
e508c6dbaaa34541005d8307a48f17a724471048
af4ef3ecc726fe0cd395a395a8449b985991df26ccdabc67eddd22c70eb78a1e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AF4EF3ECC726FE0CD395A395A8449B985991DF26CCDABC67EDDD22C70EB78A1E"
Last-Modified: Mon, 17 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8406
Expires: Tue, 18 Oct 2022 23:11:09 GMT
Date: Tue, 18 Oct 2022 20:51:03 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 0fcfa6b657f8e34f9eeaf49d51ccbc73
e508c6dbaaa34541005d8307a48f17a724471048
af4ef3ecc726fe0cd395a395a8449b985991df26ccdabc67eddd22c70eb78a1e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AF4EF3ECC726FE0CD395A395A8449B985991DF26CCDABC67EDDD22C70EB78A1E"
Last-Modified: Mon, 17 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8406
Expires: Tue, 18 Oct 2022 23:11:09 GMT
Date: Tue, 18 Oct 2022 20:51:03 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 0fcfa6b657f8e34f9eeaf49d51ccbc73
e508c6dbaaa34541005d8307a48f17a724471048
af4ef3ecc726fe0cd395a395a8449b985991df26ccdabc67eddd22c70eb78a1e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AF4EF3ECC726FE0CD395A395A8449B985991DF26CCDABC67EDDD22C70EB78A1E"
Last-Modified: Mon, 17 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8406
Expires: Tue, 18 Oct 2022 23:11:09 GMT
Date: Tue, 18 Oct 2022 20:51:03 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 0fcfa6b657f8e34f9eeaf49d51ccbc73
e508c6dbaaa34541005d8307a48f17a724471048
af4ef3ecc726fe0cd395a395a8449b985991df26ccdabc67eddd22c70eb78a1e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AF4EF3ECC726FE0CD395A395A8449B985991DF26CCDABC67EDDD22C70EB78A1E"
Last-Modified: Mon, 17 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8406
Expires: Tue, 18 Oct 2022 23:11:09 GMT
Date: Tue, 18 Oct 2022 20:51:03 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 0fcfa6b657f8e34f9eeaf49d51ccbc73
e508c6dbaaa34541005d8307a48f17a724471048
af4ef3ecc726fe0cd395a395a8449b985991df26ccdabc67eddd22c70eb78a1e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AF4EF3ECC726FE0CD395A395A8449B985991DF26CCDABC67EDDD22C70EB78A1E"
Last-Modified: Mon, 17 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8406
Expires: Tue, 18 Oct 2022 23:11:09 GMT
Date: Tue, 18 Oct 2022 20:51:03 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3213a7c7-0ccd-4354-bd64-432d8cd565cd.jpeg
34.120.237.76200 OK 7.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3213a7c7-0ccd-4354-bd64-432d8cd565cd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d5f3e230617c19df2161f174976caa0c
4bca04916f92c53d5f56d7553ac3677a9a14c085
b59139f61666eea62bca4ff5bb8bf36a0093f484d865f7e7c54ef94f3d31139c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3213a7c7-0ccd-4354-bd64-432d8cd565cd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7205
x-amzn-requestid: 4534c655-60a2-41bd-ac80-d60614921988
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aKyQxHD6oAMFbig=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634dca6b-1e32b5bf437ab9586a2175c5;Sampled=0
x-amzn-remapped-date: Mon, 17 Oct 2022 21:34:35 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 737UWQdimbxdQFU9ENL9K0RrqduTRQEkw0aiST-Reztl0DD5-oH87w==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Mon, 17 Oct 2022 22:08:27 GMT
age: 81756
etag: "4bca04916f92c53d5f56d7553ac3677a9a14c085"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F183e5182-d899-4aa5-9644-f2b1544cb135.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F183e5182-d899-4aa5-9644-f2b1544cb135.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1f6bf4f5731a4aa97b78bae1ffd519cb
5ac8a79bf62ff1dda432036aacacbb69c853eabd
f4a1ec168c097a6f2d95e6c3c790e8cb20890cb6e376faa79c8aeeee08b1f370
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F183e5182-d899-4aa5-9644-f2b1544cb135.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10748
x-amzn-requestid: 0d5c19df-5776-4c7b-9f62-904adcbe6e1c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aKyosGUJoAMFt_Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634dcb04-44bb56725b31b5f240865d99;Sampled=0
x-amzn-remapped-date: Mon, 17 Oct 2022 21:37:08 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: IiF3b1hUN3X38JLzoLhvqggtupKgzCTBgdanlj4-OnHpHHWhXjRvvw==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Mon, 17 Oct 2022 21:46:13 GMT
age: 83090
etag: "5ac8a79bf62ff1dda432036aacacbb69c853eabd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6ea4d5d-0df9-4cfe-a9fc-e70b8e32f8ef.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6ea4d5d-0df9-4cfe-a9fc-e70b8e32f8ef.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 54edb9ab897821172fc13756df376ee7
2010f9656d87e6f5220f131628c537720c3673e1
6694c1be0adf97fa77d1bfa29337d9e609b729a58d42e141e9bb55ed6367b1d8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6ea4d5d-0df9-4cfe-a9fc-e70b8e32f8ef.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13261
x-amzn-requestid: dd760e09-701e-4956-9723-386edc97c694
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Z0fH6FzIoAMFzJg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6344deff-197cf4f048e146af5654d0bd;Sampled=0
x-amzn-remapped-date: Tue, 11 Oct 2022 03:11:59 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: N-Blz23OttwJC3PacLqAd2IBfJkfEMXm4D1rhNveLqCtHyFDD9OwZw==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 18 Oct 2022 06:35:41 GMT
age: 51322
etag: "2010f9656d87e6f5220f131628c537720c3673e1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a291dbb-7f30-4ffb-8098-3b5f0093f379.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a291dbb-7f30-4ffb-8098-3b5f0093f379.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6e7fd6e50e59e93dd5329060ecbe7fef
1d89b8268579f42b0265df7b14f77930033b23fe
7c03b8ca2822417615d12bc133b199bb64ccdba10aa0656d1dc6843c6471b39d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a291dbb-7f30-4ffb-8098-3b5f0093f379.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6836
x-amzn-requestid: ad5ca7f1-a21c-44d3-b419-dfa7cf868e12
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aKzQZHPFIAMFuig=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634dcc02-38b229432e2fbaa8779daa52;Sampled=0
x-amzn-remapped-date: Mon, 17 Oct 2022 21:41:22 GMT
x-amz-cf-pop: SEA73-P2, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: dUm6WGDUVTB3WOdPSILAuSAQFCxj5sNwu2pmzi_ax7mhbrj-_tdWQg==
via: 1.1 2a44ef7b9d28e74c78ffadeedcbb887c.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 17 Oct 2022 21:55:26 GMT
etag: "1d89b8268579f42b0265df7b14f77930033b23fe"
content-type: image/jpeg
age: 82537
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4e0224bc-3141-475c-88f3-48e2d36f204f.jpeg
34.120.237.76200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4e0224bc-3141-475c-88f3-48e2d36f204f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ddd17c7d44a2e136710171f237ded665
