Report - grahaksatria.com/

Report Overview

Submitted URL
grahaksatria.com/
IP
168.206.49.211
ASN
#137951 Clayer Limited
Submitted
2023-02-05 08:55:16
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
6
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-13T05:09:13Z	333 B	391 B	34.117.237.239
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-13T06:00:13Z	341 B	605 B	93.184.220.29
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-13T05:09:14Z	606 B	127 B	52.36.139.3
embed.tawk.to	8650	2014-03-19T22:03:49Z	2023-03-13T08:30:57Z	3.8 kB	119 kB	104.22.24.131
unpkg.com	11693	2016-01-08T00:26:01Z	2023-03-13T08:09:51Z	368 B	17 kB	104.16.125.175
hm.baidu.com	8254	2012-05-26T10:38:45Z	2023-03-13T05:32:36Z	2.2 kB	24 kB	103.235.46.191
ocsp.trust-provider.cn	unknown	2022-02-10T09:18:30Z	2023-03-13T07:40:56Z	346 B	1.3 kB	47.246.44.205
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-13T05:09:10Z	782 B	2.4 kB	35.241.9.150
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-13T05:09:35Z	413 B	5.8 kB	34.160.144.191
grahaksatria.com	unknown	2016-09-15T13:57:27Z	2023-02-04T09:56:21Z	652 B	4.0 kB	168.206.49.211
diamondbunker.com	unknown	2021-01-31T22:59:13Z	2023-01-18T10:00:13Z	361 B	6.5 kB	172.67.222.28
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-13T05:09:16Z	2.7 kB	45 kB	34.120.237.76
ocsp.globalsign.com	2075	2012-07-20T19:46:16Z	2023-03-13T05:09:19Z	727 B	3.8 kB	104.18.20.226
www.xiamgs.com	unknown	2022-10-09T04:59:57Z	2023-01-18T10:00:09Z	372 B	332 B	122.10.50.88
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-13T05:09:07Z	2.7 kB	7.1 kB	95.101.11.115
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-13T05:09:47Z	1.4 kB	2.8 kB	216.58.211.3
takeflag.com	unknown	2021-02-01T19:05:50Z	2023-01-15T04:22:51Z	9.2 kB	269 kB	172.67.142.62

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-02-05 08:55:45	medium	Client IP	Internal IP	ET DNS Query for .to TLD
2023-02-05 08:55:45	medium	Client IP	Internal IP	ET DNS Query for .to TLD
2023-02-05 08:55:50	medium	Client IP	Internal IP	ET DNS Query for .to TLD
2023-02-05 08:55:50	medium	Client IP	Internal IP	ET DNS Query for .to TLD
2023-02-05 08:55:53	medium	Client IP	Internal IP	ET DNS Query for .to TLD
2023-02-05 08:55:53	medium	Client IP	Internal IP	ET DNS Query for .to TLD

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (35)

	URL	Size	First Seen	Last Seen
	hm.baidu.com/hm.js?d44a237ef6f9f3c9a21870e2b6c2516f	30 kB	2023-03-13	2023-03-13
Pretty URL hm.baidu.com/hm.js?d44a237ef6f9f3c9a21870e2b6c2516f IP 103.235.46.191 ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 17:28:59 Last Seen2023-03-13 17:28:59 Times Seen1 Hash d5870930f8db298253c48f6bf3d60d1c 86cda3ee53ea9dba9d403a6388d2cc2539f6ce6c abe28f131be18d3f4686a6f714c39c37fa482fabb6fa2b1f426e1b750c45b6fc Loading...

	takeflag.com/static/js/jquery-2.2.4.min.js	86 kB	2023-03-07	2024-05-08
Pretty URL takeflag.com/static/js/jquery-2.2.4.min.js IP 172.67.142.62 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-05-08 17:28:22 Times Seen389540 Hash 2f6b11a7e914718e0290410e85366fe9 69bb69e25ca7d5ef0935317584e6153f3fd9a88c 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e Loading...

	takeflag.com/static/js/rem.js	709 B	2023-03-13	2023-03-13
Pretty URL takeflag.com/static/js/rem.js IP 172.67.142.62 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 17:28:59 Last Seen2023-03-13 17:28:59 Times Seen1 Hash 7bbb81c54b4b8afd64f0cb365522e8ae 67dcc8a275972cfc8770eb1df2c608f33aeda0c2 c0fb812af86c43664d291c993cff2c83f3f6e5409b039eb9d0bf604b5e9371ac Loading...

	takeflag.com/	441 B	2023-03-07	2023-03-29
Pretty URL takeflag.com/ IP 172.67.142.62 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:27:35 Last Seen2023-03-29 22:56:30 Times Seen4 Hash 59349b08f509e84f3292d6fc33470101 f2a79224fd4d61a7f8e4dce78e4c437f88ae0ead 6015d7346b60a3d8b06411e9b4aee6f069aff0596c752175b86a5cce58cc650d Loading...

	takeflag.com/	646 B	2023-03-08	2023-10-21
Pretty URL takeflag.com/ IP 172.67.142.62 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:09:11 Last Seen2023-10-21 18:58:52 Times Seen10 Hash b1e176ad8854ce190c76a00046bc8d9f 911396d1f5c6baf6bd4f6750176c34987e34b7d0 27a9557f260717da6ab6b77d15f9da280572654ccbb83128ec2bdcded24f97b4 Loading...

	embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-696bc286.js	17 kB	2023-03-12	2023-03-26
Pretty URL embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-696bc286.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 19:42:52 Last Seen2023-03-26 05:57:29 Times Seen71 Hash 2aa8e4d8fcf9760a324a8b2e7902f6ca c7ddf3bed7920c5970f812b9e4771dd238ad688b e3bbf1d795232665eceff33610ed6876b9d83db71364782c2d9bbe26a1753ae9 Loading...

	embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-f163fcd0.js	11 kB	2023-03-07	2023-12-01
Pretty URL embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-f163fcd0.js IP 104.22.24.131 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:46 Last Seen2023-12-01 20:53:29 Times Seen11867 Hash a92075fd9ac5ba130387a80453676099 4b5b13cf9479b8311d574356e53f8da74200c57a 544039b2ff06226afd008c3625818bbfe76a2598d7159145d06965afaf4f09de Loading...

	embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-4fe9d5dd.js	942 B	2023-03-07	2023-12-03
Pretty URL embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-4fe9d5dd.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:46 Last Seen2023-12-03 21:40:45 Times Seen7224 Hash 5f434bdd806571a4e1b385bee9316ff6 ca69e13015a6b7769e4174179dc8befd4c543c43 fc129f67c34d70578dc66a2ac6be2d44011eab5a05077797b8e56dbc2f2c9867 Loading...

	takeflag.com/static/js/os.js	125 kB	2023-03-13	2023-03-13
Pretty URL takeflag.com/static/js/os.js IP 172.67.142.62 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 17:28:59 Last Seen2023-03-13 17:28:59 Times Seen1 Hash 1c527cb4f7161f36d4807fe3a7e8d11b 24828a9ee21a1fe044c8bf674b11491fb813af8d 88d762bc9daf0999921712bc4a6c370df6c6e0d07c07cb7ffae9d82f434f43ea Loading...

	takeflag.com/link.js	941 B	2023-03-13	2023-03-13
Pretty URL takeflag.com/link.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 17:28:59 Last Seen2023-03-13 17:28:59 Times Seen1 Hash b52ecd1e7b9ae9f257e0d065bd5be82c 4358aa5ce2ac582540fc3d507269cb41be5b2a54 aa67e977940ba8c01773f9f516232fb41c9e24ecd98ef35cc9ebb51673f700c9 Loading...

	embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-2c78ba82.js	7.1 kB	2023-03-07	2023-12-01
Pretty URL embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-2c78ba82.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:15:09 Last Seen2023-12-01 20:53:29 Times Seen7234 Hash fac25ff2d2c405e1ac7e156dca1f819c 9e7c83d4eefe4f64b4f1c43d15f21b248697a125 97ca66991150a4c1263837600fe4338f33d96b74979cd7740ab07d22b883b8e0 Loading...

	takeflag.com/	502 B	2023-03-08	2024-03-02
Pretty URL takeflag.com/ IP 172.67.142.62 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:09:11 Last Seen2024-03-02 19:13:35 Times Seen13 Hash 65574a7dcc71d187010680137b0098a5 e838cd10160c8d8d82c1834b3cd3b07731879cc9 1a3cfa1eee792b0ce201c8735de6a46f79119fc8fb2c55085995e9c70cd4068e Loading...

	embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-vendors.js	211 kB	2023-03-08	2024-01-03
Pretty URL embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-vendors.js IP 104.22.24.131 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 13:02:52 Last Seen2024-01-03 04:29:13 Times Seen92 Hash 70dac54eca3bb2143032bc4db3237623 b072b86acccf5e05a52ebfbff58ec2961b200063 299a4f2bad31c68a87c725376227e4e71d3fa3be5ac21776509b6a526bfd603b Loading...

	embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-48f46bef.js	16 kB	2023-03-12	2023-03-26
Pretty URL embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-48f46bef.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 19:42:52 Last Seen2023-03-26 05:57:29 Times Seen71 Hash d9f3d1c4504d77c3e7c2e3e2f126fd9b 42baf889b87715cca0f7de5211de4e5d4164b89a 87e512de8c063410a12ffdd7c34124de2dade5a644ed49bb66213ca3e26dde4b Loading...

	takeflag.com/	254 B	2023-03-08	2024-02-11
Pretty URL takeflag.com/ IP 172.67.142.62 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:09:11 Last Seen2024-02-11 09:16:01 Times Seen1 Hash 63b80eac97bcbd837cc22a857ffcb18e 5fd90c81bba397c22001baf8519c6e17b6c62348 391cbb52d38f190e1eeca7e626ff84a1b6343d6f7cc15beb22c90c4c5c8c99ee Loading...

	embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-runtime.js	2.3 kB	2023-03-12	2023-11-18
Pretty URL embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-runtime.js IP 104.22.24.131 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 19:42:52 Last Seen2023-11-18 22:03:39 Times Seen90 Hash de21d01e9f8b6cc35ea67267d0ba80ec 6cc42e299703a1a1fca03a97b268adf1fa830107 da3edd648fc579bc07c4b1b1bb3ba1e8258ae308049a311e5966464295eb0e51 Loading...

	embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-app.js	151 B	2023-03-07	2024-05-08
Pretty URL embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-app.js IP 104.22.24.131 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:46 Last Seen2024-05-08 16:00:33 Times Seen46740 Hash e736e189edb5d0d9d5b8e7f23dd9114a bcabee193f13756fa9154fc492fe420c47140343 13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd Loading...

	embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-vendor.js	78 kB	2023-03-07	2024-01-03
Pretty URL embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-vendor.js IP 104.22.24.131 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:45 Last Seen2024-01-03 04:29:13 Times Seen8812 Hash 7dcb496e4882926f93f2e73fa87062c0 f84d8f772336f305bbbd882a1e5d48d9aa8bd16a 5958b8f2069b0a3292ed7a9db46b8109adac7e81591238557125893ee7e87bb7 Loading...

	embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-common.js	196 kB	2023-03-12	2023-11-18
Pretty URL embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-common.js IP 104.22.24.131 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 19:42:52 Last Seen2023-11-18 22:03:40 Times Seen90 Hash 385105148a50079bafff97e9c9476109 558ea15aa711b8f2501237fa286ec104db90fbf2 e76be61057b7d805440ba2693d2c357f9a828fa8bda74170b9ac70b58af626d7 Loading...

	takeflag.com/static/js/swiper-4.2.0.min.js	120 kB	2023-03-07	2024-05-08
Pretty URL takeflag.com/static/js/swiper-4.2.0.min.js IP 172.67.142.62 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:23:57 Last Seen2024-05-08 01:16:03 Times Seen1136 Hash be15b3ba6a71edd608b9af34dfc6130c b11842fbe74778511b86bf899fbd02102b57ac62 add18244c3d92cb789bd50456f05f02ca034c908bbf4210fedbd9013b3bf5d96 Loading...

	takeflag.com/static/js/mobepp-1.1.1.js	20 kB	2023-03-13	2023-03-13
Pretty URL takeflag.com/static/js/mobepp-1.1.1.js IP 172.67.142.62 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 17:28:59 Last Seen2023-03-13 17:28:59 Times Seen1 Hash 75ba9ba2ba68a6a6b39dad0926926dc9 47064f861e56be756974a7b93e6689d5b7dbe083 bc2291a48410368e80b8ac618b09c36fee013d9ff799585660e881afa36e0902 Loading...

	takeflag.com/	125 B	2023-03-08	2024-02-25
Pretty URL takeflag.com/ IP 172.67.142.62 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:09:11 Last Seen2024-02-25 17:47:55 Times Seen22 Hash 99299d6953f58ea0d5cb7d0ef255eb7b 0522d89d162b7b8cc3914e3af04d55ad711effcf 69feac1e8edfe5d28f9dd2930f149f1379d3c3cb119dbb1f4a3aaf446bfaf1cb Loading...

	www.xiamgs.com/pixel/zkjGZcxVNYs1dU3q	0 B	2023-03-07	2024-05-08
Pretty URL www.xiamgs.com/pixel/zkjGZcxVNYs1dU3q IP 122.10.50.88 ASN #134548 DXTL Tseung Kwan O Service Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-08 17:32:55 Times Seen37441812 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-32507910.js	74 kB	2023-03-12	2023-03-26
Pretty URL embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-32507910.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 19:42:52 Last Seen2023-03-26 05:57:29 Times Seen69 Hash b931365947ecaea657544f82994716af a1104369fe02f29d54aee7a1c429998e8bb2a6ae d5545096f7c7a5c5b9e151ed1127b929098806899b9f910e547f3cbcbbbdcfc7 Loading...

	embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-2d0b9454.js	546 B	2023-03-07	2023-12-03
Pretty URL embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-2d0b9454.js IP 104.22.24.131 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:45 Last Seen2023-12-03 21:40:45 Times Seen7208 Hash 09c3819d373bd4178a620d721429fada fc407211bc5ed4384dc85e981c5947f727254bd9 48126b4a0cc388ba014594d6d64a6c6c6bb1c0ea145bb1c3c2b1da1a514e4a5c Loading...

	takeflag.com/static/js/os2.js	132 B	2023-03-10	2024-04-29
Pretty URL takeflag.com/static/js/os2.js IP 172.67.142.62 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 21:11:59 Last Seen2024-04-29 05:41:51 Times Seen36 Hash 8879e253d23d764ca46c9ac31f9a54d4 c08f93c12a5e4bbd365ceb07e47912ac1365dbb0 205f0769a1b05bfdedb7b350cc5d237355e284874880ab3ff0fdd0252fbc1391 Loading...

	embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-main.js	121 B	2023-03-07	2024-05-08
Pretty URL embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-main.js IP 104.22.24.131 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:45 Last Seen2024-05-08 16:00:33 Times Seen46064 Hash da5bb1dc647470204df0e49f5afac2de f5cbf596ca5e4fe208e4c55af6e45b71f9febbe8 705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c Loading...

	embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-f1596d96.js	10 kB	2023-03-12	2023-03-26
Pretty URL embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-f1596d96.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 19:42:52 Last Seen2023-03-26 05:57:29 Times Seen44 Hash 058710526a0979b9e77a4babe9adfcd7 a29fdce1689d187f11c89a9ee598141f56e07e06 3418417801acc364fae9a8675f8292b2ae09cf39fe35de90a981e69e49e6e24c Loading...

	diamondbunker.com/js/js.js	1.5 kB	2023-03-13	2023-03-13
Pretty URL diamondbunker.com/js/js.js IP 172.67.222.28 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 17:28:59 Last Seen2023-03-13 17:28:59 Times Seen1 Hash 3d5ffb28ae54044f079010a28a80a2aa c5548839cff77773db843a11851a0d6c2b3dba93 885c4a284b1eb991fd52527b62de8d66934ea7612d54e73b1e5ee27693a4c850 Loading...

	grahaksatria.com/	334 B	2023-03-08	2023-06-12
Pretty URL grahaksatria.com/ IP 168.206.49.211 ASN #137951 Clayer Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:09:11 Last Seen2023-06-12 13:43:15 Times Seen3 Hash 94ba4e4da0a087813f88bd4afa6acc7f c722b47813a84f0e423796776c3b57a2c0f6cd17 a3bfee10c9a20d4353a6eacad64f264bd7124049099f87f59c59337f8bb3593b Loading...

	embed.tawk.to/627771e57b967b11798e4997/1g2h99qrs	2.1 kB	2023-03-12	2024-02-11
Pretty URL embed.tawk.to/627771e57b967b11798e4997/1g2h99qrs IP 104.22.24.131 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 23:54:09 Last Seen2024-02-11 09:16:01 Times Seen1 Hash c65a388051b869eec9f1f30386337b91 6a2cfd6e627173b4f214b956ffc1e559388c4bf8 09903a5a728ace265f9c46853f956a9e75a1ae81c8e08a39415939ce643c270d Loading...

	hm.baidu.com/hm.js?ee5e05889961cac6429cfc2cdceea313	30 kB	2023-03-13	2023-03-13
Pretty URL hm.baidu.com/hm.js?ee5e05889961cac6429cfc2cdceea313 IP 103.235.46.191 ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 17:28:59 Last Seen2023-03-13 17:28:59 Times Seen1 Hash 7701a84c5ce4da12ff20d109bcfb0ad0 f04a75291b9d46d33ccaa553fd840b4f2a986e59 eee36f378e30dcb4254b2b2ff69b0f1f4c748ac7abdeb8ea6fd1d13323a25ba0 Loading...

		Size	First Seen	Last Seen
	#1 Write - 687455aa0582b9b62f3602c122ebd4eb	301 B	2023-03-13	2023-03-13
Pretty Observations First Seen2023-03-13 17:28:59 Last Seen2023-03-13 17:28:59 Times Seen1 Hash 687455aa0582b9b62f3602c122ebd4eb d79a00db699479a4e899cd44aaaca254c90143a3 5cc3660d8448534127ea5143511b596c33e80deb7d6c1bcce48ea90b3019cb58 Loading...

	#2 Write - 1ffb1fb67c3e90713965dacf5c63df2f	88 B	2023-03-10	2023-12-02
Pretty Observations First Seen2023-03-10 00:46:11 Last Seen2023-12-02 19:18:05 Times Seen22 Hash 1ffb1fb67c3e90713965dacf5c63df2f 9833dbeccffc8bf3fdbb8b3fb16e310f89e27064 830fcc5a906eee3872192ba2aa2ef8b53b94a69cf939ca3eefb265da60920990 Loading...

	#3 Write - 74312d9fd3d0d77a65b4edf6f7a9d543	169 B	2023-03-07	2024-05-08
Pretty Observations First Seen2023-03-07 12:43:11 Last Seen2024-05-08 08:45:58 Times Seen2533 Hash 74312d9fd3d0d77a65b4edf6f7a9d543 f8f99b78a90612dba2ab0f2f96d35ef3c77cd3c6 e3932ed210d0dfb6820eacc496a3e5a609b8f011515b9324fe93b5d956a11f08 Loading...

HTTP Transactions (67)

	URL	IP	Response	Size
	r3.o.lencr.org/	95.101.11.115	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 95.101.11.115:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash c21ba65e44ac95470c314e068e49a9eb 17a13b13738993d889d4afa3d848dc63bf6eba64 9bd0795b30e84ce63b6e2a365ca91bbffc395dd955e112152066c31e63a4ab66 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "9BD0795B30E84CE63B6E2A365CA91BBFFC395DD955E112152066C31E63A4AB66" Last-Modified: Sat, 04 Feb 2023 11:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=2463 Expires: Sun, 05 Feb 2023 09:36:08 GMT Date: Sun, 05 Feb 2023 08:55:05 GMT Connection: keep-alive`

	r3.o.lencr.org/	95.101.11.115	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 95.101.11.115:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 1cdc095521e9ee2606059be447d1fdd5 02b5d0a5b5823e2338daf7e144700babe2a213af 8bda3aabcf331c2bfcc4c7023cd797c760fd301dc353641bb95048e072f66c66 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "8BDA3AABCF331C2BFCC4C7023CD797C760FD301DC353641BB95048E072F66C66" Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=13332 Expires: Sun, 05 Feb 2023 12:37:17 GMT Date: Sun, 05 Feb 2023 08:55:05 GMT Connection: keep-alive`

	r3.o.lencr.org/	95.101.11.115	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 95.101.11.115:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash fb7b6b46e708ad73eaaa3c21e74569ae 950663c025acad81556af5aa3022ecc9d55097fe 763f58b9fb838378c92033b59907b036f4c33081f5103d9bcc2ca2a8de500d64 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "763F58B9FB838378C92033B59907B036F4C33081F5103D9BCC2CA2A8DE500D64" Last-Modified: Sat, 04 Feb 2023 08:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=10072 Expires: Sun, 05 Feb 2023 11:42:57 GMT Date: Sun, 05 Feb 2023 08:55:05 GMT Connection: keep-alive`

	firefox.settings.services.mozilla.com/v1/	35.241.9.150	200 OK	939 B
URL HTTP/2 firefox.settings.services.mozilla.com/v1/ IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size 939 B (939 bytes) Hash 30db107dcf4380cef05efea409c2e6a3 96e6a306fbc07299aba64e5c14e2bfca35872fa9 b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e HTTP Headers `GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Content-Type, Alert, Retry-After, Content-Length, Backoff content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 939 via: 1.1 google date: Sun, 05 Feb 2023 08:36:17 GMT content-type: application/json age: 1128 cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2`

	content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain	34.160.144.191	200 OK	5.3 kB
URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain IP 34.160.144.191:0 ASN #15169 GOOGLE File type PEM certificate\012- , ASCII text Size 5.3 kB (5348 bytes) Hash 7b922915ebf1fa3639b333f994c74f24 144a3f80b98fd0652d4614f24cf6cbbee40f8938 adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c HTTP Headers `GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK x-amz-id-2: fpN8hy5xsJu7hkN5HoonVpQW+BTV7DFZRUhglllchdAJYX1ud9v67cVuMcQb/yTzwXCDSglXgF8= x-amz-request-id: NS7N32E35H5SWTVQ content-disposition: attachment accept-ranges: bytes server: AmazonS3 content-length: 5348 via: 1.1 google date: Sun, 05 Feb 2023 08:24:24 GMT age: 1841 last-modified: Mon, 09 Jan 2023 18:04:21 GMT etag: "7b922915ebf1fa3639b333f994c74f24" content-type: binary/octet-stream cache-control: public,max-age=3600 alt-svc: clear X-Firefox-Spdy: h2`

