ceritabasah.online/
216.239.34.21301 Moved Permanently 227 B IP 216.239.34.21:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 8ec3a7ede358bcb4bedd6a13b4226f13
3a829ed21161cf9339c03436cd8057d9fda671a5
32863c6b04021525e5a070199e9d76e9f4df5cc87cd29d21caff8de28b8d82ee
GET / HTTP/1.1
Host: ceritabasah.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Location: http://www.ceritabasah.online/
Date: Wed, 28 Sep 2022 18:41:56 GMT
Content-Type: text/html; charset=UTF-8
Server: ghs
Content-Length: 227
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 490c003436e215e91596f285fcba92f5
0c4c9a5802e7cdb699f4918c252dbdf8431c25ec
9fe6beb1cb3851018168765a243b6de69ec71d30770f8c2dcc57cae7d9978cc1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9FE6BEB1CB3851018168765A243B6DE69EC71D30770F8C2DCC57CAE7D9978CC1"
Last-Modified: Wed, 28 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5742
Expires: Wed, 28 Sep 2022 20:17:38 GMT
Date: Wed, 28 Sep 2022 18:41:56 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
143.204.55.115200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 28 Sep 2022 18:15:39 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 2iB9HXNct2twYcoB1aJtXbZQU9Avcw7f9-XOxnhdKUcrTVNb0HVqqA==
Age: 1577
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.35200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.35:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Wed, 28 Sep 2022 09:24:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 bb1da7862c4968b28920b91b324095c0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: yd3n3qw2-Bfj8VGthz1EXmbCwnlr57e7BMo4um1TLnjGSt5CP71r7g==
age: 47610
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 18:41:56 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.115200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Wed, 28 Sep 2022 18:29:33 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Wed, 28 Sep 2022 19:25:37 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: TgkDMbjiWrEFTutNAIUGtZX1kil2s2wnEoE_uikS3jC8-9YGvLuYpw==
Age: 743
www.ceritabasah.online/
142.250.74.179301 Moved Permanently 178 B IP 142.250.74.179:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 5406abd7a54427ea6d10a6d84b94a4df
1c6832c0949e72c46badf9fd503b6abd5f36dd42
d69a8fe5476532a04362f8affa296c655f6f6f5975bc671132eabea6d145a0b0
GET / HTTP/1.1
Host: www.ceritabasah.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Location: https://www.ceritabasah.online/
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Wed, 28 Sep 2022 18:41:56 GMT
Expires: Wed, 28 Sep 2022 18:41:56 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 178
Server: GSE
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 3526d5ce1381ba26cbc553db057e1915
fe01c920696448e8bf12e6fff877bce8281d34a2
09604aed7cbca7971bfcb5afcb53591600b944f28eff21aa65dc601e78cdda53
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2506
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 18:41:57 GMT
Last-Modified: Wed, 28 Sep 2022 18:00:11 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/s/gts1d4/wDmx2Gxr-0U
142.250.74.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/wDmx2Gxr-0U
IP 142.250.74.3:0
Hash 4b7733a9b515d348347ac62144821e19
5b89ce871fe415a12ecd89271d4e1663b2e2bd5d
697ad2725aa79268d48adabfbfa3a92eaf46a6fa92b8379db22681b296facfde
POST /s/gts1d4/wDmx2Gxr-0U HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 18:41:57 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
35.162.217.251101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.162.217.251:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 6XaktFLlva1zqCfkcW8wxg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: r3MGrtPO3yceUCYfFdB03p8I++8=
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash cb600c4fe611e7a9f6e1df50d934375d
afac81b549aade8b7a1ba18e63432036343fdadf
4ac0f690be6e1e0c0f070e8600e05e7c235ba70b4baf3f4e5a35d207b1db168c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6029
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 18:41:57 GMT
Last-Modified: Wed, 28 Sep 2022 17:01:28 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 278
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/fontawesome.min.css
104.17.25.14200 OK 10 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/fontawesome.min.css
IP 104.17.25.14:0
File type ASCII text, with very long lines (57687)
Hash 2df28a5916bf4d00f6530d3c7a77c229
f79d49f3431b6b24585b98b93ad58528c5851f73
4b37ab094f005b15732000c017b5eb5086d0d9125e1624d9688170b53223e931
GET /ajax/libs/font-awesome/5.15.4/css/fontawesome.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ceritabasah.online/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 28 Sep 2022 18:41:57 GMT
content-type: text/css; charset=utf-8
content-length: 10266
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "613fa20b-281a"
last-modified: Mon, 13 Sep 2021 19:10:03 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 3616155
expires: Mon, 18 Sep 2023 18:41:57 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QaEbEWmk24TTk8rc4wJ7qkimflQ1Dnfj7Nt2BCelcTzc8NZNwwtxQrTtXM64RTKZWTQQB8BduioLWEWMODELksK7E0B%2B7rU1UKlSkmgxUl6WVye4d6mquQn20pS95ZIPoCCMn2Et"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 751e9dc0198c0b61-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash cb600c4fe611e7a9f6e1df50d934375d
afac81b549aade8b7a1ba18e63432036343fdadf
4ac0f690be6e1e0c0f070e8600e05e7c235ba70b4baf3f4e5a35d207b1db168c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6029
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 18:41:57 GMT
Last-Modified: Wed, 28 Sep 2022 17:01:28 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 278
www.ceritabasah.online/
142.250.74.179200 OK 102 kB IP 142.250.74.179:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (851)
Size 102 kB (101699 bytes)
Hash 22127f6aa73af11aa0c26efb9ebabdd3
7ad489ca4f02c9670a2fec7e17782699f52cb567
7f77e06bcc50f73282ae12ded85caac734403dcf821ed9e624a4203311a6002c
GET / HTTP/1.1
Host: www.ceritabasah.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
expires: Wed, 28 Sep 2022 18:41:57 GMT
date: Wed, 28 Sep 2022 18:41:57 GMT
cache-control: private, max-age=0
last-modified: Tue, 27 Sep 2022 13:17:43 GMT
etag: W/"0a08c51bc589b31226051e36a89b3b4f17a3a4026e6c15ef511ff90abcdfff0e"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 101699
server: GSE
X-Firefox-Spdy: h2
www.ceritabasah.online/js/cookienotice.js
142.250.74.179200 OK 2.0 kB URL HTTP/2 www.ceritabasah.online/js/cookienotice.js
IP 142.250.74.179:0
Hash c4e1ed83d89245089b8a1203be20a377
f3940e1215b89300ef97d57a25993f25243b8688
afa801a129ff6fc98533118275db8a7d4a38fc91f8ab55ed4c19b864255e68d2
GET /js/cookienotice.js HTTP/1.1
Host: www.ceritabasah.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ceritabasah.online/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 2026
date: Wed, 28 Sep 2022 18:41:58 GMT
expires: Wed, 05 Oct 2022 18:41:58 GMT
cache-control: public, max-age=604800
last-modified: Wed, 28 Sep 2022 16:56:15 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 38602c8e73bf7fea64c5fb5e96c11768
374303288cfe0aec7f9c655744021f8f072ee8d8
cbb4d8013bf2a47695f0931dec4f8e5221dd1d23059ecca7f5901544d0940197
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 18:41:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.blogger.com/static/v1/widgets/4150139458-widgets.js
142.250.74.105200 OK 57 kB URL HTTP/2 www.blogger.com/static/v1/widgets/4150139458-widgets.js
IP 142.250.74.105:0
File type ASCII text, with very long lines (2221)
Hash b318be2224a9b91139a7a4b41f2e4b6e
4bcae447ce5bb3cb36a74745bcca9b72ba419c9f
bc5c92978c40e36f3da25045761d139de3a8a333c5290ccd233273af73bd7f4b
GET /static/v1/widgets/4150139458-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ceritabasah.online/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 56826
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 25 Sep 2022 15:56:30 GMT
expires: Mon, 25 Sep 2023 15:56:30 GMT
cache-control: public, max-age=31536000
last-modified: Sun, 25 Sep 2022 08:50:22 GMT
content-type: text/javascript
age: 269128
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 0a0edcf53e9bc7064278d4daebb194cd
310fdf6be08f800af78f74e3bab477a064693d66
850467eec85c53e9fa299d3d97a9fc134a1418cd979dc1bbb013793faaa21f3e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 18:41:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6c44cb9047ec55ad075039fc1b62df17
fa626dc0657248f7bbdde792461f563ffee0b723
ce27e344cd1ba1efae54d6fe69c9e48569dbddc1848e0d4df44700730d52a7a8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CE27E344CD1BA1EFAE54D6FE69C9E48569DBDDC1848E0D4DF44700730D52A7A8"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11112
Expires: Wed, 28 Sep 2022 21:47:10 GMT
Date: Wed, 28 Sep 2022 18:41:58 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4364fa358f76c1635458dab5d598f857
d15fc7359711b1651235fa1be66accc03fe26c1c
6449bf062dbb79683071f367ca142c175ef304485cb4d3711feb4763146e4fa7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6449BF062DBB79683071F367CA142C175EF304485CB4D3711FEB4763146E4FA7"
Last-Modified: Wed, 28 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4067
Expires: Wed, 28 Sep 2022 19:49:45 GMT
Date: Wed, 28 Sep 2022 18:41:58 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4364fa358f76c1635458dab5d598f857
d15fc7359711b1651235fa1be66accc03fe26c1c
6449bf062dbb79683071f367ca142c175ef304485cb4d3711feb4763146e4fa7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6449BF062DBB79683071F367CA142C175EF304485CB4D3711FEB4763146E4FA7"
Last-Modified: Wed, 28 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4067
Expires: Wed, 28 Sep 2022 19:49:45 GMT
Date: Wed, 28 Sep 2022 18:41:58 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ffa6dde-b51e-43f8-bfcb-3f442d674928.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ffa6dde-b51e-43f8-bfcb-3f442d674928.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6139c878a7d2bd32c61fc8287996eb5b
9c4692ea64832895fbd107d91f879728b6a440c7
3839df92f0a10c1433d5b576df50c9f7953912ae4f425012262f08ee8a59ce2e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ffa6dde-b51e-43f8-bfcb-3f442d674928.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8500
x-amzn-requestid: 626c21ec-f29b-4b69-b275-c22c864c2409
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3VmENnIAMFeTQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c23-75eccc381fbd6e5d4ff59c06;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:33:23 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Eyy8qoYVCJbt6b6hTGJ-rOrYex9RuX1InyZbpHkeu9yQqPUEvowKcw==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:48:58 GMT
etag: "9c4692ea64832895fbd107d91f879728b6a440c7"
content-type: image/jpeg
age: 75180
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79631135-a10c-43bf-85d2-fa2236b96883.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79631135-a10c-43bf-85d2-fa2236b96883.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 62e68c3cd08dd94d910507512a67e85f
3d4fa8701f17e8818c25584ef5f04bfbee8440cd
058d798963f83f5fb88ab728185f755c5353fa981d93e1b6ff869089f501586b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79631135-a10c-43bf-85d2-fa2236b96883.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 13213
x-amzn-requestid: 09f8fee2-6830-4bec-af40-f2fb6547bc63
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZFkreH5poAMFdxg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63321b16-0afbf5e01a013e6f0db53da1;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 21:35:18 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: CwkfEPDseHez7mArqwz8tmC3WHFwXAZF1OSColucaQ5vG2hvBIDWOg==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:39:01 GMT
age: 75777