577a22b126e54bfe0e4e4ce26b0fb866bc7fe007
b1327c4f33db5488ae49b1c2f7d5b49804d4245fd0bd92c41005b9045281f2a2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4e0224bc-3141-475c-88f3-48e2d36f204f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6352
x-amzn-requestid: c0479303-34b2-45d8-b794-4b83003312ef
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aHjNXE81IAMFWaA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634c7f22-702cee0d437cbdc349efa2e8;Sampled=0
x-amzn-remapped-date: Sun, 16 Oct 2022 22:01:06 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: BAmcO20Ujqli3EGGQaTGlMbQ7VxPPQDgxv-qi3gsygBrZ0Z3tcZZuA==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 01147dcc35d57fc0238a3c1700c13f16.cloudfront.net (CloudFront), 1.1 google
date: Mon, 17 Oct 2022 22:34:39 GMT
age: 80184
etag: "577a22b126e54bfe0e4e4ce26b0fb866bc7fe007"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F12c82a90-f45d-4e0f-b73c-10a7abfd551e.png
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F12c82a90-f45d-4e0f-b73c-10a7abfd551e.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e74f4de677631204256431e010756dd9
698ac04247bc52f9b200138ccfb8bf6184f3582f
a578e99e57e22f5ad3f8aaf102d80e4a6a79aab92ae1be6efdcf0c67968d31e3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F12c82a90-f45d-4e0f-b73c-10a7abfd551e.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12891
x-amzn-requestid: 57575612-3eaa-4979-b7e6-4eca29498e9c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aKyqfEkdIAMFvYQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634dcb0f-0cd3874a59496e6e2f685eab;Sampled=0
x-amzn-remapped-date: Mon, 17 Oct 2022 21:37:19 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: QxJbPi0RezvItuQg75q2OkJ7tj4YHN6SQJmA9kn5XJoZKlVLLAPcxA==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 17 Oct 2022 21:55:19 GMT
age: 82544
etag: "698ac04247bc52f9b200138ccfb8bf6184f3582f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4e9f986fac76c4b02dfe65d0b534a308
c0e5c4ba5e8eddd9cdbdcf645f8b8d45018444a0
813fd64e93043af69799a0994a625da62e93c2663d9185a6d8210113ad9a655b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 18 Oct 2022 20:51:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash ab6b02ac49cbf8bfd0a3beb248628260
1e05dc4c20eae4950a963424625ae4b5b9e8066c
58a6b2522ae3f9db692b2e0afe4b5406bb83b0e372a19f7c5bd2729cb235222e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 18 Oct 2022 20:51:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tpc.googlesyndication.com/sodar/sodar2.js
142.250.74.33200 OK 6.4 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2.js
IP 142.250.74.33:0
File type ASCII text, with very long lines (1321)
Hash ac906814ed812c4ecdbb624a3bd2f6c3
8e4547eaffaa66a1ee61b36028dbcd7091d0e7de
8ab8cef6156022c4547455defd8252b48b6bcb8b734072849345bb99758705fe
GET /sodar/sodar2.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kewirausahaanberusaha.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 6386
date: Tue, 18 Oct 2022 20:51:03 GMT
expires: Tue, 18 Oct 2022 20:51:03 GMT
cache-control: private, max-age=3000
etag: "1637097310169751"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash ab6b02ac49cbf8bfd0a3beb248628260
1e05dc4c20eae4950a963424625ae4b5b9e8066c
58a6b2522ae3f9db692b2e0afe4b5406bb83b0e372a19f7c5bd2729cb235222e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 18 Oct 2022 20:51:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lh3.googleusercontent.com/blogger_img_proxy/ANbyha0yRFd5ShU1dMQOzmru1ObdpG8FZjszHJeV4_-d_0RUUaqcA1xipgxjaDKRPXXrTSMxB4WinydwGuuzP_RxnP_S9qXc6jNoObNNcA0nSyYqPnKRf34oa3S1mSeTY0AgrlMw=w80-h80-p-k-no-nu
142.250.74.33200 OK 2.9 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha0yRFd5ShU1dMQOzmru1ObdpG8FZjszHJeV4_-d_0RUUaqcA1xipgxjaDKRPXXrTSMxB4WinydwGuuzP_RxnP_S9qXc6jNoObNNcA0nSyYqPnKRf34oa3S1mSeTY0AgrlMw=w80-h80-p-k-no-nu
IP 142.250.74.33:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 80x80, components 3\012- data
Hash 6cadf458c1315051cd0aa5561494e0ae
86028575543ecb8c7568e8ec888adb75bb6aa927
99a4bb445955f75e7cca5c292ef909d99cdfe9d8d47eb18bb68ac09f4900d92c
GET /blogger_img_proxy/ANbyha0yRFd5ShU1dMQOzmru1ObdpG8FZjszHJeV4_-d_0RUUaqcA1xipgxjaDKRPXXrTSMxB4WinydwGuuzP_RxnP_S9qXc6jNoObNNcA0nSyYqPnKRf34oa3S1mSeTY0AgrlMw=w80-h80-p-k-no-nu HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kewirausahaanberusaha.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
expires: Wed, 19 Oct 2022 20:51:03 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Tue, 18 Oct 2022 20:51:03 GMT
server: fife
content-length: 2897
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash ab6b02ac49cbf8bfd0a3beb248628260
1e05dc4c20eae4950a963424625ae4b5b9e8066c
58a6b2522ae3f9db692b2e0afe4b5406bb83b0e372a19f7c5bd2729cb235222e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 18 Oct 2022 20:51:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cuesingle.com/ntv.json?key=60a82b7609d4bcae21d81c089ad5627b&vstc=4
192.243.59.12200 OK 17 kB URL HTTP/1.1 cuesingle.com/ntv.json?key=60a82b7609d4bcae21d81c089ad5627b&vstc=4
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type JSON data\012- , ASCII text, with very long lines (16855), with no line terminators
Hash 64489d9d2d2ae9a5da93095854eb43a3
9508fa2a785e189ca6a081c58cf28e79855fadbf
e98b27c0a34f28bc9cee7304d9d6063bd46b5e7f62536594d86cfdc9eb529fc5
Analyzer Verdict Alert quad9 Sinkholed
GET /ntv.json?key=60a82b7609d4bcae21d81c089ad5627b&vstc=4 HTTP/1.1
Host: cuesingle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://kewirausahaanberusaha.blogspot.com
Connection: keep-alive
Referer: https://kewirausahaanberusaha.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Tue, 18 Oct 2022 20:51:03 GMT
Content-Type: application/json
Content-Length: 16855
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://kewirausahaanberusaha.blogspot.com
Access-Control-Allow-Origin: https://kewirausahaanberusaha.blogspot.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=17429198; expires=Wed, 19 Oct 2022 20:51:02 GMT; secure; SameSite=None
pdhtkv=true; expires=Wed, 19 Oct 2022 20:51:03 GMT; secure; SameSite=None
uncs=1; expires=Wed, 19 Oct 2022 20:51:03 GMT; secure; SameSite=None
pdhtkv49=true; expires=Wed, 19 Oct 2022 20:51:03 GMT; secure; SameSite=None
uncs49=1; expires=Wed, 19 Oct 2022 20:51:03 GMT; secure; SameSite=None
nlec60a82b7609d4bcae21d81c089ad5627b=[2229333,2229329,2229337,2019380]; expires=Tue, 18 Oct 2022 20:51:08 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ff1327e6106dadf566bf734e28fd750e
Strict-Transport-Security: max-age=0; includeSubdomains
lh3.googleusercontent.com/blogger_img_proxy/ANbyha1UPBJFkE-GijMhXEOh_3bwYEcbkVCLHlsY1O9Y_RPwsf8x0nrlmSXhs-HCox1YbusEYIEkaQHrSk26mJ5HDbRdPNV6-kEFO3GgXGKcUpjzBPrqM-m0xPL8yECl-7vJEj9TddkFhJsV3WmPCh2xLeiIwyY8kBqnTRDQaHynbZ6i1pLK0sjbEQZtVFmepelLxf_nMwKfT50WZK-y=w80-h80-p-k-no-nu
