Report - pak-digital.com/wp-content/87889/boatest/login.php

Report Overview

Submitted URL
pak-digital.com/wp-content/87889/boatest/login.php
IP
151.101.2.159
ASN
#54113 FASTLY
Submitted
2023-03-31 09:01:31
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
9
Threat Detection Systems
6

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-31T18:12:03Z	4.8 kB	9.8 kB	142.250.74.131
www.google-analytics.com	40	2012-10-03T03:04:21Z	2023-03-31T21:42:43Z	366 B	21 kB	142.250.74.110
adservice.google.com	76	2021-02-20T17:10:48Z	2023-04-01T00:00:25Z	386 B	663 B	142.250.74.66
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-31T18:12:04Z	3.7 kB	9.8 kB	23.36.76.226
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-31T18:14:44Z	782 B	2.4 kB	35.241.9.150
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-31T20:23:24Z	918 B	2.4 kB	142.250.74.106
ekr.zdassets.com	2396	2018-06-14T01:52:57Z	2023-03-31T18:12:27Z	413 B	1.3 kB	104.18.72.113
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-31T18:18:04Z	413 B	5.9 kB	34.160.144.191
pak-digital.com	unknown	2017-04-23T12:39:30Z	2023-03-31T08:17:27Z	860 B	1.5 kB	151.101.2.159
www.google.com	7	2015-05-10T13:11:19Z	2023-03-31T20:35:26Z	645 B	641 B	142.250.74.164
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-31T07:51:33Z	3.2 kB	66 kB	34.120.237.76
region1.google-analytics.com	unknown	2022-03-17T12:26:33Z	2023-03-31T19:19:20Z	641 B	440 B	216.239.34.36
blog.s.id	unknown	2018-06-15T18:04:48Z	2023-03-30T13:11:41Z	12 kB	295 kB	104.21.54.41
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-31T18:13:52Z	606 B	238 B	34.117.65.55
fonts.gstatic.com	unknown	2014-09-09T02:40:21Z	2023-03-31T20:44:48Z	483 B	32 kB	142.250.74.35
www.google.no	25607	2016-04-05T21:50:59Z	2023-03-31T22:08:04Z	477 B	578 B	142.250.74.163
stats.g.doubleclick.net	96	2013-06-10T22:21:11Z	2023-03-31T18:42:09Z	474 B	440 B	64.233.161.157
static.zdassets.com	2154	2018-06-24T00:11:55Z	2023-03-31T18:13:21Z	3.5 kB	185 kB	104.18.70.113
www.googletagmanager.com	75	2013-05-22T04:07:37Z	2023-03-31T22:03:32Z	1.1 kB	150 kB	142.250.74.168
pagead2.googlesyndication.com	101	2021-02-20T16:52:05Z	2023-03-31T22:56:54Z	414 B	49 kB	142.250.74.162
s.id	134714	2014-12-04T01:12:34Z	2023-03-31T07:45:04Z	439 B	658 B	188.114.96.1
home.s.id	488728	2018-08-25T08:32:23Z	2023-03-30T21:00:15Z	6.4 kB	200 kB	188.114.96.1
googleads.g.doubleclick.net	42	2021-02-20T16:43:32Z	2023-03-31T21:58:31Z	665 B	2.0 kB	142.250.74.130
region1.analytics.google.com	unknown	2022-03-17T12:26:33Z	2023-03-31T18:32:34Z	641 B	440 B	216.239.34.36
api.s.id	unknown	2021-12-02T18:14:34Z	2023-03-30T13:11:38Z	1.4 kB	2.4 kB	45.126.58.78
adservice.google.no	96969	2018-06-20T01:38:38Z	2023-03-31T18:12:12Z	385 B	764 B	142.250.74.66
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-31T18:12:09Z	333 B	391 B	34.117.237.239
static.cloudflareinsights.com	1294	2019-09-24T16:34:56Z	2023-03-31T18:28:55Z	443 B	6.9 kB	104.16.57.101
sdotid.zendesk.com	unknown	2022-12-19T03:27:28Z	2023-03-30T13:11:39Z	388 B	1.1 kB	104.16.51.111

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-03-31 09:01:21	medium	Client IP	Internal IP	ET INFO URL Shortener Service Domain in DNS Lookup (s .id)
2023-03-31 09:01:21	medium	Client IP	Internal IP	ET INFO URL Shortener Service Domain in DNS Lookup (s .id)
2023-03-31 09:01:21	low	Client IP	188.114.96.1	ET INFO Observed URL Shortening Service Domain (s .id in TLS SNI)
2023-03-31 09:01:21	medium	Client IP	Internal IP	ET INFO URL Shortener Service Domain in DNS Lookup (s .id)
2023-03-31 09:01:21	medium	Client IP	Internal IP	ET INFO URL Shortener Service Domain in DNS Lookup (s .id)
2023-03-31 09:01:23	medium	Client IP	Internal IP	ET INFO URL Shortener Service Domain in DNS Lookup (s .id)
2023-03-31 09:01:23	medium	Client IP	Internal IP	ET INFO URL Shortener Service Domain in DNS Lookup (s .id)
2023-03-31 09:01:25	medium	Client IP	Internal IP	ET INFO URL Shortener Service Domain in DNS Lookup (s .id)
2023-03-31 09:01:25	medium	Client IP	Internal IP	ET INFO URL Shortener Service Domain in DNS Lookup (s .id)