etag: "3d4fa8701f17e8818c25584ef5f04bfbee8440cd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0369629e-f44d-439f-a279-b5ae6ecc0cf1.png
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0369629e-f44d-439f-a279-b5ae6ecc0cf1.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash aa5cad224dbddd71881bd07255beb4da
bc214d60be395d4cf753216ff8f9691c33d25e75
82935e52aa59929a448d17a5a2d58fda86bb5c25bf6628a05bd904f82517dada
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0369629e-f44d-439f-a279-b5ae6ecc0cf1.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14464
x-amzn-requestid: 5cbbafdb-3f69-4ee2-9e46-c1ff0ed4ef14
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3UPFiooAMFulA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c1a-633a649700e040b91deadb64;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:33:14 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: cNryG5vkxZuFATZfcNW9Z1-0teUBWLRyWslX1onwYlDCQBUjU2xVdA==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:46:03 GMT
age: 75355
etag: "bc214d60be395d4cf753216ff8f9691c33d25e75"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F693de74c-173e-4d9b-8317-35601f30ffd7.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F693de74c-173e-4d9b-8317-35601f30ffd7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ad84ed0c5b2090df7996007514cf1984
651600f2ef18cecc2e38370069bbb5e1d86f68e0
a3d0729e1d43afeadd2dd8273c858b8839d9e476f773c8ec9d96b5969a9e0b4a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F693de74c-173e-4d9b-8317-35601f30ffd7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13299
x-amzn-requestid: 926df8b6-beec-470d-b0b3-33be326cd379
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3UPF8YIAMF3Nw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c1a-343e91e735af43d01fc83ddd;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:33:14 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: fcxclGRP3zfWwb6opjYU2bL9VAq_mCSNjFtfp9iMLq6tbZu57EDqpQ==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:50:04 GMT
etag: "651600f2ef18cecc2e38370069bbb5e1d86f68e0"
content-type: image/jpeg
age: 75114
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad593ee0-d404-46e3-b129-229e09b263b0.png
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad593ee0-d404-46e3-b129-229e09b263b0.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4b794c6812cb546de0295e087ebe66a7
a54803cca7d3c509c195f65961e1110c8ec56f55
6a207f75eb3951f3dea5252bc8d185cd604d3d657f15b838774e8087e91f37f5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad593ee0-d404-46e3-b129-229e09b263b0.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12016
x-amzn-requestid: ec1b3715-5d0f-4045-aa5b-b70a55c81d72
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3e3EtyIAMFdZg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c5e-201dd1ef1426a09965c68dab;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:34:22 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: pR4b1-lZZRMnWf-PdXFGXaHBCGAfOyp3AjeuCvtu5imWmf9N9l2wKQ==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:48:38 GMT
age: 75200
etag: "a54803cca7d3c509c195f65961e1110c8ec56f55"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb9a3b058-92c9-490e-9cbb-736f7e46510d.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb9a3b058-92c9-490e-9cbb-736f7e46510d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ea3890e460356d6ecc3ba4e405ac2e9e
b383135e2ebc23fe80eb0d594b198cb8c89327a5
8fcff053ce6e5750136bf876bad5b2916935f13ea039912d977928b086f0a48b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb9a3b058-92c9-490e-9cbb-736f7e46510d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7455
x-amzn-requestid: e99c9f33-b72a-4070-80cf-06fb4a87d1df
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZG4S6EcAoAMFX1A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6332a0df-04122b4a345dbc3f3918af98;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 07:06:07 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: yprErfM7s7P7jJPJT-HQZ2Z_AAN4946Tjwyn1g4r7yiA6IF0yLdQTQ==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Sep 2022 05:22:11 GMT
age: 47987
etag: "b383135e2ebc23fe80eb0d594b198cb8c89327a5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
bouncingbalconysuperior.com/ea/b0/78/eab0780b70b7f4cf04cecb498182998a.js
192.243.59.12200 OK 20 kB URL HTTP/1.1 bouncingbalconysuperior.com/ea/b0/78/eab0780b70b7f4cf04cecb498182998a.js
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with very long lines (59383), with no line terminators
Hash 45fab809d88d789c4bc21901f2d328e2
1dc2e5970fc505910f4a0d8d8bd08e0197d8c094
0899bdc1cb6ffe93f810bbb9fedaaca04929cb68daa4787ac75e2e6b50897ed9
Analyzer Verdict Alert quad9 Sinkholed
GET /ea/b0/78/eab0780b70b7f4cf04cecb498182998a.js HTTP/1.1
Host: bouncingbalconysuperior.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ceritabasah.online/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Wed, 28 Sep 2022 18:41:58 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 21f06c00d0adb18f64689d2920b9d857
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
bouncingbalconysuperior.com/1b/a7/59/1ba75976f255aa48f13d9dd2dcc93470.js
192.243.59.12200 OK 13 kB URL HTTP/1.1 bouncingbalconysuperior.com/1b/a7/59/1ba75976f255aa48f13d9dd2dcc93470.js
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with very long lines (37124), with no line terminators
Hash ce2a41b0440f8c69aceae1392c3a031b
5b07ba188f2d7d94d4caa011eb530f2024c24381
2809ee7ae4e93f4027edef79b298ca8b88762294a17a7f309bcf206efd412bcd
Analyzer Verdict Alert quad9 Sinkholed
GET /1b/a7/59/1ba75976f255aa48f13d9dd2dcc93470.js HTTP/1.1
Host: bouncingbalconysuperior.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ceritabasah.online/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Wed, 28 Sep 2022 18:41:58 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: b461bbdb2f3be1081185f50f4e78fee4
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
e1.o.lencr.org/
23.36.76.226200 OK 346 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2917b8abe74403bc4f20b2eed1ac39a2
8421735ad0b1729a0f3467a5fb0fe06db7a6a5fc
6389a79fa621d32138dab9c0fab190c515288ef534b023cc909a156979fcef39
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "6389A79FA621D32138DAB9C0FAB190C515288EF534B023CC909A156979FCEF39"
Last-Modified: Mon, 26 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6037
Expires: Wed, 28 Sep 2022 20:22:35 GMT
Date: Wed, 28 Sep 2022 18:41:58 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 3abd787e77629e21daa6606aeae67118
18be3a2080869ae7cde7053504d2ed5188406fda
bb630a804424bd198b8b534ab48c40a42c7b9e3996676523aaab0d8e0e3b1233
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3399
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 18:41:58 GMT
Last-Modified: Wed, 28 Sep 2022 17:45:19 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 279
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash a3ab32bfe3fc350799dc384a60ef5233
1a1bdc4728ea52b7f08d3254bc2fb7efa02b8e27
6ea75c012bad84915e73a51795e2ce16be3647cd1472f5751e3d841ffc4fa8e3
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 28 Sep 2022 18:41:58 GMT
Last-Modified: Wed, 28 Sep 2022 17:06:17 GMT
Server: ECS (nyb/1D1B)
X-Cache: Miss from cloudfront
Via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: TpxUCVIPMkwjwZKnHYOQ8AooPSrg11eEWzkvMFkvlVqZwkXgRKzoiQ==
Age: 5741
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash a3ab32bfe3fc350799dc384a60ef5233
1a1bdc4728ea52b7f08d3254bc2fb7efa02b8e27
6ea75c012bad84915e73a51795e2ce16be3647cd1472f5751e3d841ffc4fa8e3
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 28 Sep 2022 18:41:58 GMT
Last-Modified: Wed, 28 Sep 2022 17:09:08 GMT
Server: ECS (bsa/EB1B)
X-Cache: Miss from cloudfront
Via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: KlSxvKXgjDD0jVfCOvckmPpfWEEUSPa9h7cPgp2RogZECn3yza4UEQ==
Age: 5570
simplewebanalysis.com/stats
52.29.95.124200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 52.29.95.124:0
File type ASCII text, with no line terminators
Hash 0470034420100045e223e3f350821c12
0db6bc5c446281be352dd67501e4267643661680
c8871f7d07ba977bc940f684fbcc3305839f59cdfbae068e1073ed4c01f8997a
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.ceritabasah.online
Connection: keep-alive
Referer: https://www.ceritabasah.online/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 28 Sep 2022 18:41:58 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.ceritabasah.online
access-control-allow-credentials: true
set-cookie: uid_id2=b4a4d51c-04a6-46ad-8be9-3ebca81a6dc5:3:1; expires=Sat, 25 Sep 2032 18:41:58 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
52.29.95.124200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 52.29.95.124:0
File type ASCII text, with no line terminators
Hash c83023b2b41cfca257bdd7d5bd25ed2d
755cae81a18287fb14741666b436812b376ceb52
9acd66d25a436ab787decee7867f1d2f3bc48074aa5c315970afe0c8d0b81134
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.ceritabasah.online
Connection: keep-alive
Referer: https://www.ceritabasah.online/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 28 Sep 2022 18:41:58 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.ceritabasah.online
access-control-allow-credentials: true
set-cookie: uid_id2=57a5aec7-d9f8-47fb-8160-f609178f2e18:2:1; expires=Sat, 25 Sep 2032 18:41:58 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash fc82211401f793132f7d43c2fd253af5
605d8371709b5d2a41967fd390c34fa649f89ea3
b23fd36ec037710672ac1aa6fea284e3869c4bae7941d9b53c771cff8743478e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 18:41:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash fc82211401f793132f7d43c2fd253af5
605d8371709b5d2a41967fd390c34fa649f89ea3
b23fd36ec037710672ac1aa6fea284e3869c4bae7941d9b53c771cff8743478e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 18:41:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash ca568b0094952ff8079bbea27bee5350
d395a918b1cb67dcd61ef96c1e0fb9cc298e633a
4789eeb2cfa143d120879f70f03c72aabb91ddfc829a2fba8e84f617e1960607
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 18:41:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash fc82211401f793132f7d43c2fd253af5
605d8371709b5d2a41967fd390c34fa649f89ea3
b23fd36ec037710672ac1aa6fea284e3869c4bae7941d9b53c771cff8743478e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 18:41:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash ebbd545aefa9283e52290bd400617e3f
5797111cbbfe69c3727aa87a861f605ee34c91d2
5e9fb2ca140824876b52be9dff27f09cb86c15eba1bc508c79faa68d263067fc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 18:41:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
142.250.74.163200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 44656, version 1.0\012- data
Hash a698723ffb7c306e852d2a2754a41bb1
1ad09d91061336f01ee7bbf0ab6ce011adeef279
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
GET /s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.ceritabasah.online
Connection: keep-alive
Referer: https://www.ceritabasah.online/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44656
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 24 Sep 2022 09:25:27 GMT
expires: Sun, 24 Sep 2023 09:25:27 GMT
cache-control: public, max-age=31536000
age: 378991
last-modified: Thu, 28 Oct 2021 00:30:43 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v27/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAewA.woff2
142.250.74.163200 OK 18 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v27/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAewA.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 17768, version 1.0\012- data
Hash b42f06e6ecc6ae551b010ba0ff4fa6a3
363c4ff155d5e82e88d9dfe31e129dcf62b4dced
f27408b033a0195d0f29b0ecbc143f470c4fbb0807472a688b2f9e66403651e0