142.250.74.33200 OK 2.1 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha1UPBJFkE-GijMhXEOh_3bwYEcbkVCLHlsY1O9Y_RPwsf8x0nrlmSXhs-HCox1YbusEYIEkaQHrSk26mJ5HDbRdPNV6-kEFO3GgXGKcUpjzBPrqM-m0xPL8yECl-7vJEj9TddkFhJsV3WmPCh2xLeiIwyY8kBqnTRDQaHynbZ6i1pLK0sjbEQZtVFmepelLxf_nMwKfT50WZK-y=w80-h80-p-k-no-nu
IP 142.250.74.33:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 80x80, components 3\012- data
Hash 047d1edf1f69affe51ac5218c1fdbd62
5e00de83494d1f7cd009d0ad7fcfa28c69698ada
f737ad37502ecaea662ac8e262c631d8e5946498a9c5dd0eb402cd642107dbec
GET /blogger_img_proxy/ANbyha1UPBJFkE-GijMhXEOh_3bwYEcbkVCLHlsY1O9Y_RPwsf8x0nrlmSXhs-HCox1YbusEYIEkaQHrSk26mJ5HDbRdPNV6-kEFO3GgXGKcUpjzBPrqM-m0xPL8yECl-7vJEj9TddkFhJsV3WmPCh2xLeiIwyY8kBqnTRDQaHynbZ6i1pLK0sjbEQZtVFmepelLxf_nMwKfT50WZK-y=w80-h80-p-k-no-nu HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kewirausahaanberusaha.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
expires: Wed, 19 Oct 2022 20:51:03 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Tue, 18 Oct 2022 20:51:03 GMT
server: fife
content-length: 2109
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e8d38e8169286f1dd3cb60a0baea0b55
806ba97115da591582dde110ec828b708dc57359
a83029caacd6a6b1065fcc7eb8bb0315568055b9772f59a4d6a03e82c7c83cc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A83029CAACD6A6B1065FCC7EB8BB0315568055B9772F59A4D6A03E82C7C83CC9"
Last-Modified: Mon, 17 Oct 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4258
Expires: Tue, 18 Oct 2022 22:02:01 GMT
Date: Tue, 18 Oct 2022 20:51:03 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e8d38e8169286f1dd3cb60a0baea0b55
806ba97115da591582dde110ec828b708dc57359
a83029caacd6a6b1065fcc7eb8bb0315568055b9772f59a4d6a03e82c7c83cc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A83029CAACD6A6B1065FCC7EB8BB0315568055B9772F59A4D6A03E82C7C83CC9"
Last-Modified: Mon, 17 Oct 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4258
Expires: Tue, 18 Oct 2022 22:02:01 GMT
Date: Tue, 18 Oct 2022 20:51:03 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e8d38e8169286f1dd3cb60a0baea0b55
806ba97115da591582dde110ec828b708dc57359
a83029caacd6a6b1065fcc7eb8bb0315568055b9772f59a4d6a03e82c7c83cc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A83029CAACD6A6B1065FCC7EB8BB0315568055B9772F59A4D6A03E82C7C83CC9"
Last-Modified: Mon, 17 Oct 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4258
Expires: Tue, 18 Oct 2022 22:02:01 GMT
Date: Tue, 18 Oct 2022 20:51:03 GMT
Connection: keep-alive
cuesingle.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSy2skRRyu3owH48XVHPQigyAoyKS7M%2BmZcZHFGCPBuNmHi3qS6qqeSTk1XU09pic5BRdkj3PwoqfON8kGdRE9iQcXmSwsEhQzIJKD%2BRM8KIg3pcfguD%2Bo36O%2B7%2FD9Hh%2FuuTPiw9HT1TfVjpCSLi7X%2FOrz7wTBpeqGSN2gOmhG70X1S1Xdf6kV1fwXqq8nrKsWQz%2Fw%2FcAPqmtCJ201WCxBiOxuK6i1%2FFo9rAXLdQz0w7VxHgz1wPtn5AkIPqnc9xYg2Bhp78vVxHStyl58recktUqjzw9vpt1U5Sl6s7StPbTTw3M2lDlZuweVHkzlQvX%2FI8ZiQrwH9xCnh%2BciEff3pzpjiSRFzB9D3h8jkWMIOgZTtyD4CQEYx5VNpL07V5TO6fa%2FKC3RCan8%2BQdEPiGVXxeQ9r5YkWJQvaGks0KlBoN2ATEYQ3TGyNwR7M4FiPwIzH4AwQnSXgHBi2nPQowh2mPIZAhqPLjyCQ%2Bu7cFlHnr8tMqCIGj4nFG%2F2WJsiTeSOOJ%2BQBvtgAZ%2B1IRjpawhbDYEk0MwvYtM76IrhtDuO5itAoZ7MHZCvGu76PMCeUKQG4KcEuSCILcEeb844NKEprjDpXFxcB7D87hUjJTt7NEDZTtJSvayM3KxnIf36O8%2FopucViOfNsO4EfktXo8ZTcKANwPmN1uUL0dhI4YRBYS5MG11R0zIUz8vIBMT8gj%2FGzE9gpFHYGIO1AWg%2BagR%2BqBbo3rTx076jaHWiZQrl4puLZaqYzJla0z1wFWBzFZgt709eUaeni7p2cpNJOz48oP5l7PRL%2FNgukCmC7wv7hN05O3RdZWT%2FesqN%2BSrzcyKntih5QJvWGqTuc%2FeSLZzpfn6qhl%2B%2BgorgTK9%2B1Zi7AZNuUg7hny%2BIjhP9JrSLCHfrpu3k%2FiqM1srTqcu27j66tp6L9OJMUKlY1BxsvkXmJiQynNPTi%2Fz8R9%2Bg9BjaFeg547JuUGoI7BsFyabqTdqDlrOOHHmIXfFSIfx7FMKApnMahoXMP%2Br41m%2BZ26jo0NQe2t6kH1doC8LUDmEcfMjm%2Bnjy99%2FXNoniGVlFEtd2Y%2Bllh9NR1u6a6V7d0Ke%2BakOI06rjaUln0at5aDRoEkjrofNdhRwSsN6FEYRXYI1E7Z58et%2FAAAA%2F%2F8BAAD%2F%2F%2By8g%2FhzBAAA
192.243.59.12200 OK 7 B URL HTTP/1.1 cuesingle.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSy2skRRyu3owH48XVHPQigyAoyKS7M%2BmZcZHFGCPBuNmHi3qS6qqeSTk1XU09pic5BRdkj3PwoqfON8kGdRE9iQcXmSwsEhQzIJKD%2BRM8KIg3pcfguD%2Bo36O%2B7%2FD9Hh%2FuuTPiw9HT1TfVjpCSLi7X%2FOrz7wTBpeqGSN2gOmhG70X1S1Xdf6kV1fwXqq8nrKsWQz%2Fw%2FcAPqmtCJ201WCxBiOxuK6i1%2FFo9rAXLdQz0w7VxHgz1wPtn5AkIPqnc9xYg2Bhp78vVxHStyl58recktUqjzw9vpt1U5Sl6s7StPbTTw3M2lDlZuweVHkzlQvX%2FI8ZiQrwH9xCnh%2BciEff3pzpjiSRFzB9D3h8jkWMIOgZTtyD4CQEYx5VNpL07V5TO6fa%2FKC3RCan8%2BQdEPiGVXxeQ9r5YkWJQvaGks0KlBoN2ATEYQ3TGyNwR7M4FiPwIzH4AwQnSXgHBi2nPQowh2mPIZAhqPLjyCQ%2Bu7cFlHnr8tMqCIGj4nFG%2F2WJsiTeSOOJ%2BQBvtgAZ%2B1IRjpawhbDYEk0MwvYtM76IrhtDuO5itAoZ7MHZCvGu76PMCeUKQG4KcEuSCILcEeb844NKEprjDpXFxcB7D87hUjJTt7NEDZTtJSvayM3KxnIf36O8%2FopucViOfNsO4EfktXo8ZTcKANwPmN1uUL0dhI4YRBYS5MG11R0zIUz8vIBMT8gj%2FGzE9gpFHYGIO1AWg%2BagR%2BqBbo3rTx076jaHWiZQrl4puLZaqYzJla0z1wFWBzFZgt709eUaeni7p2cpNJOz48oP5l7PRL%2FNgukCmC7wv7hN05O3RdZWT%2FesqN%2BSrzcyKntih5QJvWGqTuc%2FeSLZzpfn6qhl%2B%2BgorgTK9%2B1Zi7AZNuUg7hny%2BIjhP9JrSLCHfrpu3k%2FiqM1srTqcu27j66tp6L9OJMUKlY1BxsvkXmJiQynNPTi%2Fz8R9%2Bg9BjaFeg547JuUGoI7BsFyabqTdqDlrOOHHmIXfFSIfx7FMKApnMahoXMP%2Br41m%2BZ26jo0NQe2t6kH1doC8LUDmEcfMjm%2Bnjy99%2FXNoniGVlFEtd2Y%2Bllh9NR1u6a6V7d0Ke%2BakOI06rjaUln0at5aDRoEkjrofNdhRwSsN6FEYRXYI1E7Z58et%2FAAAA%2F%2F8BAAD%2F%2F%2By8g%2FhzBAAA
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSy2skRRyu3owH48XVHPQigyAoyKS7M%2BmZcZHFGCPBuNmHi3qS6qqeSTk1XU09pic5BRdkj3PwoqfON8kGdRE9iQcXmSwsEhQzIJKD%2BRM8KIg3pcfguD%2Bo36O%2B7%2FD9Hh%2FuuTPiw9HT1TfVjpCSLi7X%2FOrz7wTBpeqGSN2gOmhG70X1S1Xdf6kV1fwXqq8nrKsWQz%2Fw%2FcAPqmtCJ201WCxBiOxuK6i1%2FFo9rAXLdQz0w7VxHgz1wPtn5AkIPqnc9xYg2Bhp78vVxHStyl58recktUqjzw9vpt1U5Sl6s7StPbTTw3M2lDlZuweVHkzlQvX%2FI8ZiQrwH9xCnh%2BciEff3pzpjiSRFzB9D3h8jkWMIOgZTtyD4CQEYx5VNpL07V5TO6fa%2FKC3RCan8%2BQdEPiGVXxeQ9r5YkWJQvaGks0KlBoN2ATEYQ3TGyNwR7M4FiPwIzH4AwQnSXgHBi2nPQowh2mPIZAhqPLjyCQ%2Bu7cFlHnr8tMqCIGj4nFG%2F2WJsiTeSOOJ%2BQBvtgAZ%2B1IRjpawhbDYEk0MwvYtM76IrhtDuO5itAoZ7MHZCvGu76PMCeUKQG4KcEuSCILcEeb844NKEprjDpXFxcB7D87hUjJTt7NEDZTtJSvayM3KxnIf36O8%2FopucViOfNsO4EfktXo8ZTcKANwPmN1uUL0dhI4YRBYS5MG11R0zIUz8vIBMT8gj%2FGzE9gpFHYGIO1AWg%2BagR%2BqBbo3rTx076jaHWiZQrl4puLZaqYzJla0z1wFWBzFZgt709eUaeni7p2cpNJOz48oP5l7PRL%2FNgukCmC7wv7hN05O3RdZWT%2FesqN%2BSrzcyKntih5QJvWGqTuc%2FeSLZzpfn6qhl%2B%2BgorgTK9%2B1Zi7AZNuUg7hny%2BIjhP9JrSLCHfrpu3k%2FiqM1srTqcu27j66tp6L9OJMUKlY1BxsvkXmJiQynNPTi%2Fz8R9%2Bg9BjaFeg547JuUGoI7BsFyabqTdqDlrOOHHmIXfFSIfx7FMKApnMahoXMP%2Br41m%2BZ26jo0NQe2t6kH1doC8LUDmEcfMjm%2Bnjy99%2FXNoniGVlFEtd2Y%2Bllh9NR1u6a6V7d0Ke%2BakOI06rjaUln0at5aDRoEkjrofNdhRwSsN6FEYRXYI1E7Z58et%2FAAAA%2F%2F8BAAD%2F%2F%2By8g%2FhzBAAA HTTP/1.1
Host: cuesingle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kewirausahaanberusaha.blogspot.com/
Cookie: u_pl=17429198; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Tue, 18 Oct 2022 20:51:03 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ebf0f5e1838f80671d7df083607587ff