	contile.services.mozilla.com/v1/tiles	34.117.237.239	200 OK	12 B
URL HTTP/2 contile.services.mozilla.com/v1/tiles IP 34.117.237.239:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with no line terminators Size 12 B (12 bytes) Hash 23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3 HTTP Headers `GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK server: nginx date: Sun, 05 Feb 2023 08:55:05 GMT content-type: application/json content-length: 12 access-control-expose-headers: content-type vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers access-control-allow-credentials: true strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2`

	firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US	35.241.9.150	200 OK	329 B
URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size 329 B (329 bytes) Hash 0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300 HTTP Headers `GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Pragma, Backoff, Retry-After, Content-Length, Last-Modified, Expires, Cache-Control, ETag, Alert, Content-Type content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 329 via: 1.1 google date: Sun, 05 Feb 2023 08:07:20 GMT age: 2866 last-modified: Fri, 25 Mar 2022 17:45:46 GMT etag: "1648230346554" content-type: application/json cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2

	grahaksatria.com/	168.206.49.211	200 OK	1.8 kB
URL HTTP/1.1 grahaksatria.com/ IP 168.206.49.211:0 ASN #137951 Clayer Limited File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1509) Size 1.8 kB (1768 bytes) Hash db135598469b43cd715b17f2016a0974 ebde7bc736b3a18cbd2118d62884ff65a2abc962 08f3a49f8d643867bb7840a2d76bc6a91c65a438f8a14a1113979ec021bbf91c HTTP Headers `GET / HTTP/1.1 Host: grahaksatria.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1` `HTTP/1.1 200 OK Server: nginx Date: Sun, 05 Feb 2023 08:55:05 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Vary: Accept-Encoding Content-Encoding: gzip`

	ocsp.digicert.com/	93.184.220.29	200 OK	279 B
URL HTTP/1.1 ocsp.digicert.com/ IP 93.184.220.29:0 ASN #15133 EDGECAST File type data Size 279 B (279 bytes) Hash 179b16ec3f83237e7b3bdc487cd6a17b 3f2fc52a606338997f2ec27e9223fc36cc518c32 3ddac093751667f32ac345c75b8338184b57d24622f0b8716f3572cad0ab41d0 HTTP Headers `POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Accept-Ranges: bytes Age: 6156 Cache-Control: max-age=115969 Content-Type: application/ocsp-response Date: Sun, 05 Feb 2023 08:55:06 GMT Etag: "63de78df-117" Expires: Mon, 06 Feb 2023 17:07:55 GMT Last-Modified: Sat, 04 Feb 2023 15:25:19 GMT Server: ECS (ska/F711) X-Cache: HIT Content-Length: 279`

	r3.o.lencr.org/	95.101.11.115	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 95.101.11.115:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash dedf9c519ac38c4bece9c5bc895787d7 4911175c3f8a435978c5301c33c7a99a5e00a1d5 bddd7e3a4939f863642a7c5348c1c8b9bc569b35c10a27f4cf5ec71f7e6b9698 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "BDDD7E3A4939F863642A7C5348C1C8B9BC569B35C10A27F4CF5EC71F7E6B9698" Last-Modified: Fri, 03 Feb 2023 20:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=18895 Expires: Sun, 05 Feb 2023 14:10:01 GMT Date: Sun, 05 Feb 2023 08:55:06 GMT Connection: keep-alive`

	ocsp.pki.goog/s/gts1p5/l-iWrdkRAkA	216.58.211.3	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/l-iWrdkRAkA IP 216.58.211.3:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 4e7e6ef45f6ea6a9806e887cb8ed100e b59146c37efc8692ec0a35596f74c5dd95e765ef aff9c90f55867f8ce454993ae2f58aef846bc320d6edcfe803ae9d46b26663ca HTTP Headers `POST /s/gts1p5/l-iWrdkRAkA HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 05 Feb 2023 08:55:06 GMT Cache-Control: public, max-age=14400 Server: scaffolding on HTTPServer2 Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	push.services.mozilla.com/	52.36.139.3	101 Switching Protocols	0 B
URL HTTP/1.1 push.services.mozilla.com/ IP 52.36.139.3:0 ASN #16509 AMAZON-02 File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: 5DNf3qIyTyUCXcy7SERrbQ== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket `HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: 9vJiB7sTkJAe6QdUjerWplQdd4w=`

	embed.tawk.to/627771e57b967b11798e4997/1g2h99qrs	104.22.24.131	200 OK	937 B
URL HTTP/2 embed.tawk.to/627771e57b967b11798e4997/1g2h99qrs IP 104.22.24.131:0 ASN #13335 CLOUDFLARENET File type ASCII text Size 937 B (937 bytes) Hash d330c6a1d99048ab48f90b5c4e3f5b09 deb2d159ee5894430c58766c71be8193f5e360cb 44966d9a3740e51f64216402891d86d8f87d6e679c6a309f04dd13fd11d1db96 HTTP Headers `GET /627771e57b967b11798e4997/1g2h99qrs HTTP/1.1 Host: embed.tawk.to User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: http://grahaksatria.com Connection: keep-alive Referer: http://grahaksatria.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK date: Sun, 05 Feb 2023 08:55:06 GMT content-type: application/x-javascript access-control-allow-origin: * cache-control: public, max-age=7200, s-maxage=3600 etag: W/"stable-v4-63b77dcd282" vary: Accept-Encoding strict-transport-security: max-age=0; includeSubDomains; preload cf-cache-status: MISS x-content-type-options: nosniff server: cloudflare cf-ray: 794a6cd84cbdb50b-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2`

	ocsp.pki.goog/s/gts1p5/l-iWrdkRAkA	216.58.211.3	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/l-iWrdkRAkA IP 216.58.211.3:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 4e7e6ef45f6ea6a9806e887cb8ed100e b59146c37efc8692ec0a35596f74c5dd95e765ef aff9c90f55867f8ce454993ae2f58aef846bc320d6edcfe803ae9d46b26663ca HTTP Headers `POST /s/gts1p5/l-iWrdkRAkA HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 05 Feb 2023 08:55:07 GMT Cache-Control: public, max-age=14400 Server: scaffolding on HTTPServer2 Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.pki.goog/s/gts1p5/nitig8lIJg4	216.58.211.3	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/nitig8lIJg4 IP 216.58.211.3:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash 8d11713bc7fdd70f2069648c510a03b9 0123b3176a2f34817b19a9d565273544458f3cea 680d8a5eb8cfb06e358147b1967a720d45079bc0ce25d87bb86ed3cb4476aa32 HTTP Headers `POST /s/gts1p5/nitig8lIJg4 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 05 Feb 2023 08:55:07 GMT Cache-Control: public, max-age=14400 Server: scaffolding on HTTPServer2 Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	r3.o.lencr.org/	95.101.11.115	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 95.101.11.115:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 1b25bf82638deaab60981e1315ee0849 e3bd912fd1a890e64ee6746a78a674db7ff77039 a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF" Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=13213 Expires: Sun, 05 Feb 2023 12:35:20 GMT Date: Sun, 05 Feb 2023 08:55:07 GMT Connection: keep-alive`

	r3.o.lencr.org/	95.101.11.115	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 95.101.11.115:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 1b25bf82638deaab60981e1315ee0849 e3bd912fd1a890e64ee6746a78a674db7ff77039 a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF" Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=13213 Expires: Sun, 05 Feb 2023 12:35:20 GMT Date: Sun, 05 Feb 2023 08:55:07 GMT Connection: keep-alive`

	r3.o.lencr.org/	95.101.11.115	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 95.101.11.115:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 1b25bf82638deaab60981e1315ee0849 e3bd912fd1a890e64ee6746a78a674db7ff77039 a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF" Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=13213 Expires: Sun, 05 Feb 2023 12:35:20 GMT Date: Sun, 05 Feb 2023 08:55:07 GMT Connection: keep-alive`

	r3.o.lencr.org/	95.101.11.115	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 95.101.11.115:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 1b25bf82638deaab60981e1315ee0849 e3bd912fd1a890e64ee6746a78a674db7ff77039 a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF" Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=13213 Expires: Sun, 05 Feb 2023 12:35:20 GMT Date: Sun, 05 Feb 2023 08:55:07 GMT Connection: keep-alive`

	diamondbunker.com/js/js.js	172.67.222.28	200 OK	5.7 kB
URL HTTP/2 diamondbunker.com/js/js.js IP 172.67.222.28:0 ASN #13335 CLOUDFLARENET File type HTML document text\012- HTML document, ASCII text, with very long lines (775) Size 5.7 kB (5717 bytes) Hash c226f3d2d5e21737ce1835999ff1f0b1 9c1b759ab73e7d50d5cf2ffde6dd06f892a36a65 e1ebe912a17b71e38bb65e416f567bb2142da16120fe7aae8ba4849c5d7e212d HTTP Headers `GET /js/js.js HTTP/1.1 Host: diamondbunker.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://grahaksatria.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK date: Sun, 05 Feb 2023 08:55:07 GMT content-type: application/javascript cache-control: max-age=43200 cf-bgj: minify etag: W/"63dce0c7-5e4" expires: Sun, 05 Feb 2023 20:55:07 GMT last-modified: Fri, 03 Feb 2023 10:24:07 GMT vary: Accept-Encoding cf-cache-status: REVALIDATED report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qGNWka2GWyfkW2GX8N8wAtRt5a%2Bqy173xXQdprggeBxFuKIjOAfoeVfKqOipy2%2B3kDE9UgEF%2FL11jdr6UtfW9O7yPTrRUG2AlTLuV5jpmFXM4dwnxS3YlcO6bvdSkZ1STTwaKw%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 794a6cd9ecfdb512-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3c8da623-73ab-4c2d-afaa-03d28de3a280.png	34.120.237.76	200 OK	11 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3c8da623-73ab-4c2d-afaa-03d28de3a280.png IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 11 kB (11056 bytes) Hash 3e0c38abfcd86f8074d4182d49fc354f 1367bebb73fa652695242100b26c394f1bfe4457 e42d110060133ac05e6cdfafa6473c55473220fdc7eaf03e3a89f58aa3603670 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3c8da623-73ab-4c2d-afaa-03d28de3a280.png HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 11056 x-amzn-requestid: 4acc3364-4a33-4934-bdcb-41284d952113 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: fPFrwEW4IAMF_Tg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63cf8317-33872f461a2faab552322837;Sampled=0 x-amzn-remapped-date: Tue, 24 Jan 2023 07:04:55 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: XhPm-ZDoEjlgeiXUwMRQZ5pOMs4qJzXagWZg302DcrYpUm5X7O8ZZA== via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google date: Sat, 04 Feb 2023 21:46:47 GMT age: 40100 etag: "1367bebb73fa652695242100b26c394f1bfe4457" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8a9d301-2b38-4046-91c2-941ed351597a.jpeg	34.120.237.76	200 OK	3.5 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8a9d301-2b38-4046-91c2-941ed351597a.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 3.5 kB (3474 bytes) Hash d7a466d89c75ff3459b7328591db52cf c3f29f9c2fbdc1fa2aef7a9e79ca796b28394afb e73243be3d01d12a224c4e9826c4f52610cf7722eee69f62755278d7550705f1 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8a9d301-2b38-4046-91c2-941ed351597a.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 3474 x-amzn-requestid: 5846c080-9f25-4590-863c-8af2126cdbe1 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: f1WXEEbnoAMFRdg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63ded0f9-1bd490125feadc14366e7ca0;Sampled=0 x-amzn-remapped-date: Sat, 04 Feb 2023 21:41:13 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: d8aQmkW-aqLFpb79RynlJG2vY1GTDbjLNY0Qukgg_WIjdI6cmbVKFw== via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google date: Sat, 04 Feb 2023 22:10:58 GMT etag: "c3f29f9c2fbdc1fa2aef7a9e79ca796b28394afb" content-type: image/jpeg age: 38649 cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	unpkg.com/@yuming2022/seo-tracing	104.16.125.175	520 No Reason Phrase	17 kB
URL HTTP/2 unpkg.com/@yuming2022/seo-tracing IP 104.16.125.175:0 ASN #13335 CLOUDFLARENET File type data Size 17 kB (16799 bytes) Hash d41bb893d95543e5870ecade5a4d2569 64a0eb730e34509a965e5ad428632708143fd3ed d3e2933d1e75adf667de05763d244f532c8f2ac0e5cd59683250ee44d1294e10 HTTP Headers `GET /@yuming2022/seo-tracing HTTP/1.1 Host: unpkg.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://grahaksatria.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` `HTTP/2 520 No Reason Phrase date: Sun, 05 Feb 2023 08:55:07 GMT content-type: text/html; charset=UTF-8 set-cookie: cf_use_ob=0; path=/; expires=Sun, 05-Feb-23 08:55:37 GMT x-frame-options: SAMEORIGIN referrer-policy: same-origin cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 expires: Thu, 01 Jan 1970 00:00:01 GMT cf-ray: 794a6cde0eedb4ed-OSL server: cloudflare X-Firefox-Spdy: h2`

