firefox.settings.services.mozilla.com/v1/
143.204.55.115200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 91dd975a7b17b2922dd23c0e49314e40
57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 20 Sep 2022 13:13:08 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: IgG5VZvmViHoYOKJhcrvQstc3iyWjUG8d2LjZh0DTJ-gRqi8IMTvLg==
Age: 2885
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 861cfa99de956423d917ed0ddbea4b9c
ad65dbc394b48b04a45c205f56af296c8d008db4
5c706b2718b1698995f4feb91223779aef4bf6dc967c31f9ef9a93873197d5f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5C706B2718B1698995F4FEB91223779AEF4BF6DC967C31F9EF9A93873197D5F9"
Last-Modified: Sun, 18 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2843
Expires: Tue, 20 Sep 2022 14:48:36 GMT
Date: Tue, 20 Sep 2022 14:01:13 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.35200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.35:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 20 Sep 2022 04:35:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 e49f22f18c16784c0f42291e768d1daa.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ZGEi7jy920yoIuXjK87YcnFN9qpV4laugri9kg7LsBHCpNEsp9kv4A==
age: 33960
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 14:01:13 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.115200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Tue, 20 Sep 2022 13:03:22 GMT
Expires: Tue, 20 Sep 2022 13:06:41 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Ko0uMqyzlXhknjfUbZi4RKOPTa6Gr5v38hvepDWCDY9tPAHzPvQgZQ==
Age: 3472
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash edf07cd621f733b0eb50c632387ebf4f
61a082d26501c2c8d481b1676d0de2e585269613
e5c4324e4c55824b86f48bf0b9a1d317a82e7d3c19bdea7a91d78ce98d68a980
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2024
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 14:01:14 GMT
Last-Modified: Tue, 20 Sep 2022 13:27:30 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471
albaladtravel.com.my/haji-2022
185.93.164.120301 Moved Permanently 0 B URL HTTP/1.1 albaladtravel.com.my/haji-2022
IP 185.93.164.120:0
ASN #55720 Gigabit Hosting Sdn Bhd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /haji-2022 HTTP/1.1
Host: albaladtravel.com.my
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.30
content-type: text/html; charset=UTF-8
x-redirect-by: WordPress
location: http://albaladtravel.com.my/haji-2022/
content-length: 0
date: Tue, 20 Sep 2022 14:01:14 GMT
server: LiteSpeed
push.services.mozilla.com/
52.35.74.102101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.35.74.102:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 0pbS0sTag4nkpx8hRS5HcQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 1J53gkmPF5OfMZNKLPxO1YK3REY=
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e34f594c2e3b9b6a81e4ae9fef80f363
b7f65f5fb0df328d3c863af6c9351923205645f2
bcedda132b602d90a62a5fbe07e7c37f69cce319fb4b84e1bed40b1200e9898b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 14:01:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e34f594c2e3b9b6a81e4ae9fef80f363
b7f65f5fb0df328d3c863af6c9351923205645f2
bcedda132b602d90a62a5fbe07e7c37f69cce319fb4b84e1bed40b1200e9898b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 14:01:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 26fcf8aea27805b4a6a29e3e2a4ba19b
f920fd6c5a79a4adb2f456edcee678757ff1602c
7aa63d03f514e4f51190e85f167f747563f980e0e6fdee6cce9393321dff1038
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 14:01:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=UA-227016012-1
142.250.74.72200 OK 42 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-227016012-1
IP 142.250.74.72:0
File type ASCII text, with very long lines (1720)
Hash 0bf56cbb160f5f1326d2ed5dc400350f
fbbbdbe4c0b9223a5f9ec3fe627473a8479c5a22
b3e775caca607861a1ae773bff16942ee19547e6bb0e8538365871e1abb1fcab
GET /gtag/js?id=UA-227016012-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://albaladtravel.com.my/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 20 Sep 2022 14:01:15 GMT
expires: Tue, 20 Sep 2022 14:01:15 GMT
cache-control: private, max-age=900
last-modified: Tue, 20 Sep 2022 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 42239
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open+Sans%3A400%7CPoppins%3A600%2C500&display=fallback&ver=3.8.2
142.250.74.10200 OK 1.2 kB URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans%3A400%7CPoppins%3A600%2C500&display=fallback&ver=3.8.2
IP 142.250.74.10:0
Hash 81c403f9cbc1b8778abb7efd54758986
c944b5ef0c4d73d46ae9e711ab05329039511790
4e0ed0ff5042fec6205de567fcaac261fc4603ad9462e3bfacae83ce3faa5d3e
GET /css?family=Open+Sans%3A400%7CPoppins%3A600%2C500&display=fallback&ver=3.8.2 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://albaladtravel.com.my/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 20 Sep 2022 14:01:15 GMT
date: Tue, 20 Sep 2022 14:01:15 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 26fcf8aea27805b4a6a29e3e2a4ba19b
f920fd6c5a79a4adb2f456edcee678757ff1602c
7aa63d03f514e4f51190e85f167f747563f980e0e6fdee6cce9393321dff1038
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 14:01:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
albaladtravel.com.my/haji-2022/
185.93.164.120200 OK 37 kB URL HTTP/1.1 albaladtravel.com.my/haji-2022/
IP 185.93.164.120:0
ASN #55720 Gigabit Hosting Sdn Bhd
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (58020), with CRLF, LF line terminators
Hash ff4266ae2546e85ec9eef427ad11e690
373fc49626f2792b23565e962321006565d869bc
0a5930654a5baa0d823a5bfe234f39fea99aef79b04cbf6307280991ce519403
Analyzer Verdict Alert fortinet Phishing
GET /haji-2022/ HTTP/1.1
Host: albaladtravel.com.my
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.4.30
content-type: text/html; charset=UTF-8
link: <https://albaladtravel.com.my/wp-json/>; rel="https://api.w.org/", <https://albaladtravel.com.my/wp-json/wp/v2/pages/1308>; rel="alternate"; type="application/json", <https://albaladtravel.com.my/?p=1308>; rel=shortlink
transfer-encoding: chunked
content-encoding: gzip
vary: Accept-Encoding
date: Tue, 20 Sep 2022 14:01:15 GMT
server: LiteSpeed
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash fe5ffc0bb967bf39c053d24cdfae521a
87bc50876b1600714e2c29608bf4af00fbfbd23e
ceaf52d90eaf692a8da9f6c353d09011e26d8e2b971ec4c17fcbcab8676c70c3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CEAF52D90EAF692A8DA9F6C353D09011E26D8E2B971EC4C17FCBCAB8676C70C3"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7789
Expires: Tue, 20 Sep 2022 16:11:05 GMT
Date: Tue, 20 Sep 2022 14:01:16 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash fe5ffc0bb967bf39c053d24cdfae521a
87bc50876b1600714e2c29608bf4af00fbfbd23e
ceaf52d90eaf692a8da9f6c353d09011e26d8e2b971ec4c17fcbcab8676c70c3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CEAF52D90EAF692A8DA9F6C353D09011E26D8E2B971EC4C17FCBCAB8676C70C3"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7789
Expires: Tue, 20 Sep 2022 16:11:05 GMT
Date: Tue, 20 Sep 2022 14:01:16 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash fe5ffc0bb967bf39c053d24cdfae521a
87bc50876b1600714e2c29608bf4af00fbfbd23e
ceaf52d90eaf692a8da9f6c353d09011e26d8e2b971ec4c17fcbcab8676c70c3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CEAF52D90EAF692A8DA9F6C353D09011E26D8E2B971EC4C17FCBCAB8676C70C3"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7794
Expires: Tue, 20 Sep 2022 16:11:10 GMT
Date: Tue, 20 Sep 2022 14:01:16 GMT
Connection: keep-alive
fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.0.2
142.250.74.10200 OK 2.0 kB URL HTTP/2 fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.0.2
IP 142.250.74.10:0
Hash 99bd8837bdae89739209bd5bf37347d5
e7e4aa3786e315a7abee760cac56473b0dfc9c8d
89bc0a2599d5eb176b40dc969f70d61de3e9fe22f11babd3992d280344893b88
GET /css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.0.2 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://albaladtravel.com.my/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 20 Sep 2022 14:01:15 GMT
date: Tue, 20 Sep 2022 14:01:15 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F28b8af49-2631-4a57-aeca-43e33f0f6d83.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F28b8af49-2631-4a57-aeca-43e33f0f6d83.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c283017ec789693602177a2785177e21
ff8286c4d2cf87a1865d56d082bc5235dba60ad7
520db2567ad5529d35d2ac63b94d4186848382e9c86d0c4355ab979b34f0e0ab
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F28b8af49-2631-4a57-aeca-43e33f0f6d83.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11145
x-amzn-requestid: dcb726a6-2f43-4170-a53c-4f0d2883309e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yuh7yHfHIAMFu4g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6328e37e-11bf06e96123e01c11854cbb;Sampled=0
x-amzn-remapped-date: Mon, 19 Sep 2022 21:47:42 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: DwufJXA1yHz_jnJL0PWjCQYF9fa3jlJ0e-2hIomInAXCpmPISX3mjg==
via: 1.1 b47618c03bd47cf085f27b1e215f76cc.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Sep 2022 22:02:33 GMT
age: 57523
etag: "ff8286c4d2cf87a1865d56d082bc5235dba60ad7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1d1af9c9-23b5-42e1-b7c6-655c21db6627.jpeg
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1d1af9c9-23b5-42e1-b7c6-655c21db6627.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7ca0c1a7f205ad07f1cce80b26448873
0e14f5062e40ce94346494ff947bfcf74b5e88c1
ebc960279032671136749823c126ec807334d9eaf2b019abcc63b41bcdbf4a7f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1d1af9c9-23b5-42e1-b7c6-655c21db6627.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9873
x-amzn-requestid: 7171299f-e6e3-40ef-a292-33779346e1ee
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YugI-FDIIAMF-xg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6328e09f-31f9413434a6b00e77e7709b;Sampled=0
x-amzn-remapped-date: Mon, 19 Sep 2022 21:35:27 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: evL3aL1ULo6B2a8Rp6iILKCX7F14O9HMSbEqkEY3XHFhmMptE8FaVw==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Sep 2022 21:50:04 GMT
age: 58272
etag: "0e14f5062e40ce94346494ff947bfcf74b5e88c1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash fe5ffc0bb967bf39c053d24cdfae521a
87bc50876b1600714e2c29608bf4af00fbfbd23e
ceaf52d90eaf692a8da9f6c353d09011e26d8e2b971ec4c17fcbcab8676c70c3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CEAF52D90EAF692A8DA9F6C353D09011E26D8E2B971EC4C17FCBCAB8676C70C3"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7794
Expires: Tue, 20 Sep 2022 16:11:10 GMT
Date: Tue, 20 Sep 2022 14:01:16 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1b9b6fcc-4a98-463a-8c9c-a60812d5b535.jpeg
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1b9b6fcc-4a98-463a-8c9c-a60812d5b535.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1a7d863845e96c5927e812f325c08c16
b8484fb5443344b03e52dd56b1d6c5682eb6221a
fcb382029332a44deaf212298b618074a752d674d0c735a1b8b861ab4bb6ff0f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1b9b6fcc-4a98-463a-8c9c-a60812d5b535.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9865
x-amzn-requestid: 7eeeff5b-cb13-4060-96a6-bf5a4be57331
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YugokGQVoAMFXmA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6328e169-4211dbbe1a22d0255a45aff0;Sampled=0
x-amzn-remapped-date: Mon, 19 Sep 2022 21:38:49 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: zDPKSOJ7SJImKcluUMhGvVMHv4t2oKLD2AJfGKAFSfedsdSA4VgZ_g==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Sep 2022 22:02:56 GMT
etag: "b8484fb5443344b03e52dd56b1d6c5682eb6221a"
content-type: image/jpeg
age: 57500
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc72c9eb8-103b-4d09-b405-97d1a7ae99a8.webp
34.120.237.76200 OK 9.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc72c9eb8-103b-4d09-b405-97d1a7ae99a8.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 30fbdfee7ec4513a5ff3dfcb7282f816
a852edb64a7220532aa619ab2a440c3a7e11b97a
4adee59f97bea412c6a0a786d0a27e431a497198b9047a75841b0a530803bdfe
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc72c9eb8-103b-4d09-b405-97d1a7ae99a8.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9543
x-amzn-requestid: 17be04c9-54f0-4988-82dd-f13911a2a629
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YugINHN1IAMF8iA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6328e09a-35496b4c21c23dec75257964;Sampled=0
x-amzn-remapped-date: Mon, 19 Sep 2022 21:35:22 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: y3urrVdjZEds_DKf3yL2XfaOy-5UPBwU-YVWe5eKYsDpl3JPmqffsw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Sep 2022 22:23:30 GMT
age: 56266
etag: "a852edb64a7220532aa619ab2a440c3a7e11b97a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4c2e0de8-088f-449b-a3cb-bbb83e3883a6.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4c2e0de8-088f-449b-a3cb-bbb83e3883a6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2ed7323b395e757f7766ea0045efdaca
8b91bc3069a3217bc719c27959d578b353b5d9dc
8daf8cb1464daa5f72bc4f1049adb4aba00b2c2dec11cb3ade3454ec2ebbfb63
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4c2e0de8-088f-449b-a3cb-bbb83e3883a6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11832
x-amzn-requestid: 75065a71-5f2d-4987-915b-9bddc772c76a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YugI_EsLIAMFdmQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6328e09f-1248d25405209da3353d4a4a;Sampled=0
x-amzn-remapped-date: Mon, 19 Sep 2022 21:35:27 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 7sCevVX1nGXxZxnrXSURjUcap1a7vCZwrMMIXfzcBPR1srMxJHLGUg==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Sep 2022 22:07:05 GMT
age: 57251
etag: "8b91bc3069a3217bc719c27959d578b353b5d9dc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
albaladtravel.com.my/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2
185.93.164.120200 OK 5.0 kB URL HTTP/1.1 albaladtravel.com.my/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2
IP 185.93.164.120:0
ASN #55720 Gigabit Hosting Sdn Bhd
File type ASCII text, with very long lines (15660)
Hash 848f9aadf194f3d024a2a90dbd11e3b5
aecd4b03b5a7829c6ca015d926798dc95e4fa912
36ff79b2f6827e46be1df95ff739e536718c0ee4fc09462678b32d7abd60fc6c
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.0.2 HTTP/1.1
Host: albaladtravel.com.my
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://albaladtravel.com.my/haji-2022/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Tue, 27 Sep 2022 14:01:15 GMT
content-type: application/javascript
last-modified: Tue, 24 May 2022 20:19:41 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 5021
date: Tue, 20 Sep 2022 14:01:15 GMT
server: LiteSpeed
albaladtravel.com.my/wp-content/plugins/elementor-pro/assets/css/frontend-lite.min.css?ver=3.7.6
185.93.164.120200 OK 1.7 kB URL HTTP/1.1 albaladtravel.com.my/wp-content/plugins/elementor-pro/assets/css/frontend-lite.min.css?ver=3.7.6
IP 185.93.164.120:0
ASN #55720 Gigabit Hosting Sdn Bhd
File type ASCII text, with very long lines (11487)
Hash d63ea4070aca03567c53881d48d278a3
435cae039b8a70ecf5ad19de4308e4f2deadea1c
8a40d39ccafe5904001c3104ba0e223434f756cb12572dead83fc1d089d34d5a
GET /wp-content/plugins/elementor-pro/assets/css/frontend-lite.min.css?ver=3.7.6 HTTP/1.1
Host: albaladtravel.com.my
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://albaladtravel.com.my/haji-2022/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Tue, 27 Sep 2022 14:01:16 GMT
content-type: text/css
last-modified: Fri, 16 Sep 2022 08:24:28 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 1663
date: Tue, 20 Sep 2022 14:01:16 GMT
server: LiteSpeed
albaladtravel.com.my/wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=3.7.6
185.93.164.120200 OK 13 kB URL HTTP/1.1 albaladtravel.com.my/wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=3.7.6
IP 185.93.164.120:0
ASN #55720 Gigabit Hosting Sdn Bhd
File type ASCII text, with very long lines (59158)
Hash 2ccfc821e2dad9803e1f467615d9efdb
513e90dceb575ff5b166b9e800416b7bef948a16
324fe62219f5109b51d4e981d269a89088a14608d25ee7835cf63871134162bc
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=3.7.6 HTTP/1.1
Host: albaladtravel.com.my
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://albaladtravel.com.my/haji-2022/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Tue, 27 Sep 2022 14:01:16 GMT
content-type: text/css
last-modified: Thu, 15 Sep 2022 20:22:26 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 12839
date: Tue, 20 Sep 2022 14:01:16 GMT
server: LiteSpeed
albaladtravel.com.my/wp-content/plugins/elementor/assets/lib/font-awesome/css/v4-shims.min.css?ver=3.7.6
185.93.164.120200 OK 4.2 kB URL HTTP/1.1 albaladtravel.com.my/wp-content/plugins/elementor/assets/lib/font-awesome/css/v4-shims.min.css?ver=3.7.6
IP 185.93.164.120:0
ASN #55720 Gigabit Hosting Sdn Bhd
File type ASCII text, with very long lines (26516)
Hash 2417f23310f5b69d34754d77df2b50b0
80c9df4e7c69241bf7973cbf22df79df26bb95ca
14d2b1d709167670b827efccd0345b0fc94319aa7babc2675a199b70e172d06f
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/v4-shims.min.css?ver=3.7.6 HTTP/1.1
Host: albaladtravel.com.my
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://albaladtravel.com.my/haji-2022/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Tue, 27 Sep 2022 14:01:16 GMT
content-type: text/css
last-modified: Thu, 15 Sep 2022 20:22:26 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 4189
date: Tue, 20 Sep 2022 14:01:16 GMT
server: LiteSpeed
albaladtravel.com.my/wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.7.6
185.93.164.120200 OK 14 kB URL HTTP/1.1 albaladtravel.com.my/wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.7.6
IP 185.93.164.120:0
ASN #55720 Gigabit Hosting Sdn Bhd
File type ASCII text, with very long lines (65497)
Hash 069ec561a28a9d196661d81d713a7f82
17d63969e94ab7f22a1acd14ca3f26602ec920c8
7518f34f0619864fc10e612ebfa2c5b35520ec03b2ec54bfcb55d6d68124ee39
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.7.6 HTTP/1.1
Host: albaladtravel.com.my
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://albaladtravel.com.my/haji-2022/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Tue, 27 Sep 2022 14:01:16 GMT
content-type: text/css
last-modified: Thu, 15 Sep 2022 20:22:23 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 14129
date: Tue, 20 Sep 2022 14:01:16 GMT
server: LiteSpeed
albaladtravel.com.my/wp-content/themes/astra/assets/css/minified/frontend.min.css?ver=3.8.2
185.93.164.120200 OK 8.8 kB URL HTTP/1.1 albaladtravel.com.my/wp-content/themes/astra/assets/css/minified/frontend.min.css?ver=3.8.2
IP 185.93.164.120:0
ASN #55720 Gigabit Hosting Sdn Bhd
File type ASCII text, with very long lines (43644)
Hash e4a3c563afc5e596252fe9eb8fb37348
514f628241e2c6137c4a1f9f1cbf4251e2adb926
e229c940fcaf802beeac1fafb98819b4712f550c5f0c85db0fcd2398cc3aa193
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/astra/assets/css/minified/frontend.min.css?ver=3.8.2 HTTP/1.1
Host: albaladtravel.com.my
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://albaladtravel.com.my/haji-2022/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Tue, 27 Sep 2022 14:01:16 GMT
content-type: text/css
last-modified: Fri, 03 Jun 2022 10:07:37 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 8775
date: Tue, 20 Sep 2022 14:01:16 GMT
server: LiteSpeed
albaladtravel.com.my/wp-content/uploads/elementor/css/post-1508.css?ver=1663273669
185.93.164.120200 OK 650 B URL HTTP/1.1 albaladtravel.com.my/wp-content/uploads/elementor/css/post-1508.css?ver=1663273669
IP 185.93.164.120:0
ASN #55720 Gigabit Hosting Sdn Bhd
File type ASCII text, with very long lines (4065), with no line terminators
Hash b83dd440f2517c111d2f2eb633832d1f
bf1c61209a6216577a750b61b3c9c8bad69fc689
35117e106b49aca5beaaff14859cf3d1f0f10406e6bc35d7a92a66ded9ce3be0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/elementor/css/post-1508.css?ver=1663273669 HTTP/1.1
Host: albaladtravel.com.my
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://albaladtravel.com.my/haji-2022/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Tue, 27 Sep 2022 14:01:16 GMT
content-type: text/css
last-modified: Thu, 15 Sep 2022 20:27:49 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 650
date: Tue, 20 Sep 2022 14:01:16 GMT
server: LiteSpeed
albaladtravel.com.my/wp-content/uploads/elementor/css/post-1308.css?ver=1663282585
185.93.164.120200 OK 3.7 kB URL HTTP/1.1 albaladtravel.com.my/wp-content/uploads/elementor/css/post-1308.css?ver=1663282585
IP 185.93.164.120:0
ASN #55720 Gigabit Hosting Sdn Bhd
File type ASCII text, with very long lines (59906), with no line terminators
Hash 8b1ed6317d541fca209da1aef9e9095e
ed120718d6cf70190e5a44ee931ccec3899fd960
3490e6c284b36967285bb7cd14d11879a5b947275bc4691ce764105b37e16187
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/elementor/css/post-1308.css?ver=1663282585 HTTP/1.1
Host: albaladtravel.com.my
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://albaladtravel.com.my/haji-2022/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Tue, 27 Sep 2022 14:01:16 GMT
content-type: text/css
last-modified: Thu, 15 Sep 2022 22:56:25 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 3740
date: Tue, 20 Sep 2022 14:01:16 GMT
server: LiteSpeed
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a91bc33-86f4-4bda-af70-da083ceb7c72.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a91bc33-86f4-4bda-af70-da083ceb7c72.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d3e70b2859ca89b353682d03f6b46b93
ebd83f29edd95217dfa4f4c7a94eddf34dd58b14
43ad8f8b0a664bbec39e0410c1201498a2d2e36e5bd7d5ece8d65b15230ec50b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a91bc33-86f4-4bda-af70-da083ceb7c72.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10894
x-amzn-requestid: 257316b9-2da7-4b43-a8b3-d89c088de1ed
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YbsFXFpzoAMFkpQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63215a22-6f365f587f25845668bf59b7;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 04:35:46 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: LSbWIJN46uVGRdFSejE3rNtq5549StAmO0mQiKOjUED62cVh5ddd9Q==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 13:55:17 GMT
age: 67132
etag: "ebd83f29edd95217dfa4f4c7a94eddf34dd58b14"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
albaladtravel.com.my/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3
185.93.164.120200 OK 13 kB URL HTTP/1.1 albaladtravel.com.my/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3
IP 185.93.164.120:0
ASN #55720 Gigabit Hosting Sdn Bhd
File type ASCII text, with very long lines (57726)
Hash 01c8783f3d5f215a78b2f296b640d7d5
07197b455675d6600b9997e62db3776326bedd30
fba2c2f0bb163ce08709558b0315ba8c6f4a4202c44e0c93836ab111bc550c32
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3 HTTP/1.1
Host: albaladtravel.com.my
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://albaladtravel.com.my/haji-2022/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Tue, 27 Sep 2022 14:01:16 GMT
content-type: text/css
last-modified: Thu, 15 Sep 2022 20:22:26 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 12551
date: Tue, 20 Sep 2022 14:01:16 GMT
server: LiteSpeed
albaladtravel.com.my/wp-content/uploads/elementor/thumbs/cropped-LOGO-ALBALAD-LATEST-300x185-white-pp04700bl3z9uj96sbtzzfjci4j4lbaiwvysttvwem.png
185.93.164.120200 OK 8.7 kB URL HTTP/2 albaladtravel.com.my/wp-content/uploads/elementor/thumbs/cropped-LOGO-ALBALAD-LATEST-300x185-white-pp04700bl3z9uj96sbtzzfjci4j4lbaiwvysttvwem.png
IP 185.93.164.120:0
ASN #55720 Gigabit Hosting Sdn Bhd
File type PNG image data, 200 x 123, 8-bit/color RGBA, non-interlaced\012- data
Hash 718b803cff145239cb5b91b10177cb07
83114863100ea9ae75bcb6a0363f75016e63df48
ce6fa8d0b3e61d71010454d6f1d15e6403f355333999bbb428f9067e0bf61ac4
GET /wp-content/uploads/elementor/thumbs/cropped-LOGO-ALBALAD-LATEST-300x185-white-pp04700bl3z9uj96sbtzzfjci4j4lbaiwvysttvwem.png HTTP/1.1
Host: albaladtravel.com.my
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://albaladtravel.com.my/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 27 Sep 2022 14:01:16 GMT
content-type: image/png
last-modified: Wed, 18 May 2022 15:26:25 GMT
accept-ranges: bytes
content-length: 8707
date: Tue, 20 Sep 2022 14:01:16 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
albaladtravel.com.my/wp-content/plugins/elementor-pro/assets/css/widget-carousel.min.css
185.93.164.120200 OK 3.4 kB URL HTTP/2 albaladtravel.com.my/wp-content/plugins/elementor-pro/assets/css/widget-carousel.min.css
IP 185.93.164.120:0
ASN #55720 Gigabit Hosting Sdn Bhd
File type ASCII text, with very long lines (36838)
Hash 4822c64fe52696e35ed26a1df44e9d66
9c0455768419b43b3566d5c64b61c3c5f7653d51
57e96eb2d5c13bd01dbdbb3109175dc5cffdd445d980ad5b9585c8d1451b364c
GET /wp-content/plugins/elementor-pro/assets/css/widget-carousel.min.css HTTP/1.1
Host: albaladtravel.com.my
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://albaladtravel.com.my/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 27 Sep 2022 14:01:16 GMT
content-type: text/css
last-modified: Fri, 16 Sep 2022 08:24:28 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3375
date: Tue, 20 Sep 2022 14:01:16 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
albaladtravel.com.my/wp-content/plugins/elementor/assets/lib/font-awesome/css/regular.min.css?ver=5.15.3
185.93.164.120200 OK 310 B URL HTTP/1.1 albaladtravel.com.my/wp-content/plugins/elementor/assets/lib/font-awesome/css/regular.min.css?ver=5.15.3
IP 185.93.164.120:0
ASN #55720 Gigabit Hosting Sdn Bhd
File type ASCII text, with very long lines (491)
Hash 07c6bc6cc033a80722f23857e2fa9c76
df77ec4506d847c536a276ec13b1a092f0828d75
443133e8718007cee8c92bf0a67de16fa79b5c1588e0c6afaaec66efee5d1ca1
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/regular.min.css?ver=5.15.3 HTTP/1.1
Host: albaladtravel.com.my
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://albaladtravel.com.my/haji-2022/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Tue, 27 Sep 2022 14:01:16 GMT
content-type: text/css
last-modified: Thu, 15 Sep 2022 20:22:26 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 310
date: Tue, 20 Sep 2022 14:01:16 GMT
server: LiteSpeed
albaladtravel.com.my/wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=5.15.3
185.93.164.120200 OK 312 B URL HTTP/1.1 albaladtravel.com.my/wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=5.15.3
IP 185.93.164.120:0
ASN #55720 Gigabit Hosting Sdn Bhd
File type ASCII text, with very long lines (489)
Hash 6a022b68e443848e247029d92bc6ecdc
c11c6feabf7997fa9d1b08eb2c36476f9352d4de
bf7945206dad7cb2c0b38023fe794ce553791a43664c32c39fd2f6b44aff5951
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=5.15.3 HTTP/1.1
Host: albaladtravel.com.my
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://albaladtravel.com.my/haji-2022/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Tue, 27 Sep 2022 14:01:16 GMT
content-type: text/css
last-modified: Thu, 15 Sep 2022 20:22:26 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 312
date: Tue, 20 Sep 2022 14:01:16 GMT
server: LiteSpeed
albaladtravel.com.my/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3
185.93.164.120200 OK 311 B URL HTTP/1.1 albaladtravel.com.my/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3
IP 185.93.164.120:0
ASN #55720 Gigabit Hosting Sdn Bhd
File type ASCII text, with very long lines (483)
Hash 217be86c62c0f0465c8766bdc869d10a
9e43286e9b4f012b1e00a722af7f299946af47e5
13f78c579d9ac42e0ecacf5a61c41b8e16c6a93e34c22e967927aa41016ed0d4
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3 HTTP/1.1
Host: albaladtravel.com.my
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://albaladtravel.com.my/haji-2022/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Tue, 27 Sep 2022 14:01:16 GMT
content-type: text/css
last-modified: Thu, 15 Sep 2022 20:22:26 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 311
date: Tue, 20 Sep 2022 14:01:16 GMT
server: LiteSpeed
albaladtravel.com.my/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2
185.93.164.120200 OK 12 kB URL HTTP/1.1 albaladtravel.com.my/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2
IP 185.93.164.120:0
ASN #55720 Gigabit Hosting Sdn Bhd
File type ASCII text, with very long lines (43771)
Hash 9f76c05d4aec8a23bbb9131800060916
ba854132574f3add765c016ff6cef2a30bddc5e0
c73bcff8e403046219e8f9dfb99e029b8d58099b8c5fb5f6508127702fd1b275
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.0.2 HTTP/1.1
Host: albaladtravel.com.my
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://albaladtravel.com.my/haji-2022/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Tue, 27 Sep 2022 14:01:16 GMT
content-type: text/css
last-modified: Tue, 12 Jul 2022 20:20:09 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 11658
date: Tue, 20 Sep 2022 14:01:16 GMT
server: LiteSpeed
albaladtravel.com.my/wp-content/plugins/elementor/assets/css/widget-icon-list.min.css
185.93.164.120200 OK 906 B URL HTTP/2 albaladtravel.com.my/wp-content/plugins/elementor/assets/css/widget-icon-list.min.css
IP 185.93.164.120:0
ASN #55720 Gigabit Hosting Sdn Bhd
File type ASCII text, with very long lines (11736)
Hash f25aad2642b00cb3e50c06fc10ab6b28
8db10414afa543d23acd0fbda38fac90f063320f
67cc7f940be339fe88012a48e64a8a95e567e8f1b0fb7ba01a363d0f5edcba88
GET /wp-content/plugins/elementor/assets/css/widget-icon-list.min.css HTTP/1.1
Host: albaladtravel.com.my
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://albaladtravel.com.my/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 27 Sep 2022 14:01:16 GMT
content-type: text/css
last-modified: Thu, 15 Sep 2022 20:22:24 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 906
date: Tue, 20 Sep 2022 14:01:16 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
albaladtravel.com.my/wp-content/uploads/elementor/css/post-532.css?ver=1663273668
185.93.164.120200 OK 481 B URL HTTP/1.1 albaladtravel.com.my/wp-content/uploads/elementor/css/post-532.css?ver=1663273668
IP 185.93.164.120:0
ASN #55720 Gigabit Hosting Sdn Bhd
File type ASCII text, with very long lines (1411), with no line terminators
Hash 2fe8b8621f186bbac76d175c5bdaf9c3
38b25e00fc6ade9ea260530253c29f25e0560ac3
e9081ab07f98e15089908a448bdc313e90db31820849ae9a42b7a92635cad81c
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/elementor/css/post-532.css?ver=1663273668 HTTP/1.1
Host: albaladtravel.com.my
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://albaladtravel.com.my/haji-2022/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Tue, 27 Sep 2022 14:01:16 GMT
content-type: text/css
last-modified: Thu, 15 Sep 2022 20:27:48 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 481
date: Tue, 20 Sep 2022 14:01:16 GMT
server: LiteSpeed
albaladtravel.com.my/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.16.0
185.93.164.120200 OK 3.9 kB URL HTTP/1.1 albaladtravel.com.my/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.16.0
IP 185.93.164.120:0
ASN #55720 Gigabit Hosting Sdn Bhd
File type ASCII text, with very long lines (19233)
Hash 72a65647874a407bf12f2b50f1aef2ae
3727b7b8b63c40299ce4f85186a04b9aebeb5032
019798e29fe8b572ae1363921494484bead80c515999fc5b7fb35fa8f37a7667
GET /wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.16.0 HTTP/1.1
Host: albaladtravel.com.my
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://albaladtravel.com.my/haji-2022/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Tue, 27 Sep 2022 14:01:16 GMT
content-type: text/css
last-modified: Thu, 15 Sep 2022 20:22:25 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 3915
date: Tue, 20 Sep 2022 14:01:16 GMT
server: LiteSpeed
albaladtravel.com.my/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.7.6
185.93.164.120200 OK 2.6 kB URL HTTP/1.1 albaladtravel.com.my/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.7.6
IP 185.93.164.120:0
ASN #55720 Gigabit Hosting Sdn Bhd
File type ASCII text, with very long lines (10019)
Hash 4e9118f31f777852a8192e8ae7145006
35f6239ba65c066bb5af00fb197c61bd152099be
ecd21129b9099866ad1499c96a15311d0327e2d86ddaf8540c77d5f2d06b0218
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.7.6 HTTP/1.1
Host: albaladtravel.com.my
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://albaladtravel.com.my/haji-2022/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Tue, 27 Sep 2022 14:01:16 GMT
content-type: text/css
last-modified: Thu, 15 Sep 2022 20:22:25 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 2598
date: Tue, 20 Sep 2022 14:01:16 GMT
server: LiteSpeed
albaladtravel.com.my/wp-content/themes/astra/assets/js/minified/frontend.min.js?ver=3.8.2
185.93.164.120200 OK 4.0 kB URL HTTP/1.1 albaladtravel.com.my/wp-content/themes/astra/assets/js/minified/frontend.min.js?ver=3.8.2
IP 185.93.164.120:0
ASN #55720 Gigabit Hosting Sdn Bhd
File type ASCII text, with very long lines (16489), with no line terminators
Hash f2f4bfba53805ddaf4232bef580aaab7
a93da86ca050b6d95f95d02eda8cfcaad40ba186
8b11ecd82af4729a9899338d8e983b3d306ca30cb0829dea43b040e459a005ad
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/astra/assets/js/minified/frontend.min.js?ver=3.8.2 HTTP/1.1
Host: albaladtravel.com.my
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://albaladtravel.com.my/haji-2022/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Tue, 27 Sep 2022 14:01:16 GMT
content-type: application/javascript
last-modified: Fri, 03 Jun 2022 10:07:39 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 3961
date: Tue, 20 Sep 2022 14:01:16 GMT
server: LiteSpeed
albaladtravel.com.my/wp-includes/js/imagesloaded.min.js?ver=4.1.4
185.93.164.120200 OK 1.8 kB URL HTTP/1.1 albaladtravel.com.my/wp-includes/js/imagesloaded.min.js?ver=4.1.4
IP 185.93.164.120:0
ASN #55720 Gigabit Hosting Sdn Bhd
File type ASCII text, with very long lines (5477)
Hash 5bc847fcae1a1a6c4b7f79c00d2b7e29
b2237db0dd679c2c8e397e833f04df00d43165e7
bfa7a74e5830c0c26da7ccc50b8e44b401ce1ee8604fceb62e6c1310c47ddb2a
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/imagesloaded.min.js?ver=4.1.4 HTTP/1.1
Host: albaladtravel.com.my
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://albaladtravel.com.my/haji-2022/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Tue, 27 Sep 2022 14:01:17 GMT
content-type: application/javascript
last-modified: Sat, 13 Jun 2020 16:23:28 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 1831
date: Tue, 20 Sep 2022 14:01:17 GMT
server: LiteSpeed
albaladtravel.com.my/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.7.6
185.93.164.120200 OK 2.2 kB URL HTTP/1.1 albaladtravel.com.my/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.7.6
IP 185.93.164.120:0
ASN #55720 Gigabit Hosting Sdn Bhd
File type ASCII text, with very long lines (4918)
Hash fc8d2994ebd0912251fc597966b85f9f
1e5500467f41fe87f2d5ceee5afd4aff7efed990
f7a89bad7b62103eaf68c0ddaf170ff3be2c7f0bc17629e11e68242a9c32d8c6
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.7.6 HTTP/1.1
Host: albaladtravel.com.my
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://albaladtravel.com.my/haji-2022/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Tue, 27 Sep 2022 14:01:17 GMT
content-type: application/javascript
last-modified: Thu, 15 Sep 2022 20:22:29 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 2189
date: Tue, 20 Sep 2022 14:01:17 GMT
server: LiteSpeed
albaladtravel.com.my/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.7.6
185.93.164.120200 OK 2.4 kB URL HTTP/1.1 albaladtravel.com.my/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.7.6
IP 185.93.164.120:0
ASN #55720 Gigabit Hosting Sdn Bhd
File type ASCII text, with very long lines (5141)
Hash 62363a59ea739ad18b2df7a2bcbebc4a
980bfba08ef15f119d79a24c85eee3016172ac06
75a79fb269cf8daf3cfc08ef6f921b6579d8990f1f2dfdb9318646cb77ad73f3
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.7.6 HTTP/1.1
Host: albaladtravel.com.my
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://albaladtravel.com.my/haji-2022/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Tue, 27 Sep 2022 14:01:17 GMT
content-type: application/javascript
last-modified: Fri, 16 Sep 2022 08:24:33 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 2368
date: Tue, 20 Sep 2022 14:01:17 GMT
server: LiteSpeed
albaladtravel.com.my/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.7.6
185.93.164.120200 OK 11 kB URL HTTP/1.1 albaladtravel.com.my/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.7.6
IP 185.93.164.120:0
ASN #55720 Gigabit Hosting Sdn Bhd
File type Unicode text, UTF-8 text, with very long lines (32889)
Hash 0c03cda2e9f920a839309393602dca34
c2af60181c1c9516895deb293c68b4974ee47c2f
8bb356166c5f922a07258553d0388ffb81d09ae258fa3a209bff3938e9457a23
GET /wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.7.6 HTTP/1.1
Host: albaladtravel.com.my
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://albaladtravel.com.my/haji-2022/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Tue, 27 Sep 2022 14:01:17 GMT
content-type: application/javascript
last-modified: Thu, 15 Sep 2022 20:22:31 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 10728
date: Tue, 20 Sep 2022 14:01:17 GMT
server: LiteSpeed
albaladtravel.com.my/wp-content/plugins/elementor/assets/css/widget-icon-box.min.css
185.93.164.120200 OK 755 B URL HTTP/2 albaladtravel.com.my/wp-content/plugins/elementor/assets/css/widget-icon-box.min.css
IP 185.93.164.120:0
ASN #55720 Gigabit Hosting Sdn Bhd
File type ASCII text, with very long lines (12953)
Hash b33470f16764bdf127434ec71ebb4172
44f9e9f0b96fce2cacb59b1bde4632959626d9d9
96407a0451bf5705c630a521307bc3bf4910fa1afb1fa9606c68582d9bd675d8
GET /wp-content/plugins/elementor/assets/css/widget-icon-box.min.css HTTP/1.1
Host: albaladtravel.com.my
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://albaladtravel.com.my/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 27 Sep 2022 14:01:17 GMT
content-type: text/css
last-modified: Thu, 15 Sep 2022 20:22:23 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 755
date: Tue, 20 Sep 2022 14:01:17 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
albaladtravel.com.my/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
185.93.164.120200 OK 2.4 kB URL HTTP/1.1 albaladtravel.com.my/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
IP 185.93.164.120:0
ASN #55720 Gigabit Hosting Sdn Bhd
File type ASCII text, with very long lines (6475), with no line terminators
Hash 9939da8da9b306b91ddc5c68ea402d66
4cd4ea5f2dcd09fec713c36cb1c1c31ace0373b5
63b97ebb1748143ca6093d63ccdb14b2748f002df4caddfaa15c1173cb2c4942
GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 HTTP/1.1
Host: albaladtravel.com.my
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://albaladtravel.com.my/haji-2022/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Tue, 27 Sep 2022 14:01:17 GMT
content-type: application/javascript
last-modified: Tue, 24 May 2022 20:19:43 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 2439
date: Tue, 20 Sep 2022 14:01:17 GMT
server: LiteSpeed
albaladtravel.com.my/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
185.93.164.120200 OK 31 kB URL HTTP/1.1 albaladtravel.com.my/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP 185.93.164.120:0
ASN #55720 Gigabit Hosting Sdn Bhd
File type ASCII text, with very long lines (65447)
Hash 554969c8ed0e4b5eece1261c4e1e9cd0
3b514b21c2e26b2caa15054e43ed00184a8ebc38
4a10709ca76c5112fbaf69e065b4ef93dd37bcffd4ae39b351e56d40c9322123
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: albaladtravel.com.my
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://albaladtravel.com.my/haji-2022/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Tue, 27 Sep 2022 14:01:17 GMT
content-type: application/javascript
last-modified: Wed, 10 Mar 2021 12:37:24 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 30969
date: Tue, 20 Sep 2022 14:01:17 GMT
server: LiteSpeed
albaladtravel.com.my/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
185.93.164.120200 OK 7.1 kB URL HTTP/1.1 albaladtravel.com.my/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
IP 185.93.164.120:0
ASN #55720 Gigabit Hosting Sdn Bhd
File type Unicode text, UTF-8 text, with very long lines (19138), with no line terminators
Hash a0798e1907e23a55c0f4ffebabb1fd48
aae64554a44eb45ae03b497cacfbb56b30cedade
5eb6c2a3b9c101ee2806a07fbd9177c4480db87871bef7d6a760a26dff1bd12b
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1
Host: albaladtravel.com.my
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://albaladtravel.com.my/haji-2022/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Tue, 27 Sep 2022 14:01:17 GMT
content-type: application/javascript
last-modified: Tue, 24 May 2022 20:19:43 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 7098
date: Tue, 20 Sep 2022 14:01:17 GMT
server: LiteSpeed
albaladtravel.com.my/wp-content/plugins/elementor/assets/lib/font-awesome/js/v4-shims.min.js?ver=3.7.6
185.93.164.120200 OK 4.2 kB URL HTTP/1.1 albaladtravel.com.my/wp-content/plugins/elementor/assets/lib/font-awesome/js/v4-shims.min.js?ver=3.7.6
IP 185.93.164.120:0
ASN #55720 Gigabit Hosting Sdn Bhd
File type ASCII text, with very long lines (14869)
Hash 5ad7319f43a2bca99c11467a5487e732
679477d70dc649d6bea001fc554e507a21bfa4d5
e3127d526be8cec1311695936939b4a12fd8b4dcb394eb5d3e80ee9a3924d9f0
GET /wp-content/plugins/elementor/assets/lib/font-awesome/js/v4-shims.min.js?ver=3.7.6 HTTP/1.1
Host: albaladtravel.com.my
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://albaladtravel.com.my/haji-2022/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Tue, 27 Sep 2022 14:01:17 GMT
content-type: application/javascript
last-modified: Thu, 15 Sep 2022 20:22:26 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 4165
date: Tue, 20 Sep 2022 14:01:17 GMT
server: LiteSpeed
albaladtravel.com.my/wp-includes/js/dist/hooks.min.js?ver=c6d64f2cb8f5c6bb49caca37f8828ce3
185.93.164.120200 OK 1.7 kB URL HTTP/1.1 albaladtravel.com.my/wp-includes/js/dist/hooks.min.js?ver=c6d64f2cb8f5c6bb49caca37f8828ce3
IP 185.93.164.120:0
ASN #55720 Gigabit Hosting Sdn Bhd
File type ASCII text, with very long lines (4875)
Hash b7fad5256cf7aca9fd70a62bb93844c6
903085b7db8cb10da60739104d2b8b500d7bdf57
d35186efbbda488c7ad9e5b7c44d5d340e96c7823e609d791ef0d4bd29b4afd6
GET /wp-includes/js/dist/hooks.min.js?ver=c6d64f2cb8f5c6bb49caca37f8828ce3 HTTP/1.1
Host: albaladtravel.com.my
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://albaladtravel.com.my/haji-2022/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Tue, 27 Sep 2022 14:01:17 GMT
content-type: application/javascript
last-modified: Tue, 24 May 2022 20:19:45 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 1657
date: Tue, 20 Sep 2022 14:01:17 GMT
server: LiteSpeed
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4f5180e6651455bc8443945fb5b6860c
01457b8648200c9d274b2790b95274b1dc855aaf
39301cccc2805993f794301cb01a70a954e7c8a8e5d6779acc4888f77d7282c0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 14:01:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4f5180e6651455bc8443945fb5b6860c
01457b8648200c9d274b2790b95274b1dc855aaf
39301cccc2805993f794301cb01a70a954e7c8a8e5d6779acc4888f77d7282c0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 14:01:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
142.250.74.163200 OK 8.0 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 8000, version 1.0\012- data
Hash 72993dddf88a63e8f226656f7de88e57
179f97ec0275f09603a8db94d4380eb584d81cd5
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
GET /s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://albaladtravel.com.my
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 8000
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 14 Sep 2022 19:30:59 GMT
expires: Thu, 14 Sep 2023 19:30:59 GMT
cache-control: public, max-age=31536000
age: 498618
last-modified: Wed, 27 Apr 2022 16:59:07 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4f5180e6651455bc8443945fb5b6860c
01457b8648200c9d274b2790b95274b1dc855aaf
39301cccc2805993f794301cb01a70a954e7c8a8e5d6779acc4888f77d7282c0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 14:01:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
142.250.74.163200 OK 7.7 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 7748, version 1.0\012- data
Hash a09f2fccfee35b7247b08a1a266f0328
0da2d17e738f46d2a09e6fb7969da451719a9820
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
GET /s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://albaladtravel.com.my
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7748
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 14 Sep 2022 19:30:59 GMT
expires: Thu, 14 Sep 2023 19:30:59 GMT
cache-control: public, max-age=31536000
age: 498618
last-modified: Wed, 27 Apr 2022 16:21:30 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
142.250.74.163200 OK 17 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 16740, version 1.0\012- data
Hash e43b535855a4ae53bd5b07a6eeb3bf67
6507312d9491156036316484bf8dc41e8b52ddd9
b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681
GET /s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://albaladtravel.com.my
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 19 Sep 2022 18:53:39 GMT
expires: Tue, 19 Sep 2023 18:53:39 GMT
cache-control: public, max-age=31536000
age: 68858
last-modified: Mon, 15 Aug 2022 18:14:44 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4f5180e6651455bc8443945fb5b6860c
01457b8648200c9d274b2790b95274b1dc855aaf
39301cccc2805993f794301cb01a70a954e7c8a8e5d6779acc4888f77d7282c0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 14:01:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
albaladtravel.com.my/wp-includes/js/dist/i18n.min.js?ver=ebee46757c6a411e38fd079a7ac71d94
185.93.164.120200 OK 3.9 kB URL HTTP/1.1 albaladtravel.com.my/wp-includes/js/dist/i18n.min.js?ver=ebee46757c6a411e38fd079a7ac71d94
IP 185.93.164.120:0
ASN #55720 Gigabit Hosting Sdn Bhd
Hash 744d07a5a18516a5eda2c915c57a8d3e
848f74eb379c38dd0a1928f07673804e0f08d5a1
39243a0d7eff0b8436162e5964241b334691314c7dee690b05e696c48f354c14
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/dist/i18n.min.js?ver=ebee46757c6a411e38fd079a7ac71d94 HTTP/1.1
Host: albaladtravel.com.my
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://albaladtravel.com.my/haji-2022/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Tue, 27 Sep 2022 14:01:17 GMT
content-type: application/javascript
last-modified: Tue, 24 May 2022 20:19:42 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 3863
date: Tue, 20 Sep 2022 14:01:17 GMT
server: LiteSpeed
albaladtravel.com.my/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.7.6
185.93.164.120200 OK 5.7 kB URL HTTP/1.1 albaladtravel.com.my/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.7.6
IP 185.93.164.120:0
ASN #55720 Gigabit Hosting Sdn Bhd
File type ASCII text, with very long lines (21374)
Hash 8c858862d7b3b2ed5d666d9e90baef7b
6c138ba1b3b27fb936fa22a5474d2c80dcadb196
1c2c74a3c8ef873cb2b23d2d5b8cfdbd3ff444328b5edcce49ac69b76a2077fe
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.7.6 HTTP/1.1
Host: albaladtravel.com.my
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://albaladtravel.com.my/haji-2022/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Tue, 27 Sep 2022 14:01:17 GMT
content-type: application/javascript
last-modified: Fri, 16 Sep 2022 08:24:31 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 5714
date: Tue, 20 Sep 2022 14:01:17 GMT
server: LiteSpeed
albaladtravel.com.my/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
185.93.164.120200 OK 3.0 kB URL HTTP/1.1 albaladtravel.com.my/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
IP 185.93.164.120:0
ASN #55720 Gigabit Hosting Sdn Bhd
File type ASCII text, with very long lines (12198), with no line terminators
Hash 13cae06000fa9223bf958a948a495108
0716503ef98485d4eba528d0743169fe6657a4e9
fed7f3f2c9f4b71f63d0b9b35bb50e5b73e6ba583a8c7338b097596cf3da264f
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2 HTTP/1.1
Host: albaladtravel.com.my
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://albaladtravel.com.my/haji-2022/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Tue, 27 Sep 2022 14:01:17 GMT
content-type: application/javascript
last-modified: Thu, 15 Sep 2022 20:22:26 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 2987
date: Tue, 20 Sep 2022 14:01:17 GMT
server: LiteSpeed
albaladtravel.com.my/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1
185.93.164.120200 OK 6.9 kB URL HTTP/1.1 albaladtravel.com.my/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1
IP 185.93.164.120:0
ASN #55720 Gigabit Hosting Sdn Bhd
File type Unicode text, UTF-8 text, with very long lines (8189)
Hash 6fbdec511b9577e4f12879c734520f46
1000efea6dc58d64e00fa3865e8b4836b26aa125
6bfc9b927aa776fceb37d3c104f25cd8d0aeca61be4b65e5642b9f76ecea14a9
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/ui/core.min.js?ver=1.13.1 HTTP/1.1
Host: albaladtravel.com.my
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://albaladtravel.com.my/haji-2022/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Tue, 27 Sep 2022 14:01:17 GMT
content-type: application/javascript
last-modified: Tue, 24 May 2022 20:19:41 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 6910
date: Tue, 20 Sep 2022 14:01:17 GMT
server: LiteSpeed
albaladtravel.com.my/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
185.93.164.120200 OK 4.2 kB URL HTTP/1.1 albaladtravel.com.my/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 185.93.164.120:0
ASN #55720 Gigabit Hosting Sdn Bhd
File type ASCII text, with very long lines (11126)
Hash c41f3a82e911de81a1817131069bc7d2
1e883290a0b794916cead41e5f0705716fd77b89
e9791f24770f098ea30bb4d25e2e10bdedb97132d0bbf7d2bd79eedac22efa27
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: albaladtravel.com.my
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://albaladtravel.com.my/haji-2022/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Tue, 27 Sep 2022 14:01:17 GMT
content-type: application/javascript
last-modified: Wed, 18 Nov 2020 06:36:06 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 4168
date: Tue, 20 Sep 2022 14:01:17 GMT
server: LiteSpeed
albaladtravel.com.my/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.7.6
185.93.164.120200 OK 12 kB URL HTTP/1.1 albaladtravel.com.my/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.7.6
IP 185.93.164.120:0
ASN #55720 Gigabit Hosting Sdn Bhd
File type ASCII text, with very long lines (40474)
Hash a53fb392ab1ff7a6085a7e4f642016ce
9cc06bb4f108e111342cf2dbf50078676e9c9288
63ffe52e55afd37d291a74796799b0e7e13eab29473625d724b7cfaca1c101f6
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.7.6 HTTP/1.1
Host: albaladtravel.com.my
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://albaladtravel.com.my/haji-2022/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Tue, 27 Sep 2022 14:01:17 GMT
content-type: application/javascript
last-modified: Thu, 15 Sep 2022 20:22:29 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 12061
date: Tue, 20 Sep 2022 14:01:17 GMT
server: LiteSpeed
albaladtravel.com.my/wp-content/plugins/elementor-pro/assets/js/elements-handlers.min.js?ver=3.7.6
185.93.164.120200 OK 5.7 kB URL HTTP/1.1 albaladtravel.com.my/wp-content/plugins/elementor-pro/assets/js/elements-handlers.min.js?ver=3.7.6
IP 185.93.164.120:0
ASN #55720 Gigabit Hosting Sdn Bhd
File type ASCII text, with very long lines (24339)
Hash 9a5c6770e780774ba2496c47fcb9130b
ed7d296d29c143e4198bc541235e02c5ee8db43d
b656ac619d7f13b342e7bb7e5951793b57b383711daecf32df137c3035b46b51
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor-pro/assets/js/elements-handlers.min.js?ver=3.7.6 HTTP/1.1
Host: albaladtravel.com.my
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://albaladtravel.com.my/haji-2022/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Tue, 27 Sep 2022 14:01:17 GMT
content-type: application/javascript
last-modified: Fri, 16 Sep 2022 08:24:33 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 5657
date: Tue, 20 Sep 2022 14:01:17 GMT
server: LiteSpeed
s.w.org/images/core/emoji/14.0.0/svg/2764.svg
192.0.77.48200 OK 368 B URL HTTP/2 s.w.org/images/core/emoji/14.0.0/svg/2764.svg
IP 192.0.77.48:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (368), with no line terminators
Hash 0483f2b648dcc986d01385062052ae1c
61bd815f1497863265a76d92623042835e5e7fe2
09a743ee0c32ca57c9be64b13b29c396310d1dd309cb4d7d3be722e47db95f27
GET /images/core/emoji/14.0.0/svg/2764.svg HTTP/1.1
Host: s.w.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://albaladtravel.com.my/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 14:01:18 GMT
content-type: image/svg+xml
content-length: 368
last-modified: Tue, 12 Apr 2022 03:53:44 GMT
x-frame-options: SAMEORIGIN
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn 1
x-content-type-options: nosniff
accept-ranges: bytes
X-Firefox-Spdy: h2
albaladtravel.com.my/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-regular-400.woff2
185.93.164.120200 OK 13 kB URL HTTP/1.1 albaladtravel.com.my/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-regular-400.woff2
IP 185.93.164.120:0
ASN #55720 Gigabit Hosting Sdn Bhd
File type Web Open Font Format (Version 2), TrueType, length 13276, version 331.-31261\012- data
Hash f0f8230116992e521526097a28f54066
0447c6b10bbf73f97b23dcfd6e6a48510822cb6e
8afc6e5e842baab16010c2ce6fcf48ec4ded8e1579a37c1f1bc027e120d04951
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-regular-400.woff2 HTTP/1.1
Host: albaladtravel.com.my
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://albaladtravel.com.my/wp-content/plugins/elementor/assets/lib/font-awesome/css/regular.min.css?ver=5.15.3
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Tue, 27 Sep 2022 14:01:17 GMT
content-type: font/woff2
last-modified: Thu, 15 Sep 2022 20:22:27 GMT
accept-ranges: bytes
content-length: 13276
date: Tue, 20 Sep 2022 14:01:17 GMT
server: LiteSpeed
albaladtravel.com.my/wp-content/themes/astra/assets/fonts/astra.woff
185.93.164.120200 OK 3.3 kB URL HTTP/1.1 albaladtravel.com.my/wp-content/themes/astra/assets/fonts/astra.woff
IP 185.93.164.120:0
ASN #55720 Gigabit Hosting Sdn Bhd
File type Web Open Font Format, TrueType, length 3304, version 1.0\012- data
Hash bfe0ed8503c926d68f58ed0408dfe0d0
0346d02d96ff7d2a0278bc10f4dfdf365c80eac3
ec7ef7aa5fd1e019f1c26193e95e46d481d4983673936a9dda086705ada6e3d5
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/astra/assets/fonts/astra.woff HTTP/1.1
Host: albaladtravel.com.my
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://albaladtravel.com.my/haji-2022/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Tue, 27 Sep 2022 14:01:18 GMT
content-type: font/woff
last-modified: Fri, 03 Jun 2022 10:07:37 GMT
accept-ranges: bytes
content-length: 3304
date: Tue, 20 Sep 2022 14:01:18 GMT
server: LiteSpeed
albaladtravel.com.my/wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js
185.93.164.120200 OK 665 B URL HTTP/1.1 albaladtravel.com.my/wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js
IP 185.93.164.120:0
ASN #55720 Gigabit Hosting Sdn Bhd
File type ASCII text, with very long lines (1320)
Hash 09e68d01847efc77c26c3942d3ac9956
a78d127399c72c8c5d0d00eb9c75c9fda7df22d2
fc0ba5d56aee4861a753ac26e1b5461c5375d79b9915c098899d229db42feb9b
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js HTTP/1.1
Host: albaladtravel.com.my
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://albaladtravel.com.my/haji-2022/
Cookie: _ga_QZTJ54QFTY=GS1.1.1663682477.1.0.1663682477.0.0.0; _ga=GA1.1.176464003.1663682478
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Tue, 27 Sep 2022 14:01:18 GMT
content-type: application/javascript
last-modified: Thu, 15 Sep 2022 20:22:29 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 665
date: Tue, 20 Sep 2022 14:01:18 GMT
server: LiteSpeed
albaladtravel.com.my/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2
185.93.164.120200 OK 78 kB URL HTTP/1.1 albaladtravel.com.my/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2
IP 185.93.164.120:0
ASN #55720 Gigabit Hosting Sdn Bhd
File type Web Open Font Format (Version 2), TrueType, length 78196, version 331.-31261\012- data
Hash e8a427e15cc502bef99cfd722b37ea98
a9922842a120a7f1eaced667480c5e185a106d69
d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: albaladtravel.com.my
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://albaladtravel.com.my/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Tue, 27 Sep 2022 14:01:17 GMT
content-type: font/woff2
last-modified: Thu, 15 Sep 2022 20:22:27 GMT
accept-ranges: bytes
content-length: 78196
date: Tue, 20 Sep 2022 14:01:17 GMT
server: LiteSpeed
s.w.org/images/core/emoji/14.0.0/svg/1f44d-1f3fb.svg
192.0.77.48200 OK 2.1 kB URL HTTP/2 s.w.org/images/core/emoji/14.0.0/svg/1f44d-1f3fb.svg
IP 192.0.77.48:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (3469)
Hash daa3d3f50f1ed7b45422ecb62e3a2113
f58f7927f6c7ffad50d1bb9a7637d919966307c3
18d3989083b58a817e85b229f6da8b0f2da74e9f7ca646bbe52315f6b3d8796a
GET /images/core/emoji/14.0.0/svg/1f44d-1f3fb.svg HTTP/1.1
Host: s.w.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://albaladtravel.com.my/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 14:01:18 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Tue, 12 Apr 2022 03:53:43 GMT
x-frame-options: SAMEORIGIN
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn 1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
region1.google-analytics.com/g/collect?v=2&tid=G-QZTJ54QFTY>m=2oe9j0&_p=1973669841&gdid=dZTNiMT&cid=176464003.1663682478&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1663682477&sct=1&seg=0&dl=http%3A%2F%2Falbaladtravel.com.my%2Fhaji-2022%2F&dt=Haji%202022%20-%20Albalad%20Travel%20%26%20Tours&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
216.239.34.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-QZTJ54QFTY>m=2oe9j0&_p=1973669841&gdid=dZTNiMT&cid=176464003.1663682478&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1663682477&sct=1&seg=0&dl=http%3A%2F%2Falbaladtravel.com.my%2Fhaji-2022%2F&dt=Haji%202022%20-%20Albalad%20Travel%20%26%20Tours&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP 216.239.34.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-QZTJ54QFTY>m=2oe9j0&_p=1973669841&gdid=dZTNiMT&cid=176464003.1663682478&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1663682477&sct=1&seg=0&dl=http%3A%2F%2Falbaladtravel.com.my%2Fhaji-2022%2F&dt=Haji%202022%20-%20Albalad%20Travel%20%26%20Tours&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://albaladtravel.com.my
Connection: keep-alive
Referer: http://albaladtravel.com.my/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: http://albaladtravel.com.my
date: Tue, 20 Sep 2022 14:01:18 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
albaladtravel.com.my/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2
185.93.164.120200 OK 77 kB URL HTTP/1.1 albaladtravel.com.my/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2
IP 185.93.164.120:0
ASN #55720 Gigabit Hosting Sdn Bhd
File type Web Open Font Format (Version 2), TrueType, length 76764, version 331.-31261\012- data
Hash f7307680c7fe85959f3ecf122493ea7d
fce0da592a3e536d6d5df5b50cb513398d8c5161
43c072c16c9ee6d67acdfa6c6d6685ff1e74eb4237b7cc3c1348ab1c108b26af
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2 HTTP/1.1
Host: albaladtravel.com.my
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://albaladtravel.com.my/wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=5.15.3
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Tue, 27 Sep 2022 14:01:17 GMT
content-type: font/woff2
last-modified: Thu, 15 Sep 2022 20:22:27 GMT
accept-ranges: bytes
content-length: 76764
date: Tue, 20 Sep 2022 14:01:17 GMT
server: LiteSpeed
albaladtravel.com.my/wp-content/plugins/elementor/assets/lib/eicons/fonts/eicons.woff2?5.16.0
185.93.164.120200 OK 93 kB URL HTTP/1.1 albaladtravel.com.my/wp-content/plugins/elementor/assets/lib/eicons/fonts/eicons.woff2?5.16.0
IP 185.93.164.120:0
ASN #55720 Gigabit Hosting Sdn Bhd
File type Web Open Font Format (Version 2), TrueType, length 93372, version 1.0\012- data
Hash aab0bb3379e0eb7ebc26071db61fbd57
711c8d350c4192c2f1aa7f73551445b89fb4b161
691fa7d17effc7d303eda0ad7e4a1d91b2f375506cfc8a774480cc2b55f156ea
GET /wp-content/plugins/elementor/assets/lib/eicons/fonts/eicons.woff2?5.16.0 HTTP/1.1
Host: albaladtravel.com.my
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://albaladtravel.com.my/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.16.0
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Tue, 27 Sep 2022 14:01:18 GMT
content-type: font/woff2
last-modified: Thu, 15 Sep 2022 20:22:25 GMT
accept-ranges: bytes
content-length: 93372
date: Tue, 20 Sep 2022 14:01:18 GMT
server: LiteSpeed
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 81fa7001b4b94f54d2ab4f3237ecaabb
e21bb07f34d9bed91f5caac3f9a83e9600a5652c
0ecbe6e0c5198d792a0eeb4197c88ec1d3a9f8b215efae7a6bb87776f7673b6a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 14:01:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 56f5d7f608e25d64207135f045f988cb
901eb59372ae330ae85e1384da93479b21ae1082
1910daea79e5a9d04829a91e432dfa56f45a80a3e14a8cf667fec73af9fd3d29
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://albaladtravel.com.my/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20006
date: Tue, 20 Sep 2022 12:41:12 GMT
expires: Tue, 20 Sep 2022 14:41:12 GMT
cache-control: public, max-age=7200
age: 4807
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 81fa7001b4b94f54d2ab4f3237ecaabb
e21bb07f34d9bed91f5caac3f9a83e9600a5652c
0ecbe6e0c5198d792a0eeb4197c88ec1d3a9f8b215efae7a6bb87776f7673b6a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 14:01:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.youtube.com/iframe_api
216.58.207.238200 OK 54 kB URL HTTP/2 www.youtube.com/iframe_api
IP 216.58.207.238:0
File type ASCII text, with very long lines (509)
Hash a6e9cafaed1168cc1961c84e9f37afbd
a08183a825bf60bc538cbcaa1bba42f5d1205468
bdc08efe50000364533157534ef234ca773fecf400e05221651e6f3aaf3968ec
GET /iframe_api HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://albaladtravel.com.my/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
x-content-type-options: nosniff
expires: Tue, 20 Sep 2022 14:01:19 GMT
date: Tue, 20 Sep 2022 14:01:19 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=31536000
x-frame-options: SAMEORIGIN
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=_0b6A2dpmMg; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=LELVq_7-bWo; Domain=.youtube.com; Expires=Sun, 19-Mar-2023 14:01:19 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+033; expires=Thu, 19-Sep-2024 14:01:19 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.163200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 17 Sep 2022 12:31:58 GMT
expires: Sun, 17 Sep 2023 12:31:58 GMT
cache-control: public, max-age=31536000
age: 264561
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
albaladtravel.com.my/wp-content/plugins/elementor-pro/assets/js/carousel.36aa659d3ca597704333.bundle.min.js
185.93.164.120200 OK 1.7 kB URL HTTP/1.1 albaladtravel.com.my/wp-content/plugins/elementor-pro/assets/js/carousel.36aa659d3ca597704333.bundle.min.js
IP 185.93.164.120:0
ASN #55720 Gigabit Hosting Sdn Bhd
File type ASCII text, with very long lines (4938)
Hash 4f5ff687540abde2566f4193a6352eca
80d1c90d722a4ddcd480745d1af7f13a0ba3b4f9
cec4303e56095e775552614ba6b14d2e00cab478a00bbd9678c398314ccd741c
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor-pro/assets/js/carousel.36aa659d3ca597704333.bundle.min.js HTTP/1.1
Host: albaladtravel.com.my
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://albaladtravel.com.my/haji-2022/
Cookie: _ga_QZTJ54QFTY=GS1.1.1663682477.1.0.1663682477.0.0.0; _ga=GA1.1.176464003.1663682478
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Tue, 27 Sep 2022 14:01:19 GMT
content-type: application/javascript
last-modified: Fri, 16 Sep 2022 08:24:33 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 1681
date: Tue, 20 Sep 2022 14:01:19 GMT
server: LiteSpeed
albaladtravel.com.my/wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6
185.93.164.120200 OK 36 kB URL HTTP/1.1 albaladtravel.com.my/wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6
IP 185.93.164.120:0
ASN #55720 Gigabit Hosting Sdn Bhd
File type ASCII text, with very long lines (65280)
Hash b424b85a064ab3174f3e1d3bade79688
29c4779066049f013b683e855d9934e4f8ef7230
d5b27ca2e9a987116ea9ae665f8011034176387b1a362b828b2ed66676f91dfb
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6 HTTP/1.1
Host: albaladtravel.com.my
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://albaladtravel.com.my/haji-2022/
Cookie: _ga_QZTJ54QFTY=GS1.1.1663682477.1.0.1663682477.0.0.0; _ga=GA1.3.176464003.1663682478; _gid=GA1.3.978128235.1663682479; _gat_gtag_UA_227016012_1=1
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Tue, 27 Sep 2022 14:01:20 GMT
content-type: application/javascript
last-modified: Thu, 15 Sep 2022 20:22:25 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 35515
date: Tue, 20 Sep 2022 14:01:20 GMT
server: LiteSpeed
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 3146bb0aaba22619df206969792ed383
07db3170920b9ba82ecf00e6135eecf08f167942
cba7793fa0a6de6486e3515f886a42efeb21f3b4c84d5e7395f6468a5925d27f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 14:01:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash dda77a44a7f9eeb9bd828f659ccb7e22
9af43f88835600fd3206e4f18b0c1c2571a3959c
c8effed6366a20b26e104fc4f64d24213eb357d61e7683e28f812d0c21edd044
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 14:01:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.doubleclick.net/instream/ad_status.js
216.58.207.230200 OK 29 B URL HTTP/2 static.doubleclick.net/instream/ad_status.js
IP 216.58.207.230:0
Hash 1fa71744db23d0f8df9cce6719defcb7
e4be9b7136697942a036f97cf26ebaf703ad2067
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
GET /instream/ad_status.js HTTP/1.1
Host: static.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 29
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 20 Sep 2022 13:59:23 GMT
expires: Tue, 20 Sep 2022 14:14:23 GMT
cache-control: public, max-age=900
age: 117
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 27 kB IP 142.250.74.3:0
Hash bb3e5aad471ab4fced6c8c2133f824a0
7aae7c26e5d9950cdaf22fdc8b332d3c30f1c3c3
fafe9d4521e83445bcc7b7bc4608e1bc7336d23bd77ea95a6e86ded2921545c3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 14:01:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash dda77a44a7f9eeb9bd828f659ccb7e22
9af43f88835600fd3206e4f18b0c1c2571a3959c
c8effed6366a20b26e104fc4f64d24213eb357d61e7683e28f812d0c21edd044
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 14:01:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/id
142.250.74.162302 Found 27 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/id
IP 142.250.74.162:0
Hash 3e27a6cde59c1893e7612f971b9b9547
8482f0b1cf8afd022fc9848cb489a37c0b391a49
3aca4e5bb1cde434e031e4ba90d2128cc9c2da1210e4ecf003cf93553904ce84
GET /pagead/id HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-credentials: true
access-control-allow-origin: https://www.youtube.com
date: Tue, 20 Sep 2022 14:01:20 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/id
142.250.74.162302 Found 0 B URL HTTP/2 googleads.g.doubleclick.net/pagead/id
IP 142.250.74.162:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/id HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-credentials: true
access-control-allow-origin: https://www.youtube.com
date: Tue, 20 Sep 2022 14:01:20 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 28 kB IP 142.250.74.3:0
Hash 59c73bdbb68ee88fb7cd538d19373275
1134cf06df1432e2c330b2b1a952ef381aae4a8b
00fd7e0197158ad3db653e5fceef170d80ea8939dd0b42900905e938736d257b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 14:01:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash dda77a44a7f9eeb9bd828f659ccb7e22
9af43f88835600fd3206e4f18b0c1c2571a3959c
c8effed6366a20b26e104fc4f64d24213eb357d61e7683e28f812d0c21edd044
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 14:01:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.42200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.42:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Tue, 20 Sep 2022 14:01:21 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.42200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.42:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash e65ea75e2dc8283b12f0bbe50d158924
7d8658c92818679092ec4d525fe5a756a973d82d
2dd2068217204e477b82d796afcd92883a2753a3850baed2fc93bcf8fba3d17b
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Tue, 20 Sep 2022 14:01:21 GMT
server: ESF
cache-control: private
content-length: 30884
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash c53364cae0510b97de38fb4b3396ff56
d6088b7fe775ebc077d116271fbe7fce898c06f0
2df909d86d97fbb9a27dd94ca9335ea29eae8f9325fccc8d0ef00a4f7cd7cdc6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 14:01:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/js/th/8jEuNRvllEtFmLzioZdbHhRQ_2cTQWhd6LiOGRrTeiw.js
142.250.74.164200 OK 14 kB URL HTTP/2 www.google.com/js/th/8jEuNRvllEtFmLzioZdbHhRQ_2cTQWhd6LiOGRrTeiw.js
IP 142.250.74.164:0
File type ASCII text, with very long lines (35918)
Hash b600177efe473664fb627ad35ffbc4db
b85f65be40c923277d1455e64a33966ee9fa0838
ec20323b3d03a9e3cb135ab17c27cee75eab248b40f3ebed5062d80ef18f961f
GET /js/th/8jEuNRvllEtFmLzioZdbHhRQ_2cTQWhd6LiOGRrTeiw.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 14184
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 14 Sep 2022 05:03:05 GMT
expires: Thu, 14 Sep 2023 05:03:05 GMT
cache-control: public, max-age=31536000
age: 550696
last-modified: Mon, 29 Aug 2022 11:00:00 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.42200 OK 30 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.42:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 9168f652d7cb29720b817d8fbf322db4
ff0a94078b30d3068e15a2b9b0385cc5530201b8
a8e9da4288ed6912e9ddc48091043955a4d53eeed513c1c39d0dacfc6985e6ed
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Tue, 20 Sep 2022 14:01:21 GMT
server: ESF
cache-control: private
content-length: 30519
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash b4c49cafcb6c1050bd6062ca77021b0f
391b19a1f787aaf2769aa4d8b77c8a494b7ccf58
9a41450a0f09390e532d6193d9309fee56fd9a2512375af64516f88b330674ea
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 14:01:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
redirector.googlevideo.com/initplayback?source=youtube&orc=1&oeis=1&ip=91.90.42.154&c=WEB_EMBEDDED_PLAYER&oad=3200&ovd=3200&oaad=3200&oavd=3200&ocs=700&oewis=1&oputc=1&ofpcc=1&msp=1&odeak=1&odepv=1&osfc=1&alr=yes&id=53325&cmo=sensitive_content=yes&sc=yes&cmo=td=c.youtube.com
142.250.74.78200 OK 244 B URL HTTP/2 redirector.googlevideo.com/initplayback?source=youtube&orc=1&oeis=1&ip=91.90.42.154&c=WEB_EMBEDDED_PLAYER&oad=3200&ovd=3200&oaad=3200&oavd=3200&ocs=700&oewis=1&oputc=1&ofpcc=1&msp=1&odeak=1&odepv=1&osfc=1&alr=yes&id=53325&cmo=sensitive_content=yes&sc=yes&cmo=td=c.youtube.com
IP 142.250.74.78:0
File type ASCII text, with very long lines (321), with no line terminators
Hash e341dbc80c293b2a707750d1be78124c
c46d079704d2dae43f5b1e52fbf1ffba4fb806d2
85220cbf374dea51f5fed0f159005512aed3c35bf7fdb776acc3dafe5bd0c378
GET /initplayback?source=youtube&orc=1&oeis=1&ip=91.90.42.154&c=WEB_EMBEDDED_PLAYER&oad=3200&ovd=3200&oaad=3200&oavd=3200&ocs=700&oewis=1&oputc=1&ofpcc=1&msp=1&odeak=1&odepv=1&osfc=1&alr=yes&id=53325&cmo=sensitive_content=yes&sc=yes&cmo=td=c.youtube.com HTTP/1.1
Host: redirector.googlevideo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 20 Sep 2022 14:01:21 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
timing-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
content-type: text/plain; charset=UTF-8
content-encoding: gzip
server: ClientMapServer
content-length: 244
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash b4c49cafcb6c1050bd6062ca77021b0f
391b19a1f787aaf2769aa4d8b77c8a494b7ccf58
9a41450a0f09390e532d6193d9309fee56fd9a2512375af64516f88b330674ea
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 14:01:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i.ytimg.com/vi_webp/J8heW71zFmc/sddefault.webp
216.58.207.246200 OK 42 kB URL HTTP/2 i.ytimg.com/vi_webp/J8heW71zFmc/sddefault.webp
IP 216.58.207.246:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 7e55a2fedf425f4ff1cb276ea19e6d1b
aaad10c3c832eec072653cdf729b69d40e0ddc93
471f121ba2ce7da2634e8d715e5321f2e29afb1fe4458d72a018f8475559191d
GET /vi_webp/J8heW71zFmc/sddefault.webp HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/webp
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 41742
date: Tue, 20 Sep 2022 14:01:21 GMT
expires: Tue, 20 Sep 2022 16:01:21 GMT
cache-control: public, max-age=7200
etag: "0"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4aebec42ca2e6505dc8921d4e374fb5e
e43838649932d95af63c651d94b8ca67845156ef
01edca4a2f977f1dc6c0a068f97fd17e04dc96d88d9664107af3b2ffb6f18ffb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 14:01:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i.ytimg.com/vi_webp/j_95sRdLW4Q/sddefault.webp
216.58.207.246200 OK 60 kB URL HTTP/2 i.ytimg.com/vi_webp/j_95sRdLW4Q/sddefault.webp
IP 216.58.207.246:0
Hash 4ace19d4433421fc41b5800e4da109ae
6e07fc0d8e07cc38e7903186e8be628379810ae3
f9f23a03cd15d42c01402ee137ab2d8dbc6b8e1b90d415e7ab292124cf61796f
GET /vi_webp/j_95sRdLW4Q/sddefault.webp HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/webp
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 32082
date: Tue, 20 Sep 2022 14:01:21 GMT
expires: Tue, 20 Sep 2022 16:01:21 GMT
cache-control: public, max-age=7200
etag: "0"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.42200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.42:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 5942c0314b0e3c8248f626cfc5cc53e3
66826a6511233783971be437539473037f942ef9
dc0ef133f4ff9496c9d8ab3edec17578db198c557afd6a6c85bc6020dadf529a
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Tue, 20 Sep 2022 14:01:21 GMT
server: ESF
cache-control: private
content-length: 30690
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash b4c49cafcb6c1050bd6062ca77021b0f
391b19a1f787aaf2769aa4d8b77c8a494b7ccf58
9a41450a0f09390e532d6193d9309fee56fd9a2512375af64516f88b330674ea
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 14:01:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i.ytimg.com/vi_webp/2w0Odw9kqTw/sddefault.webp
216.58.207.246200 OK 10 kB URL HTTP/2 i.ytimg.com/vi_webp/2w0Odw9kqTw/sddefault.webp
IP 216.58.207.246:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 2eb5053cfbd72d436e31b8d7be1e0374
144614c37171f0311a03ad857d0a799fd34c9349
2522be62e147c5f5edf1041d109e480277ae63ddbcd6a2f9c5ebb86be66e364d
GET /vi_webp/2w0Odw9kqTw/sddefault.webp HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/webp
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 10076
date: Tue, 20 Sep 2022 14:01:21 GMT
expires: Tue, 20 Sep 2022 16:01:21 GMT
cache-control: public, max-age=7200
etag: "0"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
yt3.ggpht.com/ytc/AMLnZu-woq6GYd50qFwD3pxObkspic8P40AI8T4hgl9c=s68-c-k-c0x00ffffff-no-rj
142.250.74.161200 OK 2.0 kB URL HTTP/2 yt3.ggpht.com/ytc/AMLnZu-woq6GYd50qFwD3pxObkspic8P40AI8T4hgl9c=s68-c-k-c0x00ffffff-no-rj
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 68x68, components 3\012- data
Hash a65bdc12e28c14ee5c1ceaad31203266
15971f64ae11b83eadd913d0e988a4be4c88d420
f8e094c254d4aef8d647c3fcc7f4cf125962bcfa76ba2f041afdd385e18c609d
GET /ytc/AMLnZu-woq6GYd50qFwD3pxObkspic8P40AI8T4hgl9c=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "va"
expires: Wed, 21 Sep 2022 14:01:21 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Tue, 20 Sep 2022 14:01:21 GMT
server: fife
content-length: 2042
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4aebec42ca2e6505dc8921d4e374fb5e
e43838649932d95af63c651d94b8ca67845156ef
01edca4a2f977f1dc6c0a068f97fd17e04dc96d88d9664107af3b2ffb6f18ffb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 14:01:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F799803b1-7e6e-42da-84f6-3e45140e6ae6.jpeg
34.120.237.76200 OK 7.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F799803b1-7e6e-42da-84f6-3e45140e6ae6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 49ffb7cd4c40b37f5b61c1fd86ee36ec
4188174bf6e595335f784d2bf9c90db57294b2fc
5af29dbb676f5a38288e73e9ca4feada901ccfb06385110ca0a46a4970532d32
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F799803b1-7e6e-42da-84f6-3e45140e6ae6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 7358
x-amzn-requestid: 88cc5413-2f66-4dc6-b20d-57dd16e77e89
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YugqUHZIoAMFd3Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6328e175-7357c2251f4434bc4686f9ed;Sampled=0
x-amzn-remapped-date: Mon, 19 Sep 2022 21:39:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tqQuwCb5au2yf-m5wbZyUdOh7VEnYzxCk19p2IlH0vHCFx9Lkhu6lw==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Sep 2022 22:00:04 GMT
age: 57678
etag: "4188174bf6e595335f784d2bf9c90db57294b2fc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
s.w.org/images/core/emoji/14.0.0/svg/1f603.svg
192.0.77.48200 OK 0 B URL HTTP/2 s.w.org/images/core/emoji/14.0.0/svg/1f603.svg
IP 192.0.77.48:0
GET /images/core/emoji/14.0.0/svg/1f603.svg HTTP/1.1
Host: s.w.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://albaladtravel.com.my/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 14:01:18 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Tue, 12 Apr 2022 03:53:43 GMT
x-frame-options: SAMEORIGIN
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn 1
x-content-type-options: nosniff
X-Firefox-Spdy: h2