Overview

URL ceritabasah.online/
IP216.239.34.21
ASNGOOGLE
Location United States
Report completed2022-09-28 18:42:07 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter  No alerts detected
mnemonic secure dns  No alerts detected
Quad9 DNS
Scan Date Severity Indicator Comment
2022-09-28 2 bouncingbalconysuperior.com Sinkholed
2022-09-28 2 bouncingbalconysuperior.com Sinkholed
2022-09-28 2 astonishedmule.com Sinkholed
2022-09-28 2 astonishedmule.com Sinkholed
2022-09-28 2 astonishedmule.com Sinkholed
2022-09-28 2 kazanwhoeveryowl.com Sinkholed
2022-09-28 2 kazanwhoeveryowl.com Sinkholed
2022-09-28 2 unseenreport.com Sinkholed
2022-09-28 2 unseenreport.com Sinkholed
2022-09-28 2 kazanwhoeveryowl.com Sinkholed
2022-09-28 2 kazanwhoeveryowl.com Sinkholed
2022-09-28 2 kazanwhoeveryowl.com Sinkholed
2022-09-28 2 kazanwhoeveryowl.com Sinkholed


Files

No files detected



Passive DNS (31)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS simplewebanalysis.com (4) 0 2022-02-25 04:06:25 UTC 2022-09-28 11:07:45 UTC 52.29.95.124 Unknown ranking
mnemonic passive DNS 10945-2.s.cdn15.com (2) 210526 2020-04-03 12:22:16 UTC 2022-09-28 05:50:59 UTC 185.18.187.89
mnemonic passive DNS blogger.googleusercontent.com (15) 16485 2012-05-25 17:41:01 UTC 2022-09-28 12:52:44 UTC 142.250.74.33
mnemonic passive DNS r3.o.lencr.org (9) 344 2020-12-02 08:52:13 UTC 2022-09-28 04:36:09 UTC 23.36.77.32
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-09-28 05:13:47 UTC 143.204.55.35
mnemonic passive DNS e1.o.lencr.org (4) 6159 2021-08-20 07:36:30 UTC 2022-09-28 05:22:53 UTC 23.36.76.226
mnemonic passive DNS unseenreport.com (2) 0 2022-03-30 14:33:17 UTC 2022-09-28 15:12:49 UTC 192.243.59.20 Unknown ranking
mnemonic passive DNS closed-consequence.com (1) 0 2022-08-06 07:36:16 UTC 2022-09-26 05:06:38 UTC 88.85.69.212 Unknown ranking
mnemonic passive DNS astonishedmule.com (4) 0 2022-09-19 02:41:15 UTC 2022-09-28 14:16:40 UTC 192.243.59.12 Unknown ranking
mnemonic passive DNS creepingbrings.com (1) 0 2022-05-27 14:56:26 UTC 2022-09-28 11:30:19 UTC 172.64.198.30 Unknown ranking
mnemonic passive DNS kazanwhoeveryowl.com (6) 0 2022-09-19 02:25:31 UTC 2022-09-28 15:43:42 UTC 173.233.137.52 Unknown ranking
mnemonic passive DNS img-getpocket.cdn.mozilla.net (7) 1631 2017-09-01 03:40:57 UTC 2022-09-28 08:06:38 UTC 34.120.237.76
mnemonic passive DNS fonts.gstatic.com (5) 0 2014-08-29 13:43:22 UTC 2022-09-28 04:36:33 UTC 142.250.74.163 Domain (gstatic.com) ranked at: 540
mnemonic passive DNS 1.bp.blogspot.com (2) 8403 2013-05-06 20:18:52 UTC 2022-09-28 11:03:48 UTC 142.250.74.161
mnemonic passive DNS cdn.sb4you1.com (5) 22321 2021-09-16 11:26:58 UTC 2022-09-28 11:11:17 UTC 172.64.200.2
mnemonic passive DNS addresseepaper.com (1) 18169 2021-11-01 21:11:31 UTC 2022-09-28 15:43:42 UTC 172.64.100.4
mnemonic passive DNS cdnjs.cloudflare.com (1) 235 2020-10-20 10:17:36 UTC 2022-09-28 05:34:56 UTC 104.17.25.14
mnemonic passive DNS fonts.googleapis.com (1) 8877 2013-06-10 20:14:26 UTC 2022-09-28 11:46:46 UTC 142.250.74.10
mnemonic passive DNS ceritabasah.online (1) 0 2022-09-21 10:25:56 UTC 2022-09-28 08:24:59 UTC 216.239.34.21 Unknown ranking
mnemonic passive DNS www.ceritabasah.online (4) 0 2022-09-28 08:25:52 UTC 2022-09-28 08:25:52 UTC 142.250.74.179 Unknown ranking
mnemonic passive DNS ocsp.digicert.com (6) 86 2012-05-21 07:02:23 UTC 2022-09-28 16:15:39 UTC 93.184.220.29
mnemonic passive DNS querulous-type.com (4) 0 2022-07-20 12:36:33 UTC 2022-09-27 05:34:31 UTC 88.85.69.211 Unknown ranking
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-09-28 04:36:06 UTC 34.117.237.239
mnemonic passive DNS www.blogger.com (1) 8975 2012-05-22 07:35:03 UTC 2022-09-28 06:06:33 UTC 142.250.74.105
mnemonic passive DNS ocsp.sca1b.amazontrust.com (2) 1015 2017-03-03 15:20:51 UTC 2019-03-27 04:05:54 UTC 54.230.245.110
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-05-28 17:26:30 UTC 2022-09-28 12:06:36 UTC 143.204.55.115
mnemonic passive DNS ocsp.pki.goog (18) 175 2017-06-14 07:23:31 UTC 2022-09-28 04:36:20 UTC 142.250.74.3
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-09-28 05:02:28 UTC 35.162.217.251
mnemonic passive DNS bouncingbalconysuperior.com (2) 0 2022-08-22 14:40:20 UTC 2022-08-26 13:16:37 UTC 192.243.59.12 Unknown ranking
mnemonic passive DNS www.kinogogly.pro (2) 0 2022-09-15 22:58:32 UTC 2022-09-28 09:54:22 UTC 185.18.187.89 Unknown ranking
mnemonic passive DNS cdn.yourwebbars.com (1) 62037 2021-01-29 17:47:27 UTC 2022-09-28 07:59:12 UTC 104.26.7.19


Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 216.239.34.21

Date UQ / IDS / BL URL IP
2022-12-06 01:58:10 +0000
0 - 0 - 3 jcrabapple.com/ 216.239.34.21
2022-12-02 08:06:04 +0000
0 - 0 - 4 seokudus.tk/ 216.239.34.21
2022-12-02 05:09:18 +0000
0 - 0 - 3 chieutretruc.com/ 216.239.34.21
2022-12-01 13:26:54 +0000
0 - 0 - 4 cjewishn.com/ 216.239.34.21
2022-12-01 11:51:23 +0000
0 - 0 - 2 skttextile.com/image/onedrive/d0678309e3a4805 (...) 216.239.34.21

Last 5 reports on ASN: GOOGLE

Date UQ / IDS / BL URL IP
2022-12-07 16:15:48 +0000
0 - 0 - 2 wlcbzskszx.com/ 34.117.26.57
2022-12-07 16:09:55 +0000
0 - 0 - 1 zrczyfweb3.xyz/ 34.102.136.180
2022-12-07 15:21:01 +0000
0 - 0 - 2 ulqmpxoz.com/ 34.149.198.43
2022-12-07 15:14:12 +0000
0 - 0 - 2 57fdc63b3473.com/ 34.117.26.57
2022-12-07 15:06:00 +0000
0 - 0 - 0 script.google.com/a/macros/2.SusieQ2.6.Schaef (...) 142.250.74.110

Last 1 reports on domain: ceritabasah.online

Date UQ / IDS / BL URL IP
2022-09-28 18:42:07 +0000
0 - 0 - 13 ceritabasah.online/ 216.239.34.21

No other reports with similar screenshot



JavaScript

Executed Scripts (25)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (116)


Request Response
                                        
                                            GET / HTTP/1.1 
Host: ceritabasah.online
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         216.239.34.21
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=UTF-8
                                        
Location: http://www.ceritabasah.online/
Date: Wed, 28 Sep 2022 18:41:56 GMT
Server: ghs
Content-Length: 227
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Size:   227
Md5:    8ec3a7ede358bcb4bedd6a13b4226f13
Sha1:   3a829ed21161cf9339c03436cd8057d9fda671a5
Sha256: 32863c6b04021525e5a070199e9d76e9f4df5cc87cd29d21caff8de28b8d82ee
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "9FE6BEB1CB3851018168765A243B6DE69EC71D30770F8C2DCC57CAE7D9978CC1"
Last-Modified: Wed, 28 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5742
Expires: Wed, 28 Sep 2022 20:17:38 GMT
Date: Wed, 28 Sep 2022 18:41:56 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.115
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 28 Sep 2022 18:15:39 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 2iB9HXNct2twYcoB1aJtXbZQU9Avcw7f9-XOxnhdKUcrTVNb0HVqqA==
Age: 1577


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    2d12f67fe57a87e7366b662d153a5582
Sha1:   d7b02d81cc74f24a251d9363e0f4b0a149264ec1
Sha256: 73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.35
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Wed, 28 Sep 2022 09:24:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 bb1da7862c4968b28920b91b324095c0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: yd3n3qw2-Bfj8VGthz1EXmbCwnlr57e7BMo4um1TLnjGSt5CP71r7g==
age: 47610
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    6113f8408c59aebe188d6af273b90743
Sha1:   7398873bf00f99944eaa77ad3ebc0d43c23dba6b
Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Wed, 28 Sep 2022 18:41:56 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.115
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Wed, 28 Sep 2022 18:29:33 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Wed, 28 Sep 2022 19:25:37 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: TgkDMbjiWrEFTutNAIUGtZX1kil2s2wnEoE_uikS3jC8-9YGvLuYpw==
Age: 743


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            GET / HTTP/1.1 
Host: www.ceritabasah.online
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         142.250.74.179
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=UTF-8
                                        
Location: https://www.ceritabasah.online/
Content-Encoding: gzip
Date: Wed, 28 Sep 2022 18:41:56 GMT
Expires: Wed, 28 Sep 2022 18:41:56 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 178
Server: GSE


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Size:   178
Md5:    5406abd7a54427ea6d10a6d84b94a4df
Sha1:   1c6832c0949e72c46badf9fd503b6abd5f36dd42
Sha256: d69a8fe5476532a04362f8affa296c655f6f6f5975bc671132eabea6d145a0b0
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2506
Cache-Control: 'max-age=158059'
Date: Wed, 28 Sep 2022 18:41:57 GMT
Last-Modified: Wed, 28 Sep 2022 18:00:11 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST /s/gts1d4/wDmx2Gxr-0U HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 28 Sep 2022 18:41:57 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 6XaktFLlva1zqCfkcW8wxg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         35.162.217.251
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: r3MGrtPO3yceUCYfFdB03p8I++8=