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad342374-789b-497a-b212-29d0b2aaced0.jpeg	34.120.237.76	200 OK	7.1 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad342374-789b-497a-b212-29d0b2aaced0.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 7.1 kB (7060 bytes) Hash 75caf9549ac23c827c10d6baabb84884 e8391e4046acb91cd4a6113974fda1c44dcd3865 a01e3a9aaa0b0fa156303bcbf38c1c45ea6abe8d0a052734b05ea4da82f176c4 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad342374-789b-497a-b212-29d0b2aaced0.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 7060 x-amzn-requestid: e3e457e7-b73a-4b5f-a7bb-9a643cde2760 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: fwAv_GI1oAMFbIg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63dcae66-6793e5e054a709881bb2d191;Sampled=0 x-amzn-remapped-date: Fri, 03 Feb 2023 06:49:10 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: 6LeXkwyELIc_XykRxsfDIBu7Kda_3OHFDiteX0rKwDt-315catmvKw== via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google date: Sat, 04 Feb 2023 22:10:43 GMT age: 38664 etag: "e8391e4046acb91cd4a6113974fda1c44dcd3865" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6718344-fcb4-4366-9239-8921034a7114.jpeg	34.120.237.76	200 OK	13 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6718344-fcb4-4366-9239-8921034a7114.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 13 kB (12967 bytes) Hash 8e0be7db14d930d6227443314bcd1747 4e42e2ad289dfe5bd9a55d34fd768f7532bdf71d baedfbdb08a67f9ff4c698f7e65b08d7e4c5078d0a4233e6bff529b44812735a HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6718344-fcb4-4366-9239-8921034a7114.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 12967 x-amzn-requestid: 38c58626-f4ad-4e2b-ad71-a628519d2ea2 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: fmEdHFwCoAMFhxQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63d8b453-7da6d0c1093468d320caaa1e;Sampled=0 x-amzn-remapped-date: Tue, 31 Jan 2023 06:25:23 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: t8dZTwod1-pZr8ACfp-6gfEu0TA3kGpfJrQeF8VgLg2tlrt03sa6Bg== via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google date: Sun, 05 Feb 2023 03:40:08 GMT age: 18899 etag: "4e42e2ad289dfe5bd9a55d34fd768f7532bdf71d" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	takeflag.com/static/picture/ck.png	172.67.142.62	200 OK	3.0 kB
URL HTTP/2 takeflag.com/static/picture/ck.png IP 172.67.142.62:0 ASN #13335 CLOUDFLARENET File type PNG image data, 624 x 32, 8-bit colormap, non-interlaced\012- data Size 3.0 kB (3017 bytes) Hash 23593017c65a0e3d7a3be4f124d4e1b6 4fb7644281166fdef30a04cb79c118772424d472 316406253a369f8520af638cb3e5618ccdbf50157daf161c0bd26b1edbd1cd2e HTTP Headers `GET /static/picture/ck.png HTTP/1.1 Host: takeflag.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://takeflag.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` HTTP/2 200 OK date: Sun, 05 Feb 2023 08:55:08 GMT content-type: image/png content-length: 3017 last-modified: Sat, 31 Dec 2022 11:01:10 GMT etag: "63b01676-bc9" expires: Mon, 06 Mar 2023 13:24:08 GMT cache-control: max-age=2592000 cf-cache-status: HIT age: 70259 accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FBoYkd78PkvHgrhhg6j8hRTphCvK6zybpZ2DIiNzBL%2Ff2uSfM98%2BgHRfcyZ%2BGL%2F35Di%2FibimCCJURVcUxIQigI1RGutHCcYG%2FqMjzqOTdcLLpjq5AVsOvFKg3nIcAMA%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 794a6ce34a500b06-OSL alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

	takeflag.com/static/picture/yl.jpg	172.67.142.62	200 OK	104 kB
URL HTTP/2 takeflag.com/static/picture/yl.jpg IP 172.67.142.62:0 ASN #13335 CLOUDFLARENET File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 960x580, components 3\012- data Size 104 kB (104175 bytes) Hash ff6f53af4bd081d6cc26f9409559193f 81c9f7b189406f904e774f19d2dc0cafddce2a8e 85fff3b07c6282b5b669e5d415b4deead956277c20aa2911b13602f5925e8245 HTTP Headers `GET /static/picture/yl.jpg HTTP/1.1 Host: takeflag.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://takeflag.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` HTTP/2 200 OK date: Sun, 05 Feb 2023 08:55:08 GMT content-type: image/jpeg content-length: 104175 last-modified: Sat, 31 Dec 2022 11:00:40 GMT etag: "63b01658-196ef" expires: Mon, 06 Mar 2023 13:24:08 GMT cache-control: max-age=2592000 cf-cache-status: HIT age: 70259 accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kVnpW8nGnf71RxZIaQTww%2Ffe2j4hovj9FcCVAbH2ynQDkhvKPNVmSGLtaFP4FyeztUpivSFv5ppJmvA4M4kTVjXYlPnzelvS%2B%2FeElGQ4GB4fu3ZUOt2FKDq8FCPNmvc%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 794a6ce34a4d0b06-OSL alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

	takeflag.com/static/picture/wenxin.png	172.67.142.62	200 OK	4.2 kB
URL HTTP/2 takeflag.com/static/picture/wenxin.png IP 172.67.142.62:0 ASN #13335 CLOUDFLARENET File type PNG image data, 715 x 46, 8-bit colormap, non-interlaced\012- data Size 4.2 kB (4176 bytes) Hash 9869fafc0f68fc0e9557019fb9f7dbab 581a0d834967fd8b9ad18b8a5679673ed33b4f51 8444951fad4a1fba330ace9849b8760c23bb3764986db28f9a6d0ebb4cde5121 HTTP Headers `GET /static/picture/wenxin.png HTTP/1.1 Host: takeflag.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://takeflag.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` HTTP/2 200 OK date: Sun, 05 Feb 2023 08:55:08 GMT content-type: image/png content-length: 4176 last-modified: Sat, 31 Dec 2022 11:01:10 GMT etag: "63b01676-1050" expires: Mon, 06 Mar 2023 13:24:08 GMT cache-control: max-age=2592000 cf-cache-status: HIT age: 70259 accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mmVGxyFSyzz9BX%2BGMuToElh1%2B9%2FaAz1cJ37Sp1FNUeMJlZpOOCgsOv8MhyEioPOJbQuBnKKsVRV5cFY1hH4rzQcQblK7NCEfuS3Vk5qXAmJEMU0rPsH%2FqIePJ%2FJ%2B6YY%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 794a6ce34a510b06-OSL alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

	takeflag.com/static/picture/td1.png	172.67.142.62	200 OK	2.8 kB
URL HTTP/2 takeflag.com/static/picture/td1.png IP 172.67.142.62:0 ASN #13335 CLOUDFLARENET File type PNG image data, 486 x 51, 8-bit colormap, non-interlaced\012- data Size 2.8 kB (2836 bytes) Hash 31e7e621deb29b203fb053e3048f6120 8a18a6e7dead031f593f0ac5d310d8196be73e39 a53c37ac9605cb95dad43595ee772dcf3dc8b5575d056802437582a03291cca3 HTTP Headers `GET /static/picture/td1.png HTTP/1.1 Host: takeflag.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://takeflag.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` HTTP/2 200 OK date: Sun, 05 Feb 2023 08:55:08 GMT content-type: image/png content-length: 2836 last-modified: Sat, 31 Dec 2022 11:01:10 GMT etag: "63b01676-b14" expires: Mon, 06 Mar 2023 13:24:08 GMT cache-control: max-age=2592000 cf-cache-status: HIT age: 70259 accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GBKao967o2v0INPv1LQGCula2UfkpU5igz5q5PkS%2Bwj6KOxob643Q97Oh%2FxQ%2BlEa%2BYAwgyeP7VzOVZEGnhqWwb77nsQR7rkwrMX3M%2F5ZS6Jvu%2BfIhltURkpDfc93nPc%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 794a6ce34a520b06-OSL alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

	takeflag.com/static/picture/td2.png	172.67.142.62	200 OK	2.8 kB
URL HTTP/2 takeflag.com/static/picture/td2.png IP 172.67.142.62:0 ASN #13335 CLOUDFLARENET File type PNG image data, 486 x 51, 8-bit colormap, non-interlaced\012- data Size 2.8 kB (2845 bytes) Hash c5cac4a70568d888812554524bab215a 24f900858d04793fb92f2ea9fb21a8d94fa6aac2 8c0e225cdf39d97b987c6ef98021f6fdc72760bad1d74a548a17f9be30cb1377 HTTP Headers `GET /static/picture/td2.png HTTP/1.1 Host: takeflag.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://takeflag.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` HTTP/2 200 OK date: Sun, 05 Feb 2023 08:55:08 GMT content-type: image/png content-length: 2845 last-modified: Sat, 31 Dec 2022 11:01:10 GMT etag: "63b01676-b1d" expires: Mon, 06 Mar 2023 13:24:08 GMT cache-control: max-age=2592000 cf-cache-status: HIT age: 70259 accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kbtLRIJu%2Bsl6ZF%2FhevQYFKiIeBYRTMT9UQY8l2lKNbH%2FNcFeOhVJhlOAJXqIPjSlbVzXMMNZk5knSzFQXZbV8gkWtMXUko2Uqw5%2BvjCPidbLCsUCtI5vZ7EwGZjBfpw%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 794a6ce34a550b06-OSL alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