Strict-Transport-Security: max-age=0; includeSubdomains
cdn.cloudimagesb.com/cti/d7/14/ea/d714ea0356c58a2679ce4074962c0e16/1588233398.jpeg
45.133.44.9200 OK 23 kB URL HTTP/2 cdn.cloudimagesb.com/cti/d7/14/ea/d714ea0356c58a2679ce4074962c0e16/1588233398.jpeg
IP 45.133.44.9:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 320x240, components 3\012- data
Hash 9a2dc4fe2ebb70df2dfb1566d22970b8
b85a5f4ef7bd68b834d03d8b9a552e2e546e8701
1983c705f5f4315c8cd002183eb9ed3c846abed8fc2a6f0a073185c249552efd
GET /cti/d7/14/ea/d714ea0356c58a2679ce4074962c0e16/1588233398.jpeg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kewirausahaanberusaha.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 18 Oct 2022 20:51:03 GMT
content-type: image/jpeg
content-length: 22757
server: nginx/1.17.6
last-modified: Thu, 30 Apr 2020 07:56:41 GMT
etag: "5eaa84b9-58e5"
expires: Thu, 20 Oct 2022 20:51:03 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.cloudimagesb.com/cti/d6/e8/37/d6e83777d7311d26f1ac5b2b62a81218/1588233535.jpg
45.133.44.9200 OK 28 kB URL HTTP/2 cdn.cloudimagesb.com/cti/d6/e8/37/d6e83777d7311d26f1ac5b2b62a81218/1588233535.jpg
IP 45.133.44.9:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 320x240, components 3\012- data
Hash 1dcde64d47d24d151a1433ecf4403dd7
443d6704b5a294e000084d7a8ac823e526093928
d11bcd65a82589c2c31d6fd87cb16ec673dd5640462ad3d20ff53e014a435376
GET /cti/d6/e8/37/d6e83777d7311d26f1ac5b2b62a81218/1588233535.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kewirausahaanberusaha.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 18 Oct 2022 20:51:03 GMT
content-type: image/jpeg
content-length: 27832
server: nginx/1.17.6
last-modified: Thu, 30 Apr 2020 07:58:58 GMT
etag: "5eaa8542-6cb8"
expires: Thu, 20 Oct 2022 20:51:03 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.cloudimagesb.com/cti/5e/78/a9/5e78a94057ff65f06ec19e727c7be04f/1588233511.jpg
45.133.44.9200 OK 24 kB URL HTTP/2 cdn.cloudimagesb.com/cti/5e/78/a9/5e78a94057ff65f06ec19e727c7be04f/1588233511.jpg
IP 45.133.44.9:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 320x240, components 3\012- data
Hash d71c872fb9f50bd9383abc0721d1d51e
1f69b40ef2f95798b4e0fd738d630ad4319cd739
6b4a622b9de1ffab8fe905fc8c4633994c732476664b5190ceedd62a3795ab08
GET /cti/5e/78/a9/5e78a94057ff65f06ec19e727c7be04f/1588233511.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kewirausahaanberusaha.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 18 Oct 2022 20:51:03 GMT
content-type: image/jpeg
content-length: 24518
server: nginx/1.17.6
last-modified: Thu, 30 Apr 2020 07:58:34 GMT
etag: "5eaa852a-5fc6"
expires: Thu, 20 Oct 2022 20:51:03 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.cloudimagesb.com/cti/f7/13/0e/f7130e7f47db248dc886c97a1e4c3e2b/1588233482.jpg
45.133.44.9200 OK 32 kB URL HTTP/2 cdn.cloudimagesb.com/cti/f7/13/0e/f7130e7f47db248dc886c97a1e4c3e2b/1588233482.jpg
IP 45.133.44.9:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 321x240, components 3\012- data
Hash 3528385dd0c31dbd2e5bfc4af7a6bec5
832c580ffd7711115d6c036ab4232f5bd88480a4
bfbfeebfcb679ca578055235614cc679b0757bad272996ef89b7fd5615a2db75
GET /cti/f7/13/0e/f7130e7f47db248dc886c97a1e4c3e2b/1588233482.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kewirausahaanberusaha.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 18 Oct 2022 20:51:03 GMT
content-type: image/jpeg
content-length: 32471
server: nginx/1.17.6
last-modified: Thu, 30 Apr 2020 07:58:05 GMT
etag: "5eaa850d-7ed7"
expires: Thu, 20 Oct 2022 20:51:03 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
cuesingle.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSzWsk1Rd9Nenf4jduHM1CN9IIgoJ0qjr96SCDMUaCcTIfDupK3ld3nv26XvFeva5OVsEBmWUv3OiqcjqZoA6iK3HhIJ2BQYJiGkSyMP%2BCoCDulGqDrReq7r3vnMW559739%2FwZCeHp6errZkdpTZfqlbD87FtRdLm8oWI%2FLA9bjXcatctlO3ih3aiEz5VflbxnlqphFIZRGJXXlJUdM1wqQKjkXjuqtMNKrVqJ6jUM7X975wM4GkAMzshjUGJaehAsQvEJ4v7nq9L1UpM8%2F0rfa5oai4E4vBX3YpPF6M%2FLjg3QiQ%2FP2TDuZO0%2BTHwwkwsz%2BIfI1JQED%2B%2BDxYfnIsEG%2BzOdTEPGYOIRZIMJpJ5A0Qm4uQ0lTgjABa5uIu7fvWpsRrf%2FRmmBTknp99%2Bgsikp%2FbyIuP%2FZilbD8k2jfapM7DDs5FDDCVR3gsQfId25AJUdgafvQQmCuJ9DiXw2s1ITqM4EWo5AXQBffCqA7wTwSYC%2BOC3zKIqaoeA0bLU5XxZNyRoijGizE9EobLTgeSFrhDQZgesRuN1FYnfRUyNY%2Fw3cVg4nArh0SoLruxiIHJkkyBxBRgkyRZClBNkgPxDaVV1%2BV2jnWXSeq%2Bd5OR%2BbtLtHD0zalTHZS87IpcKP4P%2B%2Ffo%2BePC03QtqqsmYjbIsa41RWI9GKeNhqU1FvVJsMTuVQ7sJs1B01JU%2F8uIhETcn%2FxJ9g9AhOH4GrBVAfgWbjZjUE3RrXWiF24q8cTb2KhfGx6lWYNl2XmLTCTR%2FC5EjSEtLtYE%2BfkSdnS3q69DYkP77y8OKLyfini%2BA2R2JzvKseEHT1nfENk5H9GyZz5IvNJFV9tUOLBd5MaSoXPnlNbmfGivVVN%2Fr4JV4ARXnvDenSDRoLFXcd%2BXRFCSHtmrFckq%2FX3ZuSXfNua8Xb2Ccb115eW%2B8nVjqnTDwBVSebf4CrKSk98%2FjsMh%2F97hcoO4H1Ofr%2BmJwHlDkCT3bhkrl6ZxZg9ZzDkgVkPh%2FbKps%2FakWg5bynLIf7V8%2Fm9Z67g66tgqa3Zwc5sDkGOgfVIzh%2FcZwm9vjKtx8W8RGYLo2ZtqV9pq3%2BoLD2VvG7PjN5Sp76oQanTsvLoWgy2ZFNJmv1Wkdywep1FvIOZ8ui1eJI3ZRvXvryLwAAAP%2F%2FAQAA%2F%2F%2F%2F9CWYcwQAAA%3D%3D
192.243.59.12200 OK 7 B URL HTTP/1.1 cuesingle.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSzWsk1Rd9Nenf4jduHM1CN9IIgoJ0qjr96SCDMUaCcTIfDupK3ld3nv26XvFeva5OVsEBmWUv3OiqcjqZoA6iK3HhIJ2BQYJiGkSyMP%2BCoCDulGqDrReq7r3vnMW559739%2FwZCeHp6errZkdpTZfqlbD87FtRdLm8oWI%2FLA9bjXcatctlO3ih3aiEz5VflbxnlqphFIZRGJXXlJUdM1wqQKjkXjuqtMNKrVqJ6jUM7X975wM4GkAMzshjUGJaehAsQvEJ4v7nq9L1UpM8%2F0rfa5oai4E4vBX3YpPF6M%2FLjg3QiQ%2FP2TDuZO0%2BTHwwkwsz%2BIfI1JQED%2B%2BDxYfnIsEG%2BzOdTEPGYOIRZIMJpJ5A0Qm4uQ0lTgjABa5uIu7fvWpsRrf%2FRmmBTknp99%2Bgsikp%2FbyIuP%2FZilbD8k2jfapM7DDs5FDDCVR3gsQfId25AJUdgafvQQmCuJ9DiXw2s1ITqM4EWo5AXQBffCqA7wTwSYC%2BOC3zKIqaoeA0bLU5XxZNyRoijGizE9EobLTgeSFrhDQZgesRuN1FYnfRUyNY%2Fw3cVg4nArh0SoLruxiIHJkkyBxBRgkyRZClBNkgPxDaVV1%2BV2jnWXSeq%2Bd5OR%2BbtLtHD0zalTHZS87IpcKP4P%2B%2Ffo%2BePC03QtqqsmYjbIsa41RWI9GKeNhqU1FvVJsMTuVQ7sJs1B01JU%2F8uIhETcn%2FxJ9g9AhOH4GrBVAfgWbjZjUE3RrXWiF24q8cTb2KhfGx6lWYNl2XmLTCTR%2FC5EjSEtLtYE%2BfkSdnS3q69DYkP77y8OKLyfini%2BA2R2JzvKseEHT1nfENk5H9GyZz5IvNJFV9tUOLBd5MaSoXPnlNbmfGivVVN%2Fr4JV4ARXnvDenSDRoLFXcd%2BXRFCSHtmrFckq%2FX3ZuSXfNua8Xb2Ccb115eW%2B8nVjqnTDwBVSebf4CrKSk98%2FjsMh%2F97hcoO4H1Ofr%2BmJwHlDkCT3bhkrl6ZxZg9ZzDkgVkPh%2FbKps%2FakWg5bynLIf7V8%2Fm9Z67g66tgqa3Zwc5sDkGOgfVIzh%2FcZwm9vjKtx8W8RGYLo2ZtqV9pq3%2BoLD2VvG7PjN5Sp76oQanTsvLoWgy2ZFNJmv1Wkdywep1FvIOZ8ui1eJI3ZRvXvryLwAAAP%2F%2FAQAA%2F%2F%2F%2F9CWYcwQAAA%3D%3D