GET /s/opensans/v27/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAewA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.ceritabasah.online
Connection: keep-alive
Referer: https://www.ceritabasah.online/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17768
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 23 Sep 2022 14:43:09 GMT
expires: Sat, 23 Sep 2023 14:43:09 GMT
cache-control: public, max-age=31536000
age: 446329
last-modified: Thu, 28 Oct 2021 00:32:14 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
1.bp.blogspot.com/-YTjPASOWTAQ/YNQ3xSlBNjI/AAAAAAAAB34/G7kSHdwBZYI5xmb2cytxEkyRhswXCHXsgCLcBGAsYHQ/s1320/Piki%2BFrame.png
142.250.74.161200 OK 2.3 kB URL HTTP/2 1.bp.blogspot.com/-YTjPASOWTAQ/YNQ3xSlBNjI/AAAAAAAAB34/G7kSHdwBZYI5xmb2cytxEkyRhswXCHXsgCLcBGAsYHQ/s1320/Piki%2BFrame.png
IP 142.250.74.161:0
File type PNG image data, 150 x 426, 8-bit colormap, non-interlaced\012- data
Hash ed0ebcdb5c9b47dd517a3792e24d07d4
69cab86daa8d01bb0036f40221be45d9f7482bf8
a212db34f6b0dac1d1383f4d9983c657a156b2f1d234bb9f5d4d6bb508f8af27
GET /-YTjPASOWTAQ/YNQ3xSlBNjI/AAAAAAAAB34/G7kSHdwBZYI5xmb2cytxEkyRhswXCHXsgCLcBGAsYHQ/s1320/Piki%2BFrame.png HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ceritabasah.online/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="Piki Frame.png"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 2294
x-xss-protection: 0
date: Wed, 28 Sep 2022 14:50:40 GMT
expires: Wed, 02 Mar 2022 10:25:24 GMT
cache-control: public, max-age=86400, no-transform
age: 13878
etag: "v77f"
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
1.bp.blogspot.com/-YTjPASOWTAQ/YNQ3xSlBNjI/AAAAAAAAB34/G7kSHdwBZYI5xmb2cytxEkyRhswXCHXsgCLcBGAsYHQ/s1000/Piki%2BFrame.png
142.250.74.161200 OK 2.3 kB URL HTTP/2 1.bp.blogspot.com/-YTjPASOWTAQ/YNQ3xSlBNjI/AAAAAAAAB34/G7kSHdwBZYI5xmb2cytxEkyRhswXCHXsgCLcBGAsYHQ/s1000/Piki%2BFrame.png
IP 142.250.74.161:0
File type PNG image data, 150 x 426, 8-bit colormap, non-interlaced\012- data
Hash ed0ebcdb5c9b47dd517a3792e24d07d4
69cab86daa8d01bb0036f40221be45d9f7482bf8
a212db34f6b0dac1d1383f4d9983c657a156b2f1d234bb9f5d4d6bb508f8af27
GET /-YTjPASOWTAQ/YNQ3xSlBNjI/AAAAAAAAB34/G7kSHdwBZYI5xmb2cytxEkyRhswXCHXsgCLcBGAsYHQ/s1000/Piki%2BFrame.png HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ceritabasah.online/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="Piki Frame.png"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 2294
x-xss-protection: 0
date: Wed, 28 Sep 2022 14:50:40 GMT
expires: Sun, 17 Jul 2022 08:07:25 GMT
cache-control: public, max-age=86400, no-transform
age: 13878
etag: "v77f"
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash fc82211401f793132f7d43c2fd253af5
605d8371709b5d2a41967fd390c34fa649f89ea3
b23fd36ec037710672ac1aa6fea284e3869c4bae7941d9b53c771cff8743478e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 18:41:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 3abd787e77629e21daa6606aeae67118
18be3a2080869ae7cde7053504d2ed5188406fda
bb630a804424bd198b8b534ab48c40a42c7b9e3996676523aaab0d8e0e3b1233
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3400
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 18:41:59 GMT
Last-Modified: Wed, 28 Sep 2022 17:45:19 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 279
e1.o.lencr.org/
23.36.76.226200 OK 346 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2917b8abe74403bc4f20b2eed1ac39a2
8421735ad0b1729a0f3467a5fb0fe06db7a6a5fc
6389a79fa621d32138dab9c0fab190c515288ef534b023cc909a156979fcef39
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "6389A79FA621D32138DAB9C0FAB190C515288EF534B023CC909A156979FCEF39"
Last-Modified: Mon, 26 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6036
Expires: Wed, 28 Sep 2022 20:22:35 GMT
Date: Wed, 28 Sep 2022 18:41:59 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash ca568b0094952ff8079bbea27bee5350
d395a918b1cb67dcd61ef96c1e0fb9cc298e633a
4789eeb2cfa143d120879f70f03c72aabb91ddfc829a2fba8e84f617e1960607
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 18:41:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2
142.250.74.163200 OK 25 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 24756, version 1.0\012- data
Hash 7bff5195b41fb95979967ceb1f4306b8
2e6a639f78b6dd671f870ae780f5f52bd0448e91
fcbd587432f5e88fc926d1cde0d375084b7f3e711f9ff34571dec52f70fb27cf
GET /s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.ceritabasah.online
Connection: keep-alive
Referer: https://www.ceritabasah.online/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 24756
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 24 Sep 2022 02:18:38 GMT
expires: Sun, 24 Sep 2023 02:18:38 GMT
cache-control: public, max-age=31536000
age: 404601
last-modified: Thu, 28 Oct 2021 00:30:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a61f98b1851bb6950dddeff8a54da60e
57a38f47662ab9fe74590a83c0a51e760045611e
7b561bf9620b6c7956c3f7131b90d2f6546de4897e73ced2d7bc8cb00dd1c8b1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7B561BF9620B6C7956C3F7131B90D2F6546DE4897E73CED2D7BC8CB00DD1C8B1"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5706
Expires: Wed, 28 Sep 2022 20:17:05 GMT
Date: Wed, 28 Sep 2022 18:41:59 GMT
Connection: keep-alive
querulous-type.com/c.H-VpzqarGsl_tuZvzw9xh-ZzEAlBkCP_TEQF0GOHD-AJzKMLiMZ_jOdPDQ0Rm-ZTnUBV2WP_TYgZwaMbD-AdmeZfngJ_2iPjTkElw-MnDoApwqJ_mslttuZvz-1xoydzHAR_wCcDyEUFz-QHSIUJyKR_iMUNyORPj-ERwSOTTUQ_1WLXTYIZu-cbyc5djeZ_Gg4hxiNjS-5ljmbn2o0_lqMrksZtj-cvmwVxhyd_GAlB2CZDX-MFlGMHkIY_xKNLzMENz-NPTQcRlSM_kUYVyWMXT-YZxaMbTcM_leMfkgYh0-NjDkglwmM_zoJpfqNrD-VthuNvzwg_uyczGA5Bn-JDnEBFhGe_TI0J4KMLD-ANwOJPnQB_hSeTWU9V1-dXFYBZlac_kcNdseafW-NhriPjTkA_mmcnmoVp2-PrTsEtwuM_DwAxwyJzn-NBzCPDTEA_mGcH3IQJ9-MLSMZN6Ob_2Q5RlSSTW-QV9WNXDYU_zaObTcYdz-Nfgg
88.85.69.211302 Found 0 B URL HTTP/2 querulous-type.com/c.H-VpzqarGsl_tuZvzw9xh-ZzEAlBkCP_TEQF0GOHD-AJzKMLiMZ_jOdPDQ0Rm-ZTnUBV2WP_TYgZwaMbD-AdmeZfngJ_2iPjTkElw-MnDoApwqJ_mslttuZvz-1xoydzHAR_wCcDyEUFz-QHSIUJyKR_iMUNyORPj-ERwSOTTUQ_1WLXTYIZu-cbyc5djeZ_Gg4hxiNjS-5ljmbn2o0_lqMrksZtj-cvmwVxhyd_GAlB2CZDX-MFlGMHkIY_xKNLzMENz-NPTQcRlSM_kUYVyWMXT-YZxaMbTcM_leMfkgYh0-NjDkglwmM_zoJpfqNrD-VthuNvzwg_uyczGA5Bn-JDnEBFhGe_TI0J4KMLD-ANwOJPnQB_hSeTWU9V1-dXFYBZlac_kcNdseafW-NhriPjTkA_mmcnmoVp2-PrTsEtwuM_DwAxwyJzn-NBzCPDTEA_mGcH3IQJ9-MLSMZN6Ob_2Q5RlSSTW-QV9WNXDYU_zaObTcYdz-Nfgg
IP 88.85.69.211:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c.H-VpzqarGsl_tuZvzw9xh-ZzEAlBkCP_TEQF0GOHD-AJzKMLiMZ_jOdPDQ0Rm-ZTnUBV2WP_TYgZwaMbD-AdmeZfngJ_2iPjTkElw-MnDoApwqJ_mslttuZvz-1xoydzHAR_wCcDyEUFz-QHSIUJyKR_iMUNyORPj-ERwSOTTUQ_1WLXTYIZu-cbyc5djeZ_Gg4hxiNjS-5ljmbn2o0_lqMrksZtj-cvmwVxhyd_GAlB2CZDX-MFlGMHkIY_xKNLzMENz-NPTQcRlSM_kUYVyWMXT-YZxaMbTcM_leMfkgYh0-NjDkglwmM_zoJpfqNrD-VthuNvzwg_uyczGA5Bn-JDnEBFhGe_TI0J4KMLD-ANwOJPnQB_hSeTWU9V1-dXFYBZlac_kcNdseafW-NhriPjTkA_mmcnmoVp2-PrTsEtwuM_DwAxwyJzn-NBzCPDTEA_mGcH3IQJ9-MLSMZN6Ob_2Q5RlSSTW-QV9WNXDYU_zaObTcYdz-Nfgg HTTP/1.1
Host: querulous-type.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ceritabasah.online/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx
date: Wed, 28 Sep 2022 18:41:59 GMT
content-length: 0
expires: Mon, 26 Jul 2011 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Platform
location: https://10945-2.s.cdn15.com/creatives/171357/216113/448032_45a78.png
x-content-type-options: nosniff
X-Firefox-Spdy: h2
querulous-type.com/bFX/Vmsnd.GflR0RYIWycQ/te-ml9XuKZDUGlokAPiT/Ql1VMSzekG2CMHzogAtuN/DRUozlOqTjYFzsO/QO
88.85.69.211404 Not Found 0 B URL HTTP/2 querulous-type.com/bFX/Vmsnd.GflR0RYIWycQ/te-ml9XuKZDUGlokAPiT/Ql1VMSzekG2CMHzogAtuN/DRUozlOqTjYFzsO/QO
IP 88.85.69.211:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bFX/Vmsnd.GflR0RYIWycQ/te-ml9XuKZDUGlokAPiT/Ql1VMSzekG2CMHzogAtuN/DRUozlOqTjYFzsO/QO HTTP/1.1
Host: querulous-type.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ceritabasah.online/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
server: nginx
date: Wed, 28 Sep 2022 18:41:59 GMT
content-length: 0
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Platform
expires: Mon, 26 Jul 2011 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
X-Firefox-Spdy: h2
astonishedmule.com/pixel/purst?dl=0&th=0&sc=0&rs=2465&rd=2465&fd=908&bv=22.8.v.1&tmpl=70
192.243.59.12200 OK 0 B URL HTTP/1.1 astonishedmule.com/pixel/purst?dl=0&th=0&sc=0&rs=2465&rd=2465&fd=908&bv=22.8.v.1&tmpl=70
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/purst?dl=0&th=0&sc=0&rs=2465&rd=2465&fd=908&bv=22.8.v.1&tmpl=70 HTTP/1.1
Host: astonishedmule.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ceritabasah.online/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Wed, 28 Sep 2022 18:41:59 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
10945-2.s.cdn15.com/creatives/171357/216113/448032_45a78.png
185.18.187.89200 OK 9.4 kB URL HTTP/2 10945-2.s.cdn15.com/creatives/171357/216113/448032_45a78.png
IP 185.18.187.89:0
ASN #61107 Toonbox Studio Ltd
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash 03cfef95b159bac03fd92ca6864284e6
709a5eba38c15a0fb2c9fff295021019877df5c5
53e0793d137cd5a3896a1ca0126b5548b9d67053eb8a8b8feeb5c501beb045aa
GET /creatives/171357/216113/448032_45a78.png HTTP/1.1
Host: 10945-2.s.cdn15.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ceritabasah.online/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: ucdn/1.22.0
date: Wed, 28 Sep 2022 18:41:59 GMT
content-type: image/png
content-length: 9418
last-modified: Tue, 27 Sep 2022 12:35:41 GMT
etag: "03cfef95b159bac03fd92ca6864284e6"
x-timestamp: 1664282140.63901
x-trans-id: tx110c496f138d4f98aec28-006332ee22
x-openstack-request-id: tx110c496f138d4f98aec28-006332ee22
expires: Thu, 09 Mar 2023 20:20:57 GMT
cache-control: max-age=14002738
x-ureq-id: XDrrrzssYKy7XniAYHDaCxO/1BtQYlPAo1HVcwFLMsr3uaLidETSLqKazNe79F20GEByJQyhOC8MENovHnWAlKl6rDOZz1zoddCAgTNgNdg=
x-served-from: l1
access-control-allow-origin: *
access-control-allow-methods: HEAD, GET, OPTIONS
x-vhostid: 6589, 23922
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash bfa83d39c0e58e2d73f62fc671ef8904
73a06a6b53ddb656b964a05634ba6c5d840f65c5
f6baaf565cb836bd8637803211bd53841cf340a91ebd749aa5065595692039ef
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F6BAAF565CB836BD8637803211BD53841CF340A91EBD749AA5065595692039EF"
Last-Modified: Mon, 26 Sep 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9216
Expires: Wed, 28 Sep 2022 21:15:35 GMT
Date: Wed, 28 Sep 2022 18:41:59 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 0bba621f49f6dbf2dc9e9102fa1d2805
30a04451a5c5782da94e5f0fce737bfd22b43bd8
912e644f506d721b61cf3c6b5f7c30297a93144b6216afbc1a82ef3b86afbc80
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "912E644F506D721B61CF3C6B5F7C30297A93144B6216AFBC1A82EF3B86AFBC80"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4260
Expires: Wed, 28 Sep 2022 19:52:59 GMT
Date: Wed, 28 Sep 2022 18:41:59 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 60862e3cfa179f3df2b96a58912f6787
ff537827cbde6445205715d36d3ae25fa1d6430f
8d359daecf4a7e4b1816e03d675e0f87ad87f729d9f1c9d0d7ef3598a2cbdf08
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 18:41:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
creepingbrings.com/sfp.js
172.64.198.30200 OK 27 kB URL HTTP/2 creepingbrings.com/sfp.js
IP 172.64.198.30:0
File type Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Hash 249d5bb8f8d5fd948efc1354d88c6817
7c912d3b06643207404fedefff09fafa13366c0d
f3bfe89639b988ecb00f0cfee2f14749541d67e96bd6b6308d6e934031db1352
GET /sfp.js HTTP/1.1
Host: creepingbrings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ceritabasah.online/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 28 Sep 2022 18:41:58 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 6f576dd688642314ac08e7541749cde1