	takeflag.com/static/picture/logo_kyunok.png	172.67.142.62	200 OK	10 kB
URL HTTP/2 takeflag.com/static/picture/logo_kyunok.png IP 172.67.142.62:0 ASN #13335 CLOUDFLARENET File type PNG image data, 715 x 92, 8-bit colormap, non-interlaced\012- data Size 10 kB (10224 bytes) Hash 60edb0c7f94a9b90484aa9b468a4fb08 43c623917dc5320cab3f88a4b1b38aac597c5268 1d6998ef0773e13b32df184f7c9bf6ed1d7c1aad5809517939e2f6fc65d582d3 HTTP Headers `GET /static/picture/logo_kyunok.png HTTP/1.1 Host: takeflag.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://takeflag.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` HTTP/2 200 OK date: Sun, 05 Feb 2023 08:55:08 GMT content-type: image/png content-length: 10224 last-modified: Sat, 31 Dec 2022 11:01:10 GMT etag: "63b01676-27f0" expires: Mon, 06 Mar 2023 13:24:08 GMT cache-control: max-age=2592000 cf-cache-status: HIT age: 70259 accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WyLZFjI2ZvxZ7q42imG9Ri0WkDQfsPWBBCc%2BE7yiO17xypTA%2BIHvkTseEPhxLuP539YXQZp2wq1XFgJaVZ6mPGX5rimAkUUBpDn0xCoj1XFB9N30n5NJpNy7yIcnDxE%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 794a6ce34a4c0b06-OSL alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

	takeflag.com/static/picture/td3.png	172.67.142.62	200 OK	2.9 kB
URL HTTP/2 takeflag.com/static/picture/td3.png IP 172.67.142.62:0 ASN #13335 CLOUDFLARENET File type PNG image data, 486 x 51, 8-bit colormap, non-interlaced\012- data Size 2.9 kB (2877 bytes) Hash be7218f3c7f8e9a1595c27838ceadfe2 76c1cc56e629386498f30d68d94a5b37ac17cd64 32ee571215839dcf31e3ea934ec01795ebf3af03c6d4e5cd3dfe5f8ba5c81ea8 HTTP Headers `GET /static/picture/td3.png HTTP/1.1 Host: takeflag.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://takeflag.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` HTTP/2 200 OK date: Sun, 05 Feb 2023 08:55:08 GMT content-type: image/png content-length: 2877 last-modified: Sat, 31 Dec 2022 11:01:10 GMT etag: "63b01676-b3d" expires: Mon, 06 Mar 2023 13:24:08 GMT cache-control: max-age=2592000 cf-cache-status: HIT age: 70259 accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0CUDY3kIXuii2d4Yj9rq4VdUEuAj1zkfj5ywAT5K7AqgsnhSguVofUDk6vnqwGRT0KjGwSDqZKO6x37BjmG6JcHyKrQkrjpjkCmQIRK%2FVvO1SuGg8k4UIKqMoJE2wW8%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 794a6ce34a580b06-OSL alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

	takeflag.com/static/picture/left.png	172.67.142.62	200 OK	3.2 kB
URL HTTP/2 takeflag.com/static/picture/left.png IP 172.67.142.62:0 ASN #13335 CLOUDFLARENET File type PNG image data, 293 x 30, 8-bit colormap, non-interlaced\012- data Size 3.2 kB (3236 bytes) Hash 7cc4244772e7aef02611134320a3307d 8c3c06c9122c22b9c0fde7597ca32f0e99687954 9d54c0edf3dd350474e2052a2bbc03c9487e050bb9d657ecc6b22b61e4fe575e HTTP Headers `GET /static/picture/left.png HTTP/1.1 Host: takeflag.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://takeflag.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` HTTP/2 200 OK date: Sun, 05 Feb 2023 08:55:08 GMT content-type: image/png content-length: 3236 last-modified: Sat, 31 Dec 2022 11:01:10 GMT etag: "63b01676-ca4" expires: Mon, 06 Mar 2023 13:24:08 GMT cache-control: max-age=2592000 cf-cache-status: HIT age: 70259 accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xbQKfuC2rbcHfFYH3myNz65yZ6KOaKjxjS%2BEi6w3T6Qt%2FYkemS7iu%2BPUkWJbNt2n0PUBUPe1%2FShGb03qAhw45HtXxn6lQ3UXL4ngzmycAebWSFxpsfwELwhM6I1IMw8%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 794a6ce35a5a0b06-OSL alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

	takeflag.com/static/picture/kf.gif	172.67.142.62	200 OK	66 kB
URL HTTP/2 takeflag.com/static/picture/kf.gif IP 172.67.142.62:0 ASN #13335 CLOUDFLARENET File type GIF image data, version 89a, 994 x 178\012- data Size 66 kB (66380 bytes) Hash c350fada9443f5f34ad54acc862a312f 66a83e3d6ec7f61e9b67e763358571eae20610fe 63b7330085206af70120a6a984dce7ec0d8016fbe2d887492ba269ee23477c6d HTTP Headers `GET /static/picture/kf.gif HTTP/1.1 Host: takeflag.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://takeflag.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` HTTP/2 200 OK date: Sun, 05 Feb 2023 08:55:08 GMT content-type: image/gif content-length: 66380 last-modified: Thu, 03 Nov 2022 09:58:18 GMT etag: "636390ba-1034c" expires: Mon, 06 Mar 2023 13:24:08 GMT cache-control: max-age=2592000 cf-cache-status: HIT age: 70259 accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1oUo1P25CsgqQWWfX0PfZ%2F%2FgmvbJIcNqP%2FZ8YbwGr5POMJ5UTHB9xwuVkYgKkvK32pJoRwf7TXBR3bSbcxPAfNq73a9dpzSvcYfVyNanomkT4Jg3woWbjStj7NiSA3g%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 794a6ce34a590b06-OSL alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

	takeflag.com/static/picture/right.png	172.67.142.62	200 OK	3.2 kB
URL HTTP/2 takeflag.com/static/picture/right.png IP 172.67.142.62:0 ASN #13335 CLOUDFLARENET File type PNG image data, 293 x 30, 8-bit colormap, non-interlaced\012- data Size 3.2 kB (3226 bytes) Hash 0d4e4e9d65f7744e5afdde506c430276 c5e777a6c74069bdb3ac58e2cc2be1d0d9d9a8d7 98e06288b43abddd93a5c418f862d6df85959b08a65366ba874c4a897e821e63 HTTP Headers `GET /static/picture/right.png HTTP/1.1 Host: takeflag.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://takeflag.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` HTTP/2 200 OK date: Sun, 05 Feb 2023 08:55:08 GMT content-type: image/png content-length: 3226 last-modified: Sat, 31 Dec 2022 11:01:10 GMT etag: "63b01676-c9a" expires: Mon, 06 Mar 2023 13:24:08 GMT cache-control: max-age=2592000 cf-cache-status: HIT age: 70259 accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8vRvJsr0wqGq2%2Ft1b9YCBugStCouNR2XX4GzBMjZL%2BRk2Pcp8ea2TvIytHcT6Zd5AednLD5s7%2FH8C8B0HcVAADKY4HVvQnVzx0ba9JNM6kkJS7aW9%2FvaI%2F59hAZBHcE%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 794a6ce35a640b06-OSL alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

	takeflag.com/static/picture/gs.png	172.67.142.62	200 OK	35 kB
URL HTTP/2 takeflag.com/static/picture/gs.png IP 172.67.142.62:0 ASN #13335 CLOUDFLARENET File type PNG image data, 1125 x 630, 8-bit colormap, non-interlaced\012- data Size 35 kB (34582 bytes) Hash 27894219a71fc17de7bfe818acbada61 0d2525c0a56bffbb439327a926802a726f575781 be62e8781e06b48bdbed2ede785f4ec7963b00750f1aecc41350457e11315bf1 HTTP Headers `GET /static/picture/gs.png HTTP/1.1 Host: takeflag.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://takeflag.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` HTTP/2 200 OK date: Sun, 05 Feb 2023 08:55:08 GMT content-type: image/png content-length: 34582 last-modified: Sat, 31 Dec 2022 11:01:10 GMT etag: "63b01676-8716" expires: Mon, 06 Mar 2023 13:24:08 GMT cache-control: max-age=2592000 cf-cache-status: HIT age: 70259 accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W9F%2BiAU%2B12rsC6qsc1%2FyVeSkLHUGdrZeiOIOB9ceLoA60cSXvI9k1zkdwGus7%2F85yg7IrQV542aitym3EB4KLhy3pQL9qMlShupzKlDd3UYLdEeNikaF6Y1uKDT5VGs%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 794a6ce35a650b06-OSL alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

	takeflag.com/static/picture/xunibi.png	172.67.142.62	200 OK	14 kB
URL HTTP/2 takeflag.com/static/picture/xunibi.png IP 172.67.142.62:0 ASN #13335 CLOUDFLARENET File type PNG image data, 715 x 141, 8-bit colormap, non-interlaced\012- data Size 14 kB (14393 bytes) Hash c72fb5669882eecd51bae8768d12a3d8 37cca15d703cb824e5c4012325ffdbfd949a81d2 b97f2af8bf94d23060a3d27f95246f3a6a404a5c7a03dd994ba63885cd003cde HTTP Headers `GET /static/picture/xunibi.png HTTP/1.1 Host: takeflag.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://takeflag.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` HTTP/2 200 OK date: Sun, 05 Feb 2023 08:55:08 GMT content-type: image/png content-length: 14393 last-modified: Sat, 31 Dec 2022 11:01:10 GMT etag: "63b01676-3839" expires: Mon, 06 Mar 2023 13:24:08 GMT cache-control: max-age=2592000 cf-cache-status: HIT age: 70259 accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eLmN2MgUFd4MKq4%2B4FoqfF8tr3GldQ%2F%2Bo9VzIRO2gqvIT9%2FmXktDHjajba1Frb7e31xoTyKd9seizg8KMARdqpeW8zs6nYk9XfAqV5eYBs10cbRFMZ2RJxRZwvemJ%2FE%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 794a6ce35a670b06-OSL alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

	ocsp.pki.goog/s/gts1p5/nitig8lIJg4	216.58.211.3	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/nitig8lIJg4 IP 216.58.211.3:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash 8d11713bc7fdd70f2069648c510a03b9 0123b3176a2f34817b19a9d565273544458f3cea 680d8a5eb8cfb06e358147b1967a720d45079bc0ce25d87bb86ed3cb4476aa32 HTTP Headers `POST /s/gts1p5/nitig8lIJg4 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 05 Feb 2023 08:55:08 GMT Cache-Control: public, max-age=14400 Server: scaffolding on HTTPServer2 Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.globalsign.com/gsrsaovsslca2018	104.18.20.226	200 OK	1.4 kB
URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018 IP 104.18.20.226:0 ASN #13335 CLOUDFLARENET File type data Size 1.4 kB (1432 bytes) Hash a81fec798b5eb39d22530e60c90a2852 90523d8945593c6984fe3e2148de300b89174349 235bc2f1becf5775d44c66b5b97fe7e84bcfe0cf1d8ff3df59253c82c5ac5a83 HTTP Headers `POST /gsrsaovsslca2018 HTTP/1.1 Host: ocsp.globalsign.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 79 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Date: Sun, 05 Feb 2023 08:55:08 GMT Content-Type: application/ocsp-response Content-Length: 1432 Connection: keep-alive Expires: Thu, 09 Feb 2023 06:32:02 GMT ETag: "90523d8945593c6984fe3e2148de300b89174349" Last-Modified: Sun, 05 Feb 2023 06:32:03 GMT Cache-Control: public, no-transform, must-revalidate, s-maxage=3600 CF-Cache-Status: HIT Age: 1970 Accept-Ranges: bytes Vary: Accept-Encoding Server: cloudflare CF-RAY: 794a6ce44bf61c0a-OSL`