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSzWsk1Rd9Nenf4jduHM1CN9IIgoJ0qjr96SCDMUaCcTIfDupK3ld3nv26XvFeva5OVsEBmWUv3OiqcjqZoA6iK3HhIJ2BQYJiGkSyMP%2BCoCDulGqDrReq7r3vnMW559739%2FwZCeHp6errZkdpTZfqlbD87FtRdLm8oWI%2FLA9bjXcatctlO3ih3aiEz5VflbxnlqphFIZRGJXXlJUdM1wqQKjkXjuqtMNKrVqJ6jUM7X975wM4GkAMzshjUGJaehAsQvEJ4v7nq9L1UpM8%2F0rfa5oai4E4vBX3YpPF6M%2FLjg3QiQ%2FP2TDuZO0%2BTHwwkwsz%2BIfI1JQED%2B%2BDxYfnIsEG%2BzOdTEPGYOIRZIMJpJ5A0Qm4uQ0lTgjABa5uIu7fvWpsRrf%2FRmmBTknp99%2Bgsikp%2FbyIuP%2FZilbD8k2jfapM7DDs5FDDCVR3gsQfId25AJUdgafvQQmCuJ9DiXw2s1ITqM4EWo5AXQBffCqA7wTwSYC%2BOC3zKIqaoeA0bLU5XxZNyRoijGizE9EobLTgeSFrhDQZgesRuN1FYnfRUyNY%2Fw3cVg4nArh0SoLruxiIHJkkyBxBRgkyRZClBNkgPxDaVV1%2BV2jnWXSeq%2Bd5OR%2BbtLtHD0zalTHZS87IpcKP4P%2B%2Ffo%2BePC03QtqqsmYjbIsa41RWI9GKeNhqU1FvVJsMTuVQ7sJs1B01JU%2F8uIhETcn%2FxJ9g9AhOH4GrBVAfgWbjZjUE3RrXWiF24q8cTb2KhfGx6lWYNl2XmLTCTR%2FC5EjSEtLtYE%2BfkSdnS3q69DYkP77y8OKLyfini%2BA2R2JzvKseEHT1nfENk5H9GyZz5IvNJFV9tUOLBd5MaSoXPnlNbmfGivVVN%2Fr4JV4ARXnvDenSDRoLFXcd%2BXRFCSHtmrFckq%2FX3ZuSXfNua8Xb2Ccb115eW%2B8nVjqnTDwBVSebf4CrKSk98%2FjsMh%2F97hcoO4H1Ofr%2BmJwHlDkCT3bhkrl6ZxZg9ZzDkgVkPh%2FbKps%2FakWg5bynLIf7V8%2Fm9Z67g66tgqa3Zwc5sDkGOgfVIzh%2FcZwm9vjKtx8W8RGYLo2ZtqV9pq3%2BoLD2VvG7PjN5Sp76oQanTsvLoWgy2ZFNJmv1Wkdywep1FvIOZ8ui1eJI3ZRvXvryLwAAAP%2F%2FAQAA%2F%2F%2F%2F9CWYcwQAAA%3D%3D HTTP/1.1
Host: cuesingle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kewirausahaanberusaha.blogspot.com/
Cookie: u_pl=17429198; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Tue, 18 Oct 2022 20:51:03 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 5fd13389c8793a0768bfb5a1f329efb0
Strict-Transport-Security: max-age=0; includeSubdomains
cuesingle.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSTWgkRRSu3oyg8eJqDgoig6AoyKS7M%2BmZcZFgjJFg3OyPi3qS6qqeSTnVXU1V1%2FQkp%2BCC7HEOXvTU%2BSbZ4BpET%2BLBRSYLiwTFDIjkYO4evCiIN6XH4OiD7vdefd%2Fhe997H%2BzaM%2BLC0tOVN9S2kJLOL9bc6nNve96l6rpIbL%2FabwbvBvVLVd17sRXU3Oerr0Wsq%2BZ913Ndz%2FWqq0JHbdWfL0GI9LDl1Vpure7XvMU6%2Bvr%2FvbEODHXAe2fkUQg%2Brtxz5iDYCEn8%2BUpkuplKX3g1tpJmSqPHD24k3UTlCeJp2dYO2snBORvKnKzehUr2J3Khev8SQzEmzv27CJODc5EIe3sTnaFElCDkDyPvjRDJEQQdgambEPyEAIzj8gaS%2BPZlpXO69Q9KS3RMKn%2F8DpGPSeXnOSTxZ8tS9KvXlbSZUIlBv11A9EcQnRFSe4Rs%2BwJEfgSWvQ%2FBCZK4gODFZGYhRhDtEWQ0ADUObPkJB7btwKYOYn5aZZ7nNVzOqNtsMbbAG1EYcNejjbZHPTdowrJS1gBZOgCTAzC9g1TvoCsG0PYbmM0Chjsw2Zg4V3fQ4wXyiCA3BDklyAVBnhHkvWKfS%2BOb4jaXxobeefbP80IxVFlnl%2B6rrBMlZDc9IxdLP5yHfvse3ei0Gri06YeNwG3xesho5Hu86TG32aJ8MfAbIYwoIMyFyajbYkwe%2F3EOqRiTB%2FhfCOkRjDwCEzOg1gPNhw3fBd0c1psutpOvDM2sSLiyiejWQqk6JlVZjakYXBVIswqyLWdXnpEnJkt6unIVETteuj%2F7Ujr8aRZMF0h1gffEPYKOvDW8pnKyd03lhnyxkWYiFtu0XOD1jGbRzJ3Xo61cab62YgafvMxKoCwP34xMtk4TLpKOIZ8uC84jvao0i8jXa%2BatKLxizeay1YlN16%2B8sroWpzoyRqhkBCpONv4EE2NSeeaxyWU%2B8t2vEHoEbQvE9picB4Q6Akt3YNLjpTtPHj7oPfsLjJqBllNOmF5Abouh9sPpoxQEMpr2NCxg%2FtOH03rX3EJH%2B6DZzclB9nSBnixA5QDGzg6zVB8vfftRGR8jlJVhKHVlL5Raflhae2Pib%2Fl7Z0ye%2BqEOI06rjYUFlwatRa%2FRoFEjrPvNduBxSv164AcBXUBmxmzj4pd%2FAwAA%2F%2F8BAAD%2F%2FxnZ6YZzBAAA
192.243.59.12200 OK 7 B URL HTTP/1.1 cuesingle.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSTWgkRRSu3oyg8eJqDgoig6AoyKS7M%2BmZcZFgjJFg3OyPi3qS6qqeSTnVXU1V1%2FQkp%2BCC7HEOXvTU%2BSbZ4BpET%2BLBRSYLiwTFDIjkYO4evCiIN6XH4OiD7vdefd%2Fhe997H%2BzaM%2BLC0tOVN9S2kJLOL9bc6nNve96l6rpIbL%2FabwbvBvVLVd17sRXU3Oerr0Wsq%2BZ913Ndz%2FWqq0JHbdWfL0GI9LDl1Vpure7XvMU6%2Bvr%2FvbEODHXAe2fkUQg%2Brtxz5iDYCEn8%2BUpkuplKX3g1tpJmSqPHD24k3UTlCeJp2dYO2snBORvKnKzehUr2J3Khev8SQzEmzv27CJODc5EIe3sTnaFElCDkDyPvjRDJEQQdgambEPyEAIzj8gaS%2BPZlpXO69Q9KS3RMKn%2F8DpGPSeXnOSTxZ8tS9KvXlbSZUIlBv11A9EcQnRFSe4Rs%2BwJEfgSWvQ%2FBCZK4gODFZGYhRhDtEWQ0ADUObPkJB7btwKYOYn5aZZ7nNVzOqNtsMbbAG1EYcNejjbZHPTdowrJS1gBZOgCTAzC9g1TvoCsG0PYbmM0Chjsw2Zg4V3fQ4wXyiCA3BDklyAVBnhHkvWKfS%2BOb4jaXxobeefbP80IxVFlnl%2B6rrBMlZDc9IxdLP5yHfvse3ei0Gri06YeNwG3xesho5Hu86TG32aJ8MfAbIYwoIMyFyajbYkwe%2F3EOqRiTB%2FhfCOkRjDwCEzOg1gPNhw3fBd0c1psutpOvDM2sSLiyiejWQqk6JlVZjakYXBVIswqyLWdXnpEnJkt6unIVETteuj%2F7Ujr8aRZMF0h1gffEPYKOvDW8pnKyd03lhnyxkWYiFtu0XOD1jGbRzJ3Xo61cab62YgafvMxKoCwP34xMtk4TLpKOIZ8uC84jvao0i8jXa%2BatKLxizeay1YlN16%2B8sroWpzoyRqhkBCpONv4EE2NSeeaxyWU%2B8t2vEHoEbQvE9picB4Q6Akt3YNLjpTtPHj7oPfsLjJqBllNOmF5Abouh9sPpoxQEMpr2NCxg%2FtOH03rX3EJH%2B6DZzclB9nSBnixA5QDGzg6zVB8vfftRGR8jlJVhKHVlL5Raflhae2Pib%2Fl7Z0ye%2BqEOI06rjYUFlwatRa%2FRoFEjrPvNduBxSv164AcBXUBmxmzj4pd%2FAwAA%2F%2F8BAAD%2F%2FxnZ6YZzBAAA
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSTWgkRRSu3oyg8eJqDgoig6AoyKS7M%2BmZcZFgjJFg3OyPi3qS6qqeSTnVXU1V1%2FQkp%2BCC7HEOXvTU%2BSbZ4BpET%2BLBRSYLiwTFDIjkYO4evCiIN6XH4OiD7vdefd%2Fhe997H%2BzaM%2BLC0tOVN9S2kJLOL9bc6nNve96l6rpIbL%2FabwbvBvVLVd17sRXU3Oerr0Wsq%2BZ913Ndz%2FWqq0JHbdWfL0GI9LDl1Vpure7XvMU6%2Bvr%2FvbEODHXAe2fkUQg%2Brtxz5iDYCEn8%2BUpkuplKX3g1tpJmSqPHD24k3UTlCeJp2dYO2snBORvKnKzehUr2J3Khev8SQzEmzv27CJODc5EIe3sTnaFElCDkDyPvjRDJEQQdgambEPyEAIzj8gaS%2BPZlpXO69Q9KS3RMKn%2F8DpGPSeXnOSTxZ8tS9KvXlbSZUIlBv11A9EcQnRFSe4Rs%2BwJEfgSWvQ%2FBCZK4gODFZGYhRhDtEWQ0ADUObPkJB7btwKYOYn5aZZ7nNVzOqNtsMbbAG1EYcNejjbZHPTdowrJS1gBZOgCTAzC9g1TvoCsG0PYbmM0Chjsw2Zg4V3fQ4wXyiCA3BDklyAVBnhHkvWKfS%2BOb4jaXxobeefbP80IxVFlnl%2B6rrBMlZDc9IxdLP5yHfvse3ei0Gri06YeNwG3xesho5Hu86TG32aJ8MfAbIYwoIMyFyajbYkwe%2F3EOqRiTB%2FhfCOkRjDwCEzOg1gPNhw3fBd0c1psutpOvDM2sSLiyiejWQqk6JlVZjakYXBVIswqyLWdXnpEnJkt6unIVETteuj%2F7Ujr8aRZMF0h1gffEPYKOvDW8pnKyd03lhnyxkWYiFtu0XOD1jGbRzJ3Xo61cab62YgafvMxKoCwP34xMtk4TLpKOIZ8uC84jvao0i8jXa%2BatKLxizeay1YlN16%2B8sroWpzoyRqhkBCpONv4EE2NSeeaxyWU%2B8t2vEHoEbQvE9picB4Q6Akt3YNLjpTtPHj7oPfsLjJqBllNOmF5Abouh9sPpoxQEMpr2NCxg%2FtOH03rX3EJH%2B6DZzclB9nSBnixA5QDGzg6zVB8vfftRGR8jlJVhKHVlL5Raflhae2Pib%2Fl7Z0ye%2BqEOI06rjYUFlwatRa%2FRoFEjrPvNduBxSv164AcBXUBmxmzj4pd%2FAwAA%2F%2F8BAAD%2F%2FxnZ6YZzBAAA HTTP/1.1
Host: cuesingle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kewirausahaanberusaha.blogspot.com/
Cookie: u_pl=17429198; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Tue, 18 Oct 2022 20:51:03 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 05df87d5e378faa1ac50c0e412456f39
Strict-Transport-Security: max-age=0; includeSubdomains
cuesingle.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSy2skRRyu3owHIwirOehFBkFQkUl3Z9Iz4yKLMUaCcbMPF%2FUk1VU9k3Jqupp6TE9yCi7IHufgRU%2Bdb5IN6iJ6Eg8uMllYJCBmQCQH80coiDelZ4Pj%2FqB%2Bj%2Fq%2Bw%2Fd7fLLnzogPR09X31E7Qkq6uFzzqy%2B%2BHwSXqhsidYPqoBl9GNUvVXX%2F1VZU81%2BqvpWwrloM%2FcD3Az%2BorgmdtNVgsQQhsrutoNbya%2FWwFizXMdCP1sZ5MNQD75%2BRpyD4pHLfW4BgY6S9b1YT07Uqe%2BXNnpPUKo0%2BP7yZdlOVp%2BjN0rb20E4Pz9lQ5mTtHlR6MJUL1f%2BPGIsJ8R7cQ5wenotE3N%2Bf6owlkhQxfwJ5f4xEjiHoGEzdguAnBGAcVzaR9u5cUTqn2w9RWqITUvnrT4h8Qiq%2FLyDtfb0ixaB6Q0lnhUoNBu0CYjCG6IyRuSPYnQsQ%2BRGY%2FRiCE6S9AoIX056FGEO0x5DJENR4cOUTHlzbg8s89PhplQVB0PA5o36zxdgSbyRxxP2ANtoBDfyoCcdKWUPYbAgmh2B6F5neRVcMod2PMFsFDPdg7IR413bR5wXyhCA3BDklyAVBbgnyfnHApQlNcYdL4%2BLgPIbncakYKdvZowfKdpKU7GVn5GI5D%2B%2FxP35GNzmtRj5thnEj8lu8HjOahAFvBsxvtihfjsJGDCMKCHNh2uqOmJBnfl1AJibkMf4PYnoEI4%2FAxByoC0DzUSP0QbdG9aaPnfR7Q60TKVcuFd1aLFXHZMrWmOqBqwKZrcBue3vyjDw7XdJzv9SRsOPLD%2BZfy0a%2FzYPpApku8JG4T9CRt0fXVU72r6vckG83Myt6YoeWC7xhqU3mvnw72c6V5uurZvjF66wEyvTuu4mxGzTlIu0Y8tWK4DzRa0qzhPywbt5L4qvObK04nbps4%2Boba%2Bu9TCfGCJWOQcXJ5t9gYkIqLzw9vcwnT16G0GNoV6Dnjsm5QagjsGwXJpupN2oOWs44cVZB7oqRDuPZpxQEMpnVNC5g%2FlfHs3zP3EZHh6D21vQg%2B7pAXxagcgjj5kc208eXf%2FqstM8Ry8oolrqyH0stP52Q5ys3S3etdB88nLQRp9XG0pJPo9Zy0GjQpBHXw2Y7CjilYT0Ko4guwZoJ27z43b8AAAD%2F%2FwEAAP%2F%2FTC5%2FL3MEAAA%3D
192.243.59.12200 OK 7 B URL HTTP/1.1 cuesingle.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSy2skRRyu3owHIwirOehFBkFQkUl3Z9Iz4yKLMUaCcbMPF%2FUk1VU9k3Jqupp6TE9yCi7IHufgRU%2Bdb5IN6iJ6Eg8uMllYJCBmQCQH80coiDelZ4Pj%2FqB%2Bj%2Fq%2Bw%2Fd7fLLnzogPR09X31E7Qkq6uFzzqy%2B%2BHwSXqhsidYPqoBl9GNUvVXX%2F1VZU81%2BqvpWwrloM%2FcD3Az%2BorgmdtNVgsQQhsrutoNbya%2FWwFizXMdCP1sZ5MNQD75%2BRpyD4pHLfW4BgY6S9b1YT07Uqe%2BXNnpPUKo0%2BP7yZdlOVp%2BjN0rb20E4Pz9lQ5mTtHlR6MJUL1f%2BPGIsJ8R7cQ5wenotE3N%2Bf6owlkhQxfwJ5f4xEjiHoGEzdguAnBGAcVzaR9u5cUTqn2w9RWqITUvnrT4h8Qiq%2FLyDtfb0ixaB6Q0lnhUoNBu0CYjCG6IyRuSPYnQsQ%2BRGY%2FRiCE6S9AoIX056FGEO0x5DJENR4cOUTHlzbg8s89PhplQVB0PA5o36zxdgSbyRxxP2ANtoBDfyoCcdKWUPYbAgmh2B6F5neRVcMod2PMFsFDPdg7IR413bR5wXyhCA3BDklyAVBbgnyfnHApQlNcYdL4%2BLgPIbncakYKdvZowfKdpKU7GVn5GI5D%2B%2FxP35GNzmtRj5thnEj8lu8HjOahAFvBsxvtihfjsJGDCMKCHNh2uqOmJBnfl1AJibkMf4PYnoEI4%2FAxByoC0DzUSP0QbdG9aaPnfR7Q60TKVcuFd1aLFXHZMrWmOqBqwKZrcBue3vyjDw7XdJzv9SRsOPLD%2BZfy0a%2FzYPpApku8JG4T9CRt0fXVU72r6vckG83Myt6YoeWC7xhqU3mvnw72c6V5uurZvjF66wEyvTuu4mxGzTlIu0Y8tWK4DzRa0qzhPywbt5L4qvObK04nbps4%2Boba%2Bu9TCfGCJWOQcXJ5t9gYkIqLzw9vcwnT16G0GNoV6Dnjsm5QagjsGwXJpupN2oOWs44cVZB7oqRDuPZpxQEMpnVNC5g%2FlfHs3zP3EZHh6D21vQg%2B7pAXxagcgjj5kc208eXf%2FqstM8Ry8oolrqyH0stP52Q5ys3S3etdB88nLQRp9XG0pJPo9Zy0GjQpBHXw2Y7CjilYT0Ko4guwZoJ27z43b8AAAD%2F%2FwEAAP%2F%2FTC5%2FL3MEAAA%3D
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSy2skRRyu3owHIwirOehFBkFQkUl3Z9Iz4yKLMUaCcbMPF%2FUk1VU9k3Jqupp6TE9yCi7IHufgRU%2Bdb5IN6iJ6Eg8uMllYJCBmQCQH80coiDelZ4Pj%2FqB%2Bj%2Fq%2Bw%2Fd7fLLnzogPR09X31E7Qkq6uFzzqy%2B%2BHwSXqhsidYPqoBl9GNUvVXX%2F1VZU81%2BqvpWwrloM%2FcD3Az%2BorgmdtNVgsQQhsrutoNbya%2FWwFizXMdCP1sZ5MNQD75%2BRpyD4pHLfW4BgY6S9b1YT07Uqe%2BXNnpPUKo0%2BP7yZdlOVp%2BjN0rb20E4Pz9lQ5mTtHlR6MJUL1f%2BPGIsJ8R7cQ5wenotE3N%2Bf6owlkhQxfwJ5f4xEjiHoGEzdguAnBGAcVzaR9u5cUTqn2w9RWqITUvnrT4h8Qiq%2FLyDtfb0ixaB6Q0lnhUoNBu0CYjCG6IyRuSPYnQsQ%2BRGY%2FRiCE6S9AoIX056FGEO0x5DJENR4cOUTHlzbg8s89PhplQVB0PA5o36zxdgSbyRxxP2ANtoBDfyoCcdKWUPYbAgmh2B6F5neRVcMod2PMFsFDPdg7IR413bR5wXyhCA3BDklyAVBbgnyfnHApQlNcYdL4%2BLgPIbncakYKdvZowfKdpKU7GVn5GI5D%2B%2FxP35GNzmtRj5thnEj8lu8HjOahAFvBsxvtihfjsJGDCMKCHNh2uqOmJBnfl1AJibkMf4PYnoEI4%2FAxByoC0DzUSP0QbdG9aaPnfR7Q60TKVcuFd1aLFXHZMrWmOqBqwKZrcBue3vyjDw7XdJzv9SRsOPLD%2BZfy0a%2FzYPpApku8JG4T9CRt0fXVU72r6vckG83Myt6YoeWC7xhqU3mvnw72c6V5uurZvjF66wEyvTuu4mxGzTlIu0Y8tWK4DzRa0qzhPywbt5L4qvObK04nbps4%2Boba%2Bu9TCfGCJWOQcXJ5t9gYkIqLzw9vcwnT16G0GNoV6Dnjsm5QagjsGwXJpupN2oOWs44cVZB7oqRDuPZpxQEMpnVNC5g%2FlfHs3zP3EZHh6D21vQg%2B7pAXxagcgjj5kc208eXf%2FqstM8Ry8oolrqyH0stP52Q5ys3S3etdB88nLQRp9XG0pJPo9Zy0GjQpBHXw2Y7CjilYT0Ko4guwZoJ27z43b8AAAD%2F%2FwEAAP%2F%2FTC5%2FL3MEAAA%3D HTTP/1.1
Host: cuesingle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kewirausahaanberusaha.blogspot.com/
Cookie: u_pl=17429198; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Tue, 18 Oct 2022 20:51:03 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 0a2f33e01130ec685ad7157ea62c97a9
Strict-Transport-Security: max-age=0; includeSubdomains
cuesingle.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRSu3owH48XVHPQigyAoyKS7M%2BmZcZHFGCPBuNkfLupJqqt6JuXUdDX1Y3qSU3BB9jgHL3rqfJNsUBfRk3hwkcnCIkExAyI5mH9BUBBvSo%2FBcR90v%2Ffq%2Bw7f%2B977cM%2BdER%2BOnq6%2BqXaElHRxueZXn38nCC5VN0TqBtVBM3ovql%2Bq6v5Lrajmv1B9PWFdtRj6ge8HflBdEzppq8FiCUJkd1tBreXX6mEtWK5joB%2FujfNgqAfePyNPQPBJ5b63AMHGSHtfriama1X24ms9J6lVGn1%2BeDPtpipP0ZuVbe2hnR6es6HMydo9qPRgKheq%2Fx8xFhPiPbiHOD08F4m4vz%2FVGUskKWL%2BGPL%2BGIkcQ9AxmLoFwU8IwDiubCLt3bmidE63%2F0VpiU5I5c8%2FIPIJqfy6gLT3xYoUg%2BoNJZ0VKjUYtAuIwRiiM0bmjmB3LkDkR2D2AwhOkPYKCF5MZxZiDNEeQyZDUOPBlZ%2Fw4NoeXOahx0%2BrLAiChs8Z9ZstxpZ4I4kj7ge00Q5o4EdNOFbKGsJmQzA5BNO7yPQuumII7b6D2SpguAdjJ8S7tos%2BL5AnBLkhyClBLghyS5D3iwMuTWiKO1waFwfnOTzPS8VI2c4ePVC2k6RkLzsjF0s%2FvEd%2F%2FxHd5LQa%2BbQZxo3Ib%2FF6zGgSBrwZML%2FZonw5ChsxjCggzIXpqDtiQp76eQGZmJBH%2BN%2BI6RGMPAITc6AuAM1HjdAH3RrVmz520m8MtU6kXLlUdGuxVB2TKVtjqgeuCmS2Arvt7ckz8vR0Sc9W3kXCji8%2FmH85G%2F0yD6YLZLrA%2B%2BI%2BQUfeHl1XOdm%2FrnJDvtrMrOiJHVou8IalNpn77I1kO1ear6%2Ba4aevsBIoy7tvJcZu0JSLtGPI5yuC80SvKc0S8u26eTuJrzqzteJ06rKNq6%2BurfcynRgjVDoGFSebf4GJCak89%2BT0Mh%2F%2F4TcIPYZ2BXrumJwHhDoCy3Zhspl6o%2Bag5YwTZ3PIXTHSYTx7lIJAJrOexgXM%2F%2Fp4Vu%2BZ2%2BjoENTemh5kXxfoywJUDmHc%2FMhm%2Bvjy9x%2BX8QliWRnFUlf2Y6nlR6W1N8vftanJE%2FLMT3UYcVptLC35NGotB40GTRpxPWy2o4BTGtajMIroEqyZsM2LX%2F8DAAD%2F%2FwEAAP%2F%2FfyDwcHMEAAA%3D
192.243.59.12200 OK 7 B URL HTTP/1.1 cuesingle.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRSu3owH48XVHPQigyAoyKS7M%2BmZcZHFGCPBuNkfLupJqqt6JuXUdDX1Y3qSU3BB9jgHL3rqfJNsUBfRk3hwkcnCIkExAyI5mH9BUBBvSo%2FBcR90v%2Ffq%2Bw7f%2B977cM%2BdER%2BOnq6%2BqXaElHRxueZXn38nCC5VN0TqBtVBM3ovql%2Bq6v5Lrajmv1B9PWFdtRj6ge8HflBdEzppq8FiCUJkd1tBreXX6mEtWK5joB%2FujfNgqAfePyNPQPBJ5b63AMHGSHtfriama1X24ms9J6lVGn1%2BeDPtpipP0ZuVbe2hnR6es6HMydo9qPRgKheq%2Fx8xFhPiPbiHOD08F4m4vz%2FVGUskKWL%2BGPL%2BGIkcQ9AxmLoFwU8IwDiubCLt3bmidE63%2F0VpiU5I5c8%2FIPIJqfy6gLT3xYoUg%2BoNJZ0VKjUYtAuIwRiiM0bmjmB3LkDkR2D2AwhOkPYKCF5MZxZiDNEeQyZDUOPBlZ%2Fw4NoeXOahx0%2BrLAiChs8Z9ZstxpZ4I4kj7ge00Q5o4EdNOFbKGsJmQzA5BNO7yPQuumII7b6D2SpguAdjJ8S7tos%2BL5AnBLkhyClBLghyS5D3iwMuTWiKO1waFwfnOTzPS8VI2c4ePVC2k6RkLzsjF0s%2FvEd%2F%2FxHd5LQa%2BbQZxo3Ib%2FF6zGgSBrwZML%2FZonw5ChsxjCggzIXpqDtiQp76eQGZmJBH%2BN%2BI6RGMPAITc6AuAM1HjdAH3RrVmz520m8MtU6kXLlUdGuxVB2TKVtjqgeuCmS2Arvt7ckz8vR0Sc9W3kXCji8%2FmH85G%2F0yD6YLZLrA%2B%2BI%2BQUfeHl1XOdm%2FrnJDvtrMrOiJHVou8IalNpn77I1kO1ear6%2Ba4aevsBIoy7tvJcZu0JSLtGPI5yuC80SvKc0S8u26eTuJrzqzteJ06rKNq6%2BurfcynRgjVDoGFSebf4GJCak89%2BT0Mh%2F%2F4TcIPYZ2BXrumJwHhDoCy3Zhspl6o%2Bag5YwTZ3PIXTHSYTx7lIJAJrOexgXM%2F%2Fp4Vu%2BZ2%2BjoENTemh5kXxfoywJUDmHc%2FMhm%2Bvjy9x%2BX8QliWRnFUlf2Y6nlR6W1N8vftanJE%2FLMT3UYcVptLC35NGotB40GTRpxPWy2o4BTGtajMIroEqyZsM2LX%2F8DAAD%2F%2FwEAAP%2F%2FfyDwcHMEAAA%3D
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRSu3owH48XVHPQigyAoyKS7M%2BmZcZHFGCPBuNkfLupJqqt6JuXUdDX1Y3qSU3BB9jgHL3rqfJNsUBfRk3hwkcnCIkExAyI5mH9BUBBvSo%2FBcR90v%2Ffq%2Bw7f%2B977cM%2BdER%2BOnq6%2BqXaElHRxueZXn38nCC5VN0TqBtVBM3ovql%2Bq6v5Lrajmv1B9PWFdtRj6ge8HflBdEzppq8FiCUJkd1tBreXX6mEtWK5joB%2FujfNgqAfePyNPQPBJ5b63AMHGSHtfriama1X24ms9J6lVGn1%2BeDPtpipP0ZuVbe2hnR6es6HMydo9qPRgKheq%2Fx8xFhPiPbiHOD08F4m4vz%2FVGUskKWL%2BGPL%2BGIkcQ9AxmLoFwU8IwDiubCLt3bmidE63%2F0VpiU5I5c8%2FIPIJqfy6gLT3xYoUg%2BoNJZ0VKjUYtAuIwRiiM0bmjmB3LkDkR2D2AwhOkPYKCF5MZxZiDNEeQyZDUOPBlZ%2Fw4NoeXOahx0%2BrLAiChs8Z9ZstxpZ4I4kj7ge00Q5o4EdNOFbKGsJmQzA5BNO7yPQuumII7b6D2SpguAdjJ8S7tos%2BL5AnBLkhyClBLghyS5D3iwMuTWiKO1waFwfnOTzPS8VI2c4ePVC2k6RkLzsjF0s%2FvEd%2F%2FxHd5LQa%2BbQZxo3Ib%2FF6zGgSBrwZML%2FZonw5ChsxjCggzIXpqDtiQp76eQGZmJBH%2BN%2BI6RGMPAITc6AuAM1HjdAH3RrVmz520m8MtU6kXLlUdGuxVB2TKVtjqgeuCmS2Arvt7ckz8vR0Sc9W3kXCji8%2FmH85G%2F0yD6YLZLrA%2B%2BI%2BQUfeHl1XOdm%2FrnJDvtrMrOiJHVou8IalNpn77I1kO1ear6%2Ba4aevsBIoy7tvJcZu0JSLtGPI5yuC80SvKc0S8u26eTuJrzqzteJ06rKNq6%2BurfcynRgjVDoGFSebf4GJCak89%2BT0Mh%2F%2F4TcIPYZ2BXrumJwHhDoCy3Zhspl6o%2Bag5YwTZ3PIXTHSYTx7lIJAJrOexgXM%2F%2Fp4Vu%2BZ2%2BjoENTemh5kXxfoywJUDmHc%2FMhm%2Bvjy9x%2BX8QliWRnFUlf2Y6nlR6W1N8vftanJE%2FLMT3UYcVptLC35NGotB40GTRpxPWy2o4BTGtajMIroEqyZsM2LX%2F8DAAD%2F%2FwEAAP%2F%2FfyDwcHMEAAA%3D HTTP/1.1
Host: cuesingle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kewirausahaanberusaha.blogspot.com/
Cookie: u_pl=17429198; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Tue, 18 Oct 2022 20:51:03 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 37c82722091d7527bc8181811e71f346
Strict-Transport-Security: max-age=0; includeSubdomains
cuesingle.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSTWgkRRSu3oyg8eJqDgoig6AoyKR7Mr8uEowxEoyb%2FXFRT1J%2FMymnpqup6pqe5BRckD3OwYueOt8kG1yD6Ek8uMhkYZGgmAGRHMzdgxcF8abMGIw%2B6H7v1fcdvve998GOPyUhPD1ZfsNsKa3pfLUUFp97O4ouFddU7PvFfqP2bq1yqWh7LzZrpfD54muSd8x8OYzCMAqj4oqysmX68xMQKjloRqVmWKqUS1G1gr79f%2B98AEcDiN4peRRKjAv3gjkoPkLc%2FXxZuk5qkhde7XpNU2PRE%2Fs34k5sshjd87JlA7Ti%2FTM2jDteuQsT703lwvT%2BJTI1JsH9u2Dx%2FplIsN7uVCfTkDGYeBhZbwSpR1B0BG5uQoljAnCBy%2BuIu7cvG5vRzX9QOkHHpPDH71DZmBR%2BnkPc%2FWxJq37xutE%2BVSZ26LdyqP4Iqj1C4g%2BRbl2Ayg7B0%2FehBEHczaFEPp1ZqRFUawQtB6AugJ98KoBvBfBJgK44KfIoiuqh4DRsNDlfEHXJaiKMaL0V0SisNeD5RNYAaTIA1wNwu43EbqOjBrD%2BG7iNHE4EcOmYBFe30RM5MkmQOYKMEmSKIEsJsl6%2BJ7Qru%2Fy20M6z6CyXz%2FJCPjRpe4fumbQtY7KTnJKLEz%2BCh377Hh15UqyFtFFm9VrYFBXGqSxHohHxsNGkolor1xmcyqHchemoW2pMHv9xDokakwfEX2D0EE4fgqsZUB%2BBZsN6OQTdGFYaIbbirxxNvYqF8bHqlJg2bZeYtMRNF8LkSNIC0s1gR5%2BSJ6ZLerpwFZIfLd6ffSkZ%2FjQLbnMkNsd76h5BW98aXjMZ2b1mMke%2BWE9S1VVbdLLA6ylN5cyd1%2BVmZqxYXXaDT17mE2BSHrwpXbpGY6HitiOfLikhpF0xlkvy9ap7S7Ir3m0seRv7ZO3KKyur3cRK55SJR6DqeP1PcDUmhWcem17mI9%2F9CmVHsD5H1x%2BRs4Ayh%2BDJNlxytHjnyYMHo2d%2FgTMzsPqcw5ILyHw%2BtGV2%2FqgVgZbnPWU53H96dl7vuFto2zJoenN6kD2bo6dzUD2A87PDNLFHi99%2BNImPwXRhyLQt7DJt9YcTa29M%2FZ383hmTp36owKmT4kIo6ky2ZJ3JSrXSklywapWFvMXZgmg0OFI35usXv%2FwbAAD%2F%2FwEAAP%2F%2FmQ08bnMEAAA%3D
192.243.59.12200 OK 7 B URL HTTP/1.1 cuesingle.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSTWgkRRSu3oyg8eJqDgoig6AoyKR7Mr8uEowxEoyb%2FXFRT1J%2FMymnpqup6pqe5BRckD3OwYueOt8kG1yD6Ek8uMhkYZGgmAGRHMzdgxcF8abMGIw%2B6H7v1fcdvve998GOPyUhPD1ZfsNsKa3pfLUUFp97O4ouFddU7PvFfqP2bq1yqWh7LzZrpfD54muSd8x8OYzCMAqj4oqysmX68xMQKjloRqVmWKqUS1G1gr79f%2B98AEcDiN4peRRKjAv3gjkoPkLc%2FXxZuk5qkhde7XpNU2PRE%2Fs34k5sshjd87JlA7Ti%2FTM2jDteuQsT703lwvT%2BJTI1JsH9u2Dx%2FplIsN7uVCfTkDGYeBhZbwSpR1B0BG5uQoljAnCBy%2BuIu7cvG5vRzX9QOkHHpPDH71DZmBR%2BnkPc%2FWxJq37xutE%2BVSZ26LdyqP4Iqj1C4g%2BRbl2Ayg7B0%2FehBEHczaFEPp1ZqRFUawQtB6AugJ98KoBvBfBJgK44KfIoiuqh4DRsNDlfEHXJaiKMaL0V0SisNeD5RNYAaTIA1wNwu43EbqOjBrD%2BG7iNHE4EcOmYBFe30RM5MkmQOYKMEmSKIEsJsl6%2BJ7Qru%2Fy20M6z6CyXz%2FJCPjRpe4fumbQtY7KTnJKLEz%2BCh377Hh15UqyFtFFm9VrYFBXGqSxHohHxsNGkolor1xmcyqHchemoW2pMHv9xDokakwfEX2D0EE4fgqsZUB%2BBZsN6OQTdGFYaIbbirxxNvYqF8bHqlJg2bZeYtMRNF8LkSNIC0s1gR5%2BSJ6ZLerpwFZIfLd6ffSkZ%2FjQLbnMkNsd76h5BW98aXjMZ2b1mMke%2BWE9S1VVbdLLA6ylN5cyd1%2BVmZqxYXXaDT17mE2BSHrwpXbpGY6HitiOfLikhpF0xlkvy9ap7S7Ir3m0seRv7ZO3KKyur3cRK55SJR6DqeP1PcDUmhWcem17mI9%2F9CmVHsD5H1x%2BRs4Ayh%2BDJNlxytHjnyYMHo2d%2FgTMzsPqcw5ILyHw%2BtGV2%2FqgVgZbnPWU53H96dl7vuFto2zJoenN6kD2bo6dzUD2A87PDNLFHi99%2BNImPwXRhyLQt7DJt9YcTa29M%2FZ383hmTp36owKmT4kIo6ky2ZJ3JSrXSklywapWFvMXZgmg0OFI35usXv%2FwbAAD%2F%2FwEAAP%2F%2FmQ08bnMEAAA%3D
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSTWgkRRSu3oyg8eJqDgoig6AoyKR7Mr8uEowxEoyb%2FXFRT1J%2FMymnpqup6pqe5BRckD3OwYueOt8kG1yD6Ek8uMhkYZGgmAGRHMzdgxcF8abMGIw%2B6H7v1fcdvve998GOPyUhPD1ZfsNsKa3pfLUUFp97O4ouFddU7PvFfqP2bq1yqWh7LzZrpfD54muSd8x8OYzCMAqj4oqysmX68xMQKjloRqVmWKqUS1G1gr79f%2B98AEcDiN4peRRKjAv3gjkoPkLc%2FXxZuk5qkhde7XpNU2PRE%2Fs34k5sshjd87JlA7Ti%2FTM2jDteuQsT703lwvT%2BJTI1JsH9u2Dx%2FplIsN7uVCfTkDGYeBhZbwSpR1B0BG5uQoljAnCBy%2BuIu7cvG5vRzX9QOkHHpPDH71DZmBR%2BnkPc%2FWxJq37xutE%2BVSZ26LdyqP4Iqj1C4g%2BRbl2Ayg7B0%2FehBEHczaFEPp1ZqRFUawQtB6AugJ98KoBvBfBJgK44KfIoiuqh4DRsNDlfEHXJaiKMaL0V0SisNeD5RNYAaTIA1wNwu43EbqOjBrD%2BG7iNHE4EcOmYBFe30RM5MkmQOYKMEmSKIEsJsl6%2BJ7Qru%2Fy20M6z6CyXz%2FJCPjRpe4fumbQtY7KTnJKLEz%2BCh377Hh15UqyFtFFm9VrYFBXGqSxHohHxsNGkolor1xmcyqHchemoW2pMHv9xDokakwfEX2D0EE4fgqsZUB%2BBZsN6OQTdGFYaIbbirxxNvYqF8bHqlJg2bZeYtMRNF8LkSNIC0s1gR5%2BSJ6ZLerpwFZIfLd6ffSkZ%2FjQLbnMkNsd76h5BW98aXjMZ2b1mMke%2BWE9S1VVbdLLA6ylN5cyd1%2BVmZqxYXXaDT17mE2BSHrwpXbpGY6HitiOfLikhpF0xlkvy9ap7S7Ir3m0seRv7ZO3KKyur3cRK55SJR6DqeP1PcDUmhWcem17mI9%2F9CmVHsD5H1x%2BRs4Ayh%2BDJNlxytHjnyYMHo2d%2FgTMzsPqcw5ILyHw%2BtGV2%2FqgVgZbnPWU53H96dl7vuFto2zJoenN6kD2bo6dzUD2A87PDNLFHi99%2BNImPwXRhyLQt7DJt9YcTa29M%2FZ383hmTp36owKmT4kIo6ky2ZJ3JSrXSklywapWFvMXZgmg0OFI35usXv%2FwbAAD%2F%2FwEAAP%2F%2FmQ08bnMEAAA%3D HTTP/1.1
Host: cuesingle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kewirausahaanberusaha.blogspot.com/
Cookie: u_pl=17429198; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Tue, 18 Oct 2022 20:51:03 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 583869e6c73c66cb8e049276077d862d
Strict-Transport-Security: max-age=0; includeSubdomains
cuesingle.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSzWskxRuu3p3f4RcvruagFxkEQUEm3ZP5dJHFGCPBuNkPF%2FUk9TWTcmq6mqqu6UlOwQXZ4xy86KnzTLJBXURP4sFFJguLBMUMiORg%2FgQPCuJN6TE4%2BkK9H%2FU8h%2Bf9eH%2FPn5EQnp6uvm52lNZ0qV4Jy8%2B%2BFUWXyxsq9sPysNV4p1G7XLaDF9qNSvhc%2BVXJe2apGkZhGIVReU1Z2THDpQKESu61o0o7rNSqlahew9D%2Bt3Y%2BgKMBxOCMPAYlpqUHwSIUnyDuf74qXS81yfOv9L2mqbEYiMNbcS82WYz%2BPO3YAJ348JwN407W7sPEBzO5MIN%2FiExNSfDwPlh8eC4SbLA%2F08k0ZAwmHkE2mEDqCRSdgJvbUOKEAFzg6ibi%2Ft2rxmZ0%2B2%2BUFuiUlH7%2FDSqbktLPi4j7n61oNSzfNNqnysQOw04ONZxAdSdI%2FBHSnQtQ2RF4%2Bh6UIIj7OZTIZz0rNYHqTKDlCNQF8MVTAXwngE8C9MVpmUdR1AwFp2GrzfmyaErWEGFEm52IRmGjBc8LWSOkyQhcj8DtLhK7i54awfpv4LZyOBHApVMSXN%2FFQOTIJEHmCDJKkCmCLCXIBvmB0K7q8rtCO8%2Bi81g9j8v52KTdPXpg0q6MyV5yRi4V8wj%2B%2F%2Bv36MnTciOkrSprNsK2qDFOZTUSrYiHrTYV9Ua1yeBUDuUuzFrdUVPyxI%2BLSNSU%2FE%2F8CUaP4PQRuLoI6iPQbNyshqBb41orxE78laOpV7EwPla9CtOm6xKTVrjpQ5gcSVpCuh3s6TPy5GxJT5duQfLjKw8XXkzGPy2A2xyJzfGuekDQ1XfGN0xG9m%2BYzJEvNpNU9dUOLRZ4M6WpvPjJa3I7M1asr7rRxy%2FxAijSe29Il27QWKi468inK0oIadeM5ZJ8ve7elOyad1sr3sY%2B2bj28tp6P7HSOWXiCag62fwDXE1J6ZnHZ5f56He%2FQNkJrM%2FR98fk3KDMEXiyC5fM1TtzEVbPOSwJkPl8bKts%2FqkVgZbzmrIc7l81m%2Bd77g66tgqa3p4d5MDmGOgcVI%2Fg%2FMI4TezxlW8%2FLOwjMF0aM21L%2B0xb%2FcFstIW7Xri3p%2BSpH2pw6rS8HIomkx3ZZLJWr3UkF6xeZyHvcLYsWi2O1E355qUv%2FwIAAP%2F%2FAQAA%2F%2F9saFYQcwQAAA%3D%3D
192.243.59.12200 OK 7 B URL HTTP/1.1 cuesingle.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSzWskxRuu3p3f4RcvruagFxkEQUEm3ZP5dJHFGCPBuNkPF%2FUk9TWTcmq6mqqu6UlOwQXZ4xy86KnzTLJBXURP4sFFJguLBMUMiORg%2FgQPCuJN6TE4%2BkK9H%2FU8h%2Bf9eH%2FPn5EQnp6uvm52lNZ0qV4Jy8%2B%2BFUWXyxsq9sPysNV4p1G7XLaDF9qNSvhc%2BVXJe2apGkZhGIVReU1Z2THDpQKESu61o0o7rNSqlahew9D%2Bt3Y%2BgKMBxOCMPAYlpqUHwSIUnyDuf74qXS81yfOv9L2mqbEYiMNbcS82WYz%2BPO3YAJ348JwN407W7sPEBzO5MIN%2FiExNSfDwPlh8eC4SbLA%2F08k0ZAwmHkE2mEDqCRSdgJvbUOKEAFzg6ibi%2Ft2rxmZ0%2B2%2BUFuiUlH7%2FDSqbktLPi4j7n61oNSzfNNqnysQOw04ONZxAdSdI%2FBHSnQtQ2RF4%2Bh6UIIj7OZTIZz0rNYHqTKDlCNQF8MVTAXwngE8C9MVpmUdR1AwFp2GrzfmyaErWEGFEm52IRmGjBc8LWSOkyQhcj8DtLhK7i54awfpv4LZyOBHApVMSXN%2FFQOTIJEHmCDJKkCmCLCXIBvmB0K7q8rtCO8%2Bi81g9j8v52KTdPXpg0q6MyV5yRi4V8wj%2B%2F%2Bv36MnTciOkrSprNsK2qDFOZTUSrYiHrTYV9Ua1yeBUDuUuzFrdUVPyxI%2BLSNSU%2FE%2F8CUaP4PQRuLoI6iPQbNyshqBb41orxE78laOpV7EwPla9CtOm6xKTVrjpQ5gcSVpCuh3s6TPy5GxJT5duQfLjKw8XXkzGPy2A2xyJzfGuekDQ1XfGN0xG9m%2BYzJEvNpNU9dUOLRZ4M6WpvPjJa3I7M1asr7rRxy%2FxAijSe29Il27QWKi468inK0oIadeM5ZJ8ve7elOyad1sr3sY%2B2bj28tp6P7HSOWXiCag62fwDXE1J6ZnHZ5f56He%2FQNkJrM%2FR98fk3KDMEXiyC5fM1TtzEVbPOSwJkPl8bKts%2FqkVgZbzmrIc7l81m%2Bd77g66tgqa3p4d5MDmGOgcVI%2Fg%2FMI4TezxlW8%2FLOwjMF0aM21L%2B0xb%2FcFstIW7Xri3p%2BSpH2pw6rS8HIomkx3ZZLJWr3UkF6xeZyHvcLYsWi2O1E355qUv%2FwIAAP%2F%2FAQAA%2F%2F9saFYQcwQAAA%3D%3D
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSzWskxRuu3p3f4RcvruagFxkEQUEm3ZP5dJHFGCPBuNkPF%2FUk9TWTcmq6mqqu6UlOwQXZ4xy86KnzTLJBXURP4sFFJguLBMUMiORg%2FgQPCuJN6TE4%2BkK9H%2FU8h%2Bf9eH%2FPn5EQnp6uvm52lNZ0qV4Jy8%2B%2BFUWXyxsq9sPysNV4p1G7XLaDF9qNSvhc%2BVXJe2apGkZhGIVReU1Z2THDpQKESu61o0o7rNSqlahew9D%2Bt3Y%2BgKMBxOCMPAYlpqUHwSIUnyDuf74qXS81yfOv9L2mqbEYiMNbcS82WYz%2BPO3YAJ348JwN407W7sPEBzO5MIN%2FiExNSfDwPlh8eC4SbLA%2F08k0ZAwmHkE2mEDqCRSdgJvbUOKEAFzg6ibi%2Ft2rxmZ0%2B2%2BUFuiUlH7%2FDSqbktLPi4j7n61oNSzfNNqnysQOw04ONZxAdSdI%2FBHSnQtQ2RF4%2Bh6UIIj7OZTIZz0rNYHqTKDlCNQF8MVTAXwngE8C9MVpmUdR1AwFp2GrzfmyaErWEGFEm52IRmGjBc8LWSOkyQhcj8DtLhK7i54awfpv4LZyOBHApVMSXN%2FFQOTIJEHmCDJKkCmCLCXIBvmB0K7q8rtCO8%2Bi81g9j8v52KTdPXpg0q6MyV5yRi4V8wj%2B%2F%2Bv36MnTciOkrSprNsK2qDFOZTUSrYiHrTYV9Ua1yeBUDuUuzFrdUVPyxI%2BLSNSU%2FE%2F8CUaP4PQRuLoI6iPQbNyshqBb41orxE78laOpV7EwPla9CtOm6xKTVrjpQ5gcSVpCuh3s6TPy5GxJT5duQfLjKw8XXkzGPy2A2xyJzfGuekDQ1XfGN0xG9m%2BYzJEvNpNU9dUOLRZ4M6WpvPjJa3I7M1asr7rRxy%2FxAijSe29Il27QWKi468inK0oIadeM5ZJ8ve7elOyad1sr3sY%2B2bj28tp6P7HSOWXiCag62fwDXE1J6ZnHZ5f56He%2FQNkJrM%2FR98fk3KDMEXiyC5fM1TtzEVbPOSwJkPl8bKts%2FqkVgZbzmrIc7l81m%2Bd77g66tgqa3p4d5MDmGOgcVI%2Fg%2FMI4TezxlW8%2FLOwjMF0aM21L%2B0xb%2FcFstIW7Xri3p%2BSpH2pw6rS8HIomkx3ZZLJWr3UkF6xeZyHvcLYsWi2O1E355qUv%2FwIAAP%2F%2FAQAA%2F%2F9saFYQcwQAAA%3D%3D HTTP/1.1
Host: cuesingle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kewirausahaanberusaha.blogspot.com/
Cookie: u_pl=17429198; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Tue, 18 Oct 2022 20:51:03 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 7c7575888af0aba4df932adb6f77838e
Strict-Transport-Security: max-age=0; includeSubdomains
cuesingle.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSzWskxRuu3p3f4RdBWM1BLzIIgopMuifz6SKLMUaCcbMfLupJ6msm5dR0NVVd05Ocgguyxzl40VPnmWSDuoiexIOLTBYWCYgZEMnB%2FBEK4k3p2eDoC%2FV%2B1PMcnvfjoz1%2FRkJ4err6ltlRWtOleiUsP%2F9uFF0ub6jYD8vDVuP9Ru1y2Q5ebjcq4QvlNyTvmaVqGIVhFEblNWVlxwyXChAqudeOKu2wUqtWonoNQ%2Fvf2vkAjgYQgzPyBJSYlh4Ei1B8grj%2F1ap0vdQkL73e95qmxmIgDm%2FFvdhkMfrztGMDdOLDczaMO1m7DxMfzOTCDP4hMjUlwcP7YPHhuUiwwf5MJ9OQMZh4DNlgAqknUHQCbm5DiRMCcIGrm4j7d68am9HtRygt0Ckp%2FfE7VDYlpV8XEfe%2FXNFqWL5ptE%2BViR2GnRxqOIHqTpD4I6Q7F6CyI%2FD0QyhBEPdzKJHPelZqAtWZQMsRqAvgi6cC%2BE4AnwToi9Myj6KoGQpOw1ab82XRlKwhwog2OxGNwkYLnheyRkiTEbgegdtdJHYXPTWC9d%2FDbeVwIoBLpyS4vouByJFJgswRZJQgUwRZSpAN8gOhXdXld4V2nkXnsXoel%2FOxSbt79MCkXRmTveSMXCrmEfz%2Ftx%2FRk6flRkhbVdZshG1RY5zKaiRaEQ9bbSrqjWqTwakcyl2YtbqjpuSpnxeRqCn5n%2FgLjB7B6SNwdRHUR6DZuFkNQbfGtVaInfhbR1OvYmF8rHoVpk3XJSatcNOHMDmStIR0O9jTZ%2BTp2ZKe%2BakGyY%2BvPFx4JRn%2FsgBucyQ2xwfqAUFX3xnfMBnZv2EyR77eTFLVVzu0WODNlKby4udvyu3MWLG%2B6kafvcoLoEjvvS1dukFjoeKuI1%2BsKCGkXTOWS%2FLduntHsmveba14G%2Ftk49pra%2Bv9xErnlIknoOpk809wNSWl556cXebjJy9C2Qmsz9H3x%2BTcoMwReLILl8zVO3MRVs85LCkh8%2FnYVtn8UysCLec1ZTncv2o2z%2FfcHXRtFTS9PTvIgc0x0DmoHsH5hXGa2OMrP3xS2KdgujRm2pb2mbb64yl5tnSrcNcL996jSTt1Wl4ORZPJjmwyWavXOpILVq%2BzkHc4WxatFkfqpnzz0jd%2FAwAA%2F%2F8BAAD%2F%2F8z6qsdzBAAA
192.243.59.12200 OK 7 B URL HTTP/1.1 cuesingle.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSzWskxRuu3p3f4RdBWM1BLzIIgopMuifz6SKLMUaCcbMfLupJ6msm5dR0NVVd05Ocgguyxzl40VPnmWSDuoiexIOLTBYWCYgZEMnB%2FBEK4k3p2eDoC%2FV%2B1PMcnvfjoz1%2FRkJ4err6ltlRWtOleiUsP%2F9uFF0ub6jYD8vDVuP9Ru1y2Q5ebjcq4QvlNyTvmaVqGIVhFEblNWVlxwyXChAqudeOKu2wUqtWonoNQ%2Fvf2vkAjgYQgzPyBJSYlh4Ei1B8grj%2F1ap0vdQkL73e95qmxmIgDm%2FFvdhkMfrztGMDdOLDczaMO1m7DxMfzOTCDP4hMjUlwcP7YPHhuUiwwf5MJ9OQMZh4DNlgAqknUHQCbm5DiRMCcIGrm4j7d68am9HtRygt0Ckp%2FfE7VDYlpV8XEfe%2FXNFqWL5ptE%2BViR2GnRxqOIHqTpD4I6Q7F6CyI%2FD0QyhBEPdzKJHPelZqAtWZQMsRqAvgi6cC%2BE4AnwToi9Myj6KoGQpOw1ab82XRlKwhwog2OxGNwkYLnheyRkiTEbgegdtdJHYXPTWC9d%2FDbeVwIoBLpyS4vouByJFJgswRZJQgUwRZSpAN8gOhXdXld4V2nkXnsXoel%2FOxSbt79MCkXRmTveSMXCrmEfz%2Ftx%2FRk6flRkhbVdZshG1RY5zKaiRaEQ9bbSrqjWqTwakcyl2YtbqjpuSpnxeRqCn5n%2FgLjB7B6SNwdRHUR6DZuFkNQbfGtVaInfhbR1OvYmF8rHoVpk3XJSatcNOHMDmStIR0O9jTZ%2BTp2ZKe%2BakGyY%2BvPFx4JRn%2FsgBucyQ2xwfqAUFX3xnfMBnZv2EyR77eTFLVVzu0WODNlKby4udvyu3MWLG%2B6kafvcoLoEjvvS1dukFjoeKuI1%2BsKCGkXTOWS%2FLduntHsmveba14G%2Ftk49pra%2Bv9xErnlIknoOpk809wNSWl556cXebjJy9C2Qmsz9H3x%2BTcoMwReLILl8zVO3MRVs85LCkh8%2FnYVtn8UysCLec1ZTncv2o2z%2FfcHXRtFTS9PTvIgc0x0DmoHsH5hXGa2OMrP3xS2KdgujRm2pb2mbb64yl5tnSrcNcL996jSTt1Wl4ORZPJjmwyWavXOpILVq%2BzkHc4WxatFkfqpnzz0jd%2FAwAA%2F%2F8BAAD%2F%2F8z6qsdzBAAA
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSzWskxRuu3p3f4RdBWM1BLzIIgopMuifz6SKLMUaCcbMfLupJ6msm5dR0NVVd05Ocgguyxzl40VPnmWSDuoiexIOLTBYWCYgZEMnB%2FBEK4k3p2eDoC%2FV%2B1PMcnvfjoz1%2FRkJ4err6ltlRWtOleiUsP%2F9uFF0ub6jYD8vDVuP9Ru1y2Q5ebjcq4QvlNyTvmaVqGIVhFEblNWVlxwyXChAqudeOKu2wUqtWonoNQ%2Fvf2vkAjgYQgzPyBJSYlh4Ei1B8grj%2F1ap0vdQkL73e95qmxmIgDm%2FFvdhkMfrztGMDdOLDczaMO1m7DxMfzOTCDP4hMjUlwcP7YPHhuUiwwf5MJ9OQMZh4DNlgAqknUHQCbm5DiRMCcIGrm4j7d68am9HtRygt0Ckp%2FfE7VDYlpV8XEfe%2FXNFqWL5ptE%2BViR2GnRxqOIHqTpD4I6Q7F6CyI%2FD0QyhBEPdzKJHPelZqAtWZQMsRqAvgi6cC%2BE4AnwToi9Myj6KoGQpOw1ab82XRlKwhwog2OxGNwkYLnheyRkiTEbgegdtdJHYXPTWC9d%2FDbeVwIoBLpyS4vouByJFJgswRZJQgUwRZSpAN8gOhXdXld4V2nkXnsXoel%2FOxSbt79MCkXRmTveSMXCrmEfz%2Ftx%2FRk6flRkhbVdZshG1RY5zKaiRaEQ9bbSrqjWqTwakcyl2YtbqjpuSpnxeRqCn5n%2FgLjB7B6SNwdRHUR6DZuFkNQbfGtVaInfhbR1OvYmF8rHoVpk3XJSatcNOHMDmStIR0O9jTZ%2BTp2ZKe%2BakGyY%2BvPFx4JRn%2FsgBucyQ2xwfqAUFX3xnfMBnZv2EyR77eTFLVVzu0WODNlKby4udvyu3MWLG%2B6kafvcoLoEjvvS1dukFjoeKuI1%2BsKCGkXTOWS%2FLduntHsmveba14G%2Ftk49pra%2Bv9xErnlIknoOpk809wNSWl556cXebjJy9C2Qmsz9H3x%2BTcoMwReLILl8zVO3MRVs85LCkh8%2FnYVtn8UysCLec1ZTncv2o2z%2FfcHXRtFTS9PTvIgc0x0DmoHsH5hXGa2OMrP3xS2KdgujRm2pb2mbb64yl5tnSrcNcL996jSTt1Wl4ORZPJjmwyWavXOpILVq%2BzkHc4WxatFkfqpnzz0jd%2FAwAA%2F%2F8BAAD%2F%2F8z6qsdzBAAA HTTP/1.1
Host: cuesingle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kewirausahaanberusaha.blogspot.com/
Cookie: u_pl=17429198; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Tue, 18 Oct 2022 20:51:03 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 806b727cf52fb3ee6e4839a4f1e04a3e
Strict-Transport-Security: max-age=0; includeSubdomains