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Wed, 28 Sep 2022 18:41:58 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B%2BmrMmD1S%2BceAy0xjvsvtKOOSnoCuhsRW3z4QiqFCj3bAzDduJ8UABjNaxKFHLC%2FYCk9Px4obEsB894fTq4FYRz4bXeRMK4Lrh%2Fue8PsQsVIdwMnnHy9e40TFBkZLrTt8rw7pn8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 751e9dc60b9406ed-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash d82a474dbb7f66ba5b1f0021fd2a0d30
c6da00410a9fa18014a9c704eaa4720409c26896
d72fecb5c7d9f617743fa0a7d82dcd029612ddb5ad75742f52e88dc8e6e06e5b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 18:41:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash d82a474dbb7f66ba5b1f0021fd2a0d30
c6da00410a9fa18014a9c704eaa4720409c26896
d72fecb5c7d9f617743fa0a7d82dcd029612ddb5ad75742f52e88dc8e6e06e5b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 18:41:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 60862e3cfa179f3df2b96a58912f6787
ff537827cbde6445205715d36d3ae25fa1d6430f
8d359daecf4a7e4b1816e03d675e0f87ad87f729d9f1c9d0d7ef3598a2cbdf08
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 18:41:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash d82a474dbb7f66ba5b1f0021fd2a0d30
c6da00410a9fa18014a9c704eaa4720409c26896
d72fecb5c7d9f617743fa0a7d82dcd029612ddb5ad75742f52e88dc8e6e06e5b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 18:41:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.ceritabasah.online/favicon.ico
142.250.74.179200 OK 961 B URL HTTP/2 www.ceritabasah.online/favicon.ico
IP 142.250.74.179:0
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash d2ac1e70ddc1e864767f835d6d8bed6c
9ca9036c85f75aae859fbecfed51446df30c7ebb
ff7d03dad35ce8b3514ce816e4cd476f6c86f35c18855646c9e38e4a1912a597
GET /favicon.ico HTTP/1.1
Host: www.ceritabasah.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ceritabasah.online/
Cookie: ppu_main_eab0780b70b7f4cf04cecb498182998a=1; sb_main_1ba75976f255aa48f13d9dd2dcc93470=1; sb_count_1ba75976f255aa48f13d9dd2dcc93470=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests
content-security-policy-report-only: default-src https: blob: data: 'unsafe-inline' 'unsafe-eval'; report-uri https://www.blogger.com/cspreport
content-type: image/x-icon; charset=UTF-8
expires: Wed, 28 Sep 2022 18:41:59 GMT
date: Wed, 28 Sep 2022 18:41:59 GMT
cache-control: private, max-age=86400
last-modified: Tue, 27 Sep 2022 13:17:43 GMT
etag: W/"0a08c51bc589b31226051e36a89b3b4f17a3a4026e6c15ef511ff90abcdfff0e"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 961
server: GSE
X-Firefox-Spdy: h2
querulous-type.com/atW/5ww.Y/Wnd/lTQs2/9ykKZ/Tn9/6Qbb2L5/lfSSWmQc9nNLDkUczYOwT/YYz_Njiq0/0hNrT/Mu5LNwjmMr3K
88.85.69.211200 OK 50 kB URL HTTP/2 querulous-type.com/atW/5ww.Y/Wnd/lTQs2/9ykKZ/Tn9/6Qbb2L5/lfSSWmQc9nNLDkUczYOwT/YYz_Njiq0/0hNrT/Mu5LNwjmMr3K
IP 88.85.69.211:0
File type Unicode text, UTF-8 text, with very long lines (65511)
Hash 0bbd4c0a3ad2c5abb019feba3976afc1
0bebb3bd6681172ddb998ca28ef0a6a7923a54f5
60b89c8bf22e954888c6adb065cbe1dedef30744b210543f55740b7ac9732ae1
GET /atW/5ww.Y/Wnd/lTQs2/9ykKZ/Tn9/6Qbb2L5/lfSSWmQc9nNLDkUczYOwT/YYz_Njiq0/0hNrT/Mu5LNwjmMr3K HTTP/1.1
Host: querulous-type.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ceritabasah.online/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 18:41:58 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
expires: Mon, 26 Jul 2011 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Platform
x-content-type-options: nosniff
content-encoding: br
X-Firefox-Spdy: h2
blogger.googleusercontent.com/img/a/AVvXsEgMFfbGQEwI4fJnma3XUIWqUV5aGGm0QcT3iK_FMxjD9S7Q4toxkn-ssvgOOFeAyQiQLe-E8Ry7jDxqJa8X3dcoU2GMbA9r9vGnpzvLgBSEd4Mk_QRJQAEIS6SMBBx-V2WR6NgxxtcOMpkXgM9Kuotk_p8GS7FhV-o07VKu-c3QaZYOjNCFGR2qBEk=s100
142.250.74.33200 OK 18 kB URL HTTP/2 blogger.googleusercontent.com/img/a/AVvXsEgMFfbGQEwI4fJnma3XUIWqUV5aGGm0QcT3iK_FMxjD9S7Q4toxkn-ssvgOOFeAyQiQLe-E8Ry7jDxqJa8X3dcoU2GMbA9r9vGnpzvLgBSEd4Mk_QRJQAEIS6SMBBx-V2WR6NgxxtcOMpkXgM9Kuotk_p8GS7FhV-o07VKu-c3QaZYOjNCFGR2qBEk=s100
IP 142.250.74.33:0
File type PNG image data, 100 x 100, 8-bit/color RGB, non-interlaced\012- data
Hash 49f5c16db7ed8e5ceff7157af6749611
54fa77c38f62e2451b0fe890521161d060dd4b65
cc863e55e7e3259bbe0664b3d4ed3648bd5707e85588585095bcb59d152c40ac
GET /img/a/AVvXsEgMFfbGQEwI4fJnma3XUIWqUV5aGGm0QcT3iK_FMxjD9S7Q4toxkn-ssvgOOFeAyQiQLe-E8Ry7jDxqJa8X3dcoU2GMbA9r9vGnpzvLgBSEd4Mk_QRJQAEIS6SMBBx-V2WR6NgxxtcOMpkXgM9Kuotk_p8GS7FhV-o07VKu-c3QaZYOjNCFGR2qBEk=s100 HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ceritabasah.online/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v1b1e"
expires: Thu, 29 Sep 2022 18:41:59 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="selingkuh.png"
content-type: image/png
vary: Origin
x-content-type-options: nosniff
date: Wed, 28 Sep 2022 18:41:59 GMT
server: fife
content-length: 18147
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
blogger.googleusercontent.com/img/a/AVvXsEihm3gYGGZ53OqiTzFKk4dvyxpAL-PSZpaFd0dR8EE9XJrd5h0MSmW_wvZYelVllPQWOfJdBNOZkCjSbNLM3c09-x1Za3YgbWhRuQzAjb41_KB56lokLI3Wkp6237oCNwNL4CmWxhugMK5WBlqBCU-XkhRwdxnl6Sb7LpdZIDz3BtTWI7wPtrOPNlg=s100
142.250.74.33200 OK 23 kB URL HTTP/2 blogger.googleusercontent.com/img/a/AVvXsEihm3gYGGZ53OqiTzFKk4dvyxpAL-PSZpaFd0dR8EE9XJrd5h0MSmW_wvZYelVllPQWOfJdBNOZkCjSbNLM3c09-x1Za3YgbWhRuQzAjb41_KB56lokLI3Wkp6237oCNwNL4CmWxhugMK5WBlqBCU-XkhRwdxnl6Sb7LpdZIDz3BtTWI7wPtrOPNlg=s100
IP 142.250.74.33:0
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash 81ca86112cf79368e7c711181aae9a3c
3cd1b502862818ad1c502123c938c9a8aa177a9e
48de1c03fd11a11bc1d5e48a6fca4a01a1b79d892348e179bec82ca10853650e
GET /img/a/AVvXsEihm3gYGGZ53OqiTzFKk4dvyxpAL-PSZpaFd0dR8EE9XJrd5h0MSmW_wvZYelVllPQWOfJdBNOZkCjSbNLM3c09-x1Za3YgbWhRuQzAjb41_KB56lokLI3Wkp6237oCNwNL4CmWxhugMK5WBlqBCU-XkhRwdxnl6Sb7LpdZIDz3BtTWI7wPtrOPNlg=s100 HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ceritabasah.online/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v1b2b"
expires: Thu, 29 Sep 2022 18:41:59 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="selingkuh.png"
content-type: image/png
vary: Origin
x-content-type-options: nosniff
date: Wed, 28 Sep 2022 18:41:59 GMT
server: fife
content-length: 22915
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash d82a474dbb7f66ba5b1f0021fd2a0d30
c6da00410a9fa18014a9c704eaa4720409c26896
d72fecb5c7d9f617743fa0a7d82dcd029612ddb5ad75742f52e88dc8e6e06e5b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 18:41:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
astonishedmule.com/pixel/pure
192.243.59.12204 No Content 0 B URL HTTP/1.1 astonishedmule.com/pixel/pure
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
OPTIONS /pixel/pure HTTP/1.1
Host: astonishedmule.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.ceritabasah.online/
Origin: https://www.ceritabasah.online
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx/1.17.6
Date: Wed, 28 Sep 2022 18:42:00 GMT
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 1728000
Content-Type: text/plain; charset=utf-8
Content-Length: 0
blogger.googleusercontent.com/img/a/AVvXsEgwbjWfTZGzXze9wfDCw1-_Q0tdMIHJTuTDHztJnpZnbk11JuIl7EwOKh_bjnMOLkwUxP84Vo0n408UlWX1NbQrhHUM2djiRsE_US8RMwac46kOwhxY6My1e3FpoAb7JeyjrPyKBMuFCSyuPteCRw4hhpobN_hEXc8jedwTBtL95tbwCYTFdeWpDlRhjg=s287
142.250.74.33200 OK 2.2 kB URL HTTP/2 blogger.googleusercontent.com/img/a/AVvXsEgwbjWfTZGzXze9wfDCw1-_Q0tdMIHJTuTDHztJnpZnbk11JuIl7EwOKh_bjnMOLkwUxP84Vo0n408UlWX1NbQrhHUM2djiRsE_US8RMwac46kOwhxY6My1e3FpoAb7JeyjrPyKBMuFCSyuPteCRw4hhpobN_hEXc8jedwTBtL95tbwCYTFdeWpDlRhjg=s287
IP 142.250.74.33:0
File type PNG image data, 287 x 65, 8-bit/color RGB, non-interlaced\012- data
Hash 06410b4d1f55b42dfd64acf9b2c417ce
b92e622eb23d6637e0b6f750948a3b49831d6c8b
5799665a70026fdf0e1675839dd1ed3c63d9bef90a16c606a412b23e08c3bc5b
GET /img/a/AVvXsEgwbjWfTZGzXze9wfDCw1-_Q0tdMIHJTuTDHztJnpZnbk11JuIl7EwOKh_bjnMOLkwUxP84Vo0n408UlWX1NbQrhHUM2djiRsE_US8RMwac46kOwhxY6My1e3FpoAb7JeyjrPyKBMuFCSyuPteCRw4hhpobN_hEXc8jedwTBtL95tbwCYTFdeWpDlRhjg=s287 HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ceritabasah.online/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v8"
expires: Thu, 29 Sep 2022 18:42:00 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="speedily-logo.png"
content-type: image/png
vary: Origin
x-content-type-options: nosniff
date: Wed, 28 Sep 2022 18:42:00 GMT
server: fife
content-length: 2222
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
blogger.googleusercontent.com/img/a/AVvXsEj0rc9K_p_dIKne226C_WOS0b_H-1Ep3pDGfONUc5drtGxd0SD7J_INOJRxsP0O783jG-181U6KpA82hxsmB3nGoLeejO6yw-mPtUCbdFhZUbawDmaT6DmoREQUexOaeiHR3_LvJJV0ueRh3ffB51g-9QtxT2HC1kI9mWNs2OuygEUVkQXE7-_dGlWRww=w743-h418-p-k-no-nu
142.250.74.33200 OK 285 kB URL HTTP/2 blogger.googleusercontent.com/img/a/AVvXsEj0rc9K_p_dIKne226C_WOS0b_H-1Ep3pDGfONUc5drtGxd0SD7J_INOJRxsP0O783jG-181U6KpA82hxsmB3nGoLeejO6yw-mPtUCbdFhZUbawDmaT6DmoREQUexOaeiHR3_LvJJV0ueRh3ffB51g-9QtxT2HC1kI9mWNs2OuygEUVkQXE7-_dGlWRww=w743-h418-p-k-no-nu
IP 142.250.74.33:0
File type PNG image data, 743 x 418, 8-bit/color RGB, non-interlaced\012- data
Size 285 kB (284710 bytes)
Hash 11c28dd0286197e6208b794732ca81c0
711e889332c5528c538e92e91278c7c7bb4d602a
fc2207e26bd4da8a106b6e247bc1c04c8406905d27ee53e496bf21976a57850c
GET /img/a/AVvXsEj0rc9K_p_dIKne226C_WOS0b_H-1Ep3pDGfONUc5drtGxd0SD7J_INOJRxsP0O783jG-181U6KpA82hxsmB3nGoLeejO6yw-mPtUCbdFhZUbawDmaT6DmoREQUexOaeiHR3_LvJJV0ueRh3ffB51g-9QtxT2HC1kI9mWNs2OuygEUVkQXE7-_dGlWRww=w743-h418-p-k-no-nu HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ceritabasah.online/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v50"
expires: Thu, 29 Sep 2022 18:42:00 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="image.png"
content-type: image/png
vary: Origin
x-content-type-options: nosniff
date: Wed, 28 Sep 2022 18:42:00 GMT
server: fife
content-length: 284710
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
blogger.googleusercontent.com/img/a/AVvXsEjIHEr1RYg037JjER1BVsNke9uV01UG4YwON6swteDcFc6VFtV6tTOPJKYm6MUgBNaClWD0-k2DRQKBbv3Pax5B8OdR3ewQahGhF51OpskpyZyRB0ZnZ2B_DywLGW_6pGRBq_FpmwFVl9DJD0v3lRc6FA_GQ61dO_7zhrNYRofiTSc1XZVT7GnUdOkULQ=w743-h418-p-k-no-nu
142.250.74.33200 OK 187 kB URL HTTP/2 blogger.googleusercontent.com/img/a/AVvXsEjIHEr1RYg037JjER1BVsNke9uV01UG4YwON6swteDcFc6VFtV6tTOPJKYm6MUgBNaClWD0-k2DRQKBbv3Pax5B8OdR3ewQahGhF51OpskpyZyRB0ZnZ2B_DywLGW_6pGRBq_FpmwFVl9DJD0v3lRc6FA_GQ61dO_7zhrNYRofiTSc1XZVT7GnUdOkULQ=w743-h418-p-k-no-nu
IP 142.250.74.33:0
File type PNG image data, 502 x 350, 8-bit/color RGB, non-interlaced\012- data
Size 187 kB (186697 bytes)
Hash 2ea71ecb2044f60e7426ee7f29d8e822
d2cddc60547a946685448b2724a3799fc46c5c6b
fbad02f2ad45dd0fb45f2da1ba135000a6a0b76ec7096a4fcbe61a44808f43e1
GET /img/a/AVvXsEjIHEr1RYg037JjER1BVsNke9uV01UG4YwON6swteDcFc6VFtV6tTOPJKYm6MUgBNaClWD0-k2DRQKBbv3Pax5B8OdR3ewQahGhF51OpskpyZyRB0ZnZ2B_DywLGW_6pGRBq_FpmwFVl9DJD0v3lRc6FA_GQ61dO_7zhrNYRofiTSc1XZVT7GnUdOkULQ=w743-h418-p-k-no-nu HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ceritabasah.online/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v10"
expires: Thu, 29 Sep 2022 18:42:00 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="image.png"
content-type: image/png
vary: Origin
x-content-type-options: nosniff
date: Wed, 28 Sep 2022 18:42:00 GMT
server: fife
content-length: 186697
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
blogger.googleusercontent.com/img/a/AVvXsEhva9vbE108bLCPmfbX6SvnV1folHm-3EBAu47TgDT7vtdq-rfa1C5-y8LVUHsYPiprw4OG1EfG4YOBI3268D9bkg8enAZlVEuD0CfO8L0efU1SEDCtBnCQv0MfW3qunoMCZ7jZepNrWrryiDgl_dLk4pE6nLbiWU2WcIYL_J30pv-mgUkPmIOe6Mg=s100
142.250.74.33200 OK 14 kB URL HTTP/2 blogger.googleusercontent.com/img/a/AVvXsEhva9vbE108bLCPmfbX6SvnV1folHm-3EBAu47TgDT7vtdq-rfa1C5-y8LVUHsYPiprw4OG1EfG4YOBI3268D9bkg8enAZlVEuD0CfO8L0efU1SEDCtBnCQv0MfW3qunoMCZ7jZepNrWrryiDgl_dLk4pE6nLbiWU2WcIYL_J30pv-mgUkPmIOe6Mg=s100
IP 142.250.74.33:0
File type PNG image data, 100 x 100, 8-bit/color RGB, non-interlaced\012- data
Hash 67e4e6b81b0ec0133fa475ef46881915
ef19167163623472850b6c2a7303cc6e022490f5
16ab0838d2490463db19278937f56fd8f9e7562bd4bd2d22b79a8f1164c7123f
GET /img/a/AVvXsEhva9vbE108bLCPmfbX6SvnV1folHm-3EBAu47TgDT7vtdq-rfa1C5-y8LVUHsYPiprw4OG1EfG4YOBI3268D9bkg8enAZlVEuD0CfO8L0efU1SEDCtBnCQv0MfW3qunoMCZ7jZepNrWrryiDgl_dLk4pE6nLbiWU2WcIYL_J30pv-mgUkPmIOe6Mg=s100 HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ceritabasah.online/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v1b23"
expires: Thu, 29 Sep 2022 18:42:00 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="selingkuh.png"
content-type: image/png
vary: Origin
x-content-type-options: nosniff
date: Wed, 28 Sep 2022 18:42:00 GMT
server: fife
content-length: 14233
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
blogger.googleusercontent.com/img/a/AVvXsEjXEwhyEKDi74mlOowEvLSBJgs9g4wsfFENGKl9Tx34gbfB0IQSDwPxWyJFD6H2FFz2BVdPHwUawz7mv3jKuT8AG2y7bnzuJM1OIiqLomqlQ4B_kYvFGMGbjVxo_RkXnBQ2hie11RPP0rYQYFos2hSPyxj60eTDHjVFGvKEzeZ0tKP40619D8GFbaA=s100
142.250.74.33200 OK 18 kB URL HTTP/2 blogger.googleusercontent.com/img/a/AVvXsEjXEwhyEKDi74mlOowEvLSBJgs9g4wsfFENGKl9Tx34gbfB0IQSDwPxWyJFD6H2FFz2BVdPHwUawz7mv3jKuT8AG2y7bnzuJM1OIiqLomqlQ4B_kYvFGMGbjVxo_RkXnBQ2hie11RPP0rYQYFos2hSPyxj60eTDHjVFGvKEzeZ0tKP40619D8GFbaA=s100
IP 142.250.74.33:0
File type PNG image data, 100 x 100, 8-bit/color RGB, non-interlaced\012- data
Hash 6a02e6788ada5b6394989ca8f62e28f2
68fe64a23e87cbb06e182d4bd98ecde601ce07f0
783dd680acaa4e1a943fbc193a11371c00a33c078bb708119a60941eb77f5af1
GET /img/a/AVvXsEjXEwhyEKDi74mlOowEvLSBJgs9g4wsfFENGKl9Tx34gbfB0IQSDwPxWyJFD6H2FFz2BVdPHwUawz7mv3jKuT8AG2y7bnzuJM1OIiqLomqlQ4B_kYvFGMGbjVxo_RkXnBQ2hie11RPP0rYQYFos2hSPyxj60eTDHjVFGvKEzeZ0tKP40619D8GFbaA=s100 HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ceritabasah.online/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v1b23"
expires: Thu, 29 Sep 2022 18:42:00 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="selingkuh.png"
content-type: image/png
vary: Origin
x-content-type-options: nosniff
date: Wed, 28 Sep 2022 18:42:00 GMT
server: fife
content-length: 17871
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
blogger.googleusercontent.com/img/a/AVvXsEiQY67qT-7pkZ6849Mozw-_YpmtVRcqsWwENDJw-9OUpfuelTQ0k-MxitjeBy1Bdts6ypRvG-5-gPN2ihtzBVbu2jYccIyGwV9Hxq4uCRIZkOiSpoIJ-AKI_l-7Ntbq70R8YQbVMLm0UecsrVfuzlXnKi2fyP40yPy4OX5GJusCNoIFIvzKfg8oeBE=s100
142.250.74.33200 OK 20 kB URL HTTP/2 blogger.googleusercontent.com/img/a/AVvXsEiQY67qT-7pkZ6849Mozw-_YpmtVRcqsWwENDJw-9OUpfuelTQ0k-MxitjeBy1Bdts6ypRvG-5-gPN2ihtzBVbu2jYccIyGwV9Hxq4uCRIZkOiSpoIJ-AKI_l-7Ntbq70R8YQbVMLm0UecsrVfuzlXnKi2fyP40yPy4OX5GJusCNoIFIvzKfg8oeBE=s100
IP 142.250.74.33:0
File type PNG image data, 100 x 100, 8-bit/color RGB, non-interlaced\012- data
Hash f7381af2ae2d08aae627cb9d3a05e921
996136d4be250b2e090995ec968e6e26dcdb5070
6e11f92cdecc390f0927a023221d17b8080247b0037bc2e4d9c130a43a88582e
GET /img/a/AVvXsEiQY67qT-7pkZ6849Mozw-_YpmtVRcqsWwENDJw-9OUpfuelTQ0k-MxitjeBy1Bdts6ypRvG-5-gPN2ihtzBVbu2jYccIyGwV9Hxq4uCRIZkOiSpoIJ-AKI_l-7Ntbq70R8YQbVMLm0UecsrVfuzlXnKi2fyP40yPy4OX5GJusCNoIFIvzKfg8oeBE=s100 HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ceritabasah.online/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v1b28"
expires: Thu, 29 Sep 2022 18:42:00 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="selingkuh.png"
content-type: image/png
vary: Origin
x-content-type-options: nosniff
date: Wed, 28 Sep 2022 18:42:00 GMT
server: fife
content-length: 19607
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
blogger.googleusercontent.com/img/a/AVvXsEgTfTiPGBok2_gyYlPMb7ZTk3AmAEvwXiYXGA86fjki1K5fZYha6bTGZ_oZGLu5gfigRiQf7gXKTYPeAhNb51c9bJGCQlFlbbHYXJJVTJMEV79sQ3dg02kFr10fS5WYxH_xRkT_qzzUHp_siK_EaomQyv1JPz4z1WQiAfyp5yXViHxfgHRobpytGAI=s100
142.250.74.33200 OK 16 kB URL HTTP/2 blogger.googleusercontent.com/img/a/AVvXsEgTfTiPGBok2_gyYlPMb7ZTk3AmAEvwXiYXGA86fjki1K5fZYha6bTGZ_oZGLu5gfigRiQf7gXKTYPeAhNb51c9bJGCQlFlbbHYXJJVTJMEV79sQ3dg02kFr10fS5WYxH_xRkT_qzzUHp_siK_EaomQyv1JPz4z1WQiAfyp5yXViHxfgHRobpytGAI=s100
IP 142.250.74.33:0
File type PNG image data, 100 x 100, 8-bit/color RGB, non-interlaced\012- data
Hash f0417f9020e4e26f4b473b0ca10347c2
efcde26da1f09b823de8a90f3f9e87caec7cd4f7
61ceca33547106d64d09ff9b6b36cfac94729f0c9d4f1ead77c054c75152bed5
GET /img/a/AVvXsEgTfTiPGBok2_gyYlPMb7ZTk3AmAEvwXiYXGA86fjki1K5fZYha6bTGZ_oZGLu5gfigRiQf7gXKTYPeAhNb51c9bJGCQlFlbbHYXJJVTJMEV79sQ3dg02kFr10fS5WYxH_xRkT_qzzUHp_siK_EaomQyv1JPz4z1WQiAfyp5yXViHxfgHRobpytGAI=s100 HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ceritabasah.online/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v1b29"
expires: Thu, 29 Sep 2022 18:42:00 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="selingkuh.png"
content-type: image/png
vary: Origin
x-content-type-options: nosniff
date: Wed, 28 Sep 2022 18:42:00 GMT
server: fife
content-length: 15929
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
blogger.googleusercontent.com/img/a/AVvXsEgB6GtZBZ9W67d4SBe6IWaPf5tJO5lgPhfdXVq9cC3AJKQs_i5guu5_CAlkRQsR_oyZRomU6UOMSfp9qhe9jWvumZvKpVd6zJ-5L62nTdR6Rg8UcEc4KuKUYitaIoifE5pLtii_h2wD4SCP_cfTabB_Fw0oOI-ThCrqWzEL5turkn7hdoUSpQVwIPY=s100
142.250.74.33200 OK 22 kB URL HTTP/2 blogger.googleusercontent.com/img/a/AVvXsEgB6GtZBZ9W67d4SBe6IWaPf5tJO5lgPhfdXVq9cC3AJKQs_i5guu5_CAlkRQsR_oyZRomU6UOMSfp9qhe9jWvumZvKpVd6zJ-5L62nTdR6Rg8UcEc4KuKUYitaIoifE5pLtii_h2wD4SCP_cfTabB_Fw0oOI-ThCrqWzEL5turkn7hdoUSpQVwIPY=s100
IP 142.250.74.33:0
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash acdaeb948ba1f0d85103a4015626a2d4
37e44c7fc778e2b0e71ef51d19bf5fafa230c28d
acaad5b5927a7cc8509a50aa2e49acd21c204197db0cf94948110945ff26b340
GET /img/a/AVvXsEgB6GtZBZ9W67d4SBe6IWaPf5tJO5lgPhfdXVq9cC3AJKQs_i5guu5_CAlkRQsR_oyZRomU6UOMSfp9qhe9jWvumZvKpVd6zJ-5L62nTdR6Rg8UcEc4KuKUYitaIoifE5pLtii_h2wD4SCP_cfTabB_Fw0oOI-ThCrqWzEL5turkn7hdoUSpQVwIPY=s100 HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ceritabasah.online/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v1b2a"
expires: Thu, 29 Sep 2022 18:42:00 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="selingkuh.png"
content-type: image/png
vary: Origin
x-content-type-options: nosniff
date: Wed, 28 Sep 2022 18:42:00 GMT
server: fife
content-length: 22267
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
blogger.googleusercontent.com/img/a/AVvXsEihgmmud8q7aHMQwNcODUw4MgwTC5YRtOLNctdPkIxB9ndSiBIOwFGbs1KHVLGx13Ai-hYoAT0IFFnWBG8KCGW2XELWQFbHQKsSvEKerppdO9qTDYXs8NXnHeB-vfFtRRu-TLTBtzR6xEIllx8VXalZaWhhaPcXjtG87FpoCMeYOxix3YFPfA0XeU5fVw=w743-h418-p-k-no-nu
142.250.74.33200 OK 190 kB URL HTTP/2 blogger.googleusercontent.com/img/a/AVvXsEihgmmud8q7aHMQwNcODUw4MgwTC5YRtOLNctdPkIxB9ndSiBIOwFGbs1KHVLGx13Ai-hYoAT0IFFnWBG8KCGW2XELWQFbHQKsSvEKerppdO9qTDYXs8NXnHeB-vfFtRRu-TLTBtzR6xEIllx8VXalZaWhhaPcXjtG87FpoCMeYOxix3YFPfA0XeU5fVw=w743-h418-p-k-no-nu
IP 142.250.74.33:0
File type PNG image data, 503 x 418, 8-bit/color RGB, non-interlaced\012- data
Size 190 kB (190294 bytes)
Hash aebe6a7248c6bfdb3d3cbee99b508aea
7d452caa3459dc019dfcd0facdfa612a5c246ffd
3ca5410278a2ac61c930671b4c6d697515964c1ddac528c617a62a694085c207
GET /img/a/AVvXsEihgmmud8q7aHMQwNcODUw4MgwTC5YRtOLNctdPkIxB9ndSiBIOwFGbs1KHVLGx13Ai-hYoAT0IFFnWBG8KCGW2XELWQFbHQKsSvEKerppdO9qTDYXs8NXnHeB-vfFtRRu-TLTBtzR6xEIllx8VXalZaWhhaPcXjtG87FpoCMeYOxix3YFPfA0XeU5fVw=w743-h418-p-k-no-nu HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ceritabasah.online/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "va"
expires: Thu, 29 Sep 2022 18:42:00 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="image.png"
content-type: image/png
vary: Origin
x-content-type-options: nosniff
date: Wed, 28 Sep 2022 18:42:00 GMT
server: fife
content-length: 190294
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
blogger.googleusercontent.com/img/a/AVvXsEhxW6jhumiOPPjdmWPyj9VZW6zvv7nU2pDbL2ac_FXF1UZb2ihCtcUyq-106yUgU9zpQBf-ce07pOgtvwppv4Ng3-LTBtsP4JFGUVR2wPJQ1vo3DnA8l2g8lrefA-7L59WFOz3bxTxNQE14DTzUvu49TM2vcK54yDsNJzsU-Vmz6ODW6TMyCqcGYIo=s100
142.250.74.33200 OK 21 kB URL HTTP/2 blogger.googleusercontent.com/img/a/AVvXsEhxW6jhumiOPPjdmWPyj9VZW6zvv7nU2pDbL2ac_FXF1UZb2ihCtcUyq-106yUgU9zpQBf-ce07pOgtvwppv4Ng3-LTBtsP4JFGUVR2wPJQ1vo3DnA8l2g8lrefA-7L59WFOz3bxTxNQE14DTzUvu49TM2vcK54yDsNJzsU-Vmz6ODW6TMyCqcGYIo=s100
IP 142.250.74.33:0
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash 18875e9cc91b3b0884d4712555dd0541
ec6a2c9f1cebc1cb8f4c6ea1db68cdaa1f5e89d9
51f324b27fc3e9e391601ec9e06f73c6d2b9e85a306bac27ffe24c99ea441f7e
GET /img/a/AVvXsEhxW6jhumiOPPjdmWPyj9VZW6zvv7nU2pDbL2ac_FXF1UZb2ihCtcUyq-106yUgU9zpQBf-ce07pOgtvwppv4Ng3-LTBtsP4JFGUVR2wPJQ1vo3DnA8l2g8lrefA-7L59WFOz3bxTxNQE14DTzUvu49TM2vcK54yDsNJzsU-Vmz6ODW6TMyCqcGYIo=s100 HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ceritabasah.online/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v1b28"
expires: Thu, 29 Sep 2022 18:42:00 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="selingkuh.png"
content-type: image/png
vary: Origin
x-content-type-options: nosniff
date: Wed, 28 Sep 2022 18:42:00 GMT
server: fife
content-length: 21279
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
blogger.googleusercontent.com/img/a/AVvXsEhbVzDatGurxn0JGs7y5JT6pcWD6zbSMrYrM-6FZ1dDfhyyOT7vYZRyv1wYV66kn4F94cX6_pp6THey2Aq6w8D8A27Q8JKBu-eUHOORqxYe2AKb4w2SLUlK5tJlVH9pyvrJtEkia7KPo_LzObrxeZHqm-PQBWoNHssDJE88F6vDETOWjdF4zN86ndU=s100
142.250.74.33200 OK 20 kB URL HTTP/2 blogger.googleusercontent.com/img/a/AVvXsEhbVzDatGurxn0JGs7y5JT6pcWD6zbSMrYrM-6FZ1dDfhyyOT7vYZRyv1wYV66kn4F94cX6_pp6THey2Aq6w8D8A27Q8JKBu-eUHOORqxYe2AKb4w2SLUlK5tJlVH9pyvrJtEkia7KPo_LzObrxeZHqm-PQBWoNHssDJE88F6vDETOWjdF4zN86ndU=s100
IP 142.250.74.33:0
File type PNG image data, 100 x 100, 8-bit/color RGB, non-interlaced\012- data
Hash 3f41ca8e97f097dbe2180c4b27fe1e1a
8451e8d21b40f1f0f8192ab814e1ec7a554cac2b
2e92c8451842b99b04e865094e90afa8fb718abf5fb4a1ba75a2467dd1d23cbb
GET /img/a/AVvXsEhbVzDatGurxn0JGs7y5JT6pcWD6zbSMrYrM-6FZ1dDfhyyOT7vYZRyv1wYV66kn4F94cX6_pp6THey2Aq6w8D8A27Q8JKBu-eUHOORqxYe2AKb4w2SLUlK5tJlVH9pyvrJtEkia7KPo_LzObrxeZHqm-PQBWoNHssDJE88F6vDETOWjdF4zN86ndU=s100 HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ceritabasah.online/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v1b19"
expires: Thu, 29 Sep 2022 18:42:00 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="selingkuh.png"
content-type: image/png
vary: Origin
x-content-type-options: nosniff
date: Wed, 28 Sep 2022 18:42:00 GMT
server: fife
content-length: 19619
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
blogger.googleusercontent.com/img/a/AVvXsEhgzn0kN4a-yAWBMJKfH9J5EXmefj8pwpXIglyvTrSsJmjARk4u6hcQ_DWTudparcQzHGuQ3xewzfWfYRmPAV3iPz7VkGKQLCSKC78zdaoo0F8uL1TrUuHb8N91pnv1eqOqNXBAuxJoWMx9bY5lFHITU64GVPLB-kS0lgzkX6BhhLGeHKDWtPjNg5Y=w319-h283-p-k-no-nu
142.250.74.33200 OK 77 kB URL HTTP/2 blogger.googleusercontent.com/img/a/AVvXsEhgzn0kN4a-yAWBMJKfH9J5EXmefj8pwpXIglyvTrSsJmjARk4u6hcQ_DWTudparcQzHGuQ3xewzfWfYRmPAV3iPz7VkGKQLCSKC78zdaoo0F8uL1TrUuHb8N91pnv1eqOqNXBAuxJoWMx9bY5lFHITU64GVPLB-kS0lgzkX6BhhLGeHKDWtPjNg5Y=w319-h283-p-k-no-nu
IP 142.250.74.33:0
File type PNG image data, 319 x 283, 8-bit/color RGB, non-interlaced\012- data
Hash 95d9676b37df864f7b42c0e0875be510
8571f52b280fe9461f1527ba2879cc95f27506f7
8fc903c2ae56551501cbc838cd888b59157d1599ad7ba2951b7f5c1f2cc613ab
GET /img/a/AVvXsEhgzn0kN4a-yAWBMJKfH9J5EXmefj8pwpXIglyvTrSsJmjARk4u6hcQ_DWTudparcQzHGuQ3xewzfWfYRmPAV3iPz7VkGKQLCSKC78zdaoo0F8uL1TrUuHb8N91pnv1eqOqNXBAuxJoWMx9bY5lFHITU64GVPLB-kS0lgzkX6BhhLGeHKDWtPjNg5Y=w319-h283-p-k-no-nu HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ceritabasah.online/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v1bf9"