	grahaksatria.com/favicon.ico	168.206.49.211	200 OK	1.8 kB
URL HTTP/1.1 grahaksatria.com/favicon.ico IP 168.206.49.211:0 ASN #137951 Clayer Limited File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1509) Size 1.8 kB (1768 bytes) Hash db135598469b43cd715b17f2016a0974 ebde7bc736b3a18cbd2118d62884ff65a2abc962 08f3a49f8d643867bb7840a2d76bc6a91c65a438f8a14a1113979ec021bbf91c HTTP Headers `GET /favicon.ico HTTP/1.1 Host: grahaksatria.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://grahaksatria.com/` `HTTP/1.1 200 OK Server: nginx Date: Sun, 05 Feb 2023 08:55:09 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Vary: Accept-Encoding Content-Encoding: gzip`

	hm.baidu.com/hm.js?d44a237ef6f9f3c9a21870e2b6c2516f	103.235.46.191	200 OK	11 kB
URL HTTP/1.1 hm.baidu.com/hm.js?d44a237ef6f9f3c9a21870e2b6c2516f IP 103.235.46.191:0 ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd. File type ASCII text, with very long lines (627) Size 11 kB (11265 bytes) Hash ec80bf8b52b4756a7f82764db69d8623 443c945cd195dd4c1cb7d33c718447b1028d36bb b7c24ab190269f4cc1efab166aa27b78af165b1caa0412af92cc08dd91e8e743 HTTP Headers `GET /hm.js?d44a237ef6f9f3c9a21870e2b6c2516f HTTP/1.1 Host: hm.baidu.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://grahaksatria.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` `HTTP/1.1 200 OK Cache-Control: max-age=0, must-revalidate Content-Encoding: gzip Content-Length: 11265 Content-Type: application/javascript Date: Sun, 05 Feb 2023 08:55:08 GMT Etag: 4848f2030ed90318df79e56b3cbf001b P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" Server: apache Set-Cookie: HMACCOUNT=69A2A881A37C904A; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT Strict-Transport-Security: max-age=172800`

	hm.baidu.com/hm.js?ee5e05889961cac6429cfc2cdceea313	103.235.46.191	200 OK	11 kB
URL HTTP/1.1 hm.baidu.com/hm.js?ee5e05889961cac6429cfc2cdceea313 IP 103.235.46.191:0 ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd. File type ASCII text, with very long lines (622) Size 11 kB (11260 bytes) Hash 4e38f82dc1e00be2ef045c1c66378855 da4cc37f33067f3ad76cf92b565038bb75549377 28c0af8853d5d22520ada265601546de48a3a5de29aafc0f7aaec8e9d759c626 HTTP Headers `GET /hm.js?ee5e05889961cac6429cfc2cdceea313 HTTP/1.1 Host: hm.baidu.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://takeflag.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` `HTTP/1.1 200 OK Cache-Control: max-age=0, must-revalidate Content-Encoding: gzip Content-Length: 11260 Content-Type: application/javascript Date: Sun, 05 Feb 2023 08:55:08 GMT Etag: 75eb2a9c60722f2f113ae84183e41606 P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" Server: apache Set-Cookie: HMACCOUNT=5CEDFF493B99E43D; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT Strict-Transport-Security: max-age=172800`

	hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1127648073&si=d44a237ef6f9f3c9a21870e2b6c2516f&v=1.3.0&lv=1&sn=54004&r=0&ww=1280&u=http%3A%2F%2Fgrahaksatria.com%2F&tt=%E8%B5%A3%E5%B7%9E%E5%BC%80%E4%BA%91%E4%BD%93%E8%82%B2%E6%96%87%E5%8C%96%E5%8F%91%E5%B1%95%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8	103.235.46.191	200 OK	43 B
URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1127648073&si=d44a237ef6f9f3c9a21870e2b6c2516f&v=1.3.0&lv=1&sn=54004&r=0&ww=1280&u=http%3A%2F%2Fgrahaksatria.com%2F&tt=%E8%B5%A3%E5%B7%9E%E5%BC%80%E4%BA%91%E4%BD%93%E8%82%B2%E6%96%87%E5%8C%96%E5%8F%91%E5%B1%95%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 IP 103.235.46.191:0 ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd. File type GIF image data, version 89a, 1 x 1\012- data Size 43 B (43 bytes) Hash ad4b0f606e0f8465bc4c4c170b37e1a3 50b30fd5f87c85fe5cba2635cb83316ca71250d7 cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda HTTP Headers GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1127648073&si=d44a237ef6f9f3c9a21870e2b6c2516f&v=1.3.0&lv=1&sn=54004&r=0&ww=1280&u=http%3A%2F%2Fgrahaksatria.com%2F&tt=%E8%B5%A3%E5%B7%9E%E5%BC%80%E4%BA%91%E4%BD%93%E8%82%B2%E6%96%87%E5%8C%96%E5%8F%91%E5%B1%95%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1 Host: hm.baidu.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://grahaksatria.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site `HTTP/1.1 200 OK Cache-Control: private, max-age=0, no-cache Content-Length: 43 Content-Type: image/gif Date: Sun, 05 Feb 2023 08:55:09 GMT P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" Pragma: no-cache Server: apache Set-Cookie: HMACCOUNT=4B6B513EEA808F5B; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT Strict-Transport-Security: max-age=172800 X-Content-Type-Options: nosniff`

	hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=959958192&si=ee5e05889961cac6429cfc2cdceea313&su=http%3A%2F%2Fgrahaksatria.com%2F&v=1.3.0&lv=1&sn=54004&r=0&ww=1268&u=https%3A%2F%2Ftakeflag.com%2F&tt=%E5%BC%80%E4%BA%91%E4%BD%93%E8%82%B2%20%E8%AA%A0%E4%BF%A1%E6%93%94%E4%BF%9D%20%E7%AB%AD%E8%AA%A0%E6%9C%8D%E5%8B%99%EF%BC%81	103.235.46.191	200 OK	43 B
URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=959958192&si=ee5e05889961cac6429cfc2cdceea313&su=http%3A%2F%2Fgrahaksatria.com%2F&v=1.3.0&lv=1&sn=54004&r=0&ww=1268&u=https%3A%2F%2Ftakeflag.com%2F&tt=%E5%BC%80%E4%BA%91%E4%BD%93%E8%82%B2%20%E8%AA%A0%E4%BF%A1%E6%93%94%E4%BF%9D%20%E7%AB%AD%E8%AA%A0%E6%9C%8D%E5%8B%99%EF%BC%81 IP 103.235.46.191:0 ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd. File type GIF image data, version 89a, 1 x 1\012- data Size 43 B (43 bytes) Hash ad4b0f606e0f8465bc4c4c170b37e1a3 50b30fd5f87c85fe5cba2635cb83316ca71250d7 cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda HTTP Headers GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=959958192&si=ee5e05889961cac6429cfc2cdceea313&su=http%3A%2F%2Fgrahaksatria.com%2F&v=1.3.0&lv=1&sn=54004&r=0&ww=1268&u=https%3A%2F%2Ftakeflag.com%2F&tt=%E5%BC%80%E4%BA%91%E4%BD%93%E8%82%B2%20%E8%AA%A0%E4%BF%A1%E6%93%94%E4%BF%9D%20%E7%AB%AD%E8%AA%A0%E6%9C%8D%E5%8B%99%EF%BC%81 HTTP/1.1 Host: hm.baidu.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://takeflag.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site `HTTP/1.1 200 OK Cache-Control: private, max-age=0, no-cache Content-Length: 43 Content-Type: image/gif Date: Sun, 05 Feb 2023 08:55:09 GMT P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" Pragma: no-cache Server: apache Set-Cookie: HMACCOUNT=A0D6FA1D17651B6A; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT Strict-Transport-Security: max-age=172800 X-Content-Type-Options: nosniff`

	ocsp.trust-provider.cn/	47.246.44.205	200 OK	599 B
URL HTTP/1.1 ocsp.trust-provider.cn/ IP 47.246.44.205:0 ASN #24429 Zhejiang Taobao Network Co.,Ltd File type data Size 599 B (599 bytes) Hash 9d7d52f0e446f492b4a097af5259fad0 0b81f74ee12c18c4ad5d25d19eeedd09d975a3ac 49ad287dfcde063c2dbe12abb86f654893f8e890c881ae62e8c018587f3e6f9a HTTP Headers `POST / HTTP/1.1 Host: ocsp.trust-provider.cn User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` HTTP/1.1 200 OK Server: Tengine Content-Type: application/ocsp-response Transfer-Encoding: chunked Connection: keep-alive date: Sun, 05 Feb 2023 08:55:12 GMT last-modified: Fri, 03 Feb 2023 10:36:17 GMT expires: Fri, 10 Feb 2023 10:36:16 GMT etag: "0b81f74ee12c18c4ad5d25d19eeedd09d975a3ac" cache-control: max-age=437463,s-maxage=1800,public,no-transform,must-revalidate x-ccacdn-proxy-id: mcdpinlb4 x-frame-options: SAMEORIGIN cf-cache-status: MISS accept-ranges: bytes cf-ray: 794a6cfe189a9a39-FRA via: cache19.l2de2[157,0], cache5.se1[178,0], cache8.se1[180,0] timing-allow-origin: , eagleid: 2ff62c9c16755873122966652e, 2ff62c9c16755873122966652e

	www.xiamgs.com/pixel/zkjGZcxVNYs1dU3q	122.10.50.88	200 OK	20 B
URL HTTP/1.1 www.xiamgs.com/pixel/zkjGZcxVNYs1dU3q IP 122.10.50.88:0 ASN #134548 DXTL Tseung Kwan O Service File type data Size 20 B (20 bytes) Hash a59f70ed50da05a257c245bd023eae1b c64860e5322b97c2b69ac659ce6fb0e1bb9282e4 9e72928e7a01615b4cf090daa617b4ca9d68531748f887f323f695eb4ca3ef63 HTTP Headers `GET /pixel/zkjGZcxVNYs1dU3q HTTP/1.1 Host: www.xiamgs.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://grahaksatria.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` `HTTP/1.1 200 OK Server: nginx Date: Sun, 05 Feb 2023 08:55:12 GMT Content-Type: application/javascript Transfer-Encoding: chunked Connection: keep-alive Vary: Accept-Encoding X-Powered-By: PHP/8.1.8 Expires: Sun, 05 Feb 2023 08:55:12 GMT Pragma: cache Cache-Control: max-age=0 Content-Encoding: gzip`

	embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-f163fcd0.js	104.22.24.131	200 OK	4.1 kB
URL HTTP/2 embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-f163fcd0.js IP 104.22.24.131:0 ASN #13335 CLOUDFLARENET File type ASCII text, with very long lines (11056), with no line terminators Size 4.1 kB (4116 bytes) Hash 161c7bc6ec5bcbb731a72081a000de9a 7719ece827fb8eace9b13e2e29998e00710003c8 979a4fd48e426379f2b0229b695bcf0e0ef85621719b802131e5bbe83fe6c54e HTTP Headers `GET /_s/v4/app/63b77dcd282/js/twk-chunk-f163fcd0.js HTTP/1.1 Host: embed.tawk.to User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://grahaksatria.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` HTTP/2 200 OK date: Sun, 05 Feb 2023 08:55:13 GMT content-type: application/javascript last-modified: Fri, 06 Jan 2023 01:49:34 GMT etag: W/"a92075fd9ac5ba130387a80453676099" age: 2244622 access-control-allow-origin: * cache-control: public, max-age=2592000, immutable x-cache-status: HIT strict-transport-security: max-age=0; includeSubDomains; preload cf-cache-status: HIT vary: Accept-Encoding x-content-type-options: nosniff server: cloudflare cf-ray: 794a6d079947b50b-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

	embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-app.js	104.22.24.131	200 OK	61 kB
URL HTTP/2 embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-app.js IP 104.22.24.131:0 ASN #13335 CLOUDFLARENET File type ASCII text, with no line terminators Size 61 kB (61276 bytes) Hash 530b1596224c0c7f3af29f5180104e7d 854d9d36ad4a419f87e517e11605ca1560d420f4 2ca55ba58efd4c2f7aced292e59cbbd3cfb2aaaa8b97b1f36f1a63800809f524 HTTP Headers `GET /_s/v4/app/63b77dcd282/js/twk-app.js HTTP/1.1 Host: embed.tawk.to User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://takeflag.com Connection: keep-alive Referer: https://takeflag.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers` HTTP/2 200 OK date: Sun, 05 Feb 2023 08:55:10 GMT content-type: application/javascript vary: X-Goog-Allowed-Resources, Accept-Encoding last-modified: Fri, 06 Jan 2023 01:49:34 GMT etag: W/"e736e189edb5d0d9d5b8e7f23dd9114a" access-control-allow-origin: * cache-control: public, max-age=2592000, immutable x-cache-status: HIT strict-transport-security: max-age=0; includeSubDomains; preload cf-cache-status: MISS x-content-type-options: nosniff server: cloudflare cf-ray: 794a6cf0aa5db50b-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

	ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4	104.18.20.226	200 OK	1.5 kB
URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4 IP 104.18.20.226:0 ASN #13335 CLOUDFLARENET File type data Size 1.5 kB (1462 bytes) Hash 9b907ee8e7a5a95865eca8fc9c14383b 4bef6ce097a4221c7f7d3e968be47ffb8e9a40a1 14561a92ec196685f277e4a4fe4d417768acbd43d86b326a4aeab541a05a91a6 HTTP Headers `POST /ca/gsatlasr3dvtlsca2022q4 HTTP/1.1 Host: ocsp.globalsign.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Date: Sun, 05 Feb 2023 08:55:14 GMT Content-Type: application/ocsp-response Transfer-Encoding: chunked Connection: keep-alive Etag: "CD867BAB6DE5793B5EAD48C444DF8B0D0DCEA30C" Expires: Sun, 05 Feb 2023 19:00:00 GMT Last-Modified: Sun, 05 Feb 2023 07:00:00 UTC Cache-Control: s-maxage=3600, public, no-transform, must-revalidate CF-Cache-Status: HIT Age: 2921 Vary: Accept-Encoding Server: cloudflare CF-RAY: 794a6d0929bb1c0a-OSL`

	embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-runtime.js	104.22.24.131	200 OK	29 kB
URL HTTP/2 embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-runtime.js IP 104.22.24.131:0 ASN #13335 CLOUDFLARENET File type ASCII text, with very long lines (2306), with no line terminators Size 29 kB (28874 bytes) Hash c4edafaab703714c4fb8d5b60e53e828 12281520fefd30e1f5abbe7bca8daf1aa80e3df8 7e56ca54154390da0b7f775bb4489eaa38766b41f2341ee32052aa6260ceb0a7 HTTP Headers `GET /_s/v4/app/63b77dcd282/js/twk-runtime.js HTTP/1.1 Host: embed.tawk.to User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://takeflag.com Connection: keep-alive Referer: https://takeflag.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers` HTTP/2 200 OK date: Sun, 05 Feb 2023 08:55:10 GMT content-type: application/javascript vary: X-Goog-Allowed-Resources, Accept-Encoding last-modified: Fri, 06 Jan 2023 01:49:34 GMT etag: W/"de21d01e9f8b6cc35ea67267d0ba80ec" access-control-allow-origin: * cache-control: public, max-age=2592000, immutable x-cache-status: HIT strict-transport-security: max-age=0; includeSubDomains; preload cf-cache-status: MISS x-content-type-options: nosniff server: cloudflare cf-ray: 794a6cf0aa58b50b-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d53279-1206-40a7-be9b-b504e0748218.jpeg	34.120.237.76	200 OK	5.4 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d53279-1206-40a7-be9b-b504e0748218.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 5.4 kB (5356 bytes) Hash 7fff69db25a1c7a3fbe154a3c80ac5aa 638e08807f73b70ab87b804816f9eb3e8dd2aa74 be96b347ba90dda9c39975077d963ff875831a14a4269e28edc0d2f80928bba6 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d53279-1206-40a7-be9b-b504e0748218.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers HTTP/2 200 OK server: nginx content-length: 5356 x-amzn-requestid: af4c4533-48b8-4b02-951a-3e61933fb126 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: fi3fyFrMoAMFr_w= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63d76c64-0346b30d0ded67912070f671;Sampled=0 x-amzn-remapped-date: Mon, 30 Jan 2023 07:06:12 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: IJBXK8DSlmaj48MVSTo-8A69jOe3x2cvnZYRLfyXZ7jZWqsMbTZsEg== via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google date: Sat, 04 Feb 2023 21:43:52 GMT age: 40282 etag: "638e08807f73b70ab87b804816f9eb3e8dd2aa74" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-main.js	104.22.24.131	200 OK	19 kB
URL HTTP/2 embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-main.js IP 104.22.24.131:0 ASN #13335 CLOUDFLARENET File type ASCII text, with no line terminators Size 19 kB (18733 bytes) Hash 52344c8ddc8ca3dddc4e6087d2932609 83e5e8fd7ae457cdbed49b39cb86407ef303ff03 f05bfcabbd678ecb9c969bd0f1fc2f5491a0c669e9907fbd761dc45cb931a567 HTTP Headers `GET /_s/v4/app/63b77dcd282/js/twk-main.js HTTP/1.1 Host: embed.tawk.to User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://takeflag.com Connection: keep-alive Referer: https://takeflag.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers` HTTP/2 200 OK date: Sun, 05 Feb 2023 08:55:10 GMT content-type: application/javascript vary: X-Goog-Allowed-Resources, Accept-Encoding last-modified: Fri, 06 Jan 2023 01:49:34 GMT etag: W/"da5bb1dc647470204df0e49f5afac2de" access-control-allow-origin: * cache-control: public, max-age=2592000, immutable x-cache-status: HIT strict-transport-security: max-age=0; includeSubDomains; preload cf-cache-status: MISS x-content-type-options: nosniff server: cloudflare cf-ray: 794a6cf0aa3db50b-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

	takeflag.com/static/css/swiper.css	172.67.142.62	200 OK	0 B
URL HTTP/2 takeflag.com/static/css/swiper.css IP 172.67.142.62:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash HTTP Headers `GET /static/css/swiper.css HTTP/1.1 Host: takeflag.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://takeflag.com/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` HTTP/2 200 OK date: Sun, 05 Feb 2023 08:55:08 GMT content-type: text/css cache-control: max-age=43200 cf-bgj: minify cf-polished: origSize=11501 etag: W/"6360967a-2ced" expires: Sun, 05 Feb 2023 20:55:08 GMT last-modified: Tue, 01 Nov 2022 03:46:02 GMT vary: Accept-Encoding cf-cache-status: REVALIDATED report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MdUEVF3qW7H6upzQLrq14VtWwWsuxgHgyUzvS1g2Ca4a2O5KwRqZUOcSfcyiX2Ou%2BGu9jnVTo68cD4tnyLIy9qnzBBLEC09qAzb8F%2BtHBkStg6OvueHeFDBSy%2FnGWvc%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 794a6ce33a380b06-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

	takeflag.com/static/js/rem.js	172.67.142.62	200 OK	0 B
URL HTTP/2 takeflag.com/static/js/rem.js IP 172.67.142.62:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash HTTP Headers `GET /static/js/rem.js HTTP/1.1 Host: takeflag.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://takeflag.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` HTTP/2 200 OK date: Sun, 05 Feb 2023 08:55:08 GMT content-type: application/javascript cache-control: max-age=43200 cf-bgj: minify cf-polished: origSize=840 etag: W/"6360967c-348" expires: Sun, 05 Feb 2023 20:55:08 GMT last-modified: Tue, 01 Nov 2022 03:46:04 GMT cf-cache-status: REVALIDATED report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ltUGwSuuYIghnnLa4veov3e7SI97d5vbZOxDGYZ6jMM0u%2BEra1TLpk96zNXxjEpywOKWaGpOD%2BlQA79naI2kkuM5pkZleEhcty5lHoMrUsVefUiz4ezS%2B3u6zBXmsPA%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 794a6ce33a3c0b06-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

	takeflag.com/static/js/os2.js	172.67.142.62	200 OK	0 B
URL HTTP/2 takeflag.com/static/js/os2.js IP 172.67.142.62:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash HTTP Headers `GET /static/js/os2.js HTTP/1.1 Host: takeflag.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://takeflag.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` HTTP/2 200 OK date: Sun, 05 Feb 2023 08:55:08 GMT content-type: application/javascript cache-control: max-age=43200 cf-bgj: minify cf-polished: origSize=548 etag: W/"6360967a-224" expires: Sun, 05 Feb 2023 20:55:08 GMT last-modified: Tue, 01 Nov 2022 03:46:02 GMT cf-cache-status: REVALIDATED report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jdtnSeRI7kWAs1CnN7yNaP5tkR6JhXLYxSajnyfP2iYHG0Fgm3EpbOm5MQAij8Ei5wtbEBd4Dfn9%2Fna4UodzBaWj1fjL57uIi0xJwDQlXEw3I0GRLfZpi6nmE0ZzvYs%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 794a6ce34a4a0b06-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

	takeflag.com/	172.67.142.62	200 OK	0 B
URL HTTP/2 takeflag.com/ IP 172.67.142.62:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash HTTP Headers `GET / HTTP/1.1 Host: takeflag.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://grahaksatria.com/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site` HTTP/2 200 OK date: Sun, 05 Feb 2023 08:55:08 GMT content-type: text/html last-modified: Tue, 27 Dec 2022 03:54:00 GMT vary: Accept-Encoding cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VdMRTPaA2JglASM9o6HShQGuNwq%2FdeKjrPDPlg7gyf8rRXphxqCWyClU2rDOfuA8U%2FH9ke6qvftekooOJntayVyTmbabgNYfzk2uG8VKnJ87tNY4mBlzxGZC%2F19rFrE%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 794a6ce068140b06-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