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-03-31	medium	pak-digital.com/wp-content/87889/boatest/login.php	Phishing
2023-03-31	medium	pak-digital.com/wp-content/87889/boatest/login.php	Phishing
2023-03-31	medium	home.s.id/forbidden	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (52)

	URL	Size	First Seen	Last Seen
	home.s.id/_next/static/chunks/pages/forbidden-9c7287b02a773507.js	3.7 kB	2023-03-13	2023-04-01
Pretty URL home.s.id/_next/static/chunks/pages/forbidden-9c7287b02a773507.js IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 14:13:21 Last Seen2023-04-01 11:18:23 Times Seen23 Hash 79230c46c22569945583419e24eb3968 13b6526f15bbbf96fe9b2913481cbf2a21ef3caf 24204d788ab4604afbbcc4e6782f19c33608ad8b3f721d8f604c7124f79f80bc Loading...

	home.s.id/_next/static/PcNZy4V_8icnoREHs8j88/_middlewareManifest.js	92 B	2023-03-07	2024-04-24
Pretty URL home.s.id/_next/static/PcNZy4V_8icnoREHs8j88/_middlewareManifest.js IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:01 Last Seen2024-04-24 15:58:04 Times Seen7642 Hash 7c3f7e060745668041278118c0bb3d6d e639f56695b3cc30d78dce7a0084aa8299a1311a de5341313a4dc5d982ca50ae4a491e84bc5e80b0f439d87f05fc3973c1b7e59a Loading...

	home.s.id/forbidden#action	243 B	2023-03-26	2023-04-02
Pretty URL home.s.id/forbidden#action IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 13:30:01 Last Seen2023-04-02 21:33:31 Times Seen16 Hash 2cf65a6c5d2c21d6ef4ef31a69d0eb5d 0b9fb512d919fb09fdbd0769892d1f43f70f0d99 5d51bdb78cc805abe784579ddbbe08daaedd255bf4c7244cec275f6116defa2c Loading...

	static.zdassets.com/web_widget/latest/messenger/web-widget-main-660d3cb.js	700 kB	2023-03-29	2023-04-05
Pretty URL static.zdassets.com/web_widget/latest/messenger/web-widget-main-660d3cb.js IP 104.18.70.113 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 23:41:05 Last Seen2023-04-05 04:41:55 Times Seen21 Hash 2a7a35aeef02762e024fd5bff30dbdea e4e407fabc6ea2a9ef7e2ca41dc0057dc768aa38 0382c952759a0aaff3ca0f685b9205b170ae113c69d353fa479e1adeb5313be7 Loading...

	blog.s.id/_next/static/chunks/pages/post/%5B...article%5D-9ffadfb59b43e923.js	18 kB	2023-03-13	2023-04-05
Pretty URL blog.s.id/_next/static/chunks/pages/post/%5B...article%5D-9ffadfb59b43e923.js IP 104.21.54.41 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 14:13:21 Last Seen2023-04-05 13:56:38 Times Seen25 Hash c3474a44d63d4ab61210b3bdd9c93bac 102a281791d688bcaabed3542834e27ad2e0d2a5 9481d1812910914a0290fa0a2652c0c99f1e710a6350a4307ea9570ef5e1db38 Loading...

	home.s.id/_next/static/PcNZy4V_8icnoREHs8j88/_buildManifest.js	9.1 kB	2023-04-01	2023-04-01
Pretty URL home.s.id/_next/static/PcNZy4V_8icnoREHs8j88/_buildManifest.js IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-01 10:42:02 Last Seen2023-04-01 10:53:24 Times Seen2 Hash d65023d1ee4ec554e4a99fddd5ffbdf6 c99697812508bfad07b006e36f72120f9c550a42 0af55dbb01f7af228dd247d91d82adb136bb25d4f094669f6368c646264404a8 Loading...

	static.zdassets.com/ekr/snippet.js?key=4b27aa03-d3da-43eb-8382-660c054fbc9d	23 kB	2023-03-26	2024-03-21
Pretty URL static.zdassets.com/ekr/snippet.js?key=4b27aa03-d3da-43eb-8382-660c054fbc9d IP 104.18.70.113 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 07:49:27 Last Seen2024-03-21 21:10:25 Times Seen1825 Hash 35755063f184195a50a9c07a2c71693a 7a32c58c941ee07911a3d1ff5f335cbde58d90e9 21d2ea81f22f44525f201ad9f4702029e0b2bfe65d5a2b534104dbe4b2346bbe Loading...

	pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303270101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2742216534640545&plah=blog.s.id	358 kB	2023-04-01	2023-04-01
Pretty URL pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303270101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2742216534640545&plah=blog.s.id IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-01 10:53:24 Last Seen2023-04-01 10:53:24 Times Seen1 Hash 2464bad622b337d7ec5c9f5bfd519779 6227512599e5abfce5872845eaa10c4ac510be3d c88443d3e8a39ee24c12e9b302dfa34723bd91e30db97ae2392001a8569f3590 Loading...

	blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect	260 B	2023-03-07	2024-04-03
Pretty URL blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect IP 104.21.54.41 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:34:55 Last Seen2024-04-03 06:33:17 Times Seen426 Hash 06b4795adbd64ddcd90f3d56f8b77cab 82e1f620412efa5e13c1666218f356113f9c136b e847d77bd3b904a315099c754caeafb93a6aa049a5f7386c252f0d9579d2db42 Loading...