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6029
Cache-Control: 'max-age=158059'
Date: Wed, 28 Sep 2022 18:41:57 GMT
Last-Modified: Wed, 28 Sep 2022 17:01:28 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 278

                                        
                                            GET /ajax/libs/font-awesome/5.15.4/css/fontawesome.min.css HTTP/1.1 
Host: cdnjs.cloudflare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ceritabasah.online/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.17.25.14
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
date: Wed, 28 Sep 2022 18:41:57 GMT
content-length: 10266
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "613fa20b-281a"
last-modified: Mon, 13 Sep 2021 19:10:03 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 3616155
expires: Mon, 18 Sep 2023 18:41:57 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QaEbEWmk24TTk8rc4wJ7qkimflQ1Dnfj7Nt2BCelcTzc8NZNwwtxQrTtXM64RTKZWTQQB8BduioLWEWMODELksK7E0B%2B7rU1UKlSkmgxUl6WVye4d6mquQn20pS95ZIPoCCMn2Et"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 751e9dc0198c0b61-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (57687)
Size:   10266
Md5:    2df28a5916bf4d00f6530d3c7a77c229
Sha1:   f79d49f3431b6b24585b98b93ad58528c5851f73
Sha256: 4b37ab094f005b15732000c017b5eb5086d0d9125e1624d9688170b53223e931
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6029
Cache-Control: 'max-age=158059'
Date: Wed, 28 Sep 2022 18:41:57 GMT
Last-Modified: Wed, 28 Sep 2022 17:01:28 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 278

                                        
                                            GET / HTTP/1.1 
Host: www.ceritabasah.online
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         142.250.74.179
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 28 Sep 2022 18:41:57 GMT
date: Wed, 28 Sep 2022 18:41:57 GMT
cache-control: private, max-age=0
last-modified: Tue, 27 Sep 2022 13:17:43 GMT
etag: W/"0a08c51bc589b31226051e36a89b3b4f17a3a4026e6c15ef511ff90abcdfff0e"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 101699
server: GSE
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (851)
Size:   101699
Md5:    22127f6aa73af11aa0c26efb9ebabdd3
Sha1:   7ad489ca4f02c9670a2fec7e17782699f52cb567
Sha256: 7f77e06bcc50f73282ae12ded85caac734403dcf821ed9e624a4203311a6002c
                                        
                                            GET /js/cookienotice.js HTTP/1.1 
Host: www.ceritabasah.online
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ceritabasah.online/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         142.250.74.179
HTTP/2 200 OK
content-type: text/javascript
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 2026
date: Wed, 28 Sep 2022 18:41:58 GMT
expires: Wed, 05 Oct 2022 18:41:58 GMT
cache-control: public, max-age=604800
last-modified: Wed, 28 Sep 2022 16:56:15 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   2026
Md5:    c4e1ed83d89245089b8a1203be20a377
Sha1:   f3940e1215b89300ef97d57a25993f25243b8688
Sha256: afa801a129ff6fc98533118275db8a7d4a38fc91f8ab55ed4c19b864255e68d2
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 28 Sep 2022 18:41:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /static/v1/widgets/4150139458-widgets.js HTTP/1.1 
Host: www.blogger.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ceritabasah.online/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.105
HTTP/2 200 OK
content-type: text/javascript
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 56826
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 25 Sep 2022 15:56:30 GMT
expires: Mon, 25 Sep 2023 15:56:30 GMT
cache-control: public, max-age=31536000
last-modified: Sun, 25 Sep 2022 08:50:22 GMT
age: 269128
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2221)
Size:   56826
Md5:    b318be2224a9b91139a7a4b41f2e4b6e
Sha1:   4bcae447ce5bb3cb36a74745bcca9b72ba419c9f
Sha256: bc5c92978c40e36f3da25045761d139de3a8a333c5290ccd233273af73bd7f4b
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 28 Sep 2022 18:41:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "CE27E344CD1BA1EFAE54D6FE69C9E48569DBDDC1848E0D4DF44700730D52A7A8"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11112
Expires: Wed, 28 Sep 2022 21:47:10 GMT
Date: Wed, 28 Sep 2022 18:41:58 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "6449BF062DBB79683071F367CA142C175EF304485CB4D3711FEB4763146E4FA7"
Last-Modified: Wed, 28 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4067
Expires: Wed, 28 Sep 2022 19:49:45 GMT
Date: Wed, 28 Sep 2022 18:41:58 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "6449BF062DBB79683071F367CA142C175EF304485CB4D3711FEB4763146E4FA7"
Last-Modified: Wed, 28 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4067
Expires: Wed, 28 Sep 2022 19:49:45 GMT
Date: Wed, 28 Sep 2022 18:41:58 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ffa6dde-b51e-43f8-bfcb-3f442d674928.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8500
x-amzn-requestid: 626c21ec-f29b-4b69-b275-c22c864c2409
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3VmENnIAMFeTQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c23-75eccc381fbd6e5d4ff59c06;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:33:23 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Eyy8qoYVCJbt6b6hTGJ-rOrYex9RuX1InyZbpHkeu9yQqPUEvowKcw==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:48:58 GMT
etag: "9c4692ea64832895fbd107d91f879728b6a440c7"
age: 75180
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8500
Md5:    6139c878a7d2bd32c61fc8287996eb5b
Sha1:   9c4692ea64832895fbd107d91f879728b6a440c7
Sha256: 3839df92f0a10c1433d5b576df50c9f7953912ae4f425012262f08ee8a59ce2e
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79631135-a10c-43bf-85d2-fa2236b96883.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 13213
x-amzn-requestid: 09f8fee2-6830-4bec-af40-f2fb6547bc63
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZFkreH5poAMFdxg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63321b16-0afbf5e01a013e6f0db53da1;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 21:35:18 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: CwkfEPDseHez7mArqwz8tmC3WHFwXAZF1OSColucaQ5vG2hvBIDWOg==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:39:01 GMT
age: 75777
etag: "3d4fa8701f17e8818c25584ef5f04bfbee8440cd"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   13213
Md5:    62e68c3cd08dd94d910507512a67e85f
Sha1:   3d4fa8701f17e8818c25584ef5f04bfbee8440cd
Sha256: 058d798963f83f5fb88ab728185f755c5353fa981d93e1b6ff869089f501586b
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0369629e-f44d-439f-a279-b5ae6ecc0cf1.png HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 14464
x-amzn-requestid: 5cbbafdb-3f69-4ee2-9e46-c1ff0ed4ef14
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3UPFiooAMFulA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c1a-633a649700e040b91deadb64;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:33:14 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: cNryG5vkxZuFATZfcNW9Z1-0teUBWLRyWslX1onwYlDCQBUjU2xVdA==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:46:03 GMT
age: 75355
etag: "bc214d60be395d4cf753216ff8f9691c33d25e75"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   14464
Md5:    aa5cad224dbddd71881bd07255beb4da
Sha1:   bc214d60be395d4cf753216ff8f9691c33d25e75
Sha256: 82935e52aa59929a448d17a5a2d58fda86bb5c25bf6628a05bd904f82517dada
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F693de74c-173e-4d9b-8317-35601f30ffd7.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 13299
x-amzn-requestid: 926df8b6-beec-470d-b0b3-33be326cd379
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3UPF8YIAMF3Nw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c1a-343e91e735af43d01fc83ddd;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:33:14 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: fcxclGRP3zfWwb6opjYU2bL9VAq_mCSNjFtfp9iMLq6tbZu57EDqpQ==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:50:04 GMT
etag: "651600f2ef18cecc2e38370069bbb5e1d86f68e0"
age: 75114
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   13299
Md5:    ad84ed0c5b2090df7996007514cf1984
Sha1:   651600f2ef18cecc2e38370069bbb5e1d86f68e0
Sha256: a3d0729e1d43afeadd2dd8273c858b8839d9e476f773c8ec9d96b5969a9e0b4a
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad593ee0-d404-46e3-b129-229e09b263b0.png HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 12016
x-amzn-requestid: ec1b3715-5d0f-4045-aa5b-b70a55c81d72
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3e3EtyIAMFdZg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c5e-201dd1ef1426a09965c68dab;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:34:22 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: pR4b1-lZZRMnWf-PdXFGXaHBCGAfOyp3AjeuCvtu5imWmf9N9l2wKQ==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:48:38 GMT
age: 75200
etag: "a54803cca7d3c509c195f65961e1110c8ec56f55"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   12016
Md5:    4b794c6812cb546de0295e087ebe66a7
Sha1:   a54803cca7d3c509c195f65961e1110c8ec56f55
Sha256: 6a207f75eb3951f3dea5252bc8d185cd604d3d657f15b838774e8087e91f37f5
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb9a3b058-92c9-490e-9cbb-736f7e46510d.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7455
x-amzn-requestid: e99c9f33-b72a-4070-80cf-06fb4a87d1df
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZG4S6EcAoAMFX1A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6332a0df-04122b4a345dbc3f3918af98;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 07:06:07 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: yprErfM7s7P7jJPJT-HQZ2Z_AAN4946Tjwyn1g4r7yiA6IF0yLdQTQ==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Sep 2022 05:22:11 GMT
age: 47987
etag: "b383135e2ebc23fe80eb0d594b198cb8c89327a5"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7455
Md5:    ea3890e460356d6ecc3ba4e405ac2e9e
Sha1:   b383135e2ebc23fe80eb0d594b198cb8c89327a5
Sha256: 8fcff053ce6e5750136bf876bad5b2916935f13ea039912d977928b086f0a48b
                                        
                                            GET /ea/b0/78/eab0780b70b7f4cf04cecb498182998a.js HTTP/1.1 
Host: bouncingbalconysuperior.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ceritabasah.online/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         192.243.59.12
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx/1.17.6
Date: Wed, 28 Sep 2022 18:41:58 GMT
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 21f06c00d0adb18f64689d2920b9d857
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (59383), with no line terminators
Size:   20318
Md5:    45fab809d88d789c4bc21901f2d328e2
Sha1:   1dc2e5970fc505910f4a0d8d8bd08e0197d8c094
Sha256: 0899bdc1cb6ffe93f810bbb9fedaaca04929cb68daa4787ac75e2e6b50897ed9