	takeflag.com/static/picture/sectionok.jpg	172.67.142.62	404 Not Found	0 B
URL HTTP/2 takeflag.com/static/picture/sectionok.jpg IP 172.67.142.62:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash HTTP Headers `GET /static/picture/sectionok.jpg HTTP/1.1 Host: takeflag.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://takeflag.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` HTTP/2 404 Not Found date: Sun, 05 Feb 2023 08:55:08 GMT content-type: text/html cache-control: max-age=14400 cf-cache-status: EXPIRED report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WZnOtHk%2F7RTlTdXOmJ%2FIdz7j0fVh0iwqqK8VA3WnYK5Gt0naPQi%2FchYdWclgZsuE8Qkv7iWt8zJcZaBO7QxnfBIghCY72ZWm0kkI8pBZ8hLAujgedzBKwU5f5OsdKeA%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 794a6ce34a4f0b06-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

	embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-vendors.js	104.22.24.131	200 OK	0 B
URL HTTP/2 embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-vendors.js IP 104.22.24.131:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash HTTP Headers `GET /_s/v4/app/63b77dcd282/js/twk-chunk-vendors.js HTTP/1.1 Host: embed.tawk.to User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://takeflag.com Connection: keep-alive Referer: https://takeflag.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers` HTTP/2 200 OK date: Sun, 05 Feb 2023 08:55:10 GMT content-type: application/javascript vary: X-Goog-Allowed-Resources, Accept-Encoding last-modified: Fri, 06 Jan 2023 01:49:34 GMT etag: W/"70dac54eca3bb2143032bc4db3237623" access-control-allow-origin: * cache-control: public, max-age=2592000, immutable x-cache-status: HIT strict-transport-security: max-age=0; includeSubDomains; preload cf-cache-status: MISS x-content-type-options: nosniff server: cloudflare cf-ray: 794a6cf0aa4cb50b-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

	takeflag.com/static/js/os.js	172.67.142.62	200 OK	0 B
URL HTTP/2 takeflag.com/static/js/os.js IP 172.67.142.62:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash HTTP Headers `GET /static/js/os.js HTTP/1.1 Host: takeflag.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://takeflag.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` HTTP/2 200 OK date: Sun, 05 Feb 2023 08:55:08 GMT content-type: application/javascript cache-control: max-age=43200 cf-bgj: minify cf-polished: origSize=228802 etag: W/"6360967a-37dc2" expires: Sun, 05 Feb 2023 20:55:08 GMT last-modified: Tue, 01 Nov 2022 03:46:02 GMT vary: Accept-Encoding cf-cache-status: REVALIDATED report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ipeI3LWTYke16gNPTPxwprLRRVmIGz3NA56QPbJKl63ilS9ehpc5UXlL6hFKUqisYmm1ebCs240I0fxFAHGAzXUfcpD3F%2BYPD8m37QJwn%2FgW3wknPgjDRn3%2F0v17BoI%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 794a6ce34a480b06-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

	takeflag.com/static/css/style.min.css	172.67.142.62	200 OK	0 B
URL HTTP/2 takeflag.com/static/css/style.min.css IP 172.67.142.62:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash HTTP Headers `GET /static/css/style.min.css HTTP/1.1 Host: takeflag.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://takeflag.com/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` HTTP/2 200 OK date: Sun, 05 Feb 2023 08:55:08 GMT content-type: text/css last-modified: Sun, 13 Nov 2022 05:24:46 GMT vary: Accept-Encoding etag: W/"63707f9e-28f7" expires: Sun, 05 Feb 2023 20:55:08 GMT cache-control: max-age=43200 cf-cache-status: REVALIDATED report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xtwXMrMeKyk3qYJH1fwlqaxZ8R6yW3%2Fb0wU3LEiA04CWWxZYi3remBXhYXIFDZQHOsRTKiX1W1OY0K%2BcNbWDtokotuMHe3Wf%2F4XpSb7sbFMBF%2BDvcwvq59LkOMiDAY8%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 794a6ce33a330b06-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

	takeflag.com/static/js/swiper-4.2.0.min.js	172.67.142.62	200 OK	0 B
URL HTTP/2 takeflag.com/static/js/swiper-4.2.0.min.js IP 172.67.142.62:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash HTTP Headers `GET /static/js/swiper-4.2.0.min.js HTTP/1.1 Host: takeflag.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://takeflag.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` HTTP/2 200 OK date: Sun, 05 Feb 2023 08:55:08 GMT content-type: application/javascript last-modified: Tue, 01 Nov 2022 03:46:04 GMT vary: Accept-Encoding etag: W/"6360967c-1d2d2" expires: Sun, 05 Feb 2023 20:55:08 GMT cache-control: max-age=43200 cf-cache-status: REVALIDATED report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mPIt%2FS7SFgBytQt0j2j4H6SxcRM4DR4TKfeh1KPhj4wMMug%2BuKshtSpgpUXRtGlxRH4aFGbl9kiOrZ1qA2DQgtd3GFA%2FTyCEKV7nC3Y8RVwF7NCY66NTRWdkw6N%2FfhA%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 794a6ce33a420b06-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

	embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-common.js	104.22.24.131	200 OK	0 B
URL HTTP/2 embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-common.js IP 104.22.24.131:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash HTTP Headers `GET /_s/v4/app/63b77dcd282/js/twk-chunk-common.js HTTP/1.1 Host: embed.tawk.to User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://takeflag.com Connection: keep-alive Referer: https://takeflag.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers` HTTP/2 200 OK date: Sun, 05 Feb 2023 08:55:10 GMT content-type: application/javascript vary: X-Goog-Allowed-Resources, Accept-Encoding last-modified: Fri, 06 Jan 2023 01:49:34 GMT etag: W/"385105148a50079bafff97e9c9476109" access-control-allow-origin: * cache-control: public, max-age=2592000, immutable x-cache-status: HIT strict-transport-security: max-age=0; includeSubDomains; preload cf-cache-status: MISS x-content-type-options: nosniff server: cloudflare cf-ray: 794a6cf0aa51b50b-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

	takeflag.com/static/css/animate.min.css	172.67.142.62	200 OK	0 B
URL HTTP/2 takeflag.com/static/css/animate.min.css IP 172.67.142.62:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash HTTP Headers `GET /static/css/animate.min.css HTTP/1.1 Host: takeflag.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://takeflag.com/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` HTTP/2 200 OK date: Sun, 05 Feb 2023 08:55:08 GMT content-type: text/css last-modified: Tue, 01 Nov 2022 03:46:02 GMT vary: Accept-Encoding etag: W/"6360967a-12a7f" expires: Sun, 05 Feb 2023 20:55:08 GMT cache-control: max-age=43200 cf-cache-status: REVALIDATED report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uF0L5h2J%2BpsY5mmA%2ByFgmqN1nwNB6OlsHAiA0oXG3D5VZz4g%2B5PQal2zwC%2BUVr3k83enAQoLf3DGIhEmaBFNwSNIKrLObaOhuTpEcmIRE8uFZf2yfEpgUPZ1MlRxFvI%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 794a6ce33a390b06-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

	takeflag.com/static/js/jquery-2.2.4.min.js	172.67.142.62	200 OK	0 B
URL HTTP/2 takeflag.com/static/js/jquery-2.2.4.min.js IP 172.67.142.62:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash HTTP Headers `GET /static/js/jquery-2.2.4.min.js HTTP/1.1 Host: takeflag.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://takeflag.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` HTTP/2 200 OK date: Sun, 05 Feb 2023 08:55:08 GMT content-type: application/javascript last-modified: Tue, 01 Nov 2022 03:46:02 GMT vary: Accept-Encoding etag: W/"6360967a-14e4a" expires: Sun, 05 Feb 2023 20:55:08 GMT cache-control: max-age=43200 cf-cache-status: REVALIDATED report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NF96OR26t9NNAEUcg3UTWa5UHWO74V467yqY3gx78hYgZyCvYLwWxAk5LSgoHg9iQofZrx4OFFfXTqWQlKoL1KRVGxZy6tNKyv4nGqd%2FV02iHtvzp5yOBIVqt6GPrBs%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 794a6ce33a400b06-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

	takeflag.com/static/js/mobepp-1.1.1.js	172.67.142.62	200 OK	0 B
URL HTTP/2 takeflag.com/static/js/mobepp-1.1.1.js IP 172.67.142.62:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash HTTP Headers `GET /static/js/mobepp-1.1.1.js HTTP/1.1 Host: takeflag.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://takeflag.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` HTTP/2 200 OK date: Sun, 05 Feb 2023 08:55:08 GMT content-type: application/javascript cache-control: max-age=43200 cf-bgj: minify cf-polished: origSize=25208 etag: W/"6360967c-6278" expires: Sun, 05 Feb 2023 20:55:08 GMT last-modified: Tue, 01 Nov 2022 03:46:04 GMT vary: Accept-Encoding cf-cache-status: REVALIDATED report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BPGlKM%2FAlghuMwEOgh%2FIR1GIbCpuuA3ah8NsFIOchjWOOjjh2peBPmqn0zOo5rILkeygI9x1XQfO3Om1xH%2FElXLvXhgc7n9BFrUcQUWBefdTT09LAdsvEsH6ugI3hu8%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 794a6ce34a450b06-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

	embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-vendor.js	104.22.24.131	200 OK	0 B
URL HTTP/2 embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-vendor.js IP 104.22.24.131:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash HTTP Headers `GET /_s/v4/app/63b77dcd282/js/twk-vendor.js HTTP/1.1 Host: embed.tawk.to User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://takeflag.com Connection: keep-alive Referer: https://takeflag.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers` HTTP/2 200 OK date: Sun, 05 Feb 2023 08:55:10 GMT content-type: application/javascript vary: X-Goog-Allowed-Resources, Accept-Encoding last-modified: Fri, 06 Jan 2023 01:49:34 GMT etag: W/"7dcb496e4882926f93f2e73fa87062c0" access-control-allow-origin: * cache-control: public, max-age=2592000, immutable x-cache-status: HIT strict-transport-security: max-age=0; includeSubDomains; preload cf-cache-status: MISS x-content-type-options: nosniff server: cloudflare cf-ray: 794a6cf0aa47b50b-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

	embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-2d0b9454.js	104.22.24.131	200 OK	0 B
URL HTTP/2 embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-2d0b9454.js IP 104.22.24.131:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash HTTP Headers `GET /_s/v4/app/63b77dcd282/js/twk-chunk-2d0b9454.js HTTP/1.1 Host: embed.tawk.to User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://grahaksatria.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` HTTP/2 200 OK date: Sun, 05 Feb 2023 08:55:13 GMT content-type: application/javascript last-modified: Fri, 06 Jan 2023 01:49:34 GMT etag: W/"09c3819d373bd4178a620d721429fada" age: 2244621 access-control-allow-origin: * cache-control: public, max-age=2592000, immutable x-cache-status: HIT strict-transport-security: max-age=0; includeSubDomains; preload cf-cache-status: HIT vary: Accept-Encoding x-content-type-options: nosniff server: cloudflare cf-ray: 794a6d079941b50b-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (35)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML