firefox.settings.services.mozilla.com/v1/
143.204.55.35200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 28 Sep 2022 02:15:37 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: IP-uKsxZMkGMhwVzfv6aPEHMyvhO3_MqIV1bM4fPvz83jfn7x3xfcg==
Age: 1090
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7fb7c70f7f4e2cee27eb0e7d875931f7
98fca3817a551b1daecebae103a48e718b8b5a53
2a40f957a6b1734aa3f87cff51b673f0536732db15b09033dd604879692df349
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A40F957A6B1734AA3F87CFF51B673F0536732DB15B09033DD604879692DF349"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5419
Expires: Wed, 28 Sep 2022 04:04:06 GMT
Date: Wed, 28 Sep 2022 02:33:47 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.110200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.110:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 27 Sep 2022 09:24:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 8vlJwvxJ1HllIwC9_gcvky7jLQk5Wfx6KUxpDWzZXI6vwRg8cvptEg==
age: 61774
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 02:33:47 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/jquery/1.3.2/jquery.min.js
142.250.74.138200 OK 20 kB URL HTTP/1.1 ajax.googleapis.com/ajax/libs/jquery/1.3.2/jquery.min.js
IP 142.250.74.138:0
File type ASCII text, with very long lines (39660)
Hash 6ad9e9100f68042a634e403e56e3744a
3d148af6eb9f86b03d5a815f4fb3a49c7b2df356
72bbdea3217793991ab87a6c7cb165d267551810d3d88b5fd2fd489748d04b7a
GET /ajax/libs/jquery/1.3.2/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://berbagimod.blogspot.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="hosted-libraries-pushers"
Report-To: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Timing-Allow-Origin: *
Content-Length: 19926
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Sun, 25 Sep 2022 13:30:22 GMT
Expires: Mon, 25 Sep 2023 13:30:22 GMT
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
Content-Type: text/javascript; charset=UTF-8
Age: 219805
cdn.popcash.net/pop.js
151.139.128.10200 OK 38 kB IP 151.139.128.10:0
File type ASCII text, with very long lines (65390)
Hash 98cfe0446b61a1f2a2df62468da0202c
156362703ec16548fe52ef46832fdad94d493463
903349d17d20a9010f59b6feed6519fda179cf5606bbde8abcd58db81525b527
Analyzer Verdict Alert fortinet Malware
GET /pop.js HTTP/1.1
Host: cdn.popcash.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://berbagimod.blogspot.com/
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 02:33:47 GMT
Content-Encoding: gzip
Content-Type: application/javascript
Last-Modified: Tue, 05 Jul 2022 13:28:20 GMT
Accept-Ranges: bytes
ETag: W/"62c43c74-1f3e1"
Cache-Control: max-age=2592000, public
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9gz%2FvP%2FMAOB1B1hPF5JM%2FdNSw7gTZzm4Ex4RL9VdVx04P6KcfVp1GFTdKoOhCmRBBZKjXpTn6Fapgxyz64Y9KhqXNKoNe7V7Mq9D4cJLbvxIkJr%2B8cQq4Co3fFE%2F"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 72a482ec1ea67363-CPH
Vary: Accept-Encoding
X-HW: 1664332427.cds206.sk1.h2,1664332427.cds216.sk1.c
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 38289
fonts.googleapis.com/css?family=Droid+Sans:regular,bold
142.250.74.10200 OK 304 B URL HTTP/1.1 fonts.googleapis.com/css?family=Droid+Sans:regular,bold
IP 142.250.74.10:0
Hash 37bd97ab5d600328cee799bbc856e70f
b81303809a55a104a709773e53737aedcaec1f44
37d6bf70e3ca3db4fc2d0ce9c7f364c91fdf3d8a5ff2bb17d5d7a94d3b63e64e
GET /css?family=Droid+Sans:regular,bold HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://berbagimod.blogspot.com/
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Wed, 28 Sep 2022 02:33:47 GMT
Date: Wed, 28 Sep 2022 02:33:47 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Opener-Policy: same-origin-allow-popups
Cross-Origin-Resource-Policy: cross-origin
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
ajax.googleapis.com/ajax/libs/jqueryui/1.8.23/jquery-ui.min.js
142.250.74.138200 OK 52 kB URL HTTP/1.1 ajax.googleapis.com/ajax/libs/jqueryui/1.8.23/jquery-ui.min.js
IP 142.250.74.138:0
File type ASCII text, with very long lines (64651)
Hash 3f52ab6e6343ddcd0f9b5365f87875bd
471c32e514c2f2dfe4bb5197738008f62bece4a4
b0e3e00251e47680e3ed06c26d3cca79943d3158ffd0c7474e5f327c629aac8b
GET /ajax/libs/jqueryui/1.8.23/jquery-ui.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://berbagimod.blogspot.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="hosted-libraries-pushers"
Report-To: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Timing-Allow-Origin: *
Content-Length: 51646
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Thu, 22 Sep 2022 06:21:30 GMT
Expires: Fri, 22 Sep 2023 06:21:30 GMT
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Age: 504737
Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
Content-Type: text/javascript; charset=UTF-8
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 2914120041c5e37708bb81a4b6bebdb2
0bc8b67df7a28e06ba81a3d41169bcafb7c78d80
09b3f005c0316a5c97208387f0dd73b93bb4f593ae9aed9d657ecfd06129ef46
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4639
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 02:33:47 GMT
Last-Modified: Wed, 28 Sep 2022 01:16:28 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 11b1f146fa6fa4a88b1efc65b548fb73
f3f12e14f8f66a2e7c43015c394af199e4a94e06
74441efb7e39672af50ce0b6190b20d20bc3ae744b415a17f8b96a0f89aa0491
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 02:33:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 0a0edcf53e9bc7064278d4daebb194cd
310fdf6be08f800af78f74e3bab477a064693d66
850467eec85c53e9fa299d3d97a9fc134a1418cd979dc1bbb013793faaa21f3e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 02:33:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jquery/1.8.2/jquery.min.js
142.250.74.138200 OK 34 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/1.8.2/jquery.min.js
IP 142.250.74.138:0
File type Unicode text, UTF-8 text, with very long lines (65480)
Hash b582b2eca79a750948dbb3777aeaaadb
bf0ea1c8a7b4a55779cbb3df1f1d75cc19910e9f
04c7f19e1ae294cc641f6c497653b5c13c41b258559f5f05b790032ccca16c82
GET /ajax/libs/jquery/1.8.2/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://berbagimod.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33621
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 25 Sep 2022 10:07:51 GMT
expires: Mon, 25 Sep 2023 10:07:51 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
age: 231956
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
berbagimod.blogspot.com/2014/04/hasil-try-out-provinsi-tahap-2-diy.html
142.250.74.161200 OK 32 kB URL HTTP/1.1 berbagimod.blogspot.com/2014/04/hasil-try-out-provinsi-tahap-2-diy.html
IP 142.250.74.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8907)
Hash 33138691c5a42545cc72fa4217602fe1
9da08b1842ec4c399df55aa61c6a51f0481a4133
f1ca332f6b40184f5d7d07bb91e55a626092fac3167c612e2fbd2b6d50675b4d
Analyzer Verdict Alert fortinet Phishing
GET /2014/04/hasil-try-out-provinsi-tahap-2-diy.html HTTP/1.1
Host: berbagimod.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Expires: Wed, 28 Sep 2022 02:33:47 GMT
Date: Wed, 28 Sep 2022 02:33:47 GMT
Cache-Control: private, max-age=0
Last-Modified: Thu, 18 Aug 2022 14:59:56 GMT
ETag: W/"98611d158895985a4f2ec83cbd14cdb5aea689a7b34ba70cf2a52083af239f73"
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 32308
Server: GSE
www.blogger.com/static/v1/widgets/55013136-widget_css_bundle.css
142.250.74.105200 OK 6.6 kB URL HTTP/2 www.blogger.com/static/v1/widgets/55013136-widget_css_bundle.css
IP 142.250.74.105:0
File type ASCII text, with very long lines (30596)
Hash 6f46e6f68353c7911fe34f31faa1518f
ea4dbfa2f87c18e9c51c59a32dfa9afb9c2c3472
0be7e26374fcff6f423b88e5f2a05d1cfdcb56abb4a78fa125e391989782ae0f
GET /static/v1/widgets/55013136-widget_css_bundle.css HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://berbagimod.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 6620
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 25 Sep 2022 21:18:29 GMT
expires: Mon, 25 Sep 2023 21:18:29 GMT
cache-control: public, max-age=31536000
last-modified: Sun, 25 Sep 2022 17:51:02 GMT
content-type: text/css
age: 191719
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.blogger.com/static/v1/jsbin/3262169375-comment_from_post_iframe.js
142.250.74.105200 OK 6.5 kB URL HTTP/2 www.blogger.com/static/v1/jsbin/3262169375-comment_from_post_iframe.js
IP 142.250.74.105:0
File type ASCII text, with very long lines (1264)
Hash 30af015884191ce4fe52ce1e707baed9
faa1418efa036704d31eb90f4fbd82de456b81b7
0456cf81299c957c8e54dabb00b4d6d96b76be729b1e112d478b34ba56d8059d
GET /static/v1/jsbin/3262169375-comment_from_post_iframe.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://berbagimod.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 6499
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 25 Sep 2022 09:56:02 GMT
expires: Mon, 25 Sep 2023 09:56:02 GMT
cache-control: public, max-age=31536000
last-modified: Sat, 24 Sep 2022 17:50:40 GMT
content-type: text/javascript
age: 232666
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
images.dmca.com/Badges/DMCABadgeHelper.min.js
151.139.242.29200 OK 280 B URL HTTP/1.1 images.dmca.com/Badges/DMCABadgeHelper.min.js
IP 151.139.242.29:0
Hash 676eb336bf17b6d9ba8106a096fdd587
22d3b0769cd5aa177e723be2456b32509914fa7d
9e9dc74a53c9a60256b8d4db5b26d02599cea75d3d00e02f16bef59169477a69
GET /Badges/DMCABadgeHelper.min.js HTTP/1.1
Host: images.dmca.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://berbagimod.blogspot.com/
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 02:33:42 GMT
Cache-Control: max-age=2592000
ETag: "26b181f16d28d51:0"
Last-Modified: Fri, 21 Jun 2019 20:14:34 GMT
X-Powered-By: ASP.NET
Server: NetDNA-cache/2.2
Expires: Fri, 28 Oct 2022 02:33:42 GMT
Access-Control-Allow-Origin: *
Link: <http://dmca-images.azurewebsites.net/Badges/DMCABadgeHelper.min.js>; rel="canonical"
Content-Type: application/javascript
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: HIT
Accept-Ranges: bytes
Content-Length: 280
Connection: keep-alive
cdn.adf.ly/js/entry.js
104.20.66.244200 OK 1.5 kB IP 104.20.66.244:0
File type HTML document, ASCII text, with CRLF line terminators
Hash 2191faf1b5f630777fe98ec6aa03bfd0
85c83a7f2e931f8f160c34fc62fca980d1298441
2b3f5a73153eda684489e0796ec73b173f151fc1a8b9fae42a5097abb0634b18
GET /js/entry.js HTTP/1.1
Host: cdn.adf.ly
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://berbagimod.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 28 Sep 2022 02:33:48 GMT
content-type: application/x-javascript
content-length: 1451
cache-control: public, max-age=604800
expires: Wed, 05 Oct 2022 02:33:48 GMT
last-modified: Tue, 10 Nov 2020 09:44:06 GMT
etag: "10d6-5faa60e6-c5e9ec46e5c2f33a;gz"
content-encoding: gzip
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: EXPIRED
accept-ranges: bytes
server: cloudflare
cf-ray: 7519138acc8a0b45-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 11b1f146fa6fa4a88b1efc65b548fb73
f3f12e14f8f66a2e7c43015c394af199e4a94e06
74441efb7e39672af50ce0b6190b20d20bc3ae744b415a17f8b96a0f89aa0491
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 02:33:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
images.dmca.com/Badges/dmca_protected_sml_120l.png?ID=6e9c590c-126d-4d99-bdac-24861844c297
151.139.242.29200 OK 2.1 kB URL HTTP/1.1 images.dmca.com/Badges/dmca_protected_sml_120l.png?ID=6e9c590c-126d-4d99-bdac-24861844c297
IP 151.139.242.29:0
File type PNG image data, 121 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash a9508f06eb375d4fd4f796dd1ea341c1
4a640684db5bd5bfa8832aa7b42c0ea08d5dab6d
619f522608653b3074b1161f407de89e5806804729edacadd3accc0e1bf97a94
GET /Badges/dmca_protected_sml_120l.png?ID=6e9c590c-126d-4d99-bdac-24861844c297 HTTP/1.1
Host: images.dmca.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://berbagimod.blogspot.com/
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 02:33:09 GMT
Cache-Control: max-age=2592000
ETag: "26b76633e0ebca1:0"
Last-Modified: Tue, 04 May 2010 23:19:10 GMT
X-Powered-By: ASP.NET
Server: NetDNA-cache/2.2
Expires: Fri, 28 Oct 2022 02:33:09 GMT
Access-Control-Allow-Origin: *
Link: <http://dmca-images.azurewebsites.net/Badges/dmca_protected_sml_120l.png>; rel="canonical"
Content-Type: image/png
Content-Length: 2122
X-Cache: HIT
Accept-Ranges: bytes
Connection: keep-alive
yllix.com/banner.php?pub=597677§ion=General&format=468x60&ga=g
185.66.200.224301 Moved Permanently 162 B URL HTTP/1.1 yllix.com/banner.php?pub=597677§ion=General&format=468x60&ga=g
IP 185.66.200.224:0
ASN #201702 skHosting.eu s.r.o.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /banner.php?pub=597677§ion=General&format=468x60&ga=g HTTP/1.1
Host: yllix.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://berbagimod.blogspot.com/
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 28 Sep 2022 02:33:48 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://yllix.com/banner.php?pub=597677§ion=General&format=468x60&ga=g
yllix.com/mobile_redir.php?section=21MAR_NeLt&pub=597677&ga=g
185.66.200.224301 Moved Permanently 162 B URL HTTP/1.1 yllix.com/mobile_redir.php?section=21MAR_NeLt&pub=597677&ga=g
IP 185.66.200.224:0
ASN #201702 skHosting.eu s.r.o.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /mobile_redir.php?section=21MAR_NeLt&pub=597677&ga=g HTTP/1.1
Host: yllix.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://berbagimod.blogspot.com/
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 28 Sep 2022 02:33:48 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://yllix.com/mobile_redir.php?section=21MAR_NeLt&pub=597677&ga=g
1.bp.blogspot.com/-UR1eW1SBXXs/VNC4a1x7kfI/AAAAAAAADHw/KFR4NX_Lsrs/w72-h72-p-k-no-nu/Stranded%2BDeep%2B-%2Bberbagimod.blogspot.com.jpg
142.250.74.161200 OK 4.3 kB URL HTTP/1.1 1.bp.blogspot.com/-UR1eW1SBXXs/VNC4a1x7kfI/AAAAAAAADHw/KFR4NX_Lsrs/w72-h72-p-k-no-nu/Stranded%2BDeep%2B-%2Bberbagimod.blogspot.com.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash ebd08792f10a4eaa7b8ca5e35a186aa0
c3c8db3ee644cfd43e053f3423b2b1e9b197001a
061841b3ab2a530b6889cce537cceb7f70597d4977205b3f79beefaf489648ba
GET /-UR1eW1SBXXs/VNC4a1x7kfI/AAAAAAAADHw/KFR4NX_Lsrs/w72-h72-p-k-no-nu/Stranded%2BDeep%2B-%2Bberbagimod.blogspot.com.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://berbagimod.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="Stranded Deep - berbagimod.blogspot.com.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 4270
X-XSS-Protection: 0
Date: Wed, 28 Sep 2022 02:33:48 GMT
Expires: Tue, 27 Sep 2022 01:57:44 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "vc7d"
Content-Type: image/jpeg
Age: 0
3.bp.blogspot.com/-_Rj6DV70WnQ/UtPpcN300_I/AAAAAAAAAaE/_1dcTpJD7ew/w72-h72-p-k-no-nu/Screenshot_2.jpg
142.250.74.161200 OK 2.8 kB URL HTTP/1.1 3.bp.blogspot.com/-_Rj6DV70WnQ/UtPpcN300_I/AAAAAAAAAaE/_1dcTpJD7ew/w72-h72-p-k-no-nu/Screenshot_2.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 0319fa3100cface22fb5afd04153f4a2
22b9eb94a5eb820a71c92e1c7bcc25bed7d82744
8767861417e7bc2c148f2e57aa47c951e4e57bf47687d6447679efcc34397669
GET /-_Rj6DV70WnQ/UtPpcN300_I/AAAAAAAAAaE/_1dcTpJD7ew/w72-h72-p-k-no-nu/Screenshot_2.jpg HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://berbagimod.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="Screenshot_2.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 2846
X-XSS-Protection: 0
Date: Wed, 28 Sep 2022 02:33:48 GMT
Expires: Tue, 27 Sep 2022 01:57:44 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v1a2"
Content-Type: image/jpeg
Age: 0
3.bp.blogspot.com/-rxhREBeAjpQ/Uy2GptnCWCI/AAAAAAAABCA/795PWQPE0ok/w72-h72-p-k-no-nu/%25D0%2591%25D0%25B5%25D0%25B7%25D0%25B8%25D0%25BC%25D0%25B5%25D0%25BD%25D0%25B8-1.jpg
142.250.74.161200 OK 4.5 kB URL HTTP/1.1 3.bp.blogspot.com/-rxhREBeAjpQ/Uy2GptnCWCI/AAAAAAAABCA/795PWQPE0ok/w72-h72-p-k-no-nu/%25D0%2591%25D0%25B5%25D0%25B7%25D0%25B8%25D0%25BC%25D0%25B5%25D0%25BD%25D0%25B8-1.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 1ffef2077644e1e835770fa66920b0f4
7bebf774866c47f8a78c555b76f590cde4571c38
793f21de74e436992c396630fb64a0dd80c82b9e707c659c2e40670773ebe8f7
GET /-rxhREBeAjpQ/Uy2GptnCWCI/AAAAAAAABCA/795PWQPE0ok/w72-h72-p-k-no-nu/%25D0%2591%25D0%25B5%25D0%25B7%25D0%25B8%25D0%25BC%25D0%25B5%25D0%25BD%25D0%25B8-1.jpg HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://berbagimod.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v420"
Expires: Thu, 29 Sep 2022 02:33:48 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="________-1.jpg";filename*=UTF-8''%D0%91%D0%B5%D0%B7%D0%B8%D0%BC%D0%B5%D0%BD%D0%B8-1.jpg
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Wed, 28 Sep 2022 02:33:48 GMT
Server: fife
Content-Length: 4490
X-XSS-Protection: 0
3.bp.blogspot.com/-gwsFvgzCBDE/UC5jBenZUoI/AAAAAAAACLU/xlY3lJEl2IY/s1600/PhoXo2.png
142.250.74.161200 OK 1.6 kB URL HTTP/1.1 3.bp.blogspot.com/-gwsFvgzCBDE/UC5jBenZUoI/AAAAAAAACLU/xlY3lJEl2IY/s1600/PhoXo2.png
IP 142.250.74.161:0
File type PNG image data, 100 x 20, 8-bit/color RGBA, non-interlaced\012- data
Hash fdb7528e7ccebcfe1daea52aa0195bd6
caa9b43d3056743538e12cb11a7320f9216712ea
08ee145d75eed8be290285f1a8b9fd40b9b8dc029ad10cc6283945b536270506
GET /-gwsFvgzCBDE/UC5jBenZUoI/AAAAAAAACLU/xlY3lJEl2IY/s1600/PhoXo2.png HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://berbagimod.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="PhoXo2.png"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 1610
X-XSS-Protection: 0
Date: Wed, 28 Sep 2022 02:33:48 GMT
Expires: Fri, 02 Sep 2022 14:21:17 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v8b5"
Content-Type: image/png
Age: 0
berbagimod.blogspot.com/js/cookienotice.js
142.250.74.161200 OK 2.0 kB URL HTTP/1.1 berbagimod.blogspot.com/js/cookienotice.js
IP 142.250.74.161:0
Hash c4e1ed83d89245089b8a1203be20a377
f3940e1215b89300ef97d57a25993f25243b8688
afa801a129ff6fc98533118275db8a7d4a38fc91f8ab55ed4c19b864255e68d2
Analyzer Verdict Alert fortinet Phishing
GET /js/cookienotice.js HTTP/1.1
Host: berbagimod.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://berbagimod.blogspot.com/2014/04/hasil-try-out-provinsi-tahap-2-diy.html
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 2026
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Mon, 26 Sep 2022 01:57:44 GMT
Expires: Mon, 03 Oct 2022 01:57:44 GMT
Cache-Control: public, max-age=604800
Last-Modified: Sun, 25 Sep 2022 23:50:58 GMT
Content-Type: text/javascript
Age: 174964
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 0a0edcf53e9bc7064278d4daebb194cd
310fdf6be08f800af78f74e3bab477a064693d66
850467eec85c53e9fa299d3d97a9fc134a1418cd979dc1bbb013793faaa21f3e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 02:33:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.blogger.com/static/v1/widgets/4150139458-widgets.js
142.250.74.105200 OK 57 kB URL HTTP/2 www.blogger.com/static/v1/widgets/4150139458-widgets.js
IP 142.250.74.105:0
File type ASCII text, with very long lines (2221)
Hash b318be2224a9b91139a7a4b41f2e4b6e
4bcae447ce5bb3cb36a74745bcca9b72ba419c9f
bc5c92978c40e36f3da25045761d139de3a8a333c5290ccd233273af73bd7f4b
GET /static/v1/widgets/4150139458-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://berbagimod.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 56826
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 25 Sep 2022 15:56:30 GMT
expires: Mon, 25 Sep 2023 15:56:30 GMT
cache-control: public, max-age=31536000
last-modified: Sun, 25 Sep 2022 08:50:22 GMT
content-type: text/javascript
age: 211038
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
1.bp.blogspot.com/-WojfGoVZZ0k/U3aPO4QeLCI/AAAAAAAABUQ/vDx4WWrQZpA/w72-h72-p-k-no-nu/1241428620X310.jpg
142.250.74.161200 OK 4.4 kB URL HTTP/1.1 1.bp.blogspot.com/-WojfGoVZZ0k/U3aPO4QeLCI/AAAAAAAABUQ/vDx4WWrQZpA/w72-h72-p-k-no-nu/1241428620X310.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash a61ea80124fc6fb372476355cd1e0731
605c4265964b5f39a05dd1189a9d2d8005499ab0
d2af8ed2b7b3cbc8e5b24a546e026ee6e0b679e6b6f67ff283555720767bb68d
GET /-WojfGoVZZ0k/U3aPO4QeLCI/AAAAAAAABUQ/vDx4WWrQZpA/w72-h72-p-k-no-nu/1241428620X310.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://berbagimod.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="1241428620X310.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 4399
X-XSS-Protection: 0
Date: Wed, 28 Sep 2022 02:33:48 GMT
Expires: Tue, 27 Sep 2022 01:57:44 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v545"
Content-Type: image/jpeg
Age: 0
www.google.com/js/bg/bD2V1yF27SqeqYvgyYYSPdiNu290SHC9vzB8BmtCvBI.js
142.250.74.164200 OK 16 kB URL HTTP/1.1 www.google.com/js/bg/bD2V1yF27SqeqYvgyYYSPdiNu290SHC9vzB8BmtCvBI.js
IP 142.250.74.164:0
File type ASCII text, with very long lines (36204)
Hash 932bce18db198e8c556344b8a0690932
9d93840fd4279cf153d699ed8701b84ca7a49d0e
d518317e1c6766c5d9620e3e568b9635453682b81ee39eda9cb89254219067cf
GET /js/bg/bD2V1yF27SqeqYvgyYYSPdiNu290SHC9vzB8BmtCvBI.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://berbagimod.blogspot.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="botguard-scs"
Report-To: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
Content-Length: 16064
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Sun, 25 Sep 2022 22:27:56 GMT
Expires: Mon, 25 Sep 2023 22:27:56 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Mon, 19 Sep 2022 15:00:00 GMT
Content-Type: text/javascript
Age: 187552
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/1.1 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash cae538dcce82598fbe43c0bf443e62dd
cc68ac6be9c5e0087a0000e5735b83270ace30f5
954b9e9d9744e1319c51760780a35de2dec353afffac705c2cca6d836a5e056d
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://berbagimod.blogspot.com/
HTTP/1.1 200 OK
Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 19826
Date: Wed, 28 Sep 2022 02:20:54 GMT
Expires: Wed, 28 Sep 2022 04:20:54 GMT
Cache-Control: public, max-age=7200
Age: 774
Last-Modified: Sun, 11 Sep 2022 13:50:09 GMT
Content-Type: text/javascript
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 2914120041c5e37708bb81a4b6bebdb2
0bc8b67df7a28e06ba81a3d41169bcafb7c78d80
09b3f005c0316a5c97208387f0dd73b93bb4f593ae9aed9d657ecfd06129ef46
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4640
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 02:33:48 GMT
Last-Modified: Wed, 28 Sep 2022 01:16:28 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 279
cdn.adf.ly/js/display.js
104.20.66.244200 OK 5.8 kB IP 104.20.66.244:0
File type ASCII text, with very long lines (15999)
Hash e149217d65efcf53cc382af7c60f461c
6de97c3f773cf9b21e4373097f5f5cddf37d872e
4d30ac5f2c0ab10e25b4c39eb646e9cb86d66394775d77ba7b88a34720f85b27
GET /js/display.js HTTP/1.1
Host: cdn.adf.ly
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://berbagimod.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 02:33:48 GMT
content-type: application/x-javascript
content-length: 5775
cache-control: public, max-age=604800
expires: Wed, 05 Oct 2022 02:33:48 GMT
last-modified: Thu, 29 Jul 2021 14:08:58 GMT
etag: "3e81-6102b67a-b080f0a7a094466b;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7519138b5cab0b45-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsalphasha2g2
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP 104.18.21.226:0
Hash e9d2e1bdee62e824460ae344e193cff5
792c4b24376a464c712e937281a10c09fdd22b83
a9866d0a43bd4e4508c899ebaf992a20db1c9f69efe9bc70cc9d152bcd078851
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 02:33:48 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Sun, 02 Oct 2022 01:12:36 GMT
ETag: "792c4b24376a464c712e937281a10c09fdd22b83"
Last-Modified: Wed, 28 Sep 2022 01:12:37 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 992
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7519138cec37b4fd-OSL
cdn.adf.ly/static/js/entry_scriptV1.2.js
104.20.66.244200 OK 1.2 kB URL HTTP/1.1 cdn.adf.ly/static/js/entry_scriptV1.2.js
IP 104.20.66.244:0
Hash dca13e3981956c6777a8a573c7c3065a
40aad944b1739a7f7224ac22525d202176147b91
4b1ac63e91a68d26abdb1bc99b87b7b06b73ff40b67109a474fb24e5b4bb9a41
GET /static/js/entry_scriptV1.2.js HTTP/1.1
Host: cdn.adf.ly
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://berbagimod.blogspot.com/
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 02:33:48 GMT
Content-Type: application/x-javascript
Content-Length: 1157
Connection: keep-alive
cache-control: public, max-age=604800
expires: Wed, 05 Oct 2022 02:33:48 GMT
last-modified: Thu, 15 Sep 2022 00:59:02 GMT
etag: "ef4-632278d6-14cb47a8f3220558;gz"
content-encoding: gzip
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: EXPIRED
Accept-Ranges: bytes
Server: cloudflare
CF-RAY: 7519138c3829b51e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
berbagimod.blogspot.com/b/csi.js?h=bD2V1yF27SqeqYvgyYYSPdiNu290SHC9vzB8BmtCvBI
142.250.74.161200 OK 21 kB URL HTTP/1.1 berbagimod.blogspot.com/b/csi.js?h=bD2V1yF27SqeqYvgyYYSPdiNu290SHC9vzB8BmtCvBI
IP 142.250.74.161:0
File type ASCII text, with very long lines (14516)
Hash e1c0bcea47b94958d0a9aff0c88d4651
8d91a82da170c82175727286ad8edd8f19f8b3a5
fa76ef9cc433b5f645b0d117c2b8585cb107632eb1fa35058ba1a43ca26ec811
GET /b/csi.js?h=bD2V1yF27SqeqYvgyYYSPdiNu290SHC9vzB8BmtCvBI HTTP/1.1
Host: berbagimod.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://berbagimod.blogspot.com/2014/04/hasil-try-out-provinsi-tahap-2-diy.html
HTTP/1.1 200 OK
Content-Security-Policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
Content-Type: text/javascript; charset=UTF-8
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Date: Wed, 28 Sep 2022 02:33:48 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Content-Length: 21084
Server: GSE
4.bp.blogspot.com/-FPh9RvBGvA0/UtoF2cNX2sI/AAAAAAAAAcQ/s1W7kdSS9DA/w72-h72-p-k-no-nu/gallery892.jpg
142.250.74.161200 OK 3.8 kB URL HTTP/1.1 4.bp.blogspot.com/-FPh9RvBGvA0/UtoF2cNX2sI/AAAAAAAAAcQ/s1W7kdSS9DA/w72-h72-p-k-no-nu/gallery892.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 9445d22a1ad6aca592bc1cf61e2dca9b
428dfc6f1d8ea47fd3e63e98f5e89f9e3f82aa41
386f76b4d56d3ed75bf8e90995bc2f57e7ca7e8b525add4ee95b81c81d0544ea
GET /-FPh9RvBGvA0/UtoF2cNX2sI/AAAAAAAAAcQ/s1W7kdSS9DA/w72-h72-p-k-no-nu/gallery892.jpg HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://berbagimod.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="gallery892.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 3832
X-XSS-Protection: 0
Date: Wed, 28 Sep 2022 02:33:48 GMT
Expires: Tue, 27 Sep 2022 01:57:44 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v1c6"
Content-Type: image/jpeg
Age: 0
1.bp.blogspot.com/-6eUQ42kDKP0/UyRQBFBeUSI/AAAAAAAAA9c/vT_oKxFknwU/w72-h72-p-k-no-nu/gallery1376.jpg
142.250.74.161200 OK 2.2 kB URL HTTP/1.1 1.bp.blogspot.com/-6eUQ42kDKP0/UyRQBFBeUSI/AAAAAAAAA9c/vT_oKxFknwU/w72-h72-p-k-no-nu/gallery1376.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash e6525627884ed70016c2fff888643402
4c27e6e4dbd267ecd5847c600a4b32391c192b96
721805e5e8da43e9fd77d429097b590db254b528596238903669d88f6d7af0d9
GET /-6eUQ42kDKP0/UyRQBFBeUSI/AAAAAAAAA9c/vT_oKxFknwU/w72-h72-p-k-no-nu/gallery1376.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://berbagimod.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v3d9"
Expires: Thu, 29 Sep 2022 02:33:48 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="gallery1376.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Wed, 28 Sep 2022 02:33:48 GMT
Server: fife
Content-Length: 2213
X-XSS-Protection: 0
4.bp.blogspot.com/-P4BtINxGSao/UyTgVw1vYUI/AAAAAAAAA90/X93vgtdneJw/w72-h72-p-k-no-nu/game+ss.jpg
142.250.74.161200 OK 4.4 kB URL HTTP/1.1 4.bp.blogspot.com/-P4BtINxGSao/UyTgVw1vYUI/AAAAAAAAA90/X93vgtdneJw/w72-h72-p-k-no-nu/game+ss.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash e061e173231e0ab76f2a844cf5b39ed6
1b75fa70d95591db64ee75b648e3be0467d31211
778e10f0ac9a88ebcff1ff2251aab7b8d201e085da0c91624185f61d5cbe59c3
GET /-P4BtINxGSao/UyTgVw1vYUI/AAAAAAAAA90/X93vgtdneJw/w72-h72-p-k-no-nu/game+ss.jpg HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://berbagimod.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="game ss.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 4352
X-XSS-Protection: 0
Date: Wed, 28 Sep 2022 02:33:48 GMT
Expires: Tue, 27 Sep 2022 01:57:44 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v3de"
Content-Type: image/jpeg
Age: 0
2.bp.blogspot.com/-g1vqHUnhnoE/U25TEuJIwUI/AAAAAAAABQ0/xkSMBXRin5E/w72-h72-p-k-no-nu/Screenshot_106.jpg
142.250.74.161200 OK 5.1 kB URL HTTP/1.1 2.bp.blogspot.com/-g1vqHUnhnoE/U25TEuJIwUI/AAAAAAAABQ0/xkSMBXRin5E/w72-h72-p-k-no-nu/Screenshot_106.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash f982ebcae74aa02a949b33977382db47
d585413390b402f2f5463c9f13b56037e0181a7e
e31b004e3a3d7a404e6f90ad4b37bb7618fcae9ad6a2f60bee2fd376e16218ee
GET /-g1vqHUnhnoE/U25TEuJIwUI/AAAAAAAABQ0/xkSMBXRin5E/w72-h72-p-k-no-nu/Screenshot_106.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://berbagimod.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="Screenshot_106.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 5096
X-XSS-Protection: 0
Date: Wed, 28 Sep 2022 02:33:48 GMT
Expires: Tue, 27 Sep 2022 01:57:44 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v50e"
Content-Type: image/jpeg
Age: 0
2.bp.blogspot.com/-Zp8WfevSNTU/U3aXTz1RTsI/AAAAAAAABU0/G1hnL00771Q/w72-h72-p-k-no-nu/pes+2014+1.jpg
142.250.74.161200 OK 4.3 kB URL HTTP/1.1 2.bp.blogspot.com/-Zp8WfevSNTU/U3aXTz1RTsI/AAAAAAAABU0/G1hnL00771Q/w72-h72-p-k-no-nu/pes+2014+1.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash fc836e6d299a181e4d3ffa58678c9bff
3230b582904c0c95e8d5ef8a27d08367814d1dcf
4f8d79ffb4cf732c066ee991be924ae150c26f409b4d6d312bfaef2893661389
GET /-Zp8WfevSNTU/U3aXTz1RTsI/AAAAAAAABU0/G1hnL00771Q/w72-h72-p-k-no-nu/pes+2014+1.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://berbagimod.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v54e"
Expires: Thu, 29 Sep 2022 02:33:48 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="pes 2014 1.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Wed, 28 Sep 2022 02:33:48 GMT
Server: fife
Content-Length: 4295
X-XSS-Protection: 0
4.bp.blogspot.com/-Fqg_KrisYLM/U3V5kRRK2nI/AAAAAAAABT4/-McZuyEEBx4/w72-h72-p-k-no-nu/Screenshot_102.jpg
142.250.74.161200 OK 3.0 kB URL HTTP/1.1 4.bp.blogspot.com/-Fqg_KrisYLM/U3V5kRRK2nI/AAAAAAAABT4/-McZuyEEBx4/w72-h72-p-k-no-nu/Screenshot_102.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 5fc7b5a52afcc2ed2c4517df0fa17c89
bf5796b6b17d4f71607ef17e9f72edf661fd6fec
968aabee93ec0112d499f05ac0b576b0d8d36163c14d84cc07251f4ba3bb1832
GET /-Fqg_KrisYLM/U3V5kRRK2nI/AAAAAAAABT4/-McZuyEEBx4/w72-h72-p-k-no-nu/Screenshot_102.jpg HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://berbagimod.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v53f"
Expires: Thu, 29 Sep 2022 02:33:48 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="Screenshot_102.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Wed, 28 Sep 2022 02:33:48 GMT
Server: fife
Content-Length: 2995
X-XSS-Protection: 0
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 17a491e3e9fd8e8d7f59df7428283eea
9af52451772c9a2a73bd9f1bd8c5bc01a50c79ee
efcc61af4acd5272843b8889ba1676b1c906df3475a0826c92bf9896e2ea2a0c
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 02:33:48 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 27 Sep 2022 21:35:58 GMT
Expires: Tue, 04 Oct 2022 21:35:57 GMT
Etag: "9af52451772c9a2a73bd9f1bd8c5bc01a50c79ee"
Cache-Control: max-age=586328,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7519138cfdb30b41-OSL
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 2f76d47ed4f3c90f557522303bb760bc
f34542cabea7a4517debf64c298b59fc009ea56c
5ce5c216b7cb6a4425f12453e447ad364bcc1cd7d23a9d2468a8a40adfc2cb10
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 02:33:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 17a491e3e9fd8e8d7f59df7428283eea
9af52451772c9a2a73bd9f1bd8c5bc01a50c79ee
efcc61af4acd5272843b8889ba1676b1c906df3475a0826c92bf9896e2ea2a0c
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 02:33:48 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 27 Sep 2022 21:35:58 GMT
Expires: Tue, 04 Oct 2022 21:35:57 GMT
Etag: "9af52451772c9a2a73bd9f1bd8c5bc01a50c79ee"
Cache-Control: max-age=586328,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7519138d1b55b50f-OSL
2.bp.blogspot.com/-CbBBn1b1y24/VQTqCnMtDyI/AAAAAAAADas/6o2N8axTHIE/s1600/900.jpg
142.250.74.161200 OK 81 kB URL HTTP/1.1 2.bp.blogspot.com/-CbBBn1b1y24/VQTqCnMtDyI/AAAAAAAADas/6o2N8axTHIE/s1600/900.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Google], baseline, precision 8, 986x307, components 3\012- data
Hash a4d5aa9670b3c89e0c02340fb911109f
964e1061198a89fcb88a405febcadb74bdcda1d7
4ec80ad6435a05b98f0aa0267e0e08f3338e524a349e55b7214cfd85f0f5df5e
GET /-CbBBn1b1y24/VQTqCnMtDyI/AAAAAAAADas/6o2N8axTHIE/s1600/900.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://berbagimod.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="900.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 81180
X-XSS-Protection: 0
Date: Wed, 28 Sep 2022 02:33:48 GMT
Expires: Tue, 27 Sep 2022 01:57:44 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "vdac"
Content-Type: image/jpeg
Age: 0
bdv.bidvertiser.com/BidVertiser.dbm?pid=595536%26bid=1486833
54.241.51.109200 OK 87 B URL HTTP/1.1 bdv.bidvertiser.com/BidVertiser.dbm?pid=595536%26bid=1486833
IP 54.241.51.109:0
File type HTML document text\012- HTML document, ASCII text, with no line terminators
Hash 6c60754af27389e2778b3584bf10f3a1
196be0cdc74708ee01c01f86a648c16573e18fc6
ff2485a3dc35082ae7e3799388665929ffd72227191bf24b7c01033bfe19ddd9
GET /BidVertiser.dbm?pid=595536%26bid=1486833 HTTP/1.1
Host: bdv.bidvertiser.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://berbagimod.blogspot.com/
HTTP/1.1 200 OK
Content-Type: text/html
Connection: close
Content-Length: 87
www.ping-fast.com/iping.php?aut=EC153B028BB768920487F89D5739455201155A64B924A54A750E6D8DD2AD0BC1854A7AD421A02FC8C1
104.21.54.72302 Found 306 B URL HTTP/1.1 www.ping-fast.com/iping.php?aut=EC153B028BB768920487F89D5739455201155A64B924A54A750E6D8DD2AD0BC1854A7AD421A02FC8C1
IP 104.21.54.72:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash afd11f6d7bc0f64d97b825a5cbf550ce
3dbd21d1d95d74b84efda27e08afdbcd7ba09762
fb02e32b8a2fdafbb5ab7dc902aefc92e74e46ea0db3db4742771cf3859be66c
GET /iping.php?aut=EC153B028BB768920487F89D5739455201155A64B924A54A750E6D8DD2AD0BC1854A7AD421A02FC8C1 HTTP/1.1
Host: www.ping-fast.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://berbagimod.blogspot.com/
HTTP/1.1 302 Found
Date: Wed, 28 Sep 2022 02:33:48 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
location: https://www.ping-fast.com/iping.php?aut=EC153B028BB768920487F89D5739455201155A64B924A54A750E6D8DD2AD0BC1854A7AD421A02FC8C1
x-iplb-request-id: A29EDEC8:302C_BCA58F11:0050_6333B28C_3834B:1F52
x-iplb-instance: 31560
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=14akp%2F5BDCENbY%2BJNFENXyh%2FL52zpwNzDUQpnSRC6kx5zbTyuCG%2BPf9zDZUh0mZKfd%2BUiatzKSPBiZMYBrh49H9gMax5zyWRmS0AflTM%2Bp%2BntNGHP828LW4WU3ZlaqrE%2BB37bw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7519138d0b101c12-OSL
alt-svc: h2=":443"; ma=60
www.google-analytics.com/j/collect?v=1&_v=j97&a=1039886312&t=pageview&_s=1&dl=http%3A%2F%2Fberbagimod.blogspot.com%2F2014%2F04%2Fhasil-try-out-provinsi-tahap-2-diy.html&ul=en-us&de=UTF-8&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=IEBAAEABAAAAAC~&jid=706434395&gjid=1601500150&cid=2113149013.1664332426&tid=UA-57416555-1&_gid=1297350173.1664332426&_r=1&_slc=1&z=1207891148
142.250.74.174200 OK 2 B URL HTTP/2 www.google-analytics.com/j/collect?v=1&_v=j97&a=1039886312&t=pageview&_s=1&dl=http%3A%2F%2Fberbagimod.blogspot.com%2F2014%2F04%2Fhasil-try-out-provinsi-tahap-2-diy.html&ul=en-us&de=UTF-8&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=IEBAAEABAAAAAC~&jid=706434395&gjid=1601500150&cid=2113149013.1664332426&tid=UA-57416555-1&_gid=1297350173.1664332426&_r=1&_slc=1&z=1207891148
IP 142.250.74.174:0
File type ASCII text, with no line terminators
Hash 38684612f0c6bb6dfa16da92f4a6878f
6fe62d0dd7db314b7f9bb945672f078e01d27f0f
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
POST /j/collect?v=1&_v=j97&a=1039886312&t=pageview&_s=1&dl=http%3A%2F%2Fberbagimod.blogspot.com%2F2014%2F04%2Fhasil-try-out-provinsi-tahap-2-diy.html&ul=en-us&de=UTF-8&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=IEBAAEABAAAAAC~&jid=706434395&gjid=1601500150&cid=2113149013.1664332426&tid=UA-57416555-1&_gid=1297350173.1664332426&_r=1&_slc=1&z=1207891148 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: http://berbagimod.blogspot.com
Connection: keep-alive
Referer: http://berbagimod.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: http://berbagimod.blogspot.com
date: Wed, 28 Sep 2022 02:33:48 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
dcba.popcash.net/znWaa3gu
52.5.138.109204 No Content 0 B URL HTTP/2 dcba.popcash.net/znWaa3gu
IP 52.5.138.109:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /znWaa3gu HTTP/1.1
Host: dcba.popcash.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://berbagimod.blogspot.com
Connection: keep-alive
Referer: http://berbagimod.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Wed, 28 Sep 2022 02:33:48 GMT
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
X-Firefox-Spdy: h2
yllix.com/mobile_redir.php?section=21MAR_NeLt&pub=597677&ga=g
185.66.200.224301 Moved Permanently 162 B URL HTTP/2 yllix.com/mobile_redir.php?section=21MAR_NeLt&pub=597677&ga=g
IP 185.66.200.224:0
ASN #201702 skHosting.eu s.r.o.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /mobile_redir.php?section=21MAR_NeLt&pub=597677&ga=g HTTP/1.1
Host: yllix.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://berbagimod.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Wed, 28 Sep 2022 02:33:48 GMT
content-type: text/html
content-length: 162
location: https://yllix.com/warn.php?section=21MAR_NeLt&pub=597677&ga=g
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
3.bp.blogspot.com/-PkNiVFQ36tk/UJKk5O63taI/AAAAAAAAGcM/40odjuACWNs/s1600/body-bg12.png
142.250.74.161200 OK 2.1 kB URL HTTP/1.1 3.bp.blogspot.com/-PkNiVFQ36tk/UJKk5O63taI/AAAAAAAAGcM/40odjuACWNs/s1600/body-bg12.png
IP 142.250.74.161:0
File type PNG image data, 103 x 23, 8-bit/color RGBA, non-interlaced\012- data
Hash 4e58f959dc10326ac99f675c51f4f213
8a05f0361c6dbb9e625d55b348929461104fb28b
a4ca55e7e45943d24fc4634166cdcd7bcbd7f9337a7d78d4717ad8852c85e899
GET /-PkNiVFQ36tk/UJKk5O63taI/AAAAAAAAGcM/40odjuACWNs/s1600/body-bg12.png HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://berbagimod.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="body-bg12.png"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 2071
X-XSS-Protection: 0
Date: Wed, 28 Sep 2022 02:33:48 GMT
Expires: Wed, 28 Sep 2022 14:54:04 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v19c3"
Content-Type: image/png
Age: 0
4.bp.blogspot.com/-RXzuxzvwYR4/UJYop47uvbI/AAAAAAAAGhM/9Dft6eOVayQ/s1600/search-button.png
142.250.74.161200 OK 558 B URL HTTP/1.1 4.bp.blogspot.com/-RXzuxzvwYR4/UJYop47uvbI/AAAAAAAAGhM/9Dft6eOVayQ/s1600/search-button.png
IP 142.250.74.161:0
File type PNG image data, 17 x 18, 8-bit/color RGBA, non-interlaced\012- data
Hash 65d05a4f9f0b276abd7f5e0dfaa9303a
fd7f15df4e36388a0fba7df14f7f49c183412d28
75894bcd81ffe4ccfb5c4a2da869c4dc3848c84dff4d0737f1d238b329af78a9
GET /-RXzuxzvwYR4/UJYop47uvbI/AAAAAAAAGhM/9Dft6eOVayQ/s1600/search-button.png HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://berbagimod.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="search-button.png"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 558
X-XSS-Protection: 0
Date: Wed, 28 Sep 2022 02:33:48 GMT
Expires: Thu, 22 Sep 2022 11:02:04 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v1a13"
Content-Type: image/png
Age: 0
4.bp.blogspot.com/-NTKXiugkHrs/UIeVQmEzDjI/AAAAAAAAGJ4/G92p5n8hgvY/s7/downarrow-dark.png
142.250.74.161200 OK 237 B URL HTTP/1.1 4.bp.blogspot.com/-NTKXiugkHrs/UIeVQmEzDjI/AAAAAAAAGJ4/G92p5n8hgvY/s7/downarrow-dark.png
IP 142.250.74.161:0
File type PNG image data, 7 x 4, 8-bit/color RGBA, non-interlaced\012- data
Hash cc1b56913d2f7dccf89833c9f13c1166
cf385fddd75a65e4f90b8c4c61219e37afbbd55d
dce80244c3d820d996560fbaeda32f1855b6a871a8093a46ae9eaf292733f8d5
GET /-NTKXiugkHrs/UIeVQmEzDjI/AAAAAAAAGJ4/G92p5n8hgvY/s7/downarrow-dark.png HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://berbagimod.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="downarrow-dark.png"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 237
X-XSS-Protection: 0
Date: Wed, 28 Sep 2022 02:33:48 GMT
Expires: Mon, 05 Sep 2022 13:31:35 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v189e"
Content-Type: image/png
Age: 0
yllix.com/banner.php?pub=597677§ion=General&format=468x60&ga=g
185.66.200.224301 Moved Permanently 162 B URL HTTP/2 yllix.com/banner.php?pub=597677§ion=General&format=468x60&ga=g
IP 185.66.200.224:0
ASN #201702 skHosting.eu s.r.o.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /banner.php?pub=597677§ion=General&format=468x60&ga=g HTTP/1.1
Host: yllix.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://berbagimod.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Wed, 28 Sep 2022 02:33:48 GMT
content-type: text/html
content-length: 162
location: https://yllix.com/warn.php?pub=597677§ion=General&format=468x60&ga=g
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
fonts.gstatic.com/s/droidsans/v18/SlGVmQWMvZQIdix7AFxXkHNSbQ.woff2
142.250.74.163200 OK 21 kB URL HTTP/1.1 fonts.gstatic.com/s/droidsans/v18/SlGVmQWMvZQIdix7AFxXkHNSbQ.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 21224, version 1.0\012- data
Hash 13bdfb843f942ccd9f485eb6c0bc1934
2bad44362ff7569f24f2a3df2521b27a97ec1297
7a291479495fbb281655d5e870c6d118dc6b7ed18e8c235aef5974c1e9de4e6c
GET /s/droidsans/v18/SlGVmQWMvZQIdix7AFxXkHNSbQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://berbagimod.blogspot.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 21224
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Thu, 22 Sep 2022 07:02:35 GMT
Expires: Fri, 22 Sep 2023 07:02:35 GMT
Cache-Control: public, max-age=31536000
Age: 502273
Last-Modified: Tue, 19 Apr 2022 18:04:18 GMT
Content-Type: font/woff2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.35200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Wed, 28 Sep 2022 02:10:46 GMT
Expires: Wed, 28 Sep 2022 02:12:27 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: -jk8r2C8UFjQgiSk_-lrqUXNRLr_ORbpzZMko5MjtNmDEKgALNzeuw==
Age: 1382
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 2f76d47ed4f3c90f557522303bb760bc
f34542cabea7a4517debf64c298b59fc009ea56c
5ce5c216b7cb6a4425f12453e447ad364bcc1cd7d23a9d2468a8a40adfc2cb10
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 02:33:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
s06.flagcounter.com/count/F2st/bg_0F17FF/txt_F5F5F5/border_CCCCCC/columns_4/maxflags_40/viewers_0/labels_0/pageviews_0/flags_0/
45.58.124.226200 OK 21 kB URL HTTP/1.1 s06.flagcounter.com/count/F2st/bg_0F17FF/txt_F5F5F5/border_CCCCCC/columns_4/maxflags_40/viewers_0/labels_0/pageviews_0/flags_0/
IP 45.58.124.226:0
File type PNG image data, 292 x 185, 8-bit/color RGB, non-interlaced\012- data
Hash 2a7553e7cf19bd057f34088c99db444d
bdea709066d276280db7b9aaa48ede5d5dc59e85
9cbb71d1b7d1e56be4a6287ee1d122905ade33cc50cbc50c420a3a6144202466
GET /count/F2st/bg_0F17FF/txt_F5F5F5/border_CCCCCC/columns_4/maxflags_40/viewers_0/labels_0/pageviews_0/flags_0/ HTTP/1.1
Host: s06.flagcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://berbagimod.blogspot.com/
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 02:33:48 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips
Pragma: no-cache
Cache-control: no-cache
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: image/png
3.bp.blogspot.com/-GnsWJY-Hblo/UIbck16A3BI/AAAAAAAAGJM/qdog-XGwwQE/h20/sprite+images.png
142.250.74.161200 OK 5.2 kB URL HTTP/1.1 3.bp.blogspot.com/-GnsWJY-Hblo/UIbck16A3BI/AAAAAAAAGJM/qdog-XGwwQE/h20/sprite+images.png
IP 142.250.74.161:0
File type PNG image data, 175 x 20, 8-bit/color RGBA, non-interlaced\012- data
Hash 259e74bcfd0c7bbd1e84e1623dffbbdf
e83779648e23a7a19dfe024647e85b12bd9cb3bf
68ab97610edf119c1d0113f655f24037c276d2d62f1abd052c2100fe5e87b332
GET /-GnsWJY-Hblo/UIbck16A3BI/AAAAAAAAGJM/qdog-XGwwQE/h20/sprite+images.png HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://berbagimod.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="sprite images.png"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 5156
X-XSS-Protection: 0
Date: Wed, 28 Sep 2022 00:56:28 GMT
Expires: Fri, 15 Jul 2022 09:54:02 GMT
Cache-Control: public, max-age=86400, no-transform
Age: 5840
ETag: "v1893"
Content-Type: image/png
4.bp.blogspot.com/-Qfv2CUXkZQE/UJOrNu3iNAI/AAAAAAAAGc8/wvy8sCPa8HA/s1600/main-menu-bg.png
142.250.74.161200 OK 208 B URL HTTP/1.1 4.bp.blogspot.com/-Qfv2CUXkZQE/UJOrNu3iNAI/AAAAAAAAGc8/wvy8sCPa8HA/s1600/main-menu-bg.png
IP 142.250.74.161:0
File type PNG image data, 1 x 52, 8-bit/color RGBA, non-interlaced\012- data
Hash 669386e0b257a1337cd07388886f956c
e4d29aca5ea2158a2c062840d0ec6408fec19509
5d0906bbcb85b4d964aeb9b8c1df4429fb3a34bd1a104afefdfa4bff9684d88a
GET /-Qfv2CUXkZQE/UJOrNu3iNAI/AAAAAAAAGc8/wvy8sCPa8HA/s1600/main-menu-bg.png HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://berbagimod.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="main-menu-bg.png"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 208
X-XSS-Protection: 0
Date: Wed, 28 Sep 2022 02:33:48 GMT
Expires: Fri, 16 Sep 2022 15:41:40 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v19cf"
Content-Type: image/png
Age: 0
4.bp.blogspot.com/-BPpsKK84W2w/UJV6sFxkqDI/AAAAAAAAGgc/3TwsYkMwxsE/s1600/home+(1).png
142.250.74.161200 OK 1.2 kB URL HTTP/1.1 4.bp.blogspot.com/-BPpsKK84W2w/UJV6sFxkqDI/AAAAAAAAGgc/3TwsYkMwxsE/s1600/home+(1).png
IP 142.250.74.161:0
File type PNG image data, 30 x 90, 8-bit/color RGBA, non-interlaced\012- data
Hash e41bc01fc66820dc1901d37cb5df3b3d
c361c23886a387ca32db187a0ef84940b9100328
39960302b1ec5b58a87c5a50830875969d9adb66619ceca7af2843c668161f48
GET /-BPpsKK84W2w/UJV6sFxkqDI/AAAAAAAAGgc/3TwsYkMwxsE/s1600/home+(1).png HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://berbagimod.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="home (1).png"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 1211
X-XSS-Protection: 0
Date: Wed, 28 Sep 2022 02:33:48 GMT
Expires: Tue, 20 Sep 2022 17:15:55 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v1a07"
Content-Type: image/png
Age: 0
yllix.com/warn.php?pub=597677§ion=General&format=468x60&ga=g
185.66.200.224200 OK 364 B URL HTTP/2 yllix.com/warn.php?pub=597677§ion=General&format=468x60&ga=g
IP 185.66.200.224:0
ASN #201702 skHosting.eu s.r.o.
Hash 4022ceff65959694f6284986986d5c43
1f2d46d872992c2d40556ef11de10fe6ef883b91
00a7224918250a78e312f758c3211f27b5ff1724ca36af1a05454eecadbcd5a5
GET /warn.php?pub=597677§ion=General&format=468x60&ga=g HTTP/1.1
Host: yllix.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://berbagimod.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 02:33:48 GMT
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
1.bp.blogspot.com/-nuqGzN8406c/UJP6qzqo9eI/AAAAAAAAGeE/_srJJf734HY/s12/70.png
142.250.74.161200 OK 384 B URL HTTP/1.1 1.bp.blogspot.com/-nuqGzN8406c/UJP6qzqo9eI/AAAAAAAAGeE/_srJJf734HY/s12/70.png
IP 142.250.74.161:0
File type PNG image data, 12 x 12, 8-bit/color RGBA, non-interlaced\012- data
Hash d98622ff238177cf667d7372ce113acd
a4b8936dd57536fc9ec2eeca1ad8c94ee8a960f5
f58de81d2e0e8e532f8fa08e5484a6ab3d63316db813b33567b4baabd8ddc011
GET /-nuqGzN8406c/UJP6qzqo9eI/AAAAAAAAGeE/_srJJf734HY/s12/70.png HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://berbagimod.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="70.png"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 384
X-XSS-Protection: 0
Date: Wed, 28 Sep 2022 02:33:48 GMT
Expires: Fri, 09 Sep 2022 20:23:55 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v19e1"
Content-Type: image/png
Age: 0
4.bp.blogspot.com/-r8YeL5MClP8/UIT2mjkPR6I/AAAAAAAAGGM/QM_4AcjZNfY/s1600/small-left.png
142.250.74.161200 OK 279 B URL HTTP/1.1 4.bp.blogspot.com/-r8YeL5MClP8/UIT2mjkPR6I/AAAAAAAAGGM/QM_4AcjZNfY/s1600/small-left.png
IP 142.250.74.161:0
File type PNG image data, 10 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash a4e79cf29762cf0ea34fb4aabffd96bc
7b12551dae1767300af1296e5b1cfb2daba00175
daa4c68e5d69c43088e51d868902cc5650f3f7b223adf282a56436f973140554
GET /-r8YeL5MClP8/UIT2mjkPR6I/AAAAAAAAGGM/QM_4AcjZNfY/s1600/small-left.png HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://berbagimod.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="small-left.png"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 279
X-XSS-Protection: 0
Date: Wed, 28 Sep 2022 02:33:48 GMT
Expires: Fri, 02 Sep 2022 11:28:04 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v1863"
Content-Type: image/png
Age: 0
1.bp.blogspot.com/-SovF-2Yqzx8/UIT2nmYLCuI/AAAAAAAAGGU/FjDXOtx5erk/s1600/small-right.png
142.250.74.161200 OK 277 B URL HTTP/1.1 1.bp.blogspot.com/-SovF-2Yqzx8/UIT2nmYLCuI/AAAAAAAAGGU/FjDXOtx5erk/s1600/small-right.png
IP 142.250.74.161:0
File type PNG image data, 10 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash b086e4f3d5def0dc849ff4792cfe396f
58ccf47749e02fb7e0b8aff6cc1a2e745451811d
e8153a9b8632a48c1652f12041f71114fd10f27f62e6ab1f57c443af4fb2af7a
GET /-SovF-2Yqzx8/UIT2nmYLCuI/AAAAAAAAGGU/FjDXOtx5erk/s1600/small-right.png HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://berbagimod.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="small-right.png"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 277
X-XSS-Protection: 0
Date: Wed, 28 Sep 2022 02:33:48 GMT
Expires: Wed, 14 Sep 2022 03:08:34 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v1865"
Content-Type: image/png
Age: 0
fonts.gstatic.com/s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2
142.250.74.163200 OK 9.8 kB URL HTTP/1.1 fonts.gstatic.com/s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 9840, version 1.0\012- data
Hash afda6e429fd299054de28e1f157c683d
c1847d6f3df5fe11d5e96fd5e6a59b73ff7ed96b
81cd29d1413ecf75834fb3ce1da572fe5c39e53b22c61f5dafec5b14ed4ee12e
GET /s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://berbagimod.blogspot.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 9840
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 27 Sep 2022 04:57:01 GMT
Expires: Wed, 27 Sep 2023 04:57:01 GMT
Cache-Control: public, max-age=31536000
Age: 77807
Last-Modified: Mon, 18 Jul 2022 19:24:04 GMT
Content-Type: font/woff2
1.bp.blogspot.com/-dbY_VVkPODk/UJTFnJtHmyI/AAAAAAAAGe8/jiGU6WOkWSI/s1600/stripe.png
142.250.74.161200 OK 236 B URL HTTP/1.1 1.bp.blogspot.com/-dbY_VVkPODk/UJTFnJtHmyI/AAAAAAAAGe8/jiGU6WOkWSI/s1600/stripe.png
IP 142.250.74.161:0
File type PNG image data, 12 x 14, 8-bit/color RGBA, non-interlaced\012- data
Hash 62da707f76ada65c6397be2632fa1e3a
7481d2f62694892a63ae1f1f874a78907ecdd209
7c9a592ba7be7e9fe47e606a4717e09472df3c1ea2c067177467d1bec9dc53d3
GET /-dbY_VVkPODk/UJTFnJtHmyI/AAAAAAAAGe8/jiGU6WOkWSI/s1600/stripe.png HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://berbagimod.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="stripe.png"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 236
X-XSS-Protection: 0
Date: Wed, 28 Sep 2022 02:33:48 GMT
Expires: Fri, 16 Sep 2022 15:41:40 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v19ef"
Content-Type: image/png
Age: 0
2.bp.blogspot.com/-7ORuDEv06UQ/UJVR5DN3kVI/AAAAAAAAGfs/8aVj8u6y2-s/s30/link-overlay.png
142.250.74.161200 OK 727 B URL HTTP/1.1 2.bp.blogspot.com/-7ORuDEv06UQ/UJVR5DN3kVI/AAAAAAAAGfs/8aVj8u6y2-s/s30/link-overlay.png
IP 142.250.74.161:0
File type PNG image data, 30 x 30, 8-bit/color RGBA, non-interlaced\012- data
Hash 0566fd58559a796a665a8a9f87b69591
14878358b0b13f38cd8ba4e279a2e731a55e3c7b
2c879d9752b3d7c4990fead74006bc48a210cc6181b2b0082020221d383e4b87
GET /-7ORuDEv06UQ/UJVR5DN3kVI/AAAAAAAAGfs/8aVj8u6y2-s/s30/link-overlay.png HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://berbagimod.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="link-overlay.png"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 727
X-XSS-Protection: 0
Date: Wed, 28 Sep 2022 02:33:48 GMT
Expires: Wed, 14 Sep 2022 03:08:34 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v19fb"
Content-Type: image/png
Age: 0
a.yu0123456.com/show.php?nid=5&pid=56383&adtype=&sid=97705
199.115.116.162302 Found 11 B URL HTTP/1.1 a.yu0123456.com/show.php?nid=5&pid=56383&adtype=&sid=97705
IP 199.115.116.162:0
ASN #30633 LEASEWEB-USA-WDC
File type ASCII text, with no line terminators
Hash 32682312d17c7cbf18e73594f5570319
60e22121bdd0bc71cdb2bae2a3aa577006b2eae9
e55fb1a1d731153e943b68844af12dcce8bfac917c98ffdea64c80da0607dd47
GET /show.php?nid=5&pid=56383&adtype=&sid=97705 HTTP/1.1
Host: a.yu0123456.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://berbagimod.blogspot.com/
HTTP/1.1 302 Found
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 11
date: Wed, 28 Sep 2022 02:33:47 GMT
location: http://click-v4.expmdiadi.com/click?i=5UTiqi7UXH0_0
server: nginx
set-cookie: sid=fb4b9da4-3ed5-11ed-a232-79c91da7c5e3; path=/; domain=.yu0123456.com; expires=Mon, 16 Oct 2090 05:47:55 GMT; max-age=2147483647; HttpOnly
pingmyurl.com/pingmyurl100x31.png
192.169.244.12404 Not Found 10 kB URL HTTP/1.1 pingmyurl.com/pingmyurl100x31.png
IP 192.169.244.12:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4070)
Hash d70acdb73bb30368f25b18dbf8ae0787
f2c9fc108ad007edbde67d200364822a56c207c1
c501e4bd232ef0837ad490432431dd3bd663897a8403b2c626dd37cedb3cb67b
GET /pingmyurl100x31.png HTTP/1.1
Host: pingmyurl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://berbagimod.blogspot.com/
HTTP/1.1 404 Not Found
Date: Wed, 28 Sep 2022 02:33:48 GMT
Server: Apache
Accept-Ranges: bytes
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html
1.bp.blogspot.com/-yyFrsVmB3aY/UOhjYBGW6II/AAAAAAAAHuc/OB5STvIL9Pg/w25/plus.png
142.250.74.161200 OK 1.2 kB URL HTTP/1.1 1.bp.blogspot.com/-yyFrsVmB3aY/UOhjYBGW6II/AAAAAAAAHuc/OB5STvIL9Pg/w25/plus.png
IP 142.250.74.161:0
File type PNG image data, 25 x 58, 8-bit gray+alpha, non-interlaced\012- data
Hash 68c20b593255862c12d3efb1af6194de
c5d01400a7baa3d40cd8e7b92dabc916c7e4e5ac
cb4e78d391cb7cba6110c75bb124dd974155a8e2000e795c954d85a41a9f8916
GET /-yyFrsVmB3aY/UOhjYBGW6II/AAAAAAAAHuc/OB5STvIL9Pg/w25/plus.png HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://berbagimod.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="plus.png"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 1157
X-XSS-Protection: 0
Date: Wed, 28 Sep 2022 02:33:48 GMT
Expires: Tue, 27 Sep 2022 01:57:45 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v1ee7"
Content-Type: image/png
Age: 0
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 9c0250d511bdd25e65fa9231943e47fa
3518705c328b51b4f972cb18012ac5d170c15136
71937f2d8bd20670a92a008042a4b9ab353960def8b1e839e5f736e58957a672
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 02:33:48 GMT
Server: ECS (amb/6B85)
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash c18823050f86339eaa73ddb1bf80d64c
ac4ee81f59f706cee8a74458d498bbc20d8d351a
9a505647517bd02d8ff994fd4ad98dc2f4b519916145b0c327691420c1084c46
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3978
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 02:33:48 GMT
Last-Modified: Wed, 28 Sep 2022 01:27:30 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
4.bp.blogspot.com/-EPn-ZqHVtfs/U0QcM567pkI/AAAAAAAABHA/nrhPFjgPwIA/s1600/images.jpg
142.250.74.161200 OK 19 kB URL HTTP/1.1 4.bp.blogspot.com/-EPn-ZqHVtfs/U0QcM567pkI/AAAAAAAABHA/nrhPFjgPwIA/s1600/images.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, software=Google], baseline, precision 8, 182x236, components 3\012- data
Hash 060b119c915312ea7ec4d95f1d863f52
8d446458d24b64f0bf23a12787aaff9938e2085d
57d993700b4c53284fdd331e1f1acb5841526a0dbf520a9861c8cbcf9b1a8496
GET /-EPn-ZqHVtfs/U0QcM567pkI/AAAAAAAABHA/nrhPFjgPwIA/s1600/images.jpg HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://berbagimod.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v471"
Expires: Thu, 29 Sep 2022 02:33:48 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="images.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Wed, 28 Sep 2022 02:33:48 GMT
Server: fife
Content-Length: 18854
X-XSS-Protection: 0
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 9c0250d511bdd25e65fa9231943e47fa
3518705c328b51b4f972cb18012ac5d170c15136
71937f2d8bd20670a92a008042a4b9ab353960def8b1e839e5f736e58957a672
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 02:33:48 GMT
Server: ECS (amb/6BB2)
Content-Length: 280
push.services.mozilla.com/
100.20.30.105101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 100.20.30.105:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: rzz1UZQHA/g2Adg1xgpLwA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 5j6LIeZ9nQ0UGXYtKfFj77U9N1w=
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 5e01e4cfb215a3f052b4c716bc77c1a6
6e63b3e883051319571310c44b87591f0312d83f
aebb544e0762c6c3eb289d85c20299baa3f742dc46cfa5bcc33ac6df411285ae
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 02:33:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu
142.250.74.164200 OK 668 B URL HTTP/2 www.google.com/recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu
IP 142.250.74.164:0
File type ASCII text, with very long lines (1034), with no line terminators
Hash 80585e7d4f1510898eeba1ae4175a6fc
a5a6a723aecc70bc2f23ff11d05b10838c3f557b
c0d82c824a37384777d1493508b45b05f5286b3a8366377b43db8f0f84fc0eb8
GET /recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Wed, 28 Sep 2022 02:33:49 GMT
date: Wed, 28 Sep 2022 02:33:49 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 668
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash be52dbe2d47697a7f007d69c486b77b4
fe445ea87749e97423e7865bc559ad78f672a62d
65d16df2b3095c658d2bdf39b06d57486967bba7b43c43108e5025d7af5b7ab6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 02:33:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash be52dbe2d47697a7f007d69c486b77b4
fe445ea87749e97423e7865bc559ad78f672a62d
65d16df2b3095c658d2bdf39b06d57486967bba7b43c43108e5025d7af5b7ab6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 02:33:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
play.google.com/log?format=json&hasfast=true&authuser=0
142.250.74.110200 OK 0 B URL HTTP/2 play.google.com/log?format=json&hasfast=true&authuser=0
IP 142.250.74.110:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Referer: https://www.blogger.com/
Origin: https://www.blogger.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.blogger.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Wed, 28 Sep 2022 02:33:49 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: CONSENT=PENDING+752; expires=Fri, 27-Sep-2024 02:33:49 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 28 Sep 2022 02:33:49 GMT
cache-control: private
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash be52dbe2d47697a7f007d69c486b77b4
fe445ea87749e97423e7865bc559ad78f672a62d
65d16df2b3095c658d2bdf39b06d57486967bba7b43c43108e5025d7af5b7ab6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 02:33:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
play.google.com/log?format=json&hasfast=true&authuser=0
142.250.74.110200 OK 131 B URL HTTP/2 play.google.com/log?format=json&hasfast=true&authuser=0
IP 142.250.74.110:0
File type JSON data\012- , ASCII text, with no line terminators
Hash babb6f090aeebc6f421624475b4aefff
06079b7547949822c118224e51604f4c5ebf80c8
b2fe8b91f31edc7284cc9690e90dd4a38d985598374df68967d917590beb55dd
POST /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
X-Goog-AuthUser: 0
Content-Type: application/x-www-form-urlencoded;charset=utf-8
Content-Length: 1557
Origin: https://www.blogger.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.blogger.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web
content-type: text/plain; charset=UTF-8
content-encoding: gzip
date: Wed, 28 Sep 2022 02:33:49 GMT
server: Playlog
cache-control: private
content-length: 131
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: CONSENT=PENDING+979; expires=Fri, 27-Sep-2024 02:33:49 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 28 Sep 2022 02:33:49 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash fc82211401f793132f7d43c2fd253af5
605d8371709b5d2a41967fd390c34fa649f89ea3
b23fd36ec037710672ac1aa6fea284e3869c4bae7941d9b53c771cff8743478e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 02:33:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/recaptcha__en.js
142.250.74.163200 OK 158 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/recaptcha__en.js
IP 142.250.74.163:0
File type ASCII text, with very long lines (826)
Size 158 kB (158248 bytes)
Hash db1b5789e9915e9c82f5df92e5982980
2e193e502995501c85f45fd89d9f83707a7f9573
db9c82b18117d7cff0f674de758f5bbb39bc6dee969cee679c741090968b9206
GET /recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
Origin: https://www.blogger.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 158248
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 25 Sep 2022 22:25:55 GMT
expires: Mon, 25 Sep 2023 22:25:55 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 19 Sep 2022 04:01:43 GMT
content-type: text/javascript
age: 187674
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
berbagimod.blogspot.com/feeds/comments/default?alt=json-in-script&max-results=0&callback=totalComments
142.250.74.161200 OK 671 B URL HTTP/1.1 berbagimod.blogspot.com/feeds/comments/default?alt=json-in-script&max-results=0&callback=totalComments
IP 142.250.74.161:0
File type ASCII text, with very long lines (1333)
Hash 76428197fe870662c6a63c284f726a9d
7b0810b38798a817023c7b3073823d58ad444f96
5a286bbb7ab01ebd9e85b8e3242c95facacdbafbdc9cd2ef129f2ef1a466eb00
GET /feeds/comments/default?alt=json-in-script&max-results=0&callback=totalComments HTTP/1.1
Host: berbagimod.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://berbagimod.blogspot.com/2014/04/hasil-try-out-provinsi-tahap-2-diy.html
Cookie: _ga=GA1.3.2113149013.1664332426; _gid=GA1.3.1297350173.1664332426; _gat=1
HTTP/1.1 200 OK
Cross-Origin-Resource-Policy: cross-origin
ETag: W/"912884b216cb3f10ce8338263113fc2670840d609556ee6c6cbbf6541452ec14"
Date: Wed, 28 Sep 2022 02:33:49 GMT
Content-Type: text/javascript; charset=UTF-8
Server: blogger-renderd
Expires: Wed, 28 Sep 2022 02:33:50 GMT
Cache-Control: public, must-revalidate, proxy-revalidate, max-age=1
X-Content-Type-Options: nosniff
X-XSS-Protection: 0
Last-Modified: Mon, 04 Apr 2022 16:27:21 GMT
Content-Encoding: gzip
Content-Length: 671
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.163200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 24 Sep 2022 12:31:58 GMT
expires: Sun, 24 Sep 2023 12:31:58 GMT
cache-control: public, max-age=31536000
age: 309711
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 23 Sep 2022 00:48:31 GMT
expires: Sat, 23 Sep 2023 00:48:31 GMT
cache-control: public, max-age=31536000
age: 438318
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
s10.histats.com/js15.js
46.105.201.240200 OK 4.4 kB IP 46.105.201.240:0
File type HTML document, ASCII text, with very long lines (11088), with no line terminators
Hash 0c3fdf54a35d66a1e272956af95d34af
fd6cf4aa04104d6b48831bbf88bc6256fd5012c3
3adb20fd3b841e10b308345d164ac790a96228c3eac3e063efa505ae3c7d4cf6
GET /js15.js HTTP/1.1
Host: s10.histats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://berbagimod.blogspot.com/
HTTP/1.1 200 OK
date: Wed, 28 Sep 2022 02:27:55 GMT
etag: "980881274"
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
x-request-id: 806224219
content-type: text/javascript
content-length: 4405
content-encoding: gzip
vary: Accept-Encoding
x-cdn-pop: sbg
x-cdn-pop-ip: 137.74.120.0/27
x-cacheable: Matched cache
accept-ranges: bytes
x-iplb-request-id: 5B5A2A9A:B884_2E69C9F0:0050_6333B28D_19AE07:1E8C
x-iplb-instance: 42472
2.bp.blogspot.com/-hXfZtHjopCw/UOiA5zZrF1I/AAAAAAAAHvY/oovWlz4k--k/s1600/stripe.png
142.250.74.161200 OK 237 B URL HTTP/1.1 2.bp.blogspot.com/-hXfZtHjopCw/UOiA5zZrF1I/AAAAAAAAHvY/oovWlz4k--k/s1600/stripe.png
IP 142.250.74.161:0
File type PNG image data, 12 x 14, 8-bit/color RGBA, non-interlaced\012- data
Hash bdd2b390e11245ef9bcacf0aaa230652
e9960cc9efc0e01f181ea54e1b3a0060ed14513f
04ef432477a8480a6041fe0de9639db9152d4938716369366fc7d71e7660735b
GET /-hXfZtHjopCw/UOiA5zZrF1I/AAAAAAAAHvY/oovWlz4k--k/s1600/stripe.png HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://berbagimod.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="stripe.png"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 237
X-XSS-Protection: 0
Date: Wed, 28 Sep 2022 02:33:49 GMT
Expires: Wed, 28 Sep 2022 17:36:19 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v1ef6"
Content-Type: image/png
Age: 0
berbagimod.blogspot.com/b/stats?style=BLACK_TRANSPARENT&timeRange=ALL_TIME&token=APq4FmCMF9uYjRe3hvtIaFcr_584dNFxi6KkMMBNnxg4NCw4hkHEJftkP6q_AtiHOUScbiUx9sHMMqGBzH8sE3JhNIAJuAdcgw
142.250.74.161200 OK 264 B URL HTTP/1.1 berbagimod.blogspot.com/b/stats?style=BLACK_TRANSPARENT&timeRange=ALL_TIME&token=APq4FmCMF9uYjRe3hvtIaFcr_584dNFxi6KkMMBNnxg4NCw4hkHEJftkP6q_AtiHOUScbiUx9sHMMqGBzH8sE3JhNIAJuAdcgw
IP 142.250.74.161:0
File type JSON data\012- , ASCII text, with very long lines (406), with no line terminators
Hash 14ce7aae2269e90ec31b6b393c18f437
ef5d45194fe95719e15c2d69dbee7e1d54a87fbd
b11a545d28ce6b6a79f3d0fc793334caa0d199bae5029f36a6a5d2a0318ca4b4
GET /b/stats?style=BLACK_TRANSPARENT&timeRange=ALL_TIME&token=APq4FmCMF9uYjRe3hvtIaFcr_584dNFxi6KkMMBNnxg4NCw4hkHEJftkP6q_AtiHOUScbiUx9sHMMqGBzH8sE3JhNIAJuAdcgw HTTP/1.1
Host: berbagimod.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://berbagimod.blogspot.com/2014/04/hasil-try-out-provinsi-tahap-2-diy.html
Cookie: _ga=GA1.3.2113149013.1664332426; _gid=GA1.3.1297350173.1664332426; _gat=1; HstCfa2653523=1664332427496; HstCla2653523=1664332427496; HstCmu2653523=1664332427496; HstPn2653523=1; HstPt2653523=1; HstCnv2653523=1; HstCns2653523=1
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Wed, 28 Sep 2022 02:33:49 GMT
Expires: Wed, 28 Sep 2022 02:33:49 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 264
Server: GSE
cdn.chitika.net/getads.js
143.204.55.6301 Moved Permanently 167 B URL HTTP/1.1 cdn.chitika.net/getads.js
IP 143.204.55.6:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash f5d40b7259645010f9a248858ad14178
b3051d17a6ec8c9e166bf09a62b48261ab86957b
7f5007068d2b56ea9735e2490d60cff2e72cae312024ac1f6c91158eba47d05d
GET /getads.js HTTP/1.1
Host: cdn.chitika.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://berbagimod.blogspot.com/
HTTP/1.1 301 Moved Permanently
Server: CloudFront
Date: Wed, 28 Sep 2022 02:33:50 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Location: https://cdn.chitika.net/getads.js
X-Cache: Redirect from cloudfront
Via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: XW5qiQ-TcEgTJNmu1xEMJzcMzvj3Mbb3CbkHHPUnQHZGGz9bGoXaWw==
tcr.tynt.com/ti.js
172.64.151.83200 OK 16 kB IP 172.64.151.83:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1213)
Hash a384492ef8f3bb035fc8ecba870e86d3
a6da9b212e2d640261cc1c1a5c98096aef5d8778
9232a4a99aa4630732414441f411afe936b0e95047f3d018e46c40f211fc1ede
GET /ti.js HTTP/1.1
Host: tcr.tynt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://berbagimod.blogspot.com/
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 02:33:50 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
last-modified: Thu, 21 Jul 2022 14:57:21 GMT
vary: Accept-Encoding
etag: W/"62d96951-b4ff"
content-encoding: gzip
CF-Cache-Status: HIT
Age: 207515
Expires: Sat, 01 Oct 2022 02:33:50 GMT
Cache-Control: public, max-age=259200
Server: cloudflare
CF-RAY: 7519139878e10b55-OSL
c1.popads.net/pop.js
185.76.9.15200 OK 9.9 kB IP 185.76.9.15:0
ASN #60068 Datacamp Limited
File type HTML document, ASCII text, with very long lines (1568), with CRLF line terminators
Hash 87f2106b2ef322202b466870df717aa2
4b7461dec21a73a4c475817b6ce3b8f58efca57c
d29a8563a37e8893a7481326f22315d57678da676c8a9599dc46785cc73a24cd
GET /pop.js HTTP/1.1
Host: c1.popads.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://berbagimod.blogspot.com/
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 02:33:50 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: quic="185.76.9.13:443"; ma=2592000; v="44,43,39"
Last-Modified: Sun, 03 Jul 2022 20:49:14 GMT
ETag: W/"62c200ca-7b48"
Access-Control-Allow-Origin: *
X-Accel-Expires: @1665176410
Server: CDN77-Turbo
X-77-NZT: AblMCQ3ul9n/NPECAA
X-77-NZT-Ray: EhSt1hUn2GY
X-Cache: HIT
X-Age: 192820
X-77-POP: stockholmSE
X-77-Cache: HIT
Content-Encoding: gzip
connect.facebook.net/id_ID/sdk.js
157.240.200.14200 OK 1.7 kB URL HTTP/1.1 connect.facebook.net/id_ID/sdk.js
IP 157.240.200.14:0
File type ASCII text, with very long lines (1961)
Hash 6b07554ae365daa47f45520005397f73
454cb7a622c8dd30db2196473eef1898ed772df3
3340c6042295cf6f692edb3941aab33f18fb4acaf21405f29842007042bc01cf
GET /id_ID/sdk.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://berbagimod.blogspot.com/
HTTP/1.1 200 OK
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Expose-Headers: X-FB-Content-MD5
x-fb-content-md5: 4d27a239b31d76281d76ddc45205ad1b
ETag: "1e405ada24b3eb3f4e71f99c43795547"
Content-Type: application/x-javascript; charset=utf-8
timing-allow-origin: *
Access-Control-Allow-Origin: *
cross-origin-resource-policy: cross-origin
Expires: Wed, 28 Sep 2022 02:48:50 GMT
Cache-Control: public,max-age=1200,stale-while-revalidate=3600
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
X-Content-Type-Options: nosniff
x-fb-rlafr: 0
X-Frame-Options: DENY
Strict-Transport-Security: max-age=31536000; preload; includeSubDomains
Content-MD5: awdVSuNl2qR/RVIABTl/cw==
X-FB-Debug: 6WFqfmefXOtm8E6Fzg+c2dYn8EshSFRLhaMbLehq5DJW9enGYC9KTHhsbss7oJGrJpp+TzMKjy2fndLbX1q63w==
X-FB-TRIP-ID: 1679558926
Date: Wed, 28 Sep 2022 02:33:50 GMT
Alt-Svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
Connection: keep-alive
Content-Length: 1686
d31qbv1cthcecs.cloudfront.net/atrk.js
143.204.55.5200 OK 4.3 kB URL HTTP/1.1 d31qbv1cthcecs.cloudfront.net/atrk.js
IP 143.204.55.5:0
File type ASCII text, with very long lines (4255), with no line terminators
Hash d89453438fbf10dcf4c13265c40d5160
02d5f4e46c94bf34e12b2d773f63f643ea2b3518
5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f
GET /atrk.js HTTP/1.1
Host: d31qbv1cthcecs.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://berbagimod.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 4255
Connection: keep-alive
Date: Sat, 13 Aug 2022 04:02:04 GMT
Last-Modified: Tue, 27 Apr 2021 18:03:54 GMT
ETag: "d89453438fbf10dcf4c13265c40d5160"
Cache-Control: max-age=26920000
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: J21eDtkWd9X1XutllqFh0MOQIWMG-XGA38oV2zcqE8h3ak2ZQFAF9Q==
Age: 3969107
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3686
Expires: Wed, 28 Sep 2022 03:35:16 GMT
Date: Wed, 28 Sep 2022 02:33:50 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3686
Expires: Wed, 28 Sep 2022 03:35:16 GMT
Date: Wed, 28 Sep 2022 02:33:50 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad593ee0-d404-46e3-b129-229e09b263b0.png
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad593ee0-d404-46e3-b129-229e09b263b0.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4b794c6812cb546de0295e087ebe66a7
a54803cca7d3c509c195f65961e1110c8ec56f55
6a207f75eb3951f3dea5252bc8d185cd604d3d657f15b838774e8087e91f37f5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad593ee0-d404-46e3-b129-229e09b263b0.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12016
x-amzn-requestid: ec1b3715-5d0f-4045-aa5b-b70a55c81d72
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3e3EtyIAMFdZg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c5e-201dd1ef1426a09965c68dab;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:34:22 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: y3DefdcXJyoDHpJXwz460gfWcv2JUboOFExNQmTFgy30B4mn54Xvuw==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:44:30 GMT
age: 17360
etag: "a54803cca7d3c509c195f65961e1110c8ec56f55"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3686
Expires: Wed, 28 Sep 2022 03:35:16 GMT
Date: Wed, 28 Sep 2022 02:33:50 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F02722822-e024-44b9-8ec1-48ec9500ca58.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F02722822-e024-44b9-8ec1-48ec9500ca58.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f3e1fd3401c5e635a8dbeec5f78b721d
2142075b27d0d355c51231ab06fea46e25eb9c59
2e17a43985b624e6b6592d402c36dd45b915cd6e1ac84e187c18c46420eb9a1d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F02722822-e024-44b9-8ec1-48ec9500ca58.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9733
x-amzn-requestid: fff8214b-48f7-4b45-bd91-69ea4db871d6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCAWhG9HIAMFloQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330adc3-1cffa63711378c525e49e11d;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 19:36:35 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Vak91l2UKRnX0Go62y1yPwJ8E-Af7XBurmQATw5MSZXBqhUJrIgOCQ==
via: 1.1 0dc4feb22bb4657ce2bb95fd05ec7122.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 04:55:01 GMT
age: 77929
etag: "2142075b27d0d355c51231ab06fea46e25eb9c59"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb9a3b058-92c9-490e-9cbb-736f7e46510d.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb9a3b058-92c9-490e-9cbb-736f7e46510d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ea3890e460356d6ecc3ba4e405ac2e9e
b383135e2ebc23fe80eb0d594b198cb8c89327a5
8fcff053ce6e5750136bf876bad5b2916935f13ea039912d977928b086f0a48b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb9a3b058-92c9-490e-9cbb-736f7e46510d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7455
x-amzn-requestid: e99c9f33-b72a-4070-80cf-06fb4a87d1df
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZG4S6EcAoAMFX1A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6332a0df-04122b4a345dbc3f3918af98;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 07:06:07 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: yW-bGn5vYTa6Z28ELKYgYpy98wQEbYJIl5yxd1qLxz1YjVYKxMH2Wg==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 5397b304713f6301c7c94ac084b6ed08.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 07:31:02 GMT
age: 68568
etag: "b383135e2ebc23fe80eb0d594b198cb8c89327a5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ffa6dde-b51e-43f8-bfcb-3f442d674928.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ffa6dde-b51e-43f8-bfcb-3f442d674928.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6139c878a7d2bd32c61fc8287996eb5b
9c4692ea64832895fbd107d91f879728b6a440c7
3839df92f0a10c1433d5b576df50c9f7953912ae4f425012262f08ee8a59ce2e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ffa6dde-b51e-43f8-bfcb-3f442d674928.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8500
x-amzn-requestid: af82c8d6-950c-4933-87e3-7bbb15cb1ac8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3e3HOaoAMFoPQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c5e-77e0ecc522de575e40f429b3;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:34:22 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: rD5LsVDLQkaomG1nCGZGihbdlWKMCjUYNC2kRyAjJesJEOEBSj8Q3A==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:47:03 GMT
age: 17207
etag: "9c4692ea64832895fbd107d91f879728b6a440c7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5653a1a-a7d7-4b1e-a27e-4eb6b032901d.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5653a1a-a7d7-4b1e-a27e-4eb6b032901d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ee83d08d024d127fad5918e1ffacb78b
8ad289a77705358ab660b6123e9d90de991b6c13
aaab3590ef3777ce8b7a9a34f18866fa20ecaa554cbcdcdb3f1fa3c34c88ceb4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5653a1a-a7d7-4b1e-a27e-4eb6b032901d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11314
x-amzn-requestid: 9f410158-cd1a-45a9-9e86-4005b25577e4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3e4Hw7oAMFpAg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c5f-70683c681f22a3b6103fcb4a;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:34:23 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: l9IinQYCcQV_iymSArIEnOWgbmLlmVqz94402zcsmga5Bp3Sty7QRg==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:40:49 GMT
age: 17581
etag: "8ad289a77705358ab660b6123e9d90de991b6c13"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3686
Expires: Wed, 28 Sep 2022 03:35:16 GMT
Date: Wed, 28 Sep 2022 02:33:50 GMT
Connection: keep-alive
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash 74092aa6776485ce0832f01287591cd0
ab853d3e0c95e52908e6d85e595e85c30ea71a0c
aafd2280926c4d6c1362f9fc2362d0ed4f84bd63c399ed9ace79803dc0098077
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Wed, 28 Sep 2022 02:33:50 GMT
Server: ECS (dcb/7F14)
X-Cache: Miss from cloudfront
Via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: lMydjg44iFgut_LX5pAW5Mu9f35wwxjqSgcKZb03aOYNjFPMNVpmMg==
cdn.chitika.net/getads.js
143.204.55.6200 OK 0 B URL HTTP/2 cdn.chitika.net/getads.js
IP 143.204.55.6:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /getads.js HTTP/1.1
Host: cdn.chitika.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://berbagimod.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 0
last-modified: Fri, 19 Apr 2019 16:40:37 GMT
server: AmazonS3
date: Tue, 27 Sep 2022 06:05:56 GMT
etag: "d41d8cd98f00b204e9800998ecf8427e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 bb1da7862c4968b28920b91b324095c0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ZjzlPh0oCgOCyVnJQKnwnqK1uyKB8e7VK60vm-4eBA45TUwe-_VBkw==
age: 75056
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffb17f4e8-cf01-41dc-8d4d-247daf3e0160.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffb17f4e8-cf01-41dc-8d4d-247daf3e0160.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d039db0b842a4cbbaefdaab98bc6722b
78b1a603c4f7f2d6fbad15d7a4cd1397554339e9
65a3c7b0515cfd2a723f3bc3147cb98f3dd75ce1ecfce915c7c8e9ba5ae0bf2d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffb17f4e8-cf01-41dc-8d4d-247daf3e0160.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14018
x-amzn-requestid: fb0f02e7-1ce0-4861-9446-13d60df06f24
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3xSEhCIAMFWkQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336cd4-79f482493d204a1208fad00f;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:36:20 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: ZAov4fpWAjIBhHfeYEwu39wJTG58HnW7ebekpIoNSgA7PLIs5b7sSg==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 22:09:19 GMT
age: 15871
etag: "78b1a603c4f7f2d6fbad15d7a4cd1397554339e9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4166724cf7021504b2093211e87d4571
8b8bfc3aaf388eb658a52aec9ae6228ed82f88b5
afd6dfbe471b0fa2376e6edff4fbf2dbe31bb0767f97aa689fd5276bb601bdc4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AFD6DFBE471B0FA2376E6EDFF4FBF2DBE31BB0767F97AA689FD5276BB601BDC4"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15130
Expires: Wed, 28 Sep 2022 06:46:00 GMT
Date: Wed, 28 Sep 2022 02:33:50 GMT
Connection: keep-alive
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash cb34c89a33b9faea81ba78914b519add
5e3e75b719ce668944dec0b3123f93c6d109bee8
7d1ab277076a440ce374b3f04616860bcf735271ee67556a3f348d31fbb1ee8c
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 02:33:50 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 25 Sep 2022 12:04:30 GMT
Expires: Sun, 02 Oct 2022 12:04:29 GMT
Etag: "5e3e75b719ce668944dec0b3123f93c6d109bee8"
Cache-Control: max-age=379238,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75191399596b0b41-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash cb34c89a33b9faea81ba78914b519add
5e3e75b719ce668944dec0b3123f93c6d109bee8
7d1ab277076a440ce374b3f04616860bcf735271ee67556a3f348d31fbb1ee8c
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 02:33:50 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 25 Sep 2022 12:04:30 GMT
Expires: Sun, 02 Oct 2022 12:04:29 GMT
Etag: "5e3e75b719ce668944dec0b3123f93c6d109bee8"
Cache-Control: max-age=379238,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7519139ab8c4b50f-OSL
s4.histats.com/stats/2653523.php?2653523&@f16&@g1&@h1&@i1&@j1664332427496&@k0&@l1&@mHasil%20Try%20Out%20Provinsi%20Tahap%202%20DIY&@n0&@o1000&@q0&@r0&@s407&@ten-US&@u1280&@b1:-126559570&@b3:1664332427&@b4:js15.js&@b5:0&@a-_0.2.1&@vhttp%3A%2F%2Fberbagimod.blogspot.com%2F2014%2F04%2Fhasil-try-out-provinsi-tahap-2-diy.html&@w
192.99.0.58200 OK 103 B URL HTTP/1.1 s4.histats.com/stats/2653523.php?2653523&@f16&@g1&@h1&@i1&@j1664332427496&@k0&@l1&@mHasil%20Try%20Out%20Provinsi%20Tahap%202%20DIY&@n0&@o1000&@q0&@r0&@s407&@ten-US&@u1280&@b1:-126559570&@b3:1664332427&@b4:js15.js&@b5:0&@a-_0.2.1&@vhttp%3A%2F%2Fberbagimod.blogspot.com%2F2014%2F04%2Fhasil-try-out-provinsi-tahap-2-diy.html&@w
IP 192.99.0.58:0
File type ASCII text, with no line terminators
Hash b19733f5a7349b1b700f08a014121ca7
6f0ab01d7634086bdc461bb9616d1e10a6091892
c37d1deace3c6f7611561443913fe56883f369413d17af363abd78689f17e9de
GET /stats/2653523.php?2653523&@f16&@g1&@h1&@i1&@j1664332427496&@k0&@l1&@mHasil%20Try%20Out%20Provinsi%20Tahap%202%20DIY&@n0&@o1000&@q0&@r0&@s407&@ten-US&@u1280&@b1:-126559570&@b3:1664332427&@b4:js15.js&@b5:0&@a-_0.2.1&@vhttp%3A%2F%2Fberbagimod.blogspot.com%2F2014%2F04%2Fhasil-try-out-provinsi-tahap-2-diy.html&@w HTTP/1.1
Host: s4.histats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://berbagimod.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 02:33:50 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 103
Connection: close
berbagimod.blogspot.com/favicon.ico
142.250.74.161200 OK 906 B URL HTTP/1.1 berbagimod.blogspot.com/favicon.ico
IP 142.250.74.161:0
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 56eb67e2540f7af4f0e5933f4052b296
b282da783e5d4a8ef3440b9a10c9bca72a120cda
25ad7568b5215ec11323c8c68a700b3ee91a0299e652af088477b9b5a440b2f8
GET /favicon.ico HTTP/1.1
Host: berbagimod.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://berbagimod.blogspot.com/2014/04/hasil-try-out-provinsi-tahap-2-diy.html
Cookie: _ga=GA1.3.2113149013.1664332426; _gid=GA1.3.1297350173.1664332426; _gat=1; HstCfa2653523=1664332427496; HstCla2653523=1664332427496; HstCmu2653523=1664332427496; HstPn2653523=1; HstPt2653523=1; HstCnv2653523=1; HstCns2653523=1
HTTP/1.1 200 OK
Content-Type: image/x-icon; charset=UTF-8
Expires: Wed, 28 Sep 2022 02:33:50 GMT
Date: Wed, 28 Sep 2022 02:33:50 GMT
Cache-Control: private, max-age=86400
Last-Modified: Thu, 18 Aug 2022 14:59:56 GMT
ETag: W/"98611d158895985a4f2ec83cbd14cdb5aea689a7b34ba70cf2a52083af239f73"
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 906
Server: GSE
redirect.prod.experiment.routing.cloudfront.aws.a2z.com/x.png
54.187.138.175302 0 B URL HTTP/1.1 redirect.prod.experiment.routing.cloudfront.aws.a2z.com/x.png
IP 54.187.138.175:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /x.png HTTP/1.1
Host: redirect.prod.experiment.routing.cloudfront.aws.a2z.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://berbagimod.blogspot.com/
HTTP/1.1 302
Date: Wed, 28 Sep 2022 02:33:50 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: *
Location: http://a8a55d5a202a24628661c9e1e2814e2ff.profile.muc51-c1.cloudfront.net/test.png
Server: Server
c.adsco.re/
104.17.167.186200 OK 26 kB IP 104.17.167.186:0
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (689)
Hash 4edfb467a2defe10a4b31bb9c505d29f
0edf5fe7b9e1e9f863e2cdf1bee8a38f5111d1f1
4a011fa7c7252b3f7538b62d481d211a25b8072130e49dd6a79241d85137fb0c
GET / HTTP/1.1
Host: c.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://berbagimod.blogspot.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 02:33:50 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: public, max-age=2678400
Accept-CH: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
Permissions-Policy: ch-ua=(self "https://adsco.re"),ch-ua-mobile=(self "https://adsco.re"),ch-ua-full-version=(self "https://adsco.re"),ch-ua-platform=(self "https://adsco.re"),ch-ua-platform-version=(self "https://adsco.re"),ch-ua-arch=(self "https://adsco.re"),ch-ua-model=(self "https://adsco.re"),ch-device-memory=(self "https://adsco.re"),ch-downlink=(self "https://adsco.re"),ch-ect=(self "https://adsco.re"),ch-rtt=(self "https://adsco.re"),ch-width=(self "https://adsco.re"),ch-viewport-width=(self "https://adsco.re"),ch-dpr=(self "https://adsco.re")
Link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=preconnect
Expires: Sat, 29 Oct 2022 02:33:50 GMT
ETag: W/"11BCsVfRLqCHC9ZZvH4GUw=="
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 1052932
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7519139b88d9b505-OSL
alt-svc: h2=":443"; ma=60
6.adsco.re/
104.17.166.186200 OK 0 B IP 104.17.166.186:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: 6.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://berbagimod.blogspot.com
Connection: keep-alive
Referer: http://berbagimod.blogspot.com/
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 02:33:50 GMT
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: http://berbagimod.blogspot.com
Cache-Control: private, max-age=10
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Max-Age: 2592000
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7519139badac0b65-OSL
alt-svc: h2=":443"; ma=60
4.adsco.re/
162.252.214.5200 OK 62 B IP 162.252.214.5:0
File type ASCII text, with no line terminators
Hash adde5febc7b5b6c2c759ec735cce83a0
77ec17be8a9970ff04663294d41c590d0d24fde4
ce2b9f2e5005195de7add565505005be6f2ef0d37521771e15106d1e1b9260ff
GET / HTTP/1.1
Host: 4.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://berbagimod.blogspot.com
Connection: keep-alive
Referer: http://berbagimod.blogspot.com/
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 02:33:50 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Origin: http://berbagimod.blogspot.com
Access-Control-Max-Age: 2592000
Cache-Control: private, max-age=5
Content-Encoding: gzip
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ba64bfc65bf1d142eb53ed560ea0251f
b370ae107c6014c300c139a6765c68b0b0573aa0
b90a1e613464baabf2ccb250475fb13b7e908352db2e082d90ee39ece75c4158
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B90A1E613464BAABF2CCB250475FB13B7E908352DB2E082D90EE39ECE75C4158"
Last-Modified: Mon, 26 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11550
Expires: Wed, 28 Sep 2022 05:46:20 GMT
Date: Wed, 28 Sep 2022 02:33:50 GMT
Connection: keep-alive
v9ck8u17w9ru.l4.adsco.re/
185.200.118.90200 OK 0 B URL HTTP/1.1 v9ck8u17w9ru.l4.adsco.re/
IP 185.200.118.90:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: v9ck8u17w9ru.l4.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: http://berbagimod.blogspot.com
Connection: keep-alive
Referer: http://berbagimod.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 02:33:50 GMT
Content-Type: text/html
Content-Length: 0
Last-Modified: Tue, 31 Jul 2018 22:16:15 GMT
Connection: close
ETag: "5b60dfaf-0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Accept-Ranges: bytes
6.adsco.re/
104.17.166.186200 OK 0 B IP 104.17.166.186:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: 6.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Moz: prefetch
Connection: keep-alive
Referer: http://c.adsco.re/
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 02:33:50 GMT
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=10
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Max-Age: 2592000
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7519139cfacdb529-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2c1cf6c7080558f57f8ed31974a39598
4dc40d753a14e9ee9cdb08e64fcc3e15c0206993
6a6af5a2143d246e3a2fa6f0a9a1da52d97731bda7326565b021783e416b824d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A6AF5A2143D246E3A2FA6F0A9A1DA52D97731BDA7326565B021783E416B824D"
Last-Modified: Mon, 26 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3911
Expires: Wed, 28 Sep 2022 03:39:01 GMT
Date: Wed, 28 Sep 2022 02:33:50 GMT
Connection: keep-alive
certify.alexametrics.com/atrk.gif?frame_height=939&frame_width=1280&iframe=0&title=Hasil%20Try%20Out%20Provinsi%20Tahap%202%20DIY&time=1664332427857&time_zone_offset=0&screen_params=1280x1024x24&java_enabled=0&cookie_enabled=1&ref_url=&host_url=http%3A%2F%2Fberbagimod.blogspot.com%2F2014%2F04%2Fhasil-try-out-provinsi-tahap-2-diy.html&random_number=15545216303&sess_cookie=2e78d86318381f172513b778974&sess_cookie_flag=1&user_cookie=2e78d86318381f172513b778974&user_cookie_flag=1&dynamic=true&domain=berbagimod.blogspot.com&account=wcguj1agkg00wv&jsv=20130128&user_lang=en-US
54.230.111.66200 OK 43 B URL HTTP/1.1 certify.alexametrics.com/atrk.gif?frame_height=939&frame_width=1280&iframe=0&title=Hasil%20Try%20Out%20Provinsi%20Tahap%202%20DIY&time=1664332427857&time_zone_offset=0&screen_params=1280x1024x24&java_enabled=0&cookie_enabled=1&ref_url=&host_url=http%3A%2F%2Fberbagimod.blogspot.com%2F2014%2F04%2Fhasil-try-out-provinsi-tahap-2-diy.html&random_number=15545216303&sess_cookie=2e78d86318381f172513b778974&sess_cookie_flag=1&user_cookie=2e78d86318381f172513b778974&user_cookie_flag=1&dynamic=true&domain=berbagimod.blogspot.com&account=wcguj1agkg00wv&jsv=20130128&user_lang=en-US
IP 54.230.111.66:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 221d8352905f2c38b3cb2bd191d630b0
d804b495cb9b84b9007a25b5d85f9ae674004cde
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
GET /atrk.gif?frame_height=939&frame_width=1280&iframe=0&title=Hasil%20Try%20Out%20Provinsi%20Tahap%202%20DIY&time=1664332427857&time_zone_offset=0&screen_params=1280x1024x24&java_enabled=0&cookie_enabled=1&ref_url=&host_url=http%3A%2F%2Fberbagimod.blogspot.com%2F2014%2F04%2Fhasil-try-out-provinsi-tahap-2-diy.html&random_number=15545216303&sess_cookie=2e78d86318381f172513b778974&sess_cookie_flag=1&user_cookie=2e78d86318381f172513b778974&user_cookie_flag=1&dynamic=true&domain=berbagimod.blogspot.com&account=wcguj1agkg00wv&jsv=20130128&user_lang=en-US HTTP/1.1
Host: certify.alexametrics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://berbagimod.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Mon, 17 Jan 2011 20:41:40 GMT
x-amz-meta-alexa-last-modified: 20110117123941
Accept-Ranges: bytes
Server: AmazonS3
Date: Wed, 28 Sep 2022 02:09:43 GMT
ETag: "221d8352905f2c38b3cb2bd191d630b0"
X-Cache: Hit from cloudfront
Via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: D_K3QbE2q50aPTZN76whISM47FdHFOr4049kpJBo65Q0CI_HSRo2rw==
Age: 1448
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fd9c95c1c24789f4041887b11468ab7e
bf202eeda47e79ac15d77325a02a1206bec63dcb
86f005e634685a4eb89dd87735b4cc0d91163be2912c470a529f0eb223531dbf
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4263
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 02:33:51 GMT
Last-Modified: Wed, 28 Sep 2022 01:22:48 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
a8a55d5a202a24628661c9e1e2814e2ff.profile.muc51-c1.cloudfront.net/test.png
13.227.145.74200 OK 58 B URL HTTP/1.1 a8a55d5a202a24628661c9e1e2814e2ff.profile.muc51-c1.cloudfront.net/test.png
IP 13.227.145.74:0
File type ASCII text, with no line terminators
Hash b1935f865a4eade8564b6ef4b022f27f
f42746792e52473c4d9e152aceb7080550d3c1e5
21c52b1622a4539bf82dbc7fd4a2638cdde3b8151697eb5c4d3dbb426576fbaa
GET /test.png HTTP/1.1
Host: a8a55d5a202a24628661c9e1e2814e2ff.profile.muc51-c1.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://berbagimod.blogspot.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: CloudFront
Date: Wed, 28 Sep 2022 02:33:50 GMT
Content-Type: text/plain
Content-Length: 58
Connection: keep-alive
Expires: Wed, 28 Sep 2022 02:33:50 GMT
Cache-Control: max-age=0
X-Amz-Cf-Id: rDaeN_1jbMGLDo1vVBkZRDrVHP-25Ak-6Xu6qAA57B4SoCtDKrPPVg==
X-Cache: RoutingProfileExp from cloudfront
Via: 1.1 d2a533a811199647ab596e15f24c5cce.cloudfront.net (CloudFront)
Access-Control-Allow-Origin: *
s10.histats.com/counters/cc_407.js
46.105.201.240200 OK 11 kB URL HTTP/2 s10.histats.com/counters/cc_407.js
IP 46.105.201.240:0
File type HTML document, ASCII text, with very long lines (21709), with no line terminators
Hash 5a8d470fd81868ab54884f9a6451a708
cfea8aa92d01fe740ddb8e9ad8adb2d29c84f51e
c5a1bb235d7a2ec92a761cd05c43b9fa83b45d9d171b1c3319a0276131434e5f
GET /counters/cc_407.js HTTP/1.1
Host: s10.histats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://berbagimod.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 28 Sep 2022 02:27:02 GMT
etag: "399042403"
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
x-request-id: 489914435
content-type: text/javascript
content-encoding: br
x-cdn-pop: sbg
x-cdn-pop-ip: 137.74.120.0/27
x-cacheable: Matched cache
accept-ranges: bytes
content-length: 10590
X-Firefox-Spdy: h2
connect.facebook.net/id_ID/sdk.js?hash=1bb2a9e286aa409276dab2f0745d939d
157.240.200.14200 OK 89 kB URL HTTP/2 connect.facebook.net/id_ID/sdk.js?hash=1bb2a9e286aa409276dab2f0745d939d
IP 157.240.200.14:0
File type ASCII text, with very long lines (18598)
Hash da0ff3a1ccd4b99f7383e55e7853133c
4a19b2fcf557e45c584d5834ca0b69199e71858b
886a24e2c69b5eff7ffff737a9be175d2dd4890838ee5ea6f81b9c7d246a3ae1
GET /id_ID/sdk.js?hash=1bb2a9e286aa409276dab2f0745d939d HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://berbagimod.blogspot.com
Connection: keep-alive
Referer: http://berbagimod.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 30815b58d34d756cb203c3ac791b974a
etag: "139192c5ca6610b958021af5430d6a02"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Thu, 28 Sep 2023 02:28:51 GMT
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: 2g/zoczUuZ9zg+VeeFMTPA==
x-fb-debug: 7oYGrRdb2RMnectKIhSpuIDI8YXpKqcc7moVPfK1WadGeQvQXEwZ7/1hJgV42XLww8QHWK8mweFVCSRhJBE/zQ==
priority: u=3,i
content-length: 88873
x-fb-trip-id: 1679558926
date: Wed, 28 Sep 2022 02:33:51 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fd9c95c1c24789f4041887b11468ab7e
bf202eeda47e79ac15d77325a02a1206bec63dcb
86f005e634685a4eb89dd87735b4cc0d91163be2912c470a529f0eb223531dbf
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4263
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 02:33:51 GMT
Last-Modified: Wed, 28 Sep 2022 01:22:48 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
v9ck8u17w9ru.n4.adsco.re/
38.132.109.186200 OK 0 B URL HTTP/1.1 v9ck8u17w9ru.n4.adsco.re/
IP 38.132.109.186:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: v9ck8u17w9ru.n4.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: http://berbagimod.blogspot.com
Connection: keep-alive
Referer: http://berbagimod.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 02:33:51 GMT
Content-Type: text/html
Content-Length: 0
Last-Modified: Mon, 30 Jul 2018 15:32:42 GMT
Connection: close
ETag: "5b5f2f9a-0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Accept-Ranges: bytes
adsco.re/p
162.252.214.5200 OK 171 B IP 162.252.214.5:0
File type ASCII text, with no line terminators
Hash eef19dbfe19d9ffe7287ca72fccbb8f4
f5219ae4f27295c2f2f6a5f15bbbeded27a1b3df
dc103d80a57bfc96faa7195c7d6193ae2bb31d9963921f2a0e580be3ded7e0cb
POST /p HTTP/1.1
Host: adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Length: 2469
Origin: http://berbagimod.blogspot.com
Connection: keep-alive
Referer: http://berbagimod.blogspot.com/
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 02:33:51 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
AS-P-1: OK lon123
AS-P-2: OK
AS-P-3: OK
Access-Control-Max-Age: 2592000
Cache-Control: no-transform
Access-Control-Allow-Origin: http://berbagimod.blogspot.com
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 760e203f71319bb8eeec0cb73938f531
42230e136a99d87c331c83b02daf34464d5378df
c2d89cadc71b65a36bc991d5fde1efbb2f68236161b4f6fad07967846c4c4130
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 02:33:51 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 25 Sep 2022 11:33:41 GMT
Expires: Sun, 02 Oct 2022 11:33:40 GMT
Etag: "42230e136a99d87c331c83b02daf34464d5378df"
Cache-Control: max-age=377388,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7519139d9aaa0b41-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 760e203f71319bb8eeec0cb73938f531
42230e136a99d87c331c83b02daf34464d5378df
c2d89cadc71b65a36bc991d5fde1efbb2f68236161b4f6fad07967846c4c4130
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 02:33:51 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 25 Sep 2022 11:33:41 GMT
Expires: Sun, 02 Oct 2022 11:33:40 GMT
Etag: "42230e136a99d87c331c83b02daf34464d5378df"
Cache-Control: max-age=377388,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7519139eaa83b50f-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 760e203f71319bb8eeec0cb73938f531
42230e136a99d87c331c83b02daf34464d5378df
c2d89cadc71b65a36bc991d5fde1efbb2f68236161b4f6fad07967846c4c4130
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 02:33:51 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 25 Sep 2022 11:33:41 GMT
Expires: Sun, 02 Oct 2022 11:33:40 GMT
Etag: "42230e136a99d87c331c83b02daf34464d5378df"
Cache-Control: max-age=377388,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7519139ebcfc1c16-OSL
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 42cb0da6c36a95cb568cc37c615f8d6d
3ff436dad642c63ac4ee155c0d510f7a5f4d5bae
f8c9074c036169ffc88031bdf1bcab399bd54d092a2570aed9a5eec3f333fcc2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F8C9074C036169FFC88031BDF1BCAB399BD54D092A2570AED9A5EEC3F333FCC2"
Last-Modified: Mon, 26 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3452
Expires: Wed, 28 Sep 2022 03:31:23 GMT
Date: Wed, 28 Sep 2022 02:33:51 GMT
Connection: keep-alive
ic.tynt.com/b/p?id=duQgiM__Sr45CSacwqm_6r&lm=0&ts=1664332427871&dn=TI&iso=0&t=Hasil%20Try%20Out%20Provinsi%20Tahap%202%20DIY
67.202.105.31204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=duQgiM__Sr45CSacwqm_6r&lm=0&ts=1664332427871&dn=TI&iso=0&t=Hasil%20Try%20Out%20Provinsi%20Tahap%202%20DIY
IP 67.202.105.31:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=duQgiM__Sr45CSacwqm_6r&lm=0&ts=1664332427871&dn=TI&iso=0&t=Hasil%20Try%20Out%20Provinsi%20Tahap%202%20DIY HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://berbagimod.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx/1.16.1
date: Wed, 28 Sep 2022 02:33:51 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
de.tynt.com/deb/v2?id=duQgiM__Sr45CSacwqm_6r&dn=TI&cc=1&r=
67.202.105.31200 OK 4 B URL HTTP/2 de.tynt.com/deb/v2?id=duQgiM__Sr45CSacwqm_6r&dn=TI&cc=1&r=
IP 67.202.105.31:0
File type ASCII text, with no line terminators
Hash 350fd6ef6446635f7a8f608434a405ec
a4b6c275ac2c80ec925b5c0c5c6abb79ba897356
d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179
GET /deb/v2?id=duQgiM__Sr45CSacwqm_6r&dn=TI&cc=1&r= HTTP/1.1
Host: de.tynt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://berbagimod.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=86400
expires: Thu, 29 Sep 2022 02:33:51 GMT
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type: application/javascript
content-length: 4
date: Wed, 28 Sep 2022 02:33:51 GMT
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
serve.popads.net/c?_=BAYAYzOyjwFjM7KPgAGBAsAAIOVvYiIdFCVh0Mbe0ZQC7T2Kzv02gk2IfZlTHWEvgo7RwQBHMEUCIEcI7wkVMdqTfgdrXC8j_FsCJODfF6hwkUdpxB9dx0iUAiEAs01pnJmnB4Qzw50YHmzrHghGSvcG7q-oqWyutwWFew4&v=4&siteId=334241&minBid=&popundersPerIP=0,0&blockedCountries=&documentRef=&s=1280,1024,1,1280,1024,0
216.21.13.10200 OK 892 B URL HTTP/1.1 serve.popads.net/c?_=BAYAYzOyjwFjM7KPgAGBAsAAIOVvYiIdFCVh0Mbe0ZQC7T2Kzv02gk2IfZlTHWEvgo7RwQBHMEUCIEcI7wkVMdqTfgdrXC8j_FsCJODfF6hwkUdpxB9dx0iUAiEAs01pnJmnB4Qzw50YHmzrHghGSvcG7q-oqWyutwWFew4&v=4&siteId=334241&minBid=&popundersPerIP=0,0&blockedCountries=&documentRef=&s=1280,1024,1,1280,1024,0
IP 216.21.13.10:0
File type ASCII text, with very long lines (1165), with no line terminators
Hash dcc69c5c4156293bbac81c1d42c519cd
ac00cc2950ad2544c77d2e7b88e0a52810bf4e55
26cabb1eadb89f1411c5caa434fc27a6a15659edc20dcda6f047b6eb1adde175
GET /c?_=BAYAYzOyjwFjM7KPgAGBAsAAIOVvYiIdFCVh0Mbe0ZQC7T2Kzv02gk2IfZlTHWEvgo7RwQBHMEUCIEcI7wkVMdqTfgdrXC8j_FsCJODfF6hwkUdpxB9dx0iUAiEAs01pnJmnB4Qzw50YHmzrHghGSvcG7q-oqWyutwWFew4&v=4&siteId=334241&minBid=&popundersPerIP=0,0&blockedCountries=&documentRef=&s=1280,1024,1,1280,1024,0 HTTP/1.1
Host: serve.popads.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://berbagimod.blogspot.com/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
access-control-allow-origin: *
asf: 6
cache-control: private, no-store, no-cache, must-revalidate, no-transform, max-age=0
pragma: no-cache
content-type: application/javascript; charset=utf-8
set-cookie: PP_CV=yes; expires=Wed, 28-Sep-2022 03:33:51 GMT; Max-Age=3600
fraudcheck=10461c8928cf32b31d6ee17525bf63b8; expires=Fri, 28-Oct-2022 02:33:51 GMT; Max-Age=2592000; path=/; domain=.popads.net
PopAds_CF_Pass=1; expires=Wed, 28-Sep-2022 08:33:51 GMT; Max-Age=21600
link: <https://free-cosmetics-online.com>;rel=preconnect
content-length: 892
content-encoding: gzip
vary: Accept-Encoding
date: Wed, 28 Sep 2022 02:33:51 GMT
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d0c81c918fb6f523fe5f8625890d2b5f
f570daf798d65b629b25efaa60c7dca30604fcf3
5129822b029a3d7c3c84d3abd649f747c582f8f6975e637ee0b1cca5fcd19e03
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "5129822B029A3D7C3C84D3ABD649F747C582F8F6975E637EE0B1CCA5FCD19E03"
Last-Modified: Mon, 26 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3205
Expires: Wed, 28 Sep 2022 03:27:16 GMT
Date: Wed, 28 Sep 2022 02:33:51 GMT
Connection: keep-alive
ic.tynt.com/b/p?id=duQgiM__Sr45CSacwqm_6r&lm=0&ts=1664332427871&dn=TI&iso=0&t=Hasil%20Try%20Out%20Provinsi%20Tahap%202%20DIY
67.202.105.31204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=duQgiM__Sr45CSacwqm_6r&lm=0&ts=1664332427871&dn=TI&iso=0&t=Hasil%20Try%20Out%20Provinsi%20Tahap%202%20DIY
IP 67.202.105.31:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=duQgiM__Sr45CSacwqm_6r&lm=0&ts=1664332427871&dn=TI&iso=0&t=Hasil%20Try%20Out%20Provinsi%20Tahap%202%20DIY HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://berbagimod.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Wed, 28 Sep 2022 02:33:51 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d0c81c918fb6f523fe5f8625890d2b5f
f570daf798d65b629b25efaa60c7dca30604fcf3
5129822b029a3d7c3c84d3abd649f747c582f8f6975e637ee0b1cca5fcd19e03
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "5129822B029A3D7C3C84D3ABD649F747C582F8F6975E637EE0B1CCA5FCD19E03"
Last-Modified: Mon, 26 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3205
Expires: Wed, 28 Sep 2022 03:27:16 GMT
Date: Wed, 28 Sep 2022 02:33:51 GMT
Connection: keep-alive
ic.tynt.com/b/p?id=duQgiM__Sr45CSacwqm_6r&lm=0&ts=1664332427871&dn=TI&iso=0&t=Hasil%20Try%20Out%20Provinsi%20Tahap%202%20DIY
67.202.105.31204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=duQgiM__Sr45CSacwqm_6r&lm=0&ts=1664332427871&dn=TI&iso=0&t=Hasil%20Try%20Out%20Provinsi%20Tahap%202%20DIY
IP 67.202.105.31:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=duQgiM__Sr45CSacwqm_6r&lm=0&ts=1664332427871&dn=TI&iso=0&t=Hasil%20Try%20Out%20Provinsi%20Tahap%202%20DIY HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://berbagimod.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Wed, 28 Sep 2022 02:33:51 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
v9ck8u17w9ru.s4.adsco.re/
185.200.116.90200 OK 0 B URL HTTP/1.1 v9ck8u17w9ru.s4.adsco.re/
IP 185.200.116.90:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: v9ck8u17w9ru.s4.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: http://berbagimod.blogspot.com
Connection: keep-alive
Referer: http://berbagimod.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 02:33:51 GMT
Content-Type: text/html
Content-Length: 0
Last-Modified: Mon, 30 Jul 2018 15:38:01 GMT
Connection: close
ETag: "5b5f30d9-0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Accept-Ranges: bytes
ic.tynt.com/b/p?id=duQgiM__Sr45CSacwqm_6r&lm=0&ts=1664332427871&dn=TI&iso=0
67.202.105.31204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=duQgiM__Sr45CSacwqm_6r&lm=0&ts=1664332427871&dn=TI&iso=0
IP 67.202.105.31:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=duQgiM__Sr45CSacwqm_6r&lm=0&ts=1664332427871&dn=TI&iso=0 HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://berbagimod.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Wed, 28 Sep 2022 02:33:52 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=duQgiM__Sr45CSacwqm_6r&lm=0&ts=1664332427871&dn=TI&iso=0
67.202.105.31204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=duQgiM__Sr45CSacwqm_6r&lm=0&ts=1664332427871&dn=TI&iso=0
IP 67.202.105.31:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=duQgiM__Sr45CSacwqm_6r&lm=0&ts=1664332427871&dn=TI&iso=0 HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://berbagimod.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Wed, 28 Sep 2022 02:33:52 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=duQgiM__Sr45CSacwqm_6r&lm=0&ts=1664332427871&dn=TI&iso=0
67.202.105.31204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=duQgiM__Sr45CSacwqm_6r&lm=0&ts=1664332427871&dn=TI&iso=0
IP 67.202.105.31:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=duQgiM__Sr45CSacwqm_6r&lm=0&ts=1664332427871&dn=TI&iso=0 HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://berbagimod.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Wed, 28 Sep 2022 02:33:52 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=duQgiM__Sr45CSacwqm_6r&lm=0&ts=1664332427871&dn=TI&iso=0
67.202.105.31204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=duQgiM__Sr45CSacwqm_6r&lm=0&ts=1664332427871&dn=TI&iso=0
IP 67.202.105.31:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=duQgiM__Sr45CSacwqm_6r&lm=0&ts=1664332427871&dn=TI&iso=0 HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://berbagimod.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Wed, 28 Sep 2022 02:33:52 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
chkme.com/seo-berbagimod.blogspot.com.png
35.208.209.48301 Moved Permanently 162 B URL HTTP/1.1 chkme.com/seo-berbagimod.blogspot.com.png
IP 35.208.209.48:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /seo-berbagimod.blogspot.com.png HTTP/1.1
Host: chkme.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://berbagimod.blogspot.com/
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 28 Sep 2022 02:33:54 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://chkme.com/seo-berbagimod.blogspot.com.png
Host-Header: 8441280b0c35cbc1147f8ba998a563a7
X-HTTPS-Enforce: 1
X-Proxy-Cache-Info: DT:1
berbagimod.blogspot.com/b/csi.do
142.250.74.161200 OK 37 B URL HTTP/1.1 berbagimod.blogspot.com/b/csi.do
IP 142.250.74.161:0
File type JSON data\012- , ASCII text, with no line terminators
Hash d0c9dc105f244a429eb062c058fe7112
578b9890251f2fbafd48161a2752914186ddad68
20461f2b04e0a5e570bcee6688e5d66dedb5f7eafe8ccb2ad3141e90f015e32e
Analyzer Verdict Alert fortinet Phishing
POST /b/csi.do HTTP/1.1
Host: berbagimod.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded;charset=utf-8
Content-Length: 1214
Origin: http://berbagimod.blogspot.com
Connection: keep-alive
Referer: http://berbagimod.blogspot.com/2014/04/hasil-try-out-provinsi-tahap-2-diy.html
Cookie: _ga=GA1.3.2113149013.1664332426; _gid=GA1.3.1297350173.1664332426; _gat=1; HstCfa2653523=1664332427496; HstCla2653523=1664332427496; HstCmu2653523=1664332427496; HstPn2653523=1; HstPt2653523=1; HstCnv2653523=1; HstCns2653523=1; __asc=2e78d86318381f172513b778974; __auc=2e78d86318381f172513b778974; a=dqvVbirvD6dwOyfVAZOfriQTioORbFTN; token_QpUJAAAAAAAAGu98Hdz1l_lcSZ2rY60Ajjk9U1c=BAYAYzOyjwFjM7KPgAGBAsAAIOVvYiIdFCVh0Mbe0ZQC7T2Kzv02gk2IfZlTHWEvgo7RwQBHMEUCIEcI7wkVMdqTfgdrXC8j_FsCJODfF6hwkUdpxB9dx0iUAiEAs01pnJmnB4Qzw50YHmzrHghGSvcG7q-oqWyutwWFew4
HTTP/1.1 200 OK
Content-Security-Policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
Content-Type: text/html; charset=UTF-8
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Date: Wed, 28 Sep 2022 02:33:55 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Content-Length: 37
Server: GSE
yllix.com/warn.php?section=21MAR_NeLt&pub=597677&ga=g
185.66.200.224200 OK 0 B URL HTTP/2 yllix.com/warn.php?section=21MAR_NeLt&pub=597677&ga=g
IP 185.66.200.224:0
ASN #201702 skHosting.eu s.r.o.
GET /warn.php?section=21MAR_NeLt&pub=597677&ga=g HTTP/1.1
Host: yllix.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://berbagimod.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 02:33:48 GMT
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
www.ping-fast.com/iping.php?aut=EC153B028BB768920487F89D5739455201155A64B924A54A750E6D8DD2AD0BC1854A7AD421A02FC8C1
104.21.54.72200 OK 0 B URL HTTP/2 www.ping-fast.com/iping.php?aut=EC153B028BB768920487F89D5739455201155A64B924A54A750E6D8DD2AD0BC1854A7AD421A02FC8C1
IP 104.21.54.72:0
GET /iping.php?aut=EC153B028BB768920487F89D5739455201155A64B924A54A750E6D8DD2AD0BC1854A7AD421A02FC8C1 HTTP/1.1
Host: www.ping-fast.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://berbagimod.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 28 Sep 2022 02:33:48 GMT
content-type: image/png
x-powered-by: PHP/5.6
pragma: public
expires: Mon, 26 Jul 2014 05:00:00 GMT
cache-control: max-age=604800
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cc3JTw8hoQ0LFKeuj6bS2LviQ04gineSejKNZU5DKD1JpTvMqj1Sgq%2BN6Riqi12HQTgJbu6e91LDKD%2FM6D6UcwjmV5X113iWBzG3u3Emv0JFc08nz7iX5kt5YFx7WFrPHGiRow%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7519138f28970b61-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
c.adsco.re/
104.17.167.186200 OK 0 B IP 104.17.167.186:0
GET / HTTP/1.1
Host: c.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://berbagimod.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 28 Sep 2022 02:33:50 GMT
content-type: text/html
cache-control: public, max-age=2678400
accept-ch: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
permissions-policy: ch-ua=(self "https://adsco.re"),ch-ua-mobile=(self "https://adsco.re"),ch-ua-full-version=(self "https://adsco.re"),ch-ua-platform=(self "https://adsco.re"),ch-ua-platform-version=(self "https://adsco.re"),ch-ua-arch=(self "https://adsco.re"),ch-ua-model=(self "https://adsco.re"),ch-device-memory=(self "https://adsco.re"),ch-downlink=(self "https://adsco.re"),ch-ect=(self "https://adsco.re"),ch-rtt=(self "https://adsco.re"),ch-width=(self "https://adsco.re"),ch-viewport-width=(self "https://adsco.re"),ch-dpr=(self "https://adsco.re")
link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=preconnect
expires: Sat, 29 Oct 2022 02:33:50 GMT
etag: W/"11BCsVfRLqCHC9ZZvH4GUw=="
cf-cache-status: HIT
age: 1052942
vary: Accept-Encoding
server: cloudflare
cf-ray: 7519139a99711c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sc.tynt.com/script/sc/duQgiM__Sr45CSacwqm_6r.js
104.18.36.173200 OK 0 B URL HTTP/2 sc.tynt.com/script/sc/duQgiM__Sr45CSacwqm_6r.js
IP 104.18.36.173:0
GET /script/sc/duQgiM__Sr45CSacwqm_6r.js HTTP/1.1
Host: sc.tynt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://berbagimod.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 28 Sep 2022 02:33:51 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
status: 200 OK
x-rack-cache: fresh
cache-control: max-age=86400, public, s-maxage=172800
last-modified: Sun, 25 Sep 2022 14:08:40 GMT
x-xss-protection: 1; mode=block
x-request-id: 6d646b7e-4af9-45b7-989f-0b1ae27b8654
x-content-digest: 393debe7eda28d14bb33edab2f2be76fe41f92ef
x-newrelic-app-data: PxQGWVNSAAoTVVJRAAQHX0YdFHANCBcQXw5UB0oXUFNADVsOUBNXTQ1YUwQeQRQDHlRNVgEABVJKBAULV1ZWUQFXD1oUFQUeEQddUgdTVwNQVQcAAAIPAwVGPA==
x-runtime: 0.004242
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
expires: Tue, 27 Sep 2022 01:31:01 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 174963
server: cloudflare
cf-ray: 7519139effc5b4f7-OSL
X-Firefox-Spdy: h2
free-cosmetics-online.com/favicon.ico
104.21.23.47404 Not Found 0 B URL HTTP/2 free-cosmetics-online.com/favicon.ico
IP 104.21.23.47:0
GET /favicon.ico HTTP/1.1
Host: free-cosmetics-online.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
date: Wed, 28 Sep 2022 02:33:51 GMT
content-type: text/html
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UruouGOFqVVWf3lroCFeXOl0gDOuKBzKJCPTmrYaAEwZwQZgMZULgnFAVrKee8xu5HYV5dEWa0h%2FM0yauJnOPbs8mCBop3MGF5yZrghebeEKzqwgLCsZU4p60%2BtrGbeVn0JfTjU1fcP4jHRy"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 751913a19c5c0b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2