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /1b/a7/59/1ba75976f255aa48f13d9dd2dcc93470.js HTTP/1.1 
Host: bouncingbalconysuperior.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ceritabasah.online/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         192.243.59.12
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx/1.17.6
Date: Wed, 28 Sep 2022 18:41:58 GMT
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: b461bbdb2f3be1081185f50f4e78fee4
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (37124), with no line terminators
Size:   13411
Md5:    ce2a41b0440f8c69aceae1392c3a031b
Sha1:   5b07ba188f2d7d94d4caa011eb530f2024c24381
Sha256: 2809ee7ae4e93f4027edef79b298ca8b88762294a17a7f309bcf206efd412bcd

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 346
ETag: "6389A79FA621D32138DAB9C0FAB190C515288EF534B023CC909A156979FCEF39"
Last-Modified: Mon, 26 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6037
Expires: Wed, 28 Sep 2022 20:22:35 GMT
Date: Wed, 28 Sep 2022 18:41:58 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3399
Cache-Control: 'max-age=158059'
Date: Wed, 28 Sep 2022 18:41:58 GMT
Last-Modified: Wed, 28 Sep 2022 17:45:19 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 279

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         54.230.245.110
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 28 Sep 2022 18:41:58 GMT
Last-Modified: Wed, 28 Sep 2022 17:06:17 GMT
Server: ECS (nyb/1D1B)
X-Cache: Miss from cloudfront
Via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: TpxUCVIPMkwjwZKnHYOQ8AooPSrg11eEWzkvMFkvlVqZwkXgRKzoiQ==
Age: 5741

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         54.230.245.110
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 28 Sep 2022 18:41:58 GMT
Last-Modified: Wed, 28 Sep 2022 17:09:08 GMT
Server: ECS (bsa/EB1B)
X-Cache: Miss from cloudfront
Via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: KlSxvKXgjDD0jVfCOvckmPpfWEEUSPa9h7cPgp2RogZECn3yza4UEQ==
Age: 5570

                                        
                                            GET /stats HTTP/1.1 
Host: simplewebanalysis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.ceritabasah.online
Connection: keep-alive
Referer: https://www.ceritabasah.online/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         52.29.95.124
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
date: Wed, 28 Sep 2022 18:41:58 GMT
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.ceritabasah.online
access-control-allow-credentials: true
set-cookie: uid_id2=b4a4d51c-04a6-46ad-8be9-3ebca81a6dc5:3:1; expires=Sat, 25 Sep 2032 18:41:58 GMT; secure; SameSite=None
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   40
Md5:    0470034420100045e223e3f350821c12
Sha1:   0db6bc5c446281be352dd67501e4267643661680
Sha256: c8871f7d07ba977bc940f684fbcc3305839f59cdfbae068e1073ed4c01f8997a
                                        
                                            GET /stats HTTP/1.1 
Host: simplewebanalysis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.ceritabasah.online
Connection: keep-alive
Referer: https://www.ceritabasah.online/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         52.29.95.124
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
date: Wed, 28 Sep 2022 18:41:58 GMT
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.ceritabasah.online
access-control-allow-credentials: true
set-cookie: uid_id2=57a5aec7-d9f8-47fb-8160-f609178f2e18:2:1; expires=Sat, 25 Sep 2032 18:41:58 GMT; secure; SameSite=None
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   40
Md5:    c83023b2b41cfca257bdd7d5bd25ed2d
Sha1:   755cae81a18287fb14741666b436812b376ceb52
Sha256: 9acd66d25a436ab787decee7867f1d2f3bc48074aa5c315970afe0c8d0b81134
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 28 Sep 2022 18:41:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 28 Sep 2022 18:41:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 28 Sep 2022 18:41:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 28 Sep 2022 18:41:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 28 Sep 2022 18:41:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.ceritabasah.online
Connection: keep-alive
Referer: https://www.ceritabasah.online/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44656
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 24 Sep 2022 09:25:27 GMT
expires: Sun, 24 Sep 2023 09:25:27 GMT
cache-control: public, max-age=31536000
age: 378991
last-modified: Thu, 28 Oct 2021 00:30:43 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 44656, version 1.0\012- data
Size:   44656
Md5:    a698723ffb7c306e852d2a2754a41bb1
Sha1:   1ad09d91061336f01ee7bbf0ab6ce011adeef279
Sha256: 88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
                                        
                                            GET /s/opensans/v27/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAewA.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.ceritabasah.online
Connection: keep-alive
Referer: https://www.ceritabasah.online/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17768
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 23 Sep 2022 14:43:09 GMT
expires: Sat, 23 Sep 2023 14:43:09 GMT
cache-control: public, max-age=31536000
age: 446329
last-modified: Thu, 28 Oct 2021 00:32:14 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 17768, version 1.0\012- data
Size:   17768
Md5:    b42f06e6ecc6ae551b010ba0ff4fa6a3
Sha1:   363c4ff155d5e82e88d9dfe31e129dcf62b4dced
Sha256: f27408b033a0195d0f29b0ecbc143f470c4fbb0807472a688b2f9e66403651e0
                                        
                                            GET /-YTjPASOWTAQ/YNQ3xSlBNjI/AAAAAAAAB34/G7kSHdwBZYI5xmb2cytxEkyRhswXCHXsgCLcBGAsYHQ/s1320/Piki%2BFrame.png HTTP/1.1 
Host: 1.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ceritabasah.online/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.161
HTTP/2 200 OK
content-type: image/png
                                        
access-control-expose-headers: Content-Length
content-disposition: inline;filename="Piki Frame.png"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 2294
x-xss-protection: 0
date: Wed, 28 Sep 2022 14:50:40 GMT
expires: Wed, 02 Mar 2022 10:25:24 GMT
cache-control: public, max-age=86400, no-transform
age: 13878
etag: "v77f"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 150 x 426, 8-bit colormap, non-interlaced\012- data
Size:   2294
Md5:    ed0ebcdb5c9b47dd517a3792e24d07d4
Sha1:   69cab86daa8d01bb0036f40221be45d9f7482bf8
Sha256: a212db34f6b0dac1d1383f4d9983c657a156b2f1d234bb9f5d4d6bb508f8af27
                                        
                                            GET /-YTjPASOWTAQ/YNQ3xSlBNjI/AAAAAAAAB34/G7kSHdwBZYI5xmb2cytxEkyRhswXCHXsgCLcBGAsYHQ/s1000/Piki%2BFrame.png HTTP/1.1 
Host: 1.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ceritabasah.online/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.161
HTTP/2 200 OK
content-type: image/png
                                        
access-control-expose-headers: Content-Length
content-disposition: inline;filename="Piki Frame.png"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 2294
x-xss-protection: 0
date: Wed, 28 Sep 2022 14:50:40 GMT
expires: Sun, 17 Jul 2022 08:07:25 GMT
cache-control: public, max-age=86400, no-transform
age: 13878
etag: "v77f"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 150 x 426, 8-bit colormap, non-interlaced\012- data
Size:   2294
Md5:    ed0ebcdb5c9b47dd517a3792e24d07d4
Sha1:   69cab86daa8d01bb0036f40221be45d9f7482bf8
Sha256: a212db34f6b0dac1d1383f4d9983c657a156b2f1d234bb9f5d4d6bb508f8af27
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 28 Sep 2022 18:41:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3400
Cache-Control: 'max-age=158059'
Date: Wed, 28 Sep 2022 18:41:59 GMT
Last-Modified: Wed, 28 Sep 2022 17:45:19 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 279

                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 346
ETag: "6389A79FA621D32138DAB9C0FAB190C515288EF534B023CC909A156979FCEF39"
Last-Modified: Mon, 26 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6036
Expires: Wed, 28 Sep 2022 20:22:35 GMT
Date: Wed, 28 Sep 2022 18:41:59 GMT
Connection: keep-alive

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 28 Sep 2022 18:41:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.ceritabasah.online
Connection: keep-alive
Referer: https://www.ceritabasah.online/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 24756
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 24 Sep 2022 02:18:38 GMT
expires: Sun, 24 Sep 2023 02:18:38 GMT
cache-control: public, max-age=31536000
age: 404601
last-modified: Thu, 28 Oct 2021 00:30:39 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 24756, version 1.0\012- data
Size:   24756
Md5:    7bff5195b41fb95979967ceb1f4306b8
Sha1:   2e6a639f78b6dd671f870ae780f5f52bd0448e91
Sha256: fcbd587432f5e88fc926d1cde0d375084b7f3e711f9ff34571dec52f70fb27cf
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "7B561BF9620B6C7956C3F7131B90D2F6546DE4897E73CED2D7BC8CB00DD1C8B1"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5706
Expires: Wed, 28 Sep 2022 20:17:05 GMT
Date: Wed, 28 Sep 2022 18:41:59 GMT
Connection: keep-alive

                                        
                                            GET /c.H-VpzqarGsl_tuZvzw9xh-ZzEAlBkCP_TEQF0GOHD-AJzKMLiMZ_jOdPDQ0Rm-ZTnUBV2WP_TYgZwaMbD-AdmeZfngJ_2iPjTkElw-MnDoApwqJ_mslttuZvz-1xoydzHAR_wCcDyEUFz-QHSIUJyKR_iMUNyORPj-ERwSOTTUQ_1WLXTYIZu-cbyc5djeZ_Gg4hxiNjS-5ljmbn2o0_lqMrksZtj-cvmwVxhyd_GAlB2CZDX-MFlGMHkIY_xKNLzMENz-NPTQcRlSM_kUYVyWMXT-YZxaMbTcM_leMfkgYh0-NjDkglwmM_zoJpfqNrD-VthuNvzwg_uyczGA5Bn-JDnEBFhGe_TI0J4KMLD-ANwOJPnQB_hSeTWU9V1-dXFYBZlac_kcNdseafW-NhriPjTkA_mmcnmoVp2-PrTsEtwuM_DwAxwyJzn-NBzCPDTEA_mGcH3IQJ9-MLSMZN6Ob_2Q5RlSSTW-QV9WNXDYU_zaObTcYdz-Nfgg HTTP/1.1 
Host: querulous-type.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ceritabasah.online/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         88.85.69.211
HTTP/2 302 Found
                                        
server: nginx
date: Wed, 28 Sep 2022 18:41:59 GMT
content-length: 0
expires: Mon, 26 Jul 2011 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Platform
location: https://10945-2.s.cdn15.com/creatives/171357/216113/448032_45a78.png
x-content-type-options: nosniff
X-Firefox-Spdy: h2

                                        
                                            GET /bFX/Vmsnd.GflR0RYIWycQ/te-ml9XuKZDUGlokAPiT/Ql1VMSzekG2CMHzogAtuN/DRUozlOqTjYFzsO/QO HTTP/1.1 
Host: querulous-type.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ceritabasah.online/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         88.85.69.211
HTTP/2 404 Not Found
                                        
server: nginx
date: Wed, 28 Sep 2022 18:41:59 GMT
content-length: 0
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Platform
expires: Mon, 26 Jul 2011 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
X-Firefox-Spdy: h2

                                        
                                            GET /pixel/purst?dl=0&th=0&sc=0&rs=2465&rd=2465&fd=908&bv=22.8.v.1&tmpl=70 HTTP/1.1 
Host: astonishedmule.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ceritabasah.online/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         192.243.59.12
HTTP/1.1 200 OK
                                        
Server: nginx/1.17.6
Date: Wed, 28 Sep 2022 18:41:59 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /creatives/171357/216113/448032_45a78.png HTTP/1.1 
Host: 10945-2.s.cdn15.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ceritabasah.online/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         185.18.187.89
HTTP/2 200 OK
content-type: image/png
                                        
server: ucdn/1.22.0
date: Wed, 28 Sep 2022 18:41:59 GMT
content-length: 9418
last-modified: Tue, 27 Sep 2022 12:35:41 GMT
etag: "03cfef95b159bac03fd92ca6864284e6"
x-timestamp: 1664282140.63901
x-trans-id: tx110c496f138d4f98aec28-006332ee22
x-openstack-request-id: tx110c496f138d4f98aec28-006332ee22
expires: Thu, 09 Mar 2023 20:20:57 GMT
cache-control: max-age=14002738
x-ureq-id: XDrrrzssYKy7XniAYHDaCxO/1BtQYlPAo1HVcwFLMsr3uaLidETSLqKazNe79F20GEByJQyhOC8MENovHnWAlKl6rDOZz1zoddCAgTNgNdg=
x-served-from: l1
access-control-allow-origin: *
access-control-allow-methods: HEAD, GET, OPTIONS
x-vhostid: 6589, 23922
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Size:   9418
Md5:    03cfef95b159bac03fd92ca6864284e6
Sha1:   709a5eba38c15a0fb2c9fff295021019877df5c5
Sha256: 53e0793d137cd5a3896a1ca0126b5548b9d67053eb8a8b8feeb5c501beb045aa
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "F6BAAF565CB836BD8637803211BD53841CF340A91EBD749AA5065595692039EF"
Last-Modified: Mon, 26 Sep 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9216
Expires: Wed, 28 Sep 2022 21:15:35 GMT
Date: Wed, 28 Sep 2022 18:41:59 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "912E644F506D721B61CF3C6B5F7C30297A93144B6216AFBC1A82EF3B86AFBC80"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4260
Expires: Wed, 28 Sep 2022 19:52:59 GMT
Date: Wed, 28 Sep 2022 18:41:59 GMT
Connection: keep-alive

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 28 Sep 2022 18:41:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /sfp.js HTTP/1.1 
Host: creepingbrings.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ceritabasah.online/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.64.198.30
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Wed, 28 Sep 2022 18:41:58 GMT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 6f576dd688642314ac08e7541749cde1
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Wed, 28 Sep 2022 18:41:58 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B%2BmrMmD1S%2BceAy0xjvsvtKOOSnoCuhsRW3z4QiqFCj3bAzDduJ8UABjNaxKFHLC%2FYCk9Px4obEsB894fTq4FYRz4bXeRMK4Lrh%2Fue8PsQsVIdwMnnHy9e40TFBkZLrTt8rw7pn8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 751e9dc60b9406ed-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Size:   27119
Md5:    249d5bb8f8d5fd948efc1354d88c6817
Sha1:   7c912d3b06643207404fedefff09fafa13366c0d
Sha256: f3bfe89639b988ecb00f0cfee2f14749541d67e96bd6b6308d6e934031db1352
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 28 Sep 2022 18:41:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 28 Sep 2022 18:41:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 28 Sep 2022 18:41:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 28 Sep 2022 18:41:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /favicon.ico HTTP/1.1 
Host: www.ceritabasah.online
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ceritabasah.online/
Cookie: ppu_main_eab0780b70b7f4cf04cecb498182998a=1; sb_main_1ba75976f255aa48f13d9dd2dcc93470=1; sb_count_1ba75976f255aa48f13d9dd2dcc93470=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         142.250.74.179
HTTP/2 200 OK
content-type: image/x-icon; charset=UTF-8
                                        
content-security-policy: upgrade-insecure-requests
content-security-policy-report-only: default-src https: blob: data: 'unsafe-inline' 'unsafe-eval'; report-uri https://www.blogger.com/cspreport
expires: Wed, 28 Sep 2022 18:41:59 GMT
date: Wed, 28 Sep 2022 18:41:59 GMT
cache-control: private, max-age=86400
last-modified: Tue, 27 Sep 2022 13:17:43 GMT
etag: W/"0a08c51bc589b31226051e36a89b3b4f17a3a4026e6c15ef511ff90abcdfff0e"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 961
server: GSE
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Size:   961
Md5:    d2ac1e70ddc1e864767f835d6d8bed6c
Sha1:   9ca9036c85f75aae859fbecfed51446df30c7ebb
Sha256: ff7d03dad35ce8b3514ce816e4cd476f6c86f35c18855646c9e38e4a1912a597
                                        
                                            GET /atW/5ww.Y/Wnd/lTQs2/9ykKZ/Tn9/6Qbb2L5/lfSSWmQc9nNLDkUczYOwT/YYz_Njiq0/0hNrT/Mu5LNwjmMr3K HTTP/1.1 
Host: querulous-type.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ceritabasah.online/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         88.85.69.211
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
server: nginx
date: Wed, 28 Sep 2022 18:41:58 GMT
vary: Accept-Encoding
expires: Mon, 26 Jul 2011 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Platform
x-content-type-options: nosniff
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (65511)
Size:   49966
Md5:    0bbd4c0a3ad2c5abb019feba3976afc1
Sha1:   0bebb3bd6681172ddb998ca28ef0a6a7923a54f5
Sha256: 60b89c8bf22e954888c6adb065cbe1dedef30744b210543f55740b7ac9732ae1
                                        
                                            GET /img/a/AVvXsEgMFfbGQEwI4fJnma3XUIWqUV5aGGm0QcT3iK_FMxjD9S7Q4toxkn-ssvgOOFeAyQiQLe-E8Ry7jDxqJa8X3dcoU2GMbA9r9vGnpzvLgBSEd4Mk_QRJQAEIS6SMBBx-V2WR6NgxxtcOMpkXgM9Kuotk_p8GS7FhV-o07VKu-c3QaZYOjNCFGR2qBEk=s100 HTTP/1.1 
Host: blogger.googleusercontent.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ceritabasah.online/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         142.250.74.33
HTTP/2 200 OK
content-type: image/png
                                        
access-control-expose-headers: Content-Length
etag: "v1b1e"
expires: Thu, 29 Sep 2022 18:41:59 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="selingkuh.png"
vary: Origin
x-content-type-options: nosniff
date: Wed, 28 Sep 2022 18:41:59 GMT
server: fife
content-length: 18147
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 100 x 100, 8-bit/color RGB, non-interlaced\012- data
Size:   18147
Md5:    49f5c16db7ed8e5ceff7157af6749611
Sha1:   54fa77c38f62e2451b0fe890521161d060dd4b65
Sha256: cc863e55e7e3259bbe0664b3d4ed3648bd5707e85588585095bcb59d152c40ac
                                        
                                            GET /img/a/AVvXsEihm3gYGGZ53OqiTzFKk4dvyxpAL-PSZpaFd0dR8EE9XJrd5h0MSmW_wvZYelVllPQWOfJdBNOZkCjSbNLM3c09-x1Za3YgbWhRuQzAjb41_KB56lokLI3Wkp6237oCNwNL4CmWxhugMK5WBlqBCU-XkhRwdxnl6Sb7LpdZIDz3BtTWI7wPtrOPNlg=s100 HTTP/1.1 
Host: blogger.googleusercontent.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ceritabasah.online/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         142.250.74.33
HTTP/2 200 OK
content-type: image/png
                                        
access-control-expose-headers: Content-Length
etag: "v1b2b"
expires: Thu, 29 Sep 2022 18:41:59 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="selingkuh.png"
vary: Origin
x-content-type-options: nosniff
date: Wed, 28 Sep 2022 18:41:59 GMT
server: fife
content-length: 22915
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Size:   22915
Md5:    81ca86112cf79368e7c711181aae9a3c
Sha1:   3cd1b502862818ad1c502123c938c9a8aa177a9e
Sha256: 48de1c03fd11a11bc1d5e48a6fca4a01a1b79d892348e179bec82ca10853650e
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 28 Sep 2022 18:41:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            OPTIONS /pixel/pure HTTP/1.1 
Host: astonishedmule.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.ceritabasah.online/
Origin: https://www.ceritabasah.online
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         192.243.59.12
HTTP/1.1 204 No Content
Content-Type: text/plain; charset=utf-8
                                        
Server: nginx/1.17.6
Date: Wed, 28 Sep 2022 18:42:00 GMT
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 1728000
Content-Length: 0


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /img/a/AVvXsEgwbjWfTZGzXze9wfDCw1-_Q0tdMIHJTuTDHztJnpZnbk11JuIl7EwOKh_bjnMOLkwUxP84Vo0n408UlWX1NbQrhHUM2djiRsE_US8RMwac46kOwhxY6My1e3FpoAb7JeyjrPyKBMuFCSyuPteCRw4hhpobN_hEXc8jedwTBtL95tbwCYTFdeWpDlRhjg=s287 HTTP/1.1 
Host: blogger.googleusercontent.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ceritabasah.online/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         142.250.74.33
HTTP/2 200 OK
content-type: image/png
                                        
access-control-expose-headers: Content-Length
etag: "v8"
expires: Thu, 29 Sep 2022 18:42:00 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="speedily-logo.png"
vary: Origin
x-content-type-options: nosniff
date: Wed, 28 Sep 2022 18:42:00 GMT
server: fife
content-length: 2222
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 287 x 65, 8-bit/color RGB, non-interlaced\012- data
Size:   2222
Md5:    06410b4d1f55b42dfd64acf9b2c417ce
Sha1:   b92e622eb23d6637e0b6f750948a3b49831d6c8b
Sha256: 5799665a70026fdf0e1675839dd1ed3c63d9bef90a16c606a412b23e08c3bc5b
                                        
                                            GET /img/a/AVvXsEj0rc9K_p_dIKne226C_WOS0b_H-1Ep3pDGfONUc5drtGxd0SD7J_INOJRxsP0O783jG-181U6KpA82hxsmB3nGoLeejO6yw-mPtUCbdFhZUbawDmaT6DmoREQUexOaeiHR3_LvJJV0ueRh3ffB51g-9QtxT2HC1kI9mWNs2OuygEUVkQXE7-_dGlWRww=w743-h418-p-k-no-nu HTTP/1.1 
Host: blogger.googleusercontent.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ceritabasah.online/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         142.250.74.33
HTTP/2 200 OK
content-type: image/png
                                        
access-control-expose-headers: Content-Length
etag: "v50"
expires: Thu, 29 Sep 2022 18:42:00 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="image.png"
vary: Origin
x-content-type-options: nosniff
date: Wed, 28 Sep 2022 18:42:00 GMT
server: fife
content-length: 284710
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 743 x 418, 8-bit/color RGB, non-interlaced\012- data
Size:   284710
Md5:    11c28dd0286197e6208b794732ca81c0
Sha1:   711e889332c5528c538e92e91278c7c7bb4d602a
Sha256: fc2207e26bd4da8a106b6e247bc1c04c8406905d27ee53e496bf21976a57850c
                                        
                                            GET /img/a/AVvXsEjIHEr1RYg037JjER1BVsNke9uV01UG4YwON6swteDcFc6VFtV6tTOPJKYm6MUgBNaClWD0-k2DRQKBbv3Pax5B8OdR3ewQahGhF51OpskpyZyRB0ZnZ2B_DywLGW_6pGRBq_FpmwFVl9DJD0v3lRc6FA_GQ61dO_7zhrNYRofiTSc1XZVT7GnUdOkULQ=w743-h418-p-k-no-nu HTTP/1.1 
Host: blogger.googleusercontent.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ceritabasah.online/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         142.250.74.33
HTTP/2 200 OK
content-type: image/png
                                        
access-control-expose-headers: Content-Length
etag: "v10"
expires: Thu, 29 Sep 2022 18:42:00 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="image.png"
vary: Origin
x-content-type-options: nosniff
date: Wed, 28 Sep 2022 18:42:00 GMT
server: fife
content-length: 186697
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 502 x 350, 8-bit/color RGB, non-interlaced\012- data
Size:   186697
Md5:    2ea71ecb2044f60e7426ee7f29d8e822
Sha1:   d2cddc60547a946685448b2724a3799fc46c5c6b
Sha256: fbad02f2ad45dd0fb45f2da1ba135000a6a0b76ec7096a4fcbe61a44808f43e1
                                        
                                            GET /img/a/AVvXsEhva9vbE108bLCPmfbX6SvnV1folHm-3EBAu47TgDT7vtdq-rfa1C5-y8LVUHsYPiprw4OG1EfG4YOBI3268D9bkg8enAZlVEuD0CfO8L0efU1SEDCtBnCQv0MfW3qunoMCZ7jZepNrWrryiDgl_dLk4pE6nLbiWU2WcIYL_J30pv-mgUkPmIOe6Mg=s100 HTTP/1.1 
Host: blogger.googleusercontent.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ceritabasah.online/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         142.250.74.33
HTTP/2 200 OK
content-type: image/png
                                        
access-control-expose-headers: Content-Length
etag: "v1b23"
expires: Thu, 29 Sep 2022 18:42:00 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="selingkuh.png"
vary: Origin
x-content-type-options: nosniff
date: Wed, 28 Sep 2022 18:42:00 GMT
server: fife
content-length: 14233
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 100 x 100, 8-bit/color RGB, non-interlaced\012- data
Size:   14233
Md5:    67e4e6b81b0ec0133fa475ef46881915
Sha1:   ef19167163623472850b6c2a7303cc6e022490f5
Sha256: 16ab0838d2490463db19278937f56fd8f9e7562bd4bd2d22b79a8f1164c7123f
                                        
                                            GET /img/a/AVvXsEjXEwhyEKDi74mlOowEvLSBJgs9g4wsfFENGKl9Tx34gbfB0IQSDwPxWyJFD6H2FFz2BVdPHwUawz7mv3jKuT8AG2y7bnzuJM1OIiqLomqlQ4B_kYvFGMGbjVxo_RkXnBQ2hie11RPP0rYQYFos2hSPyxj60eTDHjVFGvKEzeZ0tKP40619D8GFbaA=s100 HTTP/1.1 
Host: blogger.googleusercontent.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ceritabasah.online/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         142.250.74.33
HTTP/2 200 OK
content-type: image/png
                                        
access-control-expose-headers: Content-Length
etag: "v1b23"
expires: Thu, 29 Sep 2022 18:42:00 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="selingkuh.png"
vary: Origin
x-content-type-options: nosniff
date: Wed, 28 Sep 2022 18:42:00 GMT
server: fife
content-length: 17871
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 100 x 100, 8-bit/color RGB, non-interlaced\012- data
Size:   17871
Md5:    6a02e6788ada5b6394989ca8f62e28f2
Sha1:   68fe64a23e87cbb06e182d4bd98ecde601ce07f0
Sha256: 783dd680acaa4e1a943fbc193a11371c00a33c078bb708119a60941eb77f5af1
                                        
                                            GET /img/a/AVvXsEiQY67qT-7pkZ6849Mozw-_YpmtVRcqsWwENDJw-9OUpfuelTQ0k-MxitjeBy1Bdts6ypRvG-5-gPN2ihtzBVbu2jYccIyGwV9Hxq4uCRIZkOiSpoIJ-AKI_l-7Ntbq70R8YQbVMLm0UecsrVfuzlXnKi2fyP40yPy4OX5GJusCNoIFIvzKfg8oeBE=s100 HTTP/1.1 
Host: blogger.googleusercontent.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ceritabasah.online/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         142.250.74.33
HTTP/2 200 OK
content-type: image/png
                                        
access-control-expose-headers: Content-Length
etag: "v1b28"
expires: Thu, 29 Sep 2022 18:42:00 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="selingkuh.png"
vary: Origin
x-content-type-options: nosniff
date: Wed, 28 Sep 2022 18:42:00 GMT
server: fife
content-length: 19607
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 100 x 100, 8-bit/color RGB, non-interlaced\012- data
Size:   19607
Md5:    f7381af2ae2d08aae627cb9d3a05e921
Sha1:   996136d4be250b2e090995ec968e6e26dcdb5070
Sha256: 6e11f92cdecc390f0927a023221d17b8080247b0037bc2e4d9c130a43a88582e
                                        
                                            GET /img/a/AVvXsEgTfTiPGBok2_gyYlPMb7ZTk3AmAEvwXiYXGA86fjki1K5fZYha6bTGZ_oZGLu5gfigRiQf7gXKTYPeAhNb51c9bJGCQlFlbbHYXJJVTJMEV79sQ3dg02kFr10fS5WYxH_xRkT_qzzUHp_siK_EaomQyv1JPz4z1WQiAfyp5yXViHxfgHRobpytGAI=s100 HTTP/1.1 
Host: blogger.googleusercontent.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ceritabasah.online/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         142.250.74.33
HTTP/2 200 OK
content-type: image/png
                                        
access-control-expose-headers: Content-Length
etag: "v1b29"
expires: Thu, 29 Sep 2022 18:42:00 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="selingkuh.png"
vary: Origin
x-content-type-options: nosniff
date: Wed, 28 Sep 2022 18:42:00 GMT
server: fife
content-length: 15929
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 100 x 100, 8-bit/color RGB, non-interlaced\012- data
Size:   15929
Md5:    f0417f9020e4e26f4b473b0ca10347c2
Sha1:   efcde26da1f09b823de8a90f3f9e87caec7cd4f7
Sha256: 61ceca33547106d64d09ff9b6b36cfac94729f0c9d4f1ead77c054c75152bed5
                                        
                                            GET /img/a/AVvXsEgB6GtZBZ9W67d4SBe6IWaPf5tJO5lgPhfdXVq9cC3AJKQs_i5guu5_CAlkRQsR_oyZRomU6UOMSfp9qhe9jWvumZvKpVd6zJ-5L62nTdR6Rg8UcEc4KuKUYitaIoifE5pLtii_h2wD4SCP_cfTabB_Fw0oOI-ThCrqWzEL5turkn7hdoUSpQVwIPY=s100 HTTP/1.1 
Host: blogger.googleusercontent.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ceritabasah.online/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         142.250.74.33
HTTP/2 200 OK
content-type: image/png
                                        
access-control-expose-headers: Content-Length
etag: "v1b2a"
expires: Thu, 29 Sep 2022 18:42:00 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="selingkuh.png"
vary: Origin
x-content-type-options: nosniff
date: Wed, 28 Sep 2022 18:42:00 GMT
server: fife
content-length: 22267
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Size:   22267
Md5:    acdaeb948ba1f0d85103a4015626a2d4
Sha1:   37e44c7fc778e2b0e71ef51d19bf5fafa230c28d
Sha256: acaad5b5927a7cc8509a50aa2e49acd21c204197db0cf94948110945ff26b340
                                        
                                            GET /img/a/AVvXsEihgmmud8q7aHMQwNcODUw4MgwTC5YRtOLNctdPkIxB9ndSiBIOwFGbs1KHVLGx13Ai-hYoAT0IFFnWBG8KCGW2XELWQFbHQKsSvEKerppdO9qTDYXs8NXnHeB-vfFtRRu-TLTBtzR6xEIllx8VXalZaWhhaPcXjtG87FpoCMeYOxix3YFPfA0XeU5fVw=w743-h418-p-k-no-nu HTTP/1.1 
Host: blogger.googleusercontent.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ceritabasah.online/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         142.250.74.33
HTTP/2 200 OK
content-type: image/png
                                        
access-control-expose-headers: Content-Length
etag: "va"
expires: Thu, 29 Sep 2022 18:42:00 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="image.png"
vary: Origin
x-content-type-options: nosniff
date: Wed, 28 Sep 2022 18:42:00 GMT
server: fife
content-length: 190294
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 503 x 418, 8-bit/color RGB, non-interlaced\012- data
Size:   190294
Md5:    aebe6a7248c6bfdb3d3cbee99b508aea
Sha1:   7d452caa3459dc019dfcd0facdfa612a5c246ffd
Sha256: 3ca5410278a2ac61c930671b4c6d697515964c1ddac528c617a62a694085c207
                                        
                                            GET /img/a/AVvXsEhxW6jhumiOPPjdmWPyj9VZW6zvv7nU2pDbL2ac_FXF1UZb2ihCtcUyq-106yUgU9zpQBf-ce07pOgtvwppv4Ng3-LTBtsP4JFGUVR2wPJQ1vo3DnA8l2g8lrefA-7L59WFOz3bxTxNQE14DTzUvu49TM2vcK54yDsNJzsU-Vmz6ODW6TMyCqcGYIo=s100 HTTP/1.1 
Host: blogger.googleusercontent.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ceritabasah.online/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         142.250.74.33
HTTP/2 200 OK
content-type: image/png
                                        
access-control-expose-headers: Content-Length
etag: "v1b28"
expires: Thu, 29 Sep 2022 18:42:00 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="selingkuh.png"
vary: Origin
x-content-type-options: nosniff
date: Wed, 28 Sep 2022 18:42:00 GMT
server: fife
content-length: 21279
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Size:   21279
Md5:    18875e9cc91b3b0884d4712555dd0541
Sha1:   ec6a2c9f1cebc1cb8f4c6ea1db68cdaa1f5e89d9
Sha256: 51f324b27fc3e9e391601ec9e06f73c6d2b9e85a306bac27ffe24c99ea441f7e
                                        
                                            GET /img/a/AVvXsEhbVzDatGurxn0JGs7y5JT6pcWD6zbSMrYrM-6FZ1dDfhyyOT7vYZRyv1wYV66kn4F94cX6_pp6THey2Aq6w8D8A27Q8JKBu-eUHOORqxYe2AKb4w2SLUlK5tJlVH9pyvrJtEkia7KPo_LzObrxeZHqm-PQBWoNHssDJE88F6vDETOWjdF4zN86ndU=s100 HTTP/1.1 
Host: blogger.googleusercontent.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ceritabasah.online/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         142.250.74.33
HTTP/2 200 OK
content-type: image/png
                                        
access-control-expose-headers: Content-Length
etag: "v1b19"
expires: Thu, 29 Sep 2022 18:42:00 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="selingkuh.png"
vary: Origin
x-content-type-options: nosniff
date: Wed, 28 Sep 2022 18:42:00 GMT
server: fife
content-length: 19619
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 100 x 100, 8-bit/color RGB, non-interlaced\012- data
Size:   19619
Md5:    3f41ca8e97f097dbe2180c4b27fe1e1a
Sha1:   8451e8d21b40f1f0f8192ab814e1ec7a554cac2b
Sha256: 2e92c8451842b99b04e865094e90afa8fb718abf5fb4a1ba75a2467dd1d23cbb
                                        
                                            GET /img/a/AVvXsEhgzn0kN4a-yAWBMJKfH9J5EXmefj8pwpXIglyvTrSsJmjARk4u6hcQ_DWTudparcQzHGuQ3xewzfWfYRmPAV3iPz7VkGKQLCSKC78zdaoo0F8uL1TrUuHb8N91pnv1eqOqNXBAuxJoWMx9bY5lFHITU64GVPLB-kS0lgzkX6BhhLGeHKDWtPjNg5Y=w319-h283-p-k-no-nu HTTP/1.1 
Host: blogger.googleusercontent.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ceritabasah.online/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         142.250.74.33
HTTP/2 200 OK
content-type: image/png
                                        
access-control-expose-headers: Content-Length
etag: "v1bf9"
expires: Thu, 29 Sep 2022 18:42:00 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="image.png"
vary: Origin
x-content-type-options: nosniff
date: Wed, 28 Sep 2022 18:42:00 GMT
server: fife
content-length: 76980
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 319 x 283, 8-bit/color RGB, non-interlaced\012- data
Size:   76980
Md5:    95d9676b37df864f7b42c0e0875be510
Sha1:   8571f52b280fe9461f1527ba2879cc95f27506f7
Sha256: 8fc903c2ae56551501cbc838cd888b59157d1599ad7ba2951b7f5c1f2cc613ab
                                        
                                            GET /img/a/AVvXsEhgzn0kN4a-yAWBMJKfH9J5EXmefj8pwpXIglyvTrSsJmjARk4u6hcQ_DWTudparcQzHGuQ3xewzfWfYRmPAV3iPz7VkGKQLCSKC78zdaoo0F8uL1TrUuHb8N91pnv1eqOqNXBAuxJoWMx9bY5lFHITU64GVPLB-kS0lgzkX6BhhLGeHKDWtPjNg5Y=w743-h418-p-k-no-nu HTTP/1.1 
Host: blogger.googleusercontent.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ceritabasah.online/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         142.250.74.33
HTTP/2 200 OK
content-type: image/png
                                        
access-control-expose-headers: Content-Length
etag: "v1bf9"
expires: Thu, 29 Sep 2022 18:42:00 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="image.png"
vary: Origin
x-content-type-options: nosniff
date: Wed, 28 Sep 2022 18:42:00 GMT
server: fife
content-length: 106852
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 328 x 418, 8-bit/color RGB, non-interlaced\012- data
Size:   106852
Md5:    690bde69b26c312c0b326559cf5a3c58
Sha1:   342e62cbb355edd446689ca5a08c508fdbaa96dd
Sha256: fe4bfd9d124e1bd9285b53419cf261b386bd976f286c00140fd349a7f8e63974
                                        
                                            POST /pixel/pure HTTP/1.1 
Host: astonishedmule.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 72
Origin: https://www.ceritabasah.online
Connection: keep-alive
Referer: https://www.ceritabasah.online/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         192.243.59.12
HTTP/1.1 200 OK
                                        
Server: nginx/1.17.6
Date: Wed, 28 Sep 2022 18:42:00 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /stats HTTP/1.1 
Host: simplewebanalysis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.ceritabasah.online
Connection: keep-alive
Referer: https://www.ceritabasah.online/
Cookie: uid_id2=57a5aec7-d9f8-47fb-8160-f609178f2e18:2:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         52.29.95.124
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
date: Wed, 28 Sep 2022 18:42:00 GMT
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.ceritabasah.online
access-control-allow-credentials: true
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   40
Md5:    c83023b2b41cfca257bdd7d5bd25ed2d
Sha1:   755cae81a18287fb14741666b436812b376ceb52
Sha256: 9acd66d25a436ab787decee7867f1d2f3bc48074aa5c315970afe0c8d0b81134
                                        
                                            GET /stats HTTP/1.1 
Host: simplewebanalysis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.ceritabasah.online
Connection: keep-alive
Referer: https://www.ceritabasah.online/
Cookie: uid_id2=57a5aec7-d9f8-47fb-8160-f609178f2e18:2:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         52.29.95.124
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
date: Wed, 28 Sep 2022 18:42:00 GMT
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.ceritabasah.online
access-control-allow-credentials: true
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   40
Md5:    c83023b2b41cfca257bdd7d5bd25ed2d
Sha1:   755cae81a18287fb14741666b436812b376ceb52
Sha256: 9acd66d25a436ab787decee7867f1d2f3bc48074aa5c315970afe0c8d0b81134
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3338
Cache-Control: 'max-age=158059'
Date: Wed, 28 Sep 2022 18:42:00 GMT
Last-Modified: Wed, 28 Sep 2022 17:46:22 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 278

                                        
                                            GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRitzi6oiIIhFwXD3FSQ2e751TPmEFzXlcVNNiaKuWl1Vc1sOdVVTVX39OyeFoMhF2Fy8N77ZjdLNIiK1wSZDeSwIGx72oP7P4iQkweZyeKYD5rvvX7v8L7vq9u72SnxkdGTlStmWypFl5pVv%2FL2zSC4VFmXOhtWhu3WF63GpYodvNdpVf13Kh8J1jdLNT%2Fw%2FcAPKqvSiq4ZLk1FyORBJ6h2%2FGqjVg2aDQzt89xlHhz1wAen5DwkLxcfexcg2QQ6%2FmlFuH5qknc%2FjDNFU2Mx4Aef6b42uUY8h13roasPztww7nj1EYzen8WFGfxnjGRJvCePEOmDs5CIBnuznJGC0Ij4y8gHEwg1gaQTMHMLkh8TgHFc3YCO7101Nqdbz1Q6VUuy%2BPRvyLwki39egI5%2FXFZyWLlhVJZKox2G3QJyOIHsTZBkh0i3z0Hmh2Dp15D8d7L0dB063ttwykDyYja7lBPI7gRKjECdh2z6SQ9Z10OWeIj5SYUFQRD6nFG%2F3WGszkMRtbgf0LAb0MBvtZGxabwR0mQEpkZgdgeJ3UFf3j1unofNfoPbLOC4B5eWxPtkBwNeIBcEuSPIKUEuCfKUIB8U%2B1y5mivuceWyKDjrtbNeL8Ym7e3SfZP2hCa7ySl5bboa75WX%2BuiLk0oQ0bDZCVvdWrNJaaPdDeq8w3mNM9apN0IfThaQ7txs2m1ZkouvPkQiS%2FLCybeI6CGcOgSTC6DZm6D5OKz5oJvjRtvHtv6FCStTGlFHN6tGK6kFuCmQpItIt7xddUpenx2qfvMtCHZ0%2BcvoSvnX%2FX%2FAbIHEFvhKPiboqTvj6yYne9dN7sjPG0kqY7lNp0e8kdJULHz%2FsdjKjeVrK250%2F302FabwwafCpetUc6l7jvywLDkXdtVYJsjDNfe5iK5lbnM5szpL1q99sLoWJ1Y4J42egMqSkCdHYLIkL%2F66P3ufb3xzG9JOYLMCcXZEzgrSHIIlO3DJPL8zC7Bq7okSD3lWjG0tmv9UkkCJOadRAfc%2FHs3xrruDnr0Imt6CjgsMbIGBKkDVCC5bGKeJPbr8R31WiJQ3jpT19iJl1d1ny3XypBLW6z5tdZpBGFIRRo1au9sKOKW1RqvWatE6Uleyxnf5vwAAAP%2F%2FAQAA%2F%2F8CAClOagQAAA%3D%3D HTTP/1.1 
Host: kazanwhoeveryowl.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ceritabasah.online/
Cookie: u_pl=17631595; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec1ba75976f255aa48f13d9dd2dcc93470=[3364903]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         173.233.137.52
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx/1.19.5
Date: Wed, 28 Sep 2022 18:42:00 GMT
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d0348cd70b5c4cabb9f1ae6b89798854
Strict-Transport-Security: max-age=0; includeSubdomains


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   7
Md5:    132d6af1b46048b45cf86cdee7991d31
Sha1:   eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
Sha256: ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST /pixel/pure HTTP/1.1 
Host: astonishedmule.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 72
Origin: https://www.ceritabasah.online
Connection: keep-alive
Referer: https://www.ceritabasah.online/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         192.243.59.12
HTTP/1.1 200 OK
                                        
Server: nginx/1.17.6
Date: Wed, 28 Sep 2022 18:42:00 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "3500FEC9F9707D5E0D7382503E4DD540720F8CA9E111832C634BFD275FFB34AC"
Last-Modified: Wed, 28 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3510
Expires: Wed, 28 Sep 2022 19:40:30 GMT
Date: Wed, 28 Sep 2022 18:42:00 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "3500FEC9F9707D5E0D7382503E4DD540720F8CA9E111832C634BFD275FFB34AC"
Last-Modified: Wed, 28 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3510
Expires: Wed, 28 Sep 2022 19:40:30 GMT
Date: Wed, 28 Sep 2022 18:42:00 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 346
ETag: "38EDBE70F90ED5A050C0B2C954A5FF5982FACD46318E891035925B96B3EDDF21"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7986
Expires: Wed, 28 Sep 2022 20:55:06 GMT
Date: Wed, 28 Sep 2022 18:42:00 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 346
ETag: "38EDBE70F90ED5A050C0B2C954A5FF5982FACD46318E891035925B96B3EDDF21"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7986
Expires: Wed, 28 Sep 2022 20:55:06 GMT
Date: Wed, 28 Sep 2022 18:42:00 GMT
Connection: keep-alive

                                        
                                            GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.yourwebbars.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fflip_icon%2F16%2Findex.html&l=1659&fd=628 HTTP/1.1 
Host: kazanwhoeveryowl.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ceritabasah.online/
Cookie: u_pl=17631595; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec1ba75976f255aa48f13d9dd2dcc93470=[3364903]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         173.233.137.52
HTTP/1.1 200 OK
                                        
Server: nginx/1.19.5
Date: Wed, 28 Sep 2022 18:42:00 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /pxf.gif?uuid=57a5aec7-d9f8-47fb-8160-f609178f2e18&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.31&b_frame=0&pk=eab0780b70b7f4cf04cecb498182998a&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=18 HTTP/1.1 
Host: unseenreport.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ceritabasah.online/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         192.243.59.20
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx/1.17.9
Date: Wed, 28 Sep 2022 18:42:00 GMT
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 12754a6cd52c55de85f7eee504fe2059
Strict-Transport-Security: max-age=0; includeSubdomains


--- Additional Info ---
Magic:  very short file (no magic)
Size:   1
Md5:    93b885adfe0da089cdf634904fd59f71
Sha1:   5ba93c9db0cff93f52b521d7420e43f6eda2784f
Sha256: 6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 28 Sep 2022 18:42:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /sb/notifications/utility/default/us/blog/Progamerage/flip_icon/16/img/icon.jpg HTTP/1.1 
Host: cdn.sb4you1.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         172.64.200.2
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Wed, 28 Sep 2022 18:42:00 GMT
content-length: 82807
last-modified: Tue, 08 Feb 2022 14:25:26 GMT
etag: "62027d56-14377"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 4869459
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jkUb0CnHRHZCOn6nFgwEBtwaiNatFfM96d%2F3jiKg3BESFLQq9TOASYkz8zF9LVu8GqPB7hb2o8JefHAvhRgohVWPnNOz0yF935botbRLgTqQ%2BbIwJAOpJ2hWIfiXo3C0er0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 751e9dd40aa37309-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=821, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=1232], progressive, precision 8, 435x290, components 3\012- data
Size:   82807
Md5:    85f73b8e6875d66c6d73ebdefc72c793
Sha1:   7281bfc203aa9c27601828765ba37b28b79c2476
Sha256: f2772dd68c9e122cb84b4c535502d3c7034437ca7c053fc781da626cf1a1064f
                                        
                                            GET /sb/notifications/utility/default/us/blog/Progamerage/flip_icon/16/img/close.svg HTTP/1.1 
Host: cdn.sb4you1.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         172.64.200.2
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Wed, 28 Sep 2022 18:42:00 GMT
last-modified: Mon, 17 Jan 2022 14:26:00 GMT
etag: W/"61e57c78-415"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 4869459
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9iN7wyX49gS9FrrbK7jvfVHC42mf3afm%2F8fvRBvRpqXBdB2eWEc0DBaY5VES57Mz1l4zcPoDcZPldvCrA3OohLwg%2BoQIsdk1pIsPRO4Cj0we8to8OYvrLR%2FSxOut1eoy8fo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 751e9dd40aa27309-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- exported SGML document, ASCII text
Size:   797
Md5:    4dc96bdb91109b2d042bb953a1e879a7
Sha1:   0e17dd163ba588e866181ee451fb60b9a0c4c2aa
Sha256: f622216af4f50f2274fcc533382a8808a2a6bd86b442c02970ad692cabefc4b8
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 28 Sep 2022 18:42:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /pxf.gif?uuid=57a5aec7-d9f8-47fb-8160-f609178f2e18&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.31&b_frame=0&pk=1ba75976f255aa48f13d9dd2dcc93470&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=18 HTTP/1.1 
Host: unseenreport.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ceritabasah.online/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         192.243.59.20
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx/1.17.9
Date: Wed, 28 Sep 2022 18:42:01 GMT
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 54a1392d837e744a9f824e078cd51f8d
Strict-Transport-Security: max-age=0; includeSubdomains


--- Additional Info ---
Magic:  very short file (no magic)
Size:   1
Md5:    93b885adfe0da089cdf634904fd59f71
Sha1:   5ba93c9db0cff93f52b521d7420e43f6eda2784f
Sha256: 6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fflip_icon%2F16%2Fcss%2Fstyle.css&l=10065&fd=333 HTTP/1.1 
Host: kazanwhoeveryowl.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ceritabasah.online/
Cookie: u_pl=17631595; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec1ba75976f255aa48f13d9dd2dcc93470=[3364903]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         173.233.137.52
HTTP/1.1 200 OK
                                        
Server: nginx/1.19.5
Date: Wed, 28 Sep 2022 18:42:01 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.ceritabasah.online
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 19:34:08 GMT
expires: Thu, 21 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 601673
last-modified: Wed, 11 May 2022 19:24:48 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size:   15744
Md5:    15d9f621c3bd1599f0169dcf0bd5e63e
Sha1:   7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
Sha256: f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
                                        
                                            GET /css?family=Roboto:300,400,700&display=swap HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 28 Sep 2022 18:42:01 GMT
date: Wed, 28 Sep 2022 18:42:01 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   660
Md5:    5860c780c8e9daa4f852038f02b5bdc2
Sha1:   c75c8b4db36bffe075ce493f06d011f855d5541a
Sha256: f11b9f8e851e15c0c6abd53a9994c6dcef78ceeebd0f0b8bbde610fec8332c85
                                        
                                            GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fflip_icon%2F16%2Fjs%2Fscript.js&l=468&fd=337 HTTP/1.1 
Host: kazanwhoeveryowl.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ceritabasah.online/
Cookie: u_pl=17631595; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec1ba75976f255aa48f13d9dd2dcc93470=[3364903]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         173.233.137.52
HTTP/1.1 200 OK
                                        
Server: nginx/1.19.5
Date: Wed, 28 Sep 2022 18:42:01 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /pixel/sbs?c=1 HTTP/1.1 
Host: kazanwhoeveryowl.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ceritabasah.online/
Cookie: u_pl=17631595; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec1ba75976f255aa48f13d9dd2dcc93470=[3364903]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         173.233.137.52
HTTP/1.1 200 OK
                                        
Server: nginx/1.19.5
Date: Wed, 28 Sep 2022 18:42:01 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSz2tcVRi9rwmoiIKlGwXL7FSQyXvze%2ByiGGMkmDa1VexO7683uc6dex%2F3vjdvklWwWLoRpgv3L2eShmoRFbctMil0ERAyrrIw%2F4MIXbmQmQbHfvD4znnnLM73fff2bnZKQmT0ZOWK3VZa06V6OSy9fTOKLpXWlckGpUGr8UWjdqnk%2Bu%2B1G%2BXwndJHknftUiWMwjAKo9KqcjK2g6WpCJU8aEfldliuVcpRvYaBe577LICnAUT%2FlJyHEpPFx8EFKD6G6f20In03tcm7H%2FYyTVPr0BcHn5musblBbw5jFyA2B2duWH%2B8%2BgjW7M%2Fiwvb%2FMzI1IcGTR2Dm4CwkWH9vlpNpSAMmXkbeH0PqMRQdg9tbUOKYAFzg6gZM795V63K69UylU3VCFp%2F%2BDZVPyOKfF2B6Py5rNSjdsDpLlTUeg7iAGoyhOmMk2SHS7XNQ%2BSF4%2BjWU%2BJ0sPV2H6e1teG2hRDGbXakxVDyGlkNQHyCbfipAFgfIkgA9cVLiURQ1Q8Fp2GpzXhVNyRoijGgzjmgUNlrI%2BDTeEGkyBNdDcLeDxO2gq%2B4e18%2FDZb%2FBbxbwIoBPJyT4ZAd9USCXBLknyClBrgjylCDvF%2FtC%2B4ov7gntMxad9cpZrxYjm3Z26b5NO9KQ3eSUvDZdTfDKS1105UkpYrRZbzcbcaVep7TWiqOqaAtREZy3q7VmCK8KKH9uNu22mpCLrz5EoibkhZNvweghvD4EVwug2Zug%2BahZCUE3R7VWiG3zC5dOpZRRTzfL1mhlJIQtkKSLSLeCXX1KXp8dqnrzLUh%2BdPlLdmXy1%2F1%2FwF2BxBX4Sj0m6Og7o%2Bs2J3vXbe7JzxtJqnpqm06PeCOlqVz4%2FmO5lVsn1lb88P77fCpM4YNPpU%2FXqRHKdDz5YVkJId2qdVySh2v%2Bc8muZX5zOXMmS9avfbC61kuc9F5ZMwZVE0KeHIGrCXnx1%2F3Z%2B3zjm9tQbgyXFehlR%2BSsoOwheLIDn8zze7sAp%2BcelgTIs2LkKmz%2BUysCLeecsgL%2Bf5zN8a6%2Fg467CJregukV6LsCfV2A6iF8tjBKE3d0%2BY%2FqrMB0MGLaBXtMO3332XK9OilVQ9FkMpZNJmv1Wiy5YPU6C3nMWVW0Whypn%2FDad%2Fm%2FAAAA%2F%2F8BAAD%2F%2F4LU%2FKZqBAAA HTTP/1.1 
Host: kazanwhoeveryowl.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ceritabasah.online/
Cookie: u_pl=17631595; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec1ba75976f255aa48f13d9dd2dcc93470=[3364903]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         173.233.137.52
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx/1.19.5
Date: Wed, 28 Sep 2022 18:42:01 GMT
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 61e409e1e7bbf095846dd499fd3758df
Strict-Transport-Security: max-age=0; includeSubdomains


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   7
Md5:    132d6af1b46048b45cf86cdee7991d31
Sha1:   eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
Sha256: ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.ceritabasah.online
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
date: Wed, 28 Sep 2022 18:42:01 GMT
expires: Thu, 28 Sep 2023 18:42:01 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:42 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Size:   15860
Md5:    e9f5aaf547f165386cd313b995dddd8e
Sha1:   acdef5603c2387b0e5bffd744b679a24a8bc1968
Sha256: f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
                                        
                                            GET /c.H_VGzHaIGJl-tLZMzN9Oh_ZQERlSkTP-TVQWzXMYT_Ia4bMcydZ-jfdgDh0im_ZknlBm2nP-TpAqmrZsn_Ju2vPwTxA-mzaAWB1Cn_PEWFhG0Hd-HJBKzLJMT_NOBPJQTRJ-GTJUTVJWG_MYTZAa5bN-DdUetfMgi_5izjLkmlN-knbojpEq1_LsmtNuvvb-SxUyyzRAm_NCyDZEWFF-0HaIXJZKl_cMyNUOyPR-jRES1TMUj_MWyXNYyZU-ybRcjdIew_MgzhMi4jO-ClUmynRoj_QqzrMsTtI-4vMw1x8y3_NAjBhCiDO-SF5GwHbIm_cKmLcMGNF-5PPQTRASm_cUGVFW5Xb-3ZVa0bUcG_VeyfQg2hx-pjYk2lsm9_MoCpZqyrZ-XtYu9vMwC_ZyzzcAzB0-wDJEnFNG0_PITJEKmLe-mN9OuPZQU_lSkTPUTVQ-1XMYzZka2_MczdYe HTTP/1.1 
Host: querulous-type.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ceritabasah.online/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         88.85.69.211
HTTP/2 302 Found
                                        
server: nginx
date: Wed, 28 Sep 2022 18:42:02 GMT
content-length: 0
expires: Mon, 26 Jul 2011 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Platform
location: https://10945-2.s.cdn15.com/creatives/152327/203388/431283_768b9.png
x-content-type-options: nosniff
X-Firefox-Spdy: h2

                                        
                                            GET /creatives/152327/203388/431283_768b9.png HTTP/1.1 
Host: 10945-2.s.cdn15.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ceritabasah.online/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         185.18.187.89
HTTP/2 200 OK
content-type: image/png
                                        
server: ucdn/1.22.0
date: Wed, 28 Sep 2022 18:42:02 GMT
content-length: 307330
last-modified: Wed, 11 May 2022 13:02:01 GMT
etag: "040a72b9ebe1d4e6e69a838c767c93f3"
x-timestamp: 1652274120.41116
x-trans-id: txf1be036f516040889315c-00627bb5ab
x-openstack-request-id: txf1be036f516040889315c-00627bb5ab
x-ureq-id: OoAmJoUAEw1FmrRSUCPKweut4Q8iba2vqcALbjPyAyg=
x-served-from: l1
expires: Fri, 21 Oct 2022 20:55:14 GMT
cache-control: max-age=1995192
access-control-allow-origin: *
access-control-allow-methods: HEAD, GET, OPTIONS
x-vhostid: 6593, 23887
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 492 x 331, 8-bit/color RGBA, non-interlaced\012- data
Size:   307330
Md5:    040a72b9ebe1d4e6e69a838c767c93f3
Sha1:   4ef69c2e9cc130c9409946e340ba316e57542d1c
Sha256: 6512a1af2086203aea444849f6ca078284e409072da05ea16d55e5e3ef79f46c
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae0951d3-44e9-49d3-9232-f4151ef59735.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6157
x-amzn-requestid: a51846e4-4e25-455f-885b-acf2567f2e1c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZDlObH7XIAMFw6A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63314f28-4e6a68a74edb1ad850e17dac;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 07:05:12 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 2g98EnyiFhkZTsqis2_ASfjM-YTJmcUJ-Mwcl1dWlruzrWDuojPA0w==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Sep 2022 07:08:22 GMT
age: 41623
etag: "a6b1c3e0d506ac1c66405e061e9910fafb176a7d"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6157
Md5:    b255b252ceed088d6f505e7e9acfcb55
Sha1:   a6b1c3e0d506ac1c66405e061e9910fafb176a7d
Sha256: b796a98834c7ecf220d13bfba61e81a9b90d472d2aa725ff66888cbddad731e7
                                        
                                            GET /fed093/4f8a112651cb.js HTTP/1.1 
Host: www.kinogogly.pro
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ceritabasah.online/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         185.18.187.89
HTTP/2 200 OK
content-type: application/javascript
                                        
server: ucdn/1.22.0
date: Wed, 28 Sep 2022 18:41:59 GMT
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315357481, public
x-ureq-id: XDrrrzssYKy7XniAYHDaCxO/1BtQYlPAo1HVcwFLMsr3uaLidETSLqKazNe79F20wMSOOHFcT6gp5oCgf4zgLSW9G0bgBQkxYucKEX6fKtb2yoUxnJLMA+vaS5pzPbmM
x-served-from: l1
x-vhostid: 6575, 23844
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /sb/notifications/utility/default/us/blog/Progamerage/flip_icon/16/css/animate.css HTTP/1.1 
Host: cdn.sb4you1.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.ceritabasah.online
Connection: keep-alive
Referer: https://www.ceritabasah.online/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         172.64.200.2
HTTP/2 200 OK
content-type: text/css
                                        
date: Wed, 28 Sep 2022 18:42:01 GMT
last-modified: Mon, 17 Jan 2022 14:25:59 GMT
etag: W/"61e57c77-1358d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XWro6MjfsfDlbUZzN%2FIt7uEjRwVeaReuor7bMMT7TJNx1%2BIWLtgk0F%2FO8CB6CV87agsKJYCXlm6nQ4EjFgyyE7VBJWeKCQwiIhbL6%2BYt2uKmrP8OA%2BJ3A%2BJ2LF1RbfALZfY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 751e9dd3da597309-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /c.DJ9Q6ib/2-5oltSFWAQV9/NcD/UkzkOWTTYy1OMeCr0h0/NiT_Mb5LN/jVUzxc HTTP/1.1 
Host: closed-consequence.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ceritabasah.online/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         88.85.69.212
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Wed, 28 Sep 2022 18:41:58 GMT
vary: Accept-Encoding
expires: Mon, 26 Jul 2011 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Platform
access-control-allow-origin: *
last-modified: Wed, 28 Sep 2022 18:41:58 GMT
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: Content-Type
set-cookie: kadSlcJ=eyJ0aW1lU3RhbXAiOjE2NjQzMTExODgsInpvbmVzIjp7IjQ0OTU4OTAiOls0NDk1ODkwLDEsMTY2NDMxMTE4OF0sIjQ1MTQ5MDAiOls0NTE0OTAwLDEsMTY2NDMyOTQ5OF0sIjQ1Mzk2NTAiOls0NTM5NjUwLDEsMTY2NDM5MDUxOF19fQ==; max-age=1695926518; path=/
x-content-type-options: nosniff
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /sfp.js HTTP/1.1 
Host: addresseepaper.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ceritabasah.online/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.64.100.4
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Wed, 28 Sep 2022 18:41:58 GMT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 740390f41e4a3be5f68125ac27f0c71a
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Wed, 28 Sep 2022 18:41:58 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h0PLcDPGCQrlCN2AmmGNKNQikNymHzXgZ3%2B1zqRw8R%2FAC0HMa3jafmSCDwdnHTGu1UFZpL4Wo%2F78tFIbNPAQ6forvR2B88BSDWerwYdZ%2Batu06KtA40QtCeMCTNg4xrcvnr%2BC5A%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 751e9dc60a8ee624-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /fed093/4f8a112651cb.js HTTP/1.1 
Host: www.kinogogly.pro
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: text/plain
Origin: https://www.ceritabasah.online
Connection: keep-alive
Referer: https://www.ceritabasah.online/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         185.18.187.89
HTTP/2 200 OK
content-type: application/javascript
                                        
server: ucdn/1.22.0
date: Wed, 28 Sep 2022 18:41:59 GMT
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315357481, public
x-ureq-id: XDrrrzssYKy7XniAYHDaCxO/1BtQYlPAo1HVcwFLMsr3uaLidETSLqKazNe79F20wMSOOHFcT6gp5oCgf4zgLSW9G0bgBQkxYucKEX6fKtb2yoUxnJLMA+vaS5pzPbmM
x-served-from: l1
x-vhostid: 6575, 23919
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /sb/notifications/utility/default/us/blog/Progamerage/flip_icon/16/js/script.js HTTP/1.1 
Host: cdn.sb4you1.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.ceritabasah.online
Connection: keep-alive
Referer: https://www.ceritabasah.online/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         172.64.200.2
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Wed, 28 Sep 2022 18:42:01 GMT
last-modified: Mon, 17 Jan 2022 14:40:54 GMT
etag: W/"61e57ff6-1e8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CV%2FImUeywkPjpOUPnBL9gK5uEigoaUq4IvBpcJ2WZ7jzbHg1xZqRVIiycj4UhESXZSDpXzFAbmwll3Uh50XP6yEN%2FAXGAXaMyKpl8osKvjibmok891eXJVpIh5WgHjOOfmA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 751e9dd3ca557309-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /sb/notifications/utility/default/us/blog/Progamerage/flip_icon/16/index.html HTTP/1.1 
Host: cdn.yourwebbars.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.ceritabasah.online
Connection: keep-alive
Referer: https://www.ceritabasah.online/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         104.26.7.19
HTTP/2 200 OK
content-type: text/html
                                        
date: Wed, 28 Sep 2022 18:42:00 GMT
last-modified: Wed, 09 Feb 2022 11:25:40 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8ZTdkQuxLsOiUSO8Oji3huHxPKY16vWhmOPeZ0LD1Ja91K8ZMoitSA61ZTdezKosLj88TExY82VDEpCjctx5UBJFP8qtr8Ci3zMMAon53GGsEQB%2BAxBC92kYvVsvq%2F%2FNrI8TXxg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 751e9dcfbf930afa-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /sb/notifications/utility/default/us/blog/Progamerage/flip_icon/16/css/style.css HTTP/1.1 
Host: cdn.sb4you1.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.ceritabasah.online
Connection: keep-alive
Referer: https://www.ceritabasah.online/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         172.64.200.2
HTTP/2 200 OK
content-type: text/css
                                        
date: Wed, 28 Sep 2022 18:42:01 GMT
last-modified: Wed, 09 Feb 2022 11:25:27 GMT
etag: W/"6203a4a7-2751"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6LZw1uV6RsKhbC0Af2qfohYf4B7x9VZdHYAM0fkZ6e%2FUEdz2KgAK1lT3O8USCNbACJraGYbB0HhgudbBawqf%2B20Mlm4l5wOlaFnW1wpNhfSFHr5Yn1yXb9C%2BEwdPPHKyyE4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 751e9dd3ca507309-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---