expires: Thu, 29 Sep 2022 18:42:00 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="image.png"
content-type: image/png
vary: Origin
x-content-type-options: nosniff
date: Wed, 28 Sep 2022 18:42:00 GMT
server: fife
content-length: 76980
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
blogger.googleusercontent.com/img/a/AVvXsEhgzn0kN4a-yAWBMJKfH9J5EXmefj8pwpXIglyvTrSsJmjARk4u6hcQ_DWTudparcQzHGuQ3xewzfWfYRmPAV3iPz7VkGKQLCSKC78zdaoo0F8uL1TrUuHb8N91pnv1eqOqNXBAuxJoWMx9bY5lFHITU64GVPLB-kS0lgzkX6BhhLGeHKDWtPjNg5Y=w743-h418-p-k-no-nu
142.250.74.33200 OK 107 kB URL HTTP/2 blogger.googleusercontent.com/img/a/AVvXsEhgzn0kN4a-yAWBMJKfH9J5EXmefj8pwpXIglyvTrSsJmjARk4u6hcQ_DWTudparcQzHGuQ3xewzfWfYRmPAV3iPz7VkGKQLCSKC78zdaoo0F8uL1TrUuHb8N91pnv1eqOqNXBAuxJoWMx9bY5lFHITU64GVPLB-kS0lgzkX6BhhLGeHKDWtPjNg5Y=w743-h418-p-k-no-nu
IP 142.250.74.33:0
File type PNG image data, 328 x 418, 8-bit/color RGB, non-interlaced\012- data
Size 107 kB (106852 bytes)
Hash 690bde69b26c312c0b326559cf5a3c58
342e62cbb355edd446689ca5a08c508fdbaa96dd
fe4bfd9d124e1bd9285b53419cf261b386bd976f286c00140fd349a7f8e63974
GET /img/a/AVvXsEhgzn0kN4a-yAWBMJKfH9J5EXmefj8pwpXIglyvTrSsJmjARk4u6hcQ_DWTudparcQzHGuQ3xewzfWfYRmPAV3iPz7VkGKQLCSKC78zdaoo0F8uL1TrUuHb8N91pnv1eqOqNXBAuxJoWMx9bY5lFHITU64GVPLB-kS0lgzkX6BhhLGeHKDWtPjNg5Y=w743-h418-p-k-no-nu HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ceritabasah.online/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v1bf9"
expires: Thu, 29 Sep 2022 18:42:00 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="image.png"
content-type: image/png
vary: Origin
x-content-type-options: nosniff
date: Wed, 28 Sep 2022 18:42:00 GMT
server: fife
content-length: 106852
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
astonishedmule.com/pixel/pure
192.243.59.12200 OK 0 B URL HTTP/1.1 astonishedmule.com/pixel/pure
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
POST /pixel/pure HTTP/1.1
Host: astonishedmule.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 72
Origin: https://www.ceritabasah.online
Connection: keep-alive
Referer: https://www.ceritabasah.online/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Wed, 28 Sep 2022 18:42:00 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
simplewebanalysis.com/stats
52.29.95.124200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 52.29.95.124:0
File type ASCII text, with no line terminators
Hash c83023b2b41cfca257bdd7d5bd25ed2d
755cae81a18287fb14741666b436812b376ceb52
9acd66d25a436ab787decee7867f1d2f3bc48074aa5c315970afe0c8d0b81134
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.ceritabasah.online
Connection: keep-alive
Referer: https://www.ceritabasah.online/
Cookie: uid_id2=57a5aec7-d9f8-47fb-8160-f609178f2e18:2:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 18:42:00 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.ceritabasah.online
access-control-allow-credentials: true
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
52.29.95.124200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 52.29.95.124:0
File type ASCII text, with no line terminators
Hash c83023b2b41cfca257bdd7d5bd25ed2d
755cae81a18287fb14741666b436812b376ceb52
9acd66d25a436ab787decee7867f1d2f3bc48074aa5c315970afe0c8d0b81134
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.ceritabasah.online
Connection: keep-alive
Referer: https://www.ceritabasah.online/
Cookie: uid_id2=57a5aec7-d9f8-47fb-8160-f609178f2e18:2:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 18:42:00 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.ceritabasah.online
access-control-allow-credentials: true
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash a464bab0df63bbafe3cf44e171e8de5c
8e0c31b3fcca9f32508efe21e6025674ab9afa36
f49adc25c672c3292ea36fbfb4215a6ec51b95e66aaf0feede9fd53f9d02bdaa
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3338
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 18:42:00 GMT
Last-Modified: Wed, 28 Sep 2022 17:46:22 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 278
kazanwhoeveryowl.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRitzi6oiIIhFwXD3FSQ2e751TPmEFzXlcVNNiaKuWl1Vc1sOdVVTVX39OyeFoMhF2Fy8N77ZjdLNIiK1wSZDeSwIGx72oP7P4iQkweZyeKYD5rvvX7v8L7vq9u72SnxkdGTlStmWypFl5pVv%2FL2zSC4VFmXOhtWhu3WF63GpYodvNdpVf13Kh8J1jdLNT%2Fw%2FcAPKqvSiq4ZLk1FyORBJ6h2%2FGqjVg2aDQzt89xlHhz1wAen5DwkLxcfexcg2QQ6%2FmlFuH5qknc%2FjDNFU2Mx4Aef6b42uUY8h13roasPztww7nj1EYzen8WFGfxnjGRJvCePEOmDs5CIBnuznJGC0Ij4y8gHEwg1gaQTMHMLkh8TgHFc3YCO7101Nqdbz1Q6VUuy%2BPRvyLwki39egI5%2FXFZyWLlhVJZKox2G3QJyOIHsTZBkh0i3z0Hmh2Dp15D8d7L0dB063ttwykDyYja7lBPI7gRKjECdh2z6SQ9Z10OWeIj5SYUFQRD6nFG%2F3WGszkMRtbgf0LAb0MBvtZGxabwR0mQEpkZgdgeJ3UFf3j1unofNfoPbLOC4B5eWxPtkBwNeIBcEuSPIKUEuCfKUIB8U%2B1y5mivuceWyKDjrtbNeL8Ym7e3SfZP2hCa7ySl5bboa75WX%2BuiLk0oQ0bDZCVvdWrNJaaPdDeq8w3mNM9apN0IfThaQ7txs2m1ZkouvPkQiS%2FLCybeI6CGcOgSTC6DZm6D5OKz5oJvjRtvHtv6FCStTGlFHN6tGK6kFuCmQpItIt7xddUpenx2qfvMtCHZ0%2BcvoSvnX%2FX%2FAbIHEFvhKPiboqTvj6yYne9dN7sjPG0kqY7lNp0e8kdJULHz%2FsdjKjeVrK250%2F302FabwwafCpetUc6l7jvywLDkXdtVYJsjDNfe5iK5lbnM5szpL1q99sLoWJ1Y4J42egMqSkCdHYLIkL%2F66P3ufb3xzG9JOYLMCcXZEzgrSHIIlO3DJPL8zC7Bq7okSD3lWjG0tmv9UkkCJOadRAfc%2FHs3xrruDnr0Imt6CjgsMbIGBKkDVCC5bGKeJPbr8R31WiJQ3jpT19iJl1d1ny3XypBLW6z5tdZpBGFIRRo1au9sKOKW1RqvWatE6Uleyxnf5vwAAAP%2F%2FAQAA%2F%2F8CAClOagQAAA%3D%3D
173.233.137.52200 OK 7 B URL HTTP/1.1 kazanwhoeveryowl.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRitzi6oiIIhFwXD3FSQ2e751TPmEFzXlcVNNiaKuWl1Vc1sOdVVTVX39OyeFoMhF2Fy8N77ZjdLNIiK1wSZDeSwIGx72oP7P4iQkweZyeKYD5rvvX7v8L7vq9u72SnxkdGTlStmWypFl5pVv%2FL2zSC4VFmXOhtWhu3WF63GpYodvNdpVf13Kh8J1jdLNT%2Fw%2FcAPKqvSiq4ZLk1FyORBJ6h2%2FGqjVg2aDQzt89xlHhz1wAen5DwkLxcfexcg2QQ6%2FmlFuH5qknc%2FjDNFU2Mx4Aef6b42uUY8h13roasPztww7nj1EYzen8WFGfxnjGRJvCePEOmDs5CIBnuznJGC0Ij4y8gHEwg1gaQTMHMLkh8TgHFc3YCO7101Nqdbz1Q6VUuy%2BPRvyLwki39egI5%2FXFZyWLlhVJZKox2G3QJyOIHsTZBkh0i3z0Hmh2Dp15D8d7L0dB063ttwykDyYja7lBPI7gRKjECdh2z6SQ9Z10OWeIj5SYUFQRD6nFG%2F3WGszkMRtbgf0LAb0MBvtZGxabwR0mQEpkZgdgeJ3UFf3j1unofNfoPbLOC4B5eWxPtkBwNeIBcEuSPIKUEuCfKUIB8U%2B1y5mivuceWyKDjrtbNeL8Ym7e3SfZP2hCa7ySl5bboa75WX%2BuiLk0oQ0bDZCVvdWrNJaaPdDeq8w3mNM9apN0IfThaQ7txs2m1ZkouvPkQiS%2FLCybeI6CGcOgSTC6DZm6D5OKz5oJvjRtvHtv6FCStTGlFHN6tGK6kFuCmQpItIt7xddUpenx2qfvMtCHZ0%2BcvoSvnX%2FX%2FAbIHEFvhKPiboqTvj6yYne9dN7sjPG0kqY7lNp0e8kdJULHz%2FsdjKjeVrK250%2F302FabwwafCpetUc6l7jvywLDkXdtVYJsjDNfe5iK5lbnM5szpL1q99sLoWJ1Y4J42egMqSkCdHYLIkL%2F66P3ufb3xzG9JOYLMCcXZEzgrSHIIlO3DJPL8zC7Bq7okSD3lWjG0tmv9UkkCJOadRAfc%2FHs3xrruDnr0Imt6CjgsMbIGBKkDVCC5bGKeJPbr8R31WiJQ3jpT19iJl1d1ny3XypBLW6z5tdZpBGFIRRo1au9sKOKW1RqvWatE6Uleyxnf5vwAAAP%2F%2FAQAA%2F%2F8CAClOagQAAA%3D%3D
IP 173.233.137.52:0
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRitzi6oiIIhFwXD3FSQ2e751TPmEFzXlcVNNiaKuWl1Vc1sOdVVTVX39OyeFoMhF2Fy8N77ZjdLNIiK1wSZDeSwIGx72oP7P4iQkweZyeKYD5rvvX7v8L7vq9u72SnxkdGTlStmWypFl5pVv%2FL2zSC4VFmXOhtWhu3WF63GpYodvNdpVf13Kh8J1jdLNT%2Fw%2FcAPKqvSiq4ZLk1FyORBJ6h2%2FGqjVg2aDQzt89xlHhz1wAen5DwkLxcfexcg2QQ6%2FmlFuH5qknc%2FjDNFU2Mx4Aef6b42uUY8h13roasPztww7nj1EYzen8WFGfxnjGRJvCePEOmDs5CIBnuznJGC0Ij4y8gHEwg1gaQTMHMLkh8TgHFc3YCO7101Nqdbz1Q6VUuy%2BPRvyLwki39egI5%2FXFZyWLlhVJZKox2G3QJyOIHsTZBkh0i3z0Hmh2Dp15D8d7L0dB063ttwykDyYja7lBPI7gRKjECdh2z6SQ9Z10OWeIj5SYUFQRD6nFG%2F3WGszkMRtbgf0LAb0MBvtZGxabwR0mQEpkZgdgeJ3UFf3j1unofNfoPbLOC4B5eWxPtkBwNeIBcEuSPIKUEuCfKUIB8U%2B1y5mivuceWyKDjrtbNeL8Ym7e3SfZP2hCa7ySl5bboa75WX%2BuiLk0oQ0bDZCVvdWrNJaaPdDeq8w3mNM9apN0IfThaQ7txs2m1ZkouvPkQiS%2FLCybeI6CGcOgSTC6DZm6D5OKz5oJvjRtvHtv6FCStTGlFHN6tGK6kFuCmQpItIt7xddUpenx2qfvMtCHZ0%2BcvoSvnX%2FX%2FAbIHEFvhKPiboqTvj6yYne9dN7sjPG0kqY7lNp0e8kdJULHz%2FsdjKjeVrK250%2F302FabwwafCpetUc6l7jvywLDkXdtVYJsjDNfe5iK5lbnM5szpL1q99sLoWJ1Y4J42egMqSkCdHYLIkL%2F66P3ufb3xzG9JOYLMCcXZEzgrSHIIlO3DJPL8zC7Bq7okSD3lWjG0tmv9UkkCJOadRAfc%2FHs3xrruDnr0Imt6CjgsMbIGBKkDVCC5bGKeJPbr8R31WiJQ3jpT19iJl1d1ny3XypBLW6z5tdZpBGFIRRo1au9sKOKW1RqvWatE6Uleyxnf5vwAAAP%2F%2FAQAA%2F%2F8CAClOagQAAA%3D%3D HTTP/1.1
Host: kazanwhoeveryowl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ceritabasah.online/
Cookie: u_pl=17631595; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec1ba75976f255aa48f13d9dd2dcc93470=[3364903]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 28 Sep 2022 18:42:00 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d0348cd70b5c4cabb9f1ae6b89798854
Strict-Transport-Security: max-age=0; includeSubdomains
astonishedmule.com/pixel/pure
192.243.59.12200 OK 0 B URL HTTP/1.1 astonishedmule.com/pixel/pure
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /pixel/pure HTTP/1.1
Host: astonishedmule.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 72
Origin: https://www.ceritabasah.online
Connection: keep-alive
Referer: https://www.ceritabasah.online/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Wed, 28 Sep 2022 18:42:00 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 2268945bfd07668758dde9d85cdf17da
3a7536375ce4d8152ef3fb3c4e03a323c0bdaa6d
3500fec9f9707d5e0d7382503e4dd540720f8ca9e111832c634bfd275ffb34ac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3500FEC9F9707D5E0D7382503E4DD540720F8CA9E111832C634BFD275FFB34AC"
Last-Modified: Wed, 28 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3510
Expires: Wed, 28 Sep 2022 19:40:30 GMT
Date: Wed, 28 Sep 2022 18:42:00 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 2268945bfd07668758dde9d85cdf17da
3a7536375ce4d8152ef3fb3c4e03a323c0bdaa6d
3500fec9f9707d5e0d7382503e4dd540720f8ca9e111832c634bfd275ffb34ac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3500FEC9F9707D5E0D7382503E4DD540720F8CA9E111832C634BFD275FFB34AC"
Last-Modified: Wed, 28 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3510
Expires: Wed, 28 Sep 2022 19:40:30 GMT
Date: Wed, 28 Sep 2022 18:42:00 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 346 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 18cf22b4e3cc429a7729bcf4525947ab
aa55e230bd256b7d93ade17a174ceadae789dca5
38edbe70f90ed5a050c0b2c954a5ff5982facd46318e891035925b96b3eddf21
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "38EDBE70F90ED5A050C0B2C954A5FF5982FACD46318E891035925B96B3EDDF21"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7986
Expires: Wed, 28 Sep 2022 20:55:06 GMT
Date: Wed, 28 Sep 2022 18:42:00 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 346 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 18cf22b4e3cc429a7729bcf4525947ab
aa55e230bd256b7d93ade17a174ceadae789dca5
38edbe70f90ed5a050c0b2c954a5ff5982facd46318e891035925b96b3eddf21
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "38EDBE70F90ED5A050C0B2C954A5FF5982FACD46318E891035925B96B3EDDF21"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7986
Expires: Wed, 28 Sep 2022 20:55:06 GMT
Date: Wed, 28 Sep 2022 18:42:00 GMT
Connection: keep-alive
kazanwhoeveryowl.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.yourwebbars.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fflip_icon%2F16%2Findex.html&l=1659&fd=628
173.233.137.52200 OK 0 B URL HTTP/1.1 kazanwhoeveryowl.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.yourwebbars.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fflip_icon%2F16%2Findex.html&l=1659&fd=628
IP 173.233.137.52:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.yourwebbars.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fflip_icon%2F16%2Findex.html&l=1659&fd=628 HTTP/1.1
Host: kazanwhoeveryowl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ceritabasah.online/
Cookie: u_pl=17631595; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec1ba75976f255aa48f13d9dd2dcc93470=[3364903]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 28 Sep 2022 18:42:00 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
unseenreport.com/pxf.gif?uuid=57a5aec7-d9f8-47fb-8160-f609178f2e18&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.31&b_frame=0&pk=eab0780b70b7f4cf04cecb498182998a&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=18
192.243.59.20200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=57a5aec7-d9f8-47fb-8160-f609178f2e18&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.31&b_frame=0&pk=eab0780b70b7f4cf04cecb498182998a&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=18
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=57a5aec7-d9f8-47fb-8160-f609178f2e18&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.31&b_frame=0&pk=eab0780b70b7f4cf04cecb498182998a&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=18 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ceritabasah.online/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Wed, 28 Sep 2022 18:42:00 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 12754a6cd52c55de85f7eee504fe2059
Strict-Transport-Security: max-age=0; includeSubdomains
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash e2875a9e06f892f0d4fa46c0f98a1c49
9c0e332f55a592367b602494642ee2127699b543
74692ca89ddc427d0c55f56aedb738b107a9761c44ed5201f932f54950a6f406
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 18:42:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/flip_icon/16/img/icon.jpg
172.64.200.2200 OK 83 kB URL HTTP/2 cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/flip_icon/16/img/icon.jpg
IP 172.64.200.2:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=821, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=1232], progressive, precision 8, 435x290, components 3\012- data
Hash 85f73b8e6875d66c6d73ebdefc72c793
7281bfc203aa9c27601828765ba37b28b79c2476
f2772dd68c9e122cb84b4c535502d3c7034437ca7c053fc781da626cf1a1064f
GET /sb/notifications/utility/default/us/blog/Progamerage/flip_icon/16/img/icon.jpg HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 18:42:00 GMT
content-type: image/jpeg
content-length: 82807
last-modified: Tue, 08 Feb 2022 14:25:26 GMT
etag: "62027d56-14377"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 4869459
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jkUb0CnHRHZCOn6nFgwEBtwaiNatFfM96d%2F3jiKg3BESFLQq9TOASYkz8zF9LVu8GqPB7hb2o8JefHAvhRgohVWPnNOz0yF935botbRLgTqQ%2BbIwJAOpJ2hWIfiXo3C0er0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 751e9dd40aa37309-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/flip_icon/16/img/close.svg
172.64.200.2200 OK 797 B URL HTTP/2 cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/flip_icon/16/img/close.svg
IP 172.64.200.2:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- exported SGML document, ASCII text
Hash 4dc96bdb91109b2d042bb953a1e879a7
0e17dd163ba588e866181ee451fb60b9a0c4c2aa
f622216af4f50f2274fcc533382a8808a2a6bd86b442c02970ad692cabefc4b8
GET /sb/notifications/utility/default/us/blog/Progamerage/flip_icon/16/img/close.svg HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 18:42:00 GMT
content-type: image/svg+xml
last-modified: Mon, 17 Jan 2022 14:26:00 GMT
etag: W/"61e57c78-415"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 4869459
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9iN7wyX49gS9FrrbK7jvfVHC42mf3afm%2F8fvRBvRpqXBdB2eWEc0DBaY5VES57Mz1l4zcPoDcZPldvCrA3OohLwg%2BoQIsdk1pIsPRO4Cj0we8to8OYvrLR%2FSxOut1eoy8fo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 751e9dd40aa27309-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash e2875a9e06f892f0d4fa46c0f98a1c49
9c0e332f55a592367b602494642ee2127699b543
74692ca89ddc427d0c55f56aedb738b107a9761c44ed5201f932f54950a6f406
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 18:42:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
unseenreport.com/pxf.gif?uuid=57a5aec7-d9f8-47fb-8160-f609178f2e18&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.31&b_frame=0&pk=1ba75976f255aa48f13d9dd2dcc93470&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=18
192.243.59.20200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=57a5aec7-d9f8-47fb-8160-f609178f2e18&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.31&b_frame=0&pk=1ba75976f255aa48f13d9dd2dcc93470&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=18
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=57a5aec7-d9f8-47fb-8160-f609178f2e18&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.31&b_frame=0&pk=1ba75976f255aa48f13d9dd2dcc93470&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=18 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ceritabasah.online/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Wed, 28 Sep 2022 18:42:01 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 54a1392d837e744a9f824e078cd51f8d
Strict-Transport-Security: max-age=0; includeSubdomains
kazanwhoeveryowl.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fflip_icon%2F16%2Fcss%2Fstyle.css&l=10065&fd=333
173.233.137.52200 OK 0 B URL HTTP/1.1 kazanwhoeveryowl.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fflip_icon%2F16%2Fcss%2Fstyle.css&l=10065&fd=333
IP 173.233.137.52:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fflip_icon%2F16%2Fcss%2Fstyle.css&l=10065&fd=333 HTTP/1.1
Host: kazanwhoeveryowl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ceritabasah.online/
Cookie: u_pl=17631595; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec1ba75976f255aa48f13d9dd2dcc93470=[3364903]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 28 Sep 2022 18:42:01 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.ceritabasah.online
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 19:34:08 GMT
expires: Thu, 21 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 601673
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
142.250.74.10200 OK 660 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
IP 142.250.74.10:0
Hash 5860c780c8e9daa4f852038f02b5bdc2
c75c8b4db36bffe075ce493f06d011f855d5541a
f11b9f8e851e15c0c6abd53a9994c6dcef78ceeebd0f0b8bbde610fec8332c85
GET /css?family=Roboto:300,400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 28 Sep 2022 18:42:01 GMT
date: Wed, 28 Sep 2022 18:42:01 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
kazanwhoeveryowl.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fflip_icon%2F16%2Fjs%2Fscript.js&l=468&fd=337
173.233.137.52200 OK 0 B URL HTTP/1.1 kazanwhoeveryowl.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fflip_icon%2F16%2Fjs%2Fscript.js&l=468&fd=337
IP 173.233.137.52:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fflip_icon%2F16%2Fjs%2Fscript.js&l=468&fd=337 HTTP/1.1
Host: kazanwhoeveryowl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ceritabasah.online/
Cookie: u_pl=17631595; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec1ba75976f255aa48f13d9dd2dcc93470=[3364903]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 28 Sep 2022 18:42:01 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
kazanwhoeveryowl.com/pixel/sbs?c=1
173.233.137.52200 OK 0 B URL HTTP/1.1 kazanwhoeveryowl.com/pixel/sbs?c=1
IP 173.233.137.52:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbs?c=1 HTTP/1.1
Host: kazanwhoeveryowl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ceritabasah.online/
Cookie: u_pl=17631595; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec1ba75976f255aa48f13d9dd2dcc93470=[3364903]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 28 Sep 2022 18:42:01 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
kazanwhoeveryowl.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz2tcVRi9rwmoiIKlGwXL7FSQyXvze%2ByiGGMkmDa1VexO7683uc6dex%2F3vjdvklWwWLoRpgv3L2eShmoRFbctMil0ERAyrrIw%2F4MIXbmQmQbHfvD4znnnLM73fff2bnZKQmT0ZOWK3VZa06V6OSy9fTOKLpXWlckGpUGr8UWjdqnk%2Bu%2B1G%2BXwndJHknftUiWMwjAKo9KqcjK2g6WpCJU8aEfldliuVcpRvYaBe577LICnAUT%2FlJyHEpPFx8EFKD6G6f20In03tcm7H%2FYyTVPr0BcHn5musblBbw5jFyA2B2duWH%2B8%2BgjW7M%2Fiwvb%2FMzI1IcGTR2Dm4CwkWH9vlpNpSAMmXkbeH0PqMRQdg9tbUOKYAFzg6gZM795V63K69UylU3VCFp%2F%2BDZVPyOKfF2B6Py5rNSjdsDpLlTUeg7iAGoyhOmMk2SHS7XNQ%2BSF4%2BjWU%2BJ0sPV2H6e1teG2hRDGbXakxVDyGlkNQHyCbfipAFgfIkgA9cVLiURQ1Q8Fp2GpzXhVNyRoijGgzjmgUNlrI%2BDTeEGkyBNdDcLeDxO2gq%2B4e18%2FDZb%2FBbxbwIoBPJyT4ZAd9USCXBLknyClBrgjylCDvF%2FtC%2B4ov7gntMxad9cpZrxYjm3Z26b5NO9KQ3eSUvDZdTfDKS1105UkpYrRZbzcbcaVep7TWiqOqaAtREZy3q7VmCK8KKH9uNu22mpCLrz5EoibkhZNvweghvD4EVwug2Zug%2BahZCUE3R7VWiG3zC5dOpZRRTzfL1mhlJIQtkKSLSLeCXX1KXp8dqnrzLUh%2BdPlLdmXy1%2F1%2FwF2BxBX4Sj0m6Og7o%2Bs2J3vXbe7JzxtJqnpqm06PeCOlqVz4%2FmO5lVsn1lb88P77fCpM4YNPpU%2FXqRHKdDz5YVkJId2qdVySh2v%2Bc8muZX5zOXMmS9avfbC61kuc9F5ZMwZVE0KeHIGrCXnx1%2F3Z%2B3zjm9tQbgyXFehlR%2BSsoOwheLIDn8zze7sAp%2BcelgTIs2LkKmz%2BUysCLeecsgL%2Bf5zN8a6%2Fg467CJregukV6LsCfV2A6iF8tjBKE3d0%2BY%2FqrMB0MGLaBXtMO3332XK9OilVQ9FkMpZNJmv1Wiy5YPU6C3nMWVW0Whypn%2FDad%2Fm%2FAAAA%2F%2F8BAAD%2F%2F4LU%2FKZqBAAA
173.233.137.52200 OK 7 B URL HTTP/1.1 kazanwhoeveryowl.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz2tcVRi9rwmoiIKlGwXL7FSQyXvze%2ByiGGMkmDa1VexO7683uc6dex%2F3vjdvklWwWLoRpgv3L2eShmoRFbctMil0ERAyrrIw%2F4MIXbmQmQbHfvD4znnnLM73fff2bnZKQmT0ZOWK3VZa06V6OSy9fTOKLpXWlckGpUGr8UWjdqnk%2Bu%2B1G%2BXwndJHknftUiWMwjAKo9KqcjK2g6WpCJU8aEfldliuVcpRvYaBe577LICnAUT%2FlJyHEpPFx8EFKD6G6f20In03tcm7H%2FYyTVPr0BcHn5musblBbw5jFyA2B2duWH%2B8%2BgjW7M%2Fiwvb%2FMzI1IcGTR2Dm4CwkWH9vlpNpSAMmXkbeH0PqMRQdg9tbUOKYAFzg6gZM795V63K69UylU3VCFp%2F%2BDZVPyOKfF2B6Py5rNSjdsDpLlTUeg7iAGoyhOmMk2SHS7XNQ%2BSF4%2BjWU%2BJ0sPV2H6e1teG2hRDGbXakxVDyGlkNQHyCbfipAFgfIkgA9cVLiURQ1Q8Fp2GpzXhVNyRoijGgzjmgUNlrI%2BDTeEGkyBNdDcLeDxO2gq%2B4e18%2FDZb%2FBbxbwIoBPJyT4ZAd9USCXBLknyClBrgjylCDvF%2FtC%2B4ov7gntMxad9cpZrxYjm3Z26b5NO9KQ3eSUvDZdTfDKS1105UkpYrRZbzcbcaVep7TWiqOqaAtREZy3q7VmCK8KKH9uNu22mpCLrz5EoibkhZNvweghvD4EVwug2Zug%2BahZCUE3R7VWiG3zC5dOpZRRTzfL1mhlJIQtkKSLSLeCXX1KXp8dqnrzLUh%2BdPlLdmXy1%2F1%2FwF2BxBX4Sj0m6Og7o%2Bs2J3vXbe7JzxtJqnpqm06PeCOlqVz4%2FmO5lVsn1lb88P77fCpM4YNPpU%2FXqRHKdDz5YVkJId2qdVySh2v%2Bc8muZX5zOXMmS9avfbC61kuc9F5ZMwZVE0KeHIGrCXnx1%2F3Z%2B3zjm9tQbgyXFehlR%2BSsoOwheLIDn8zze7sAp%2BcelgTIs2LkKmz%2BUysCLeecsgL%2Bf5zN8a6%2Fg467CJregukV6LsCfV2A6iF8tjBKE3d0%2BY%2FqrMB0MGLaBXtMO3332XK9OilVQ9FkMpZNJmv1Wiy5YPU6C3nMWVW0Whypn%2FDad%2Fm%2FAAAA%2F%2F8BAAD%2F%2F4LU%2FKZqBAAA
IP 173.233.137.52:0
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSz2tcVRi9rwmoiIKlGwXL7FSQyXvze%2ByiGGMkmDa1VexO7683uc6dex%2F3vjdvklWwWLoRpgv3L2eShmoRFbctMil0ERAyrrIw%2F4MIXbmQmQbHfvD4znnnLM73fff2bnZKQmT0ZOWK3VZa06V6OSy9fTOKLpXWlckGpUGr8UWjdqnk%2Bu%2B1G%2BXwndJHknftUiWMwjAKo9KqcjK2g6WpCJU8aEfldliuVcpRvYaBe577LICnAUT%2FlJyHEpPFx8EFKD6G6f20In03tcm7H%2FYyTVPr0BcHn5musblBbw5jFyA2B2duWH%2B8%2BgjW7M%2Fiwvb%2FMzI1IcGTR2Dm4CwkWH9vlpNpSAMmXkbeH0PqMRQdg9tbUOKYAFzg6gZM795V63K69UylU3VCFp%2F%2BDZVPyOKfF2B6Py5rNSjdsDpLlTUeg7iAGoyhOmMk2SHS7XNQ%2BSF4%2BjWU%2BJ0sPV2H6e1teG2hRDGbXakxVDyGlkNQHyCbfipAFgfIkgA9cVLiURQ1Q8Fp2GpzXhVNyRoijGgzjmgUNlrI%2BDTeEGkyBNdDcLeDxO2gq%2B4e18%2FDZb%2FBbxbwIoBPJyT4ZAd9USCXBLknyClBrgjylCDvF%2FtC%2B4ov7gntMxad9cpZrxYjm3Z26b5NO9KQ3eSUvDZdTfDKS1105UkpYrRZbzcbcaVep7TWiqOqaAtREZy3q7VmCK8KKH9uNu22mpCLrz5EoibkhZNvweghvD4EVwug2Zug%2BahZCUE3R7VWiG3zC5dOpZRRTzfL1mhlJIQtkKSLSLeCXX1KXp8dqnrzLUh%2BdPlLdmXy1%2F1%2FwF2BxBX4Sj0m6Og7o%2Bs2J3vXbe7JzxtJqnpqm06PeCOlqVz4%2FmO5lVsn1lb88P77fCpM4YNPpU%2FXqRHKdDz5YVkJId2qdVySh2v%2Bc8muZX5zOXMmS9avfbC61kuc9F5ZMwZVE0KeHIGrCXnx1%2F3Z%2B3zjm9tQbgyXFehlR%2BSsoOwheLIDn8zze7sAp%2BcelgTIs2LkKmz%2BUysCLeecsgL%2Bf5zN8a6%2Fg467CJregukV6LsCfV2A6iF8tjBKE3d0%2BY%2FqrMB0MGLaBXtMO3332XK9OilVQ9FkMpZNJmv1Wiy5YPU6C3nMWVW0Whypn%2FDad%2Fm%2FAAAA%2F%2F8BAAD%2F%2F4LU%2FKZqBAAA HTTP/1.1
Host: kazanwhoeveryowl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ceritabasah.online/
Cookie: u_pl=17631595; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec1ba75976f255aa48f13d9dd2dcc93470=[3364903]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 28 Sep 2022 18:42:01 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 61e409e1e7bbf095846dd499fd3758df
Strict-Transport-Security: max-age=0; includeSubdomains
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.ceritabasah.online
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: font/woff2
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
date: Wed, 28 Sep 2022 18:42:01 GMT
expires: Thu, 28 Sep 2023 18:42:01 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:42 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
querulous-type.com/c.H_VGzHaIGJl-tLZMzN9Oh_ZQERlSkTP-TVQWzXMYT_Ia4bMcydZ-jfdgDh0im_ZknlBm2nP-TpAqmrZsn_Ju2vPwTxA-mzaAWB1Cn_PEWFhG0Hd-HJBKzLJMT_NOBPJQTRJ-GTJUTVJWG_MYTZAa5bN-DdUetfMgi_5izjLkmlN-knbojpEq1_LsmtNuvvb-SxUyyzRAm_NCyDZEWFF-0HaIXJZKl_cMyNUOyPR-jRES1TMUj_MWyXNYyZU-ybRcjdIew_MgzhMi4jO-ClUmynRoj_QqzrMsTtI-4vMw1x8y3_NAjBhCiDO-SF5GwHbIm_cKmLcMGNF-5PPQTRASm_cUGVFW5Xb-3ZVa0bUcG_VeyfQg2hx-pjYk2lsm9_MoCpZqyrZ-XtYu9vMwC_ZyzzcAzB0-wDJEnFNG0_PITJEKmLe-mN9OuPZQU_lSkTPUTVQ-1XMYzZka2_MczdYe
88.85.69.211302 Found 0 B URL HTTP/2 querulous-type.com/c.H_VGzHaIGJl-tLZMzN9Oh_ZQERlSkTP-TVQWzXMYT_Ia4bMcydZ-jfdgDh0im_ZknlBm2nP-TpAqmrZsn_Ju2vPwTxA-mzaAWB1Cn_PEWFhG0Hd-HJBKzLJMT_NOBPJQTRJ-GTJUTVJWG_MYTZAa5bN-DdUetfMgi_5izjLkmlN-knbojpEq1_LsmtNuvvb-SxUyyzRAm_NCyDZEWFF-0HaIXJZKl_cMyNUOyPR-jRES1TMUj_MWyXNYyZU-ybRcjdIew_MgzhMi4jO-ClUmynRoj_QqzrMsTtI-4vMw1x8y3_NAjBhCiDO-SF5GwHbIm_cKmLcMGNF-5PPQTRASm_cUGVFW5Xb-3ZVa0bUcG_VeyfQg2hx-pjYk2lsm9_MoCpZqyrZ-XtYu9vMwC_ZyzzcAzB0-wDJEnFNG0_PITJEKmLe-mN9OuPZQU_lSkTPUTVQ-1XMYzZka2_MczdYe
IP 88.85.69.211:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c.H_VGzHaIGJl-tLZMzN9Oh_ZQERlSkTP-TVQWzXMYT_Ia4bMcydZ-jfdgDh0im_ZknlBm2nP-TpAqmrZsn_Ju2vPwTxA-mzaAWB1Cn_PEWFhG0Hd-HJBKzLJMT_NOBPJQTRJ-GTJUTVJWG_MYTZAa5bN-DdUetfMgi_5izjLkmlN-knbojpEq1_LsmtNuvvb-SxUyyzRAm_NCyDZEWFF-0HaIXJZKl_cMyNUOyPR-jRES1TMUj_MWyXNYyZU-ybRcjdIew_MgzhMi4jO-ClUmynRoj_QqzrMsTtI-4vMw1x8y3_NAjBhCiDO-SF5GwHbIm_cKmLcMGNF-5PPQTRASm_cUGVFW5Xb-3ZVa0bUcG_VeyfQg2hx-pjYk2lsm9_MoCpZqyrZ-XtYu9vMwC_ZyzzcAzB0-wDJEnFNG0_PITJEKmLe-mN9OuPZQU_lSkTPUTVQ-1XMYzZka2_MczdYe HTTP/1.1
Host: querulous-type.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ceritabasah.online/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx
date: Wed, 28 Sep 2022 18:42:02 GMT
content-length: 0
expires: Mon, 26 Jul 2011 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Platform
location: https://10945-2.s.cdn15.com/creatives/152327/203388/431283_768b9.png
x-content-type-options: nosniff
X-Firefox-Spdy: h2
10945-2.s.cdn15.com/creatives/152327/203388/431283_768b9.png
185.18.187.89200 OK 307 kB URL HTTP/2 10945-2.s.cdn15.com/creatives/152327/203388/431283_768b9.png
IP 185.18.187.89:0
ASN #61107 Toonbox Studio Ltd
File type PNG image data, 492 x 331, 8-bit/color RGBA, non-interlaced\012- data
Size 307 kB (307330 bytes)
Hash 040a72b9ebe1d4e6e69a838c767c93f3
4ef69c2e9cc130c9409946e340ba316e57542d1c
6512a1af2086203aea444849f6ca078284e409072da05ea16d55e5e3ef79f46c
GET /creatives/152327/203388/431283_768b9.png HTTP/1.1
Host: 10945-2.s.cdn15.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ceritabasah.online/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: ucdn/1.22.0
date: Wed, 28 Sep 2022 18:42:02 GMT
content-type: image/png
content-length: 307330
last-modified: Wed, 11 May 2022 13:02:01 GMT
etag: "040a72b9ebe1d4e6e69a838c767c93f3"
x-timestamp: 1652274120.41116
x-trans-id: txf1be036f516040889315c-00627bb5ab
x-openstack-request-id: txf1be036f516040889315c-00627bb5ab
x-ureq-id: OoAmJoUAEw1FmrRSUCPKweut4Q8iba2vqcALbjPyAyg=
x-served-from: l1
expires: Fri, 21 Oct 2022 20:55:14 GMT
cache-control: max-age=1995192
access-control-allow-origin: *
access-control-allow-methods: HEAD, GET, OPTIONS
x-vhostid: 6593, 23887
accept-ranges: bytes
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae0951d3-44e9-49d3-9232-f4151ef59735.jpeg
34.120.237.76200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae0951d3-44e9-49d3-9232-f4151ef59735.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b255b252ceed088d6f505e7e9acfcb55
a6b1c3e0d506ac1c66405e061e9910fafb176a7d
b796a98834c7ecf220d13bfba61e81a9b90d472d2aa725ff66888cbddad731e7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae0951d3-44e9-49d3-9232-f4151ef59735.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 6157
x-amzn-requestid: a51846e4-4e25-455f-885b-acf2567f2e1c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZDlObH7XIAMFw6A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63314f28-4e6a68a74edb1ad850e17dac;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 07:05:12 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 2g98EnyiFhkZTsqis2_ASfjM-YTJmcUJ-Mwcl1dWlruzrWDuojPA0w==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Sep 2022 07:08:22 GMT
age: 41623
etag: "a6b1c3e0d506ac1c66405e061e9910fafb176a7d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.kinogogly.pro/fed093/4f8a112651cb.js
185.18.187.89200 OK 0 B URL HTTP/2 www.kinogogly.pro/fed093/4f8a112651cb.js
IP 185.18.187.89:0
ASN #61107 Toonbox Studio Ltd
GET /fed093/4f8a112651cb.js HTTP/1.1
Host: www.kinogogly.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ceritabasah.online/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: ucdn/1.22.0
date: Wed, 28 Sep 2022 18:41:59 GMT
content-type: application/javascript
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315357481, public
x-ureq-id: XDrrrzssYKy7XniAYHDaCxO/1BtQYlPAo1HVcwFLMsr3uaLidETSLqKazNe79F20wMSOOHFcT6gp5oCgf4zgLSW9G0bgBQkxYucKEX6fKtb2yoUxnJLMA+vaS5pzPbmM
x-served-from: l1
x-vhostid: 6575, 23844
content-encoding: br
X-Firefox-Spdy: h2
cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/flip_icon/16/css/animate.css
172.64.200.2200 OK 0 B URL HTTP/2 cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/flip_icon/16/css/animate.css
IP 172.64.200.2:0
GET /sb/notifications/utility/default/us/blog/Progamerage/flip_icon/16/css/animate.css HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.ceritabasah.online
Connection: keep-alive
Referer: https://www.ceritabasah.online/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 28 Sep 2022 18:42:01 GMT
content-type: text/css
last-modified: Mon, 17 Jan 2022 14:25:59 GMT
etag: W/"61e57c77-1358d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XWro6MjfsfDlbUZzN%2FIt7uEjRwVeaReuor7bMMT7TJNx1%2BIWLtgk0F%2FO8CB6CV87agsKJYCXlm6nQ4EjFgyyE7VBJWeKCQwiIhbL6%2BYt2uKmrP8OA%2BJ3A%2BJ2LF1RbfALZfY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 751e9dd3da597309-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
closed-consequence.com/c.DJ9Q6ib/2-5oltSFWAQV9/NcD/UkzkOWTTYy1OMeCr0h0/NiT_Mb5LN/jVUzxc
88.85.69.212200 OK 0 B URL HTTP/2 closed-consequence.com/c.DJ9Q6ib/2-5oltSFWAQV9/NcD/UkzkOWTTYy1OMeCr0h0/NiT_Mb5LN/jVUzxc
IP 88.85.69.212:0
GET /c.DJ9Q6ib/2-5oltSFWAQV9/NcD/UkzkOWTTYy1OMeCr0h0/NiT_Mb5LN/jVUzxc HTTP/1.1
Host: closed-consequence.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ceritabasah.online/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 18:41:58 GMT
content-type: application/javascript
vary: Accept-Encoding
expires: Mon, 26 Jul 2011 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Platform
access-control-allow-origin: *
last-modified: Wed, 28 Sep 2022 18:41:58 GMT
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: Content-Type
set-cookie: kadSlcJ=eyJ0aW1lU3RhbXAiOjE2NjQzMTExODgsInpvbmVzIjp7IjQ0OTU4OTAiOls0NDk1ODkwLDEsMTY2NDMxMTE4OF0sIjQ1MTQ5MDAiOls0NTE0OTAwLDEsMTY2NDMyOTQ5OF0sIjQ1Mzk2NTAiOls0NTM5NjUwLDEsMTY2NDM5MDUxOF19fQ==; max-age=1695926518; path=/
x-content-type-options: nosniff
content-encoding: br
X-Firefox-Spdy: h2
addresseepaper.com/sfp.js
172.64.100.4200 OK 0 B URL HTTP/2 addresseepaper.com/sfp.js
IP 172.64.100.4:0
GET /sfp.js HTTP/1.1
Host: addresseepaper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ceritabasah.online/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 28 Sep 2022 18:41:58 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 740390f41e4a3be5f68125ac27f0c71a
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Wed, 28 Sep 2022 18:41:58 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h0PLcDPGCQrlCN2AmmGNKNQikNymHzXgZ3%2B1zqRw8R%2FAC0HMa3jafmSCDwdnHTGu1UFZpL4Wo%2F78tFIbNPAQ6forvR2B88BSDWerwYdZ%2Batu06KtA40QtCeMCTNg4xrcvnr%2BC5A%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 751e9dc60a8ee624-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.kinogogly.pro/fed093/4f8a112651cb.js
185.18.187.89200 OK 0 B URL HTTP/2 www.kinogogly.pro/fed093/4f8a112651cb.js
IP 185.18.187.89:0
ASN #61107 Toonbox Studio Ltd
GET /fed093/4f8a112651cb.js HTTP/1.1
Host: www.kinogogly.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: text/plain
Origin: https://www.ceritabasah.online
Connection: keep-alive
Referer: https://www.ceritabasah.online/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: ucdn/1.22.0
date: Wed, 28 Sep 2022 18:41:59 GMT
content-type: application/javascript
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315357481, public
x-ureq-id: XDrrrzssYKy7XniAYHDaCxO/1BtQYlPAo1HVcwFLMsr3uaLidETSLqKazNe79F20wMSOOHFcT6gp5oCgf4zgLSW9G0bgBQkxYucKEX6fKtb2yoUxnJLMA+vaS5pzPbmM
x-served-from: l1
x-vhostid: 6575, 23919
content-encoding: br
X-Firefox-Spdy: h2
cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/flip_icon/16/js/script.js
172.64.200.2200 OK 0 B URL HTTP/2 cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/flip_icon/16/js/script.js
IP 172.64.200.2:0
GET /sb/notifications/utility/default/us/blog/Progamerage/flip_icon/16/js/script.js HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.ceritabasah.online
Connection: keep-alive
Referer: https://www.ceritabasah.online/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 28 Sep 2022 18:42:01 GMT
content-type: application/javascript
last-modified: Mon, 17 Jan 2022 14:40:54 GMT
etag: W/"61e57ff6-1e8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CV%2FImUeywkPjpOUPnBL9gK5uEigoaUq4IvBpcJ2WZ7jzbHg1xZqRVIiycj4UhESXZSDpXzFAbmwll3Uh50XP6yEN%2FAXGAXaMyKpl8osKvjibmok891eXJVpIh5WgHjOOfmA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 751e9dd3ca557309-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.yourwebbars.com/sb/notifications/utility/default/us/blog/Progamerage/flip_icon/16/index.html
104.26.7.19200 OK 0 B URL HTTP/2 cdn.yourwebbars.com/sb/notifications/utility/default/us/blog/Progamerage/flip_icon/16/index.html
IP 104.26.7.19:0
GET /sb/notifications/utility/default/us/blog/Progamerage/flip_icon/16/index.html HTTP/1.1
Host: cdn.yourwebbars.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.ceritabasah.online
Connection: keep-alive
Referer: https://www.ceritabasah.online/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 28 Sep 2022 18:42:00 GMT
content-type: text/html
last-modified: Wed, 09 Feb 2022 11:25:40 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8ZTdkQuxLsOiUSO8Oji3huHxPKY16vWhmOPeZ0LD1Ja91K8ZMoitSA61ZTdezKosLj88TExY82VDEpCjctx5UBJFP8qtr8Ci3zMMAon53GGsEQB%2BAxBC92kYvVsvq%2F%2FNrI8TXxg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 751e9dcfbf930afa-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/flip_icon/16/css/style.css
172.64.200.2200 OK 0 B URL HTTP/2 cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/flip_icon/16/css/style.css
IP 172.64.200.2:0
GET /sb/notifications/utility/default/us/blog/Progamerage/flip_icon/16/css/style.css HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.ceritabasah.online
Connection: keep-alive
Referer: https://www.ceritabasah.online/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 28 Sep 2022 18:42:01 GMT
content-type: text/css
last-modified: Wed, 09 Feb 2022 11:25:27 GMT
etag: W/"6203a4a7-2751"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6LZw1uV6RsKhbC0Af2qfohYf4B7x9VZdHYAM0fkZ6e%2FUEdz2KgAK1lT3O8USCNbACJraGYbB0HhgudbBawqf%2B20Mlm4l5wOlaFnW1wpNhfSFHr5Yn1yXb9C%2BEwdPPHKyyE4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 751e9dd3ca507309-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2