	blog.s.id/_next/static/chunks/webpack-434fefa8f39d8fbc.js	1.8 kB	2023-03-07	2024-03-04
Pretty URL blog.s.id/_next/static/chunks/webpack-434fefa8f39d8fbc.js IP 104.21.54.41 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:59 Last Seen2024-03-04 17:53:43 Times Seen45 Hash 725dda14ce1bee310bd67c540dc3d9d9 c6b3d9ae2948e9f1515aaf69c9233f4f9fe6e556 dc81419da19f1c777a0ba3ccd0b1019725c6333c17811717bf843bf2ddc105fc Loading...

	blog.s.id/_next/static/chunks/729-5d3e4910df2038c0.js	19 kB	2023-04-01	2023-04-01
Pretty URL blog.s.id/_next/static/chunks/729-5d3e4910df2038c0.js IP 104.21.54.41 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-01 10:42:02 Last Seen2023-04-01 10:53:24 Times Seen2 Hash f320eb28b50eda1d61da1818df9c330f 1e809dd3b6e8c5d0392eccd911f5d19a4ed1c5e4 c511682ffa9db34292df52434cdd3c94e70a28b119f2d0409464e360f03851d3 Loading...

	blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect	250 B	2023-03-07	2024-04-03
Pretty URL blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect IP 104.21.54.41 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:34:55 Last Seen2024-04-03 06:33:17 Times Seen425 Hash a09918f345473da9d2f47ab9183868c8 210b67093ea8191ac2ad306976309c2cbfcd65ea ded8c2c2e016a529301571dca274c50855566e990281c816b223fd6ad68076c2 Loading...

	adservice.google.no/adsid/integrator.js?domain=blog.s.id	107 B	2023-03-07	2024-02-03
Pretty URL adservice.google.no/adsid/integrator.js?domain=blog.s.id IP 142.250.74.66 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-02-03 18:43:04 Times Seen27539 Hash d9c47f48660b656705d0ff86fc850de8 bceb9478f69cdfc2eb87ae6b80e95dbaac8b6769 a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-12	2024-04-15
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.110 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 21:46:21 Last Seen2024-04-15 18:54:35 Times Seen35101 Hash 54e51056211dda674100cc5b323a58ad 26dc5034cb6c7f3bbe061edd37c7fc6006cb835b 5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de Loading...

	blog.s.id/_next/static/chunks/769-42c553aad5ec5871.js	228 kB	2023-03-13	2023-04-01
Pretty URL blog.s.id/_next/static/chunks/769-42c553aad5ec5871.js IP 104.21.54.41 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 05:24:26 Last Seen2023-04-01 10:53:24 Times Seen19 Hash 77a85eb3fa616ccca6650a676e0a3892 de3e4a0f1d91e97193f3f8426c4cf282320b4dcd 0e5b553eae0a1bd5afea26fa8809c2bb72079191b523b75e9363d1cb11dcd96a Loading...

	blog.s.id/_next/static/qULvRxyAT7Vjel_YkbY2z/_buildManifest.js	1.0 kB	2023-04-01	2023-04-01
Pretty URL blog.s.id/_next/static/qULvRxyAT7Vjel_YkbY2z/_buildManifest.js IP 104.21.54.41 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-01 10:42:02 Last Seen2023-04-01 10:53:24 Times Seen2 Hash b4d91d7f7f238311e7e7a313c47cbc40 fbcaa76573a1241ad6fb076f324e0e34ea5ae9b6 77c57fa3a7ddcddaa3c8976ae724d85d943b4b80baf45b20732e168acbc2b9c6 Loading...

	pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2742216534640545	142 kB	2023-04-01	2023-04-01
Pretty URL pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2742216534640545 IP 142.250.74.162 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-01 10:53:24 Last Seen2023-04-01 10:53:24 Times Seen1 Hash 6661fe9a531d9336603ef42b07ad0df1 b1d86d4665eaba0ee6c27d19f38ad635a78a328e a41caa712d5c58f169a878d1b268629092466828c8997a0da3add3aa8d695615 Loading...

	blog.s.id/_next/static/chunks/main-42bee57ba94e9a13.js	103 kB	2023-03-13	2023-04-05
Pretty URL blog.s.id/_next/static/chunks/main-42bee57ba94e9a13.js IP 104.21.54.41 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 05:24:27 Last Seen2023-04-05 13:56:38 Times Seen25 Hash 737a1d5081c90f4345e51010f21d77d4 25dbea17388db29b15874701bd2ef244f117508a 0b1bd0e2c03531c3c089653463418df229cae482a400e497d0681a750e31f295 Loading...

	blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect	247 B	2023-03-07	2024-04-03
Pretty URL blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect IP 104.21.54.41 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:34:55 Last Seen2024-04-03 06:33:17 Times Seen426 Hash ec9604d9253043e4c7ea1655cfefbb31 96f618deb14181f0b85c6a518ba3e5dcb4d909ff fdd1eeb2bdbe7baaf66d5fba08c2145b14a49acc590d9f02c1f9d8c534633aca Loading...

	blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect	224 B	2023-03-07	2024-04-03
Pretty URL blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect IP 104.21.54.41 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:34:55 Last Seen2024-04-03 06:33:17 Times Seen426 Hash 5d3fad59fc126716231fd01bee254004 264df770cdff4f3ff4b54a280e53671e7b08d6a7 5a24aac7b928921204e217584dcea7740f14c86d961e6b30ff5219505cbeebcb Loading...

	blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect	265 B	2023-03-07	2024-04-03
Pretty URL blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect IP 104.21.54.41 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:34:55 Last Seen2024-04-03 06:33:17 Times Seen425 Hash fba27f31e4e9d8b289492f2b860c88bf d96931f79cad01f3243dbff8ff9a869377367457 e7342621a7cf816200c668419e0c97d9660d7cc2bd00cfb3989143b50832bb99 Loading...

	blog.s.id/_next/static/qULvRxyAT7Vjel_YkbY2z/_ssgManifest.js	77 B	2023-03-07	2024-04-25
Pretty URL blog.s.id/_next/static/qULvRxyAT7Vjel_YkbY2z/_ssgManifest.js IP 104.21.54.41 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:02 Last Seen2024-04-25 00:21:08 Times Seen85250 Hash b6652df95db52feb4daf4eca35380933 65451d110137761b318c82d9071c042db80c4036 6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e Loading...

	home.s.id/_next/static/chunks/framework-8ff6c737ed443ded.js	130 kB	2023-03-08	2023-04-02
Pretty URL home.s.id/_next/static/chunks/framework-8ff6c737ed443ded.js IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:53:29 Last Seen2023-04-02 21:33:31 Times Seen27 Hash 80870c3ffec9848089870dad8d8446c7 8b76d6ff4730fbea340059bc6c5b2fbca3ef89a5 8b8e491570cdfe6b25d81c5943c567d567c809158adfc0449f7683ab4c76e907 Loading...

	blog.s.id/_next/static/chunks/framework-1d78b5852a861806.js	130 kB	2023-03-08	2023-04-05
Pretty URL blog.s.id/_next/static/chunks/framework-1d78b5852a861806.js IP 104.21.54.41 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:53:29 Last Seen2023-04-05 13:56:38 Times Seen23 Hash 14e6c6654814f54e1b05d1177eca68e3 0c3ae338ea5133ac04e4b37ba284759b13f909e3 d388d6eadbda67959df2e176105d189a9ee25434d49e645a752b2a10afefacab Loading...

	www.googletagmanager.com/gtag/js?id=UA-225238330-2&l=dataLayer&cx=c	116 kB	2023-04-01	2023-04-01
Pretty URL www.googletagmanager.com/gtag/js?id=UA-225238330-2&l=dataLayer&cx=c IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-01 10:53:24 Last Seen2023-04-01 10:53:24 Times Seen1 Hash cd6788e97b3be461272a05e579c9b91b dd1e0581c6f8d451c2724182a18ab2b4947dcc04 983a359ef9c99771ee72bd4a8df9d925e8287720a6b04d3ed213807b7831f63e Loading...

	googleads.g.doubleclick.net/pagead/viewthroughconversion/10823601447/?random=1680253283264&cv=11&fst=1680253283264&bg=ffffff&guid=ON&async=1&gtm=45be33t0&u_w=1280&u_h=1024&url=https%3A%2F%2Fhome.s.id%2Fforbidden&hn=www.googleadservices.com&frm=0&tiba=Forbidden%20-%20S.id&auid=1290883245.1680253283&data=event%3Dgtag.config&rfmt=3&fmt=4	2.5 kB	2023-04-01	2023-04-01
Pretty URL googleads.g.doubleclick.net/pagead/viewthroughconversion/10823601447/?random=1680253283264&cv=11&fst=1680253283264&bg=ffffff&guid=ON&async=1&gtm=45be33t0&u_w=1280&u_h=1024&url=https%3A%2F%2Fhome.s.id%2Fforbidden&hn=www.googleadservices.com&frm=0&tiba=Forbidden%20-%20S.id&auid=1290883245.1680253283&data=event%3Dgtag.config&rfmt=3&fmt=4 IP 142.250.74.130 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-01 10:53:24 Last Seen2023-04-01 10:53:24 Times Seen1 Hash 83c3138dbf7abc57a413686b5ce9368d cac07908e5732bb34e1d21ab6a9f4412ce22fa94 019aa39bb85307d543e7a7ad8d2f077d0afaf66ae3a1d426872d7ae01e31f420 Loading...

	static.zdassets.com/web_widget/latest/messenger/web-widget-3017-660d3cb.js	4.1 kB	2023-03-13	2023-05-05
Pretty URL static.zdassets.com/web_widget/latest/messenger/web-widget-3017-660d3cb.js IP 104.18.70.113 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 18:36:06 Last Seen2023-05-05 17:01:57 Times Seen130 Hash 40d0e2b632d1b990738af3991e0aecb1 b5a4f4c806af5ead6219d408edaceb20e61bd28b e8269b74e3d03d021428c172b126c784c2279c24e48e807fd91c0bd19ec6e167 Loading...

	static.zdassets.com/web_widget/latest/messenger/web-widget-6315-660d3cb.js	21 kB	2023-03-29	2023-04-05
Pretty URL static.zdassets.com/web_widget/latest/messenger/web-widget-6315-660d3cb.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 23:41:05 Last Seen2023-04-05 04:41:55 Times Seen23 Hash f98270473d8b868d9890fe3be24a1a82 5819f93b192c9c47183a655c9ec7b293a26b9ffe dfaeba8f45d6ff0da84f59e93bcf8c07fa464b8235c54f024e4abac68dd945cf Loading...

	static.zdassets.com/web_widget/latest/messenger/web-widget-1707-660d3cb.js	25 kB	2023-03-13	2023-05-05
Pretty URL static.zdassets.com/web_widget/latest/messenger/web-widget-1707-660d3cb.js IP 104.18.70.113 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 18:36:06 Last Seen2023-05-05 14:53:41 Times Seen193 Hash ae451f428ab96456490147d8abff0d53 1cfd301f05cc236522ff1db97e0e2be3ca615de9 65390d5b7859d59c8f35e7b84ae5eea87672e71ca40ad6f4c1f87b0a6c8c7b6e Loading...

	blog.s.id/_next/static/chunks/30846afe-cfd475acf1f13fd6.js	2.6 kB	2023-03-08	2023-04-01
Pretty URL blog.s.id/_next/static/chunks/30846afe-cfd475acf1f13fd6.js IP 104.21.54.41 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:53:29 Last Seen2023-04-01 11:18:23 Times Seen23 Hash fa7c197a614ef9acf105bedf810d489b 34b4788d3bf06befa543b49d9f0377f62ed372d9 7f877742d5ee9762de28c1a13dc20ad019d1caf00b91d9d3d3bac091d4cefff8 Loading...

	home.s.id/_next/static/chunks/webpack-3e03f7067a34f08f.js	5.4 kB	2023-03-29	2023-04-01
Pretty URL home.s.id/_next/static/chunks/webpack-3e03f7067a34f08f.js IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 23:58:55 Last Seen2023-04-01 10:53:24 Times Seen4 Hash 0b2ba40bb10500df22bb389b062e1787 51b9491f7a786c3d2691af72755d40d0a1d39ceb 2e37a4932e0eda91b8e7036be6b6772b8a030bf303b923debdb27dd4cda75f00 Loading...

	static.cloudflareinsights.com/beacon.min.js/vb26e4fa9e5134444860be286fd8771851679335129114	17 kB	2023-03-26	2023-04-17
Pretty URL static.cloudflareinsights.com/beacon.min.js/vb26e4fa9e5134444860be286fd8771851679335129114 IP 104.16.57.101 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 13:20:50 Last Seen2023-04-17 23:16:21 Times Seen1248 Hash f23fdce5f9fc681a13ca76353818ffac 6779cba0c60c1e89ab3ec72c90a952268b2ba37d a4ef73601a6552d55503bcbd9b6cd23fc0c33fa075f8efe724cddd4e3ee55542 Loading...

	blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect	236 B	2023-03-08	2023-05-10
Pretty URL blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect IP 104.21.54.41 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:53:29 Last Seen2023-05-10 02:26:28 Times Seen77 Hash 09b91b28a4055b525d78801a370609ca 8ae55050b4b6fc075bd130b40127f08b35ec212f 7f6e7535c6cbf89eedd8301f32a5d0653145f7ed6ec2a215e68bd6c0f3d7205a Loading...

	www.googletagmanager.com/gtag/js?id=G-98MWVCBDD7	227 kB	2023-04-01	2023-04-01
Pretty URL www.googletagmanager.com/gtag/js?id=G-98MWVCBDD7 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-01 10:53:24 Last Seen2023-04-01 10:53:24 Times Seen1 Hash 5d2523f3a232422c828337c141778d46 214a3a77efcc72dc7caa4cdd77f1e4667f80ca96 6b6c6ecddeb9904369b6bbafbe503dc52959e5c5509e0bfb2e46c182543146a2 Loading...

	static.zdassets.com/web_widget/latest/messenger/web-widget-3487-660d3cb.js	13 kB	2023-03-26	2023-04-05
Pretty URL static.zdassets.com/web_widget/latest/messenger/web-widget-3487-660d3cb.js IP 104.18.70.113 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 05:55:40 Last Seen2023-04-05 04:41:55 Times Seen62 Hash 1ee21198c6e244c8d7bf3bacbc6faa0f 01abda9f63c546519fdc62a2e5032bbc8235eb18 34fb307f976115298dd006a64c0b1b1d86f2ce226c83d49cdfe0d350e61b9e1a Loading...

	blog.s.id/_next/static/chunks/pages/_app-a1aaa7198e7209b9.js	186 kB	2023-03-13	2023-04-01
Pretty URL blog.s.id/_next/static/chunks/pages/_app-a1aaa7198e7209b9.js IP 104.21.54.41 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 05:24:26 Last Seen2023-04-01 10:53:24 Times Seen20 Hash b87ffed7fce79c54af2be0247c1930dd 2b04b6c9e147aebbabf32beb22644e2f419cafdb cd0ee4780d1be116a41b397c9efb57ce0984c1419ea07725fa9f4ed995491e53 Loading...

	partner.googleadservices.com/gampad/cookie.js?domain=blog.s.id&callback=_gfp_s_&client=ca-pub-2742216534640545	375 B	2023-04-01	2023-04-01
Pretty URL partner.googleadservices.com/gampad/cookie.js?domain=blog.s.id&callback=_gfp_s_&client=ca-pub-2742216534640545 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-01 10:53:24 Last Seen2023-04-01 10:53:24 Times Seen1 Hash 7357701e81f7f7b7f51b5ea54df771da c765fa5bc80c32dc5331adaf37245432d9a4a108 962dda90558d348aef163b53c2af69be6dd671f0b0cb28ec96f3d29b19ae712c Loading...

	home.s.id/_next/static/chunks/main-bba3f19427abc986.js	104 kB	2023-03-13	2023-04-02
Pretty URL home.s.id/_next/static/chunks/main-bba3f19427abc986.js IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 05:23:39 Last Seen2023-04-02 21:33:31 Times Seen28 Hash 4af00c33a5a3626b1fae6792ff86bbf1 ecf73d2807c86ac5c3f0e30abc7b03fca3d36b34 d530ea669f380edb2e2e14f8f30d7ac3b5b98c6090d49f140e3f0eec4c299817 Loading...

	unknown	0 B	2023-03-07	2024-04-25
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-25 00:22:22 Times Seen37051063 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect	251 B	2023-03-07	2024-04-03
Pretty URL blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect IP 104.21.54.41 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:34:55 Last Seen2024-04-03 06:33:17 Times Seen426 Hash 968e084e30b878c76ecc20cc4cc6472a 9a01eea90ba2c553da933d93b626bf2afc8c72bd ed14e6cc5bb7748e4223f42b08b919001c2f851002a821b369c718bea43a2924 Loading...

	static.zdassets.com/web_widget/latest/web-widget-framework-17cde1f5c77e14173e98.js	167 kB	2023-03-29	2023-04-05
Pretty URL static.zdassets.com/web_widget/latest/web-widget-framework-17cde1f5c77e14173e98.js IP 104.18.70.113 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 23:41:05 Last Seen2023-04-05 04:41:55 Times Seen74 Hash 9a22523a174d61325929e2f2b3281227 fc9408075c501a02bd53be5ada9d1a09a989bcb1 0a7048087ee3d34425fe83c11c4be7e2d880971db05a6f9b45f7e9c7d0713ee3 Loading...

	static.zdassets.com/web_widget/latest/messenger/web-widget-4852-660d3cb.js	142 kB	2023-03-29	2023-05-05
Pretty URL static.zdassets.com/web_widget/latest/messenger/web-widget-4852-660d3cb.js IP 104.18.70.113 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 23:41:06 Last Seen2023-05-05 17:01:57 Times Seen134 Hash b361c19a9af081b357568069aa583838 871c72ecfe01775e98c9d4a3416eab7aa18150b0 e9c01c5af5c83950f486a92f411e639f335ab9e0d0086c28511867942053bb1c Loading...

	home.s.id/forbidden#action	36 B	2023-03-07	2023-05-10
Pretty URL home.s.id/forbidden#action IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:51 Last Seen2023-05-10 02:26:28 Times Seen92 Hash 34f9fbe5be142c7d9c9146eb225d512f d4e2ab3e3646d75abb2325c51db0433bd3dce4df 854e16bd70a075ebc78a1db6ca15512e4936501394a99590b5f66fd0c8ba61d9 Loading...

	static.zdassets.com/web_widget/latest/messenger/web-widget-locales/messenger/en-us-json-660d3cb.js	15 kB	2023-03-26	2023-04-05
Pretty URL static.zdassets.com/web_widget/latest/messenger/web-widget-locales/messenger/en-us-json-660d3cb.js IP 104.18.70.113 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 08:31:30 Last Seen2023-04-05 04:41:55 Times Seen56 Hash 8340513af1527c72129bdfd58adc8b99 bb6f990dc4c1b5afe22fbca10b500078bb81b6bb c0e7ad7a57e94277b7f505f29420f3a4774dcd94af2b7974d6797105c0bb25b7 Loading...

	www.googletagmanager.com/gtag/js?id=G-LBWQJM5WLF	227 kB	2023-04-01	2023-04-01
Pretty URL www.googletagmanager.com/gtag/js?id=G-LBWQJM5WLF IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-01 10:53:24 Last Seen2023-04-01 10:53:24 Times Seen1 Hash 8f9e5f4f312ba6782a4fffaab0d32244 7ded53dd188c69bcfe2dfff88dccd2f4f58bf890 90d3c75bc89810716e505512080be8eda4e6b9dfb7bfb5fe5b41d64e77c0ba4a Loading...

	blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect	196 B	2023-03-07	2024-04-03
Pretty URL blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect IP 104.21.54.41 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:34:55 Last Seen2024-04-03 06:33:17 Times Seen426 Hash c98323db1bef176960d2b1950e0800fd c3a3c7d59a039b6194c714e0af1aa73911ebd01d 5496584f2fe4ce363c48545e26b6c7756cb8399ccc481157002e175ba144422c Loading...

	blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect	271 B	2023-03-07	2024-04-03
Pretty URL blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect IP 104.21.54.41 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:34:55 Last Seen2024-04-03 06:33:17 Times Seen424 Hash c1058202d22ac09579022379d86826ee 1999a6d0d08b35ccd64a0ee69ae169dd3a0b3356 dad812433366937d85265938bb652a2801d9d6d4c0912abb0786fe65142fe715 Loading...

	www.googletagmanager.com/gtag/js?id=G-GJLS9JMJCK	224 kB	2023-04-01	2023-04-01
Pretty URL www.googletagmanager.com/gtag/js?id=G-GJLS9JMJCK IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-01 10:53:24 Last Seen2023-04-01 10:53:24 Times Seen1 Hash d348fd062350218324624bee94dc75a6 ccd19fea73a6bb0bbf795707ce939f7b23656915 14235fcc98d29f0169972d93c3de2f7a8948b9a1b9c80df69c03d0789814454e Loading...

	home.s.id/_next/static/chunks/pages/_app-91584dffae148bc5.js	344 kB	2023-04-01	2023-04-01
Pretty URL home.s.id/_next/static/chunks/pages/_app-91584dffae148bc5.js IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-01 10:42:02 Last Seen2023-04-01 10:53:24 Times Seen2 Hash 1efac63a79120e59f8d543d38b760cc8 072ebee33f433ef90cdd42e5364288448e732356 afe7c944fcf6a9b3fe3bc133e7ba1081a934d936012a40a330b388c3742472ed Loading...

	home.s.id/_next/static/PcNZy4V_8icnoREHs8j88/_ssgManifest.js	91 B	2023-03-07	2024-04-24
Pretty URL home.s.id/_next/static/PcNZy4V_8icnoREHs8j88/_ssgManifest.js IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:40 Last Seen2024-04-24 15:45:54 Times Seen618 Hash 5ce0d2713404bd05c9502cc490488dca 552f4970f95812a42a366cf0752db5c4c4218236 ddeea69d5116852145775870dab4d86b4e909e7a02c03465efaa67d5b0f744be Loading...

	googleads.g.doubleclick.net/pagead/html/r20230329/r20190131/zrt_lookup.html	10 kB	2023-03-14	2023-04-05
Pretty URL googleads.g.doubleclick.net/pagead/html/r20230329/r20190131/zrt_lookup.html IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 13:29:45 Last Seen2023-04-05 02:11:59 Times Seen4625 Hash a969ec2e827cf3b8a9dc2ccd439733c2 189a089bc848f30d70479c6c0da113c13a83f99b 84f8183c57907d5d6223e8bea02deea39c65caf1371df19b3e6e82cb983da1f1 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 0b0c5117f98c674fff9332fa5480e908	31 B	2023-03-07	2023-11-21
Pretty Observations First Seen2023-03-07 01:02:07 Last Seen2023-11-21 03:43:28 Times Seen7759 Hash 0b0c5117f98c674fff9332fa5480e908 233966d6919f909d7c5fa065bacd49fde58eeb73 6e4c074bba968f3a2899edcbccf9e893ebdad7a5a533463e4d9630f28f3baed1 Loading...

HTTP Transactions (99)

URL IP Response Size

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7af19a5145a4ee99bdf18831bad04bfd
7bdd2a4785b999ef54a2644211d2b2b7190fb8e1
3237bf0111ecdec3615c4d2d49a602f48f800335d0194f52b600bdaefbd63ed0

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3237BF0111ECDEC3615C4D2D49A602F48F800335D0194F52B600BDAEFBD63ED0"
Last-Modified: Thu, 30 Mar 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4980
Expires: Fri, 31 Mar 2023 10:24:19 GMT
Date: Fri, 31 Mar 2023 09:01:19 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
cca063332ba9a89eadd62a8dd7f81a9b
d473b2a7a32c964599ff3bac8f98fa578f03d1d1
02fb74c7c695ad99f7f2fd7c02ae2b88e2da1c5db339f883333d9090291931dc

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "02FB74C7C695AD99F7F2FD7C02AE2B88E2DA1C5DB339F883333D9090291931DC"
Last-Modified: Wed, 29 Mar 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7039
Expires: Fri, 31 Mar 2023 10:58:38 GMT
Date: Fri, 31 Mar 2023 09:01:19 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
76218c893040d958ae1c4231cdd2133c
6a7b336dee91d4aec26ace0a5883ecdfac52e68f
d35492b04d16ed00e9e195e7c84c99aa6a2b8a93abeb656baae0918986f0a7e4

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D35492B04D16ED00E9E195E7C84C99AA6A2B8A93ABEB656BAAE0918986F0A7E4"
Last-Modified: Wed, 29 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5388
Expires: Fri, 31 Mar 2023 10:31:07 GMT
Date: Fri, 31 Mar 2023 09:01:19 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
4ad6984a756720fbfff47b37a75513a2
355e35258114452af8b9638985ed9d8ef3bf0aca
43181fccb10652c68cae86e5e32b4e8f426fb5ad49d8125cb99e072cff573cf5

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Backoff, Content-Type, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 31 Mar 2023 08:28:22 GMT
content-type: application/json
age: 1977
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: Pu5LkbEJVLW4tPQUr+VdFnPBYhRcPKrLJfxZll8nzHpd1NDBFaxWLbZrRppUKeRosCNMZ8020TM=
x-amz-request-id: RMW4M25ZXTJF0XWT
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 31 Mar 2023 08:34:01 GMT
age: 1638
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

pak-digital.com/wp-content/87889/boatest/login.php

151.101.2.159

301 Moved Permanently

162 B

URL HTTP/1.1
pak-digital.com/wp-content/87889/boatest/login.php
IP
151.101.2.159:0
ASN
#54113 FASTLY

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/87889/boatest/login.php HTTP/1.1
Host: pak-digital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Connection: keep-alive
Content-Length: 162
Content-Type: text/html
Location: https://pak-digital.com/wp-content/87889/boatest/login.php
X-XSS-Protection: 1
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer-when-downgrade
X-FW-Server: Flywheel/5.1.0
X-FW-Hash: 8ssbag29wv
X-FW-Version: 5.0.0
Server: Flywheel/5.1.0
Accept-Ranges: bytes
Date: Fri, 31 Mar 2023 09:01:20 GMT
X-Served-By: cache-bma1633-BMA
X-Cache: MISS
X-Cache-Hits: 0
X-Timer: S1680253280.693739,VS0,VE378
Vary: Authorization
X-FW-Serve: TRUE
X-FW-Static: NO
X-FW-Type: VISIT

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 31 Mar 2023 09:01:20 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ab61862f016dea85f8aa55e59369d905
a5e81f13052b9e9184caf05a9740c345a40d1f22
e0d580c313088d524a5338e63e4acf9f3f3cb45a54f2528c5d1c4915d71b255b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E0D580C313088D524A5338E63E4ACF9F3F3CB45A54F2528C5D1C4915D71B255B"
Last-Modified: Thu, 30 Mar 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10325
Expires: Fri, 31 Mar 2023 11:53:25 GMT
Date: Fri, 31 Mar 2023 09:01:20 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Backoff, Last-Modified, Alert, Content-Length, Pragma, Cache-Control, Retry-After, ETag, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 31 Mar 2023 08:17:26 GMT
age: 2634
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

push.services.mozilla.com/

34.117.65.55

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
34.117.65.55:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: RLvDDodFGM1O7p+QmgKdBQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: E8GjHY/8DFmJE/DcLd89WGjSQyk=
Date: Fri, 31 Mar 2023 09:01:20 GMT
Via: 1.1 google
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

pak-digital.com/wp-content/87889/boatest/login.php

151.101.2.159

302 Found

114 B

URL HTTP/2
pak-digital.com/wp-content/87889/boatest/login.php
IP
151.101.2.159:0
ASN
#54113 FASTLY

File type
HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Size
114 B (114 bytes)
Hash
25f4889425b3c0b7b14fe7149c2575ad
5d096315fa8eba5aaf6d870e034a455914386293
77cf3a26f2ad6fd43cfa593d8d5dcf0c224b25a624e0e2f63e0947d02edf650b

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/87889/boatest/login.php HTTP/1.1
Host: pak-digital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 302 Found
content-type: text/html; charset=UTF-8
location: https://s.id/kY66E
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-dynamic: TRUE
x-fw-hash: 8ssbag29wv
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Fri, 31 Mar 2023 09:01:21 GMT
x-served-by: cache-bma1633-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1680253280.130125,VS0,VE1327
vary: Authorization
x-fw-serve: TRUE
x-fw-static: NO
x-fw-type: VISIT
content-length: 114
X-Firefox-Spdy: h2

s.id/kY66E

188.114.96.1

302 Found

0 B

URL HTTP/2
s.id/kY66E
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /kY66E HTTP/1.1
Host: s.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 302 Found
date: Fri, 31 Mar 2023 09:01:22 GMT
content-length: 0
location: https://home.s.id/forbidden#action
cache-control: private, max-age=30
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jp4EDlVQZ7jg%2FvG5Ln3nTJER%2FRp7pLMuwbV235c9IosDdyMfdCIhq%2F5X0iLOS%2BS1BPzYTyv3Tkjxxj6R79TrcYkdR06k5pQAQdPypOabnzN7QVBLLRPp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7b0768417ba31c0a-OSL
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
195589ff3c6c50463257f10da16de114
7119aeba010d5c5c224fa544feff6f1761739929
dbb5774621e0eee6f9641f6078a650a78d281019726ade7a52c150f0988cd12b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DBB5774621E0EEE6F9641F6078A650A78D281019726ADE7A52C150F0988CD12B"
Last-Modified: Wed, 29 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13185
Expires: Fri, 31 Mar 2023 12:41:07 GMT
Date: Fri, 31 Mar 2023 09:01:22 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
195589ff3c6c50463257f10da16de114
7119aeba010d5c5c224fa544feff6f1761739929
dbb5774621e0eee6f9641f6078a650a78d281019726ade7a52c150f0988cd12b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DBB5774621E0EEE6F9641F6078A650A78D281019726ADE7A52C150F0988CD12B"
Last-Modified: Wed, 29 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13185
Expires: Fri, 31 Mar 2023 12:41:07 GMT
Date: Fri, 31 Mar 2023 09:01:22 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
195589ff3c6c50463257f10da16de114
7119aeba010d5c5c224fa544feff6f1761739929
dbb5774621e0eee6f9641f6078a650a78d281019726ade7a52c150f0988cd12b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DBB5774621E0EEE6F9641F6078A650A78D281019726ADE7A52C150F0988CD12B"
Last-Modified: Wed, 29 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13185
Expires: Fri, 31 Mar 2023 12:41:07 GMT
Date: Fri, 31 Mar 2023 09:01:22 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0794d5a0-7014-425b-9ea0-5dca44ddb4dd.jpeg

34.120.237.76

200 OK

8.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0794d5a0-7014-425b-9ea0-5dca44ddb4dd.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.7 kB (8745 bytes)
Hash
ef54a1ed997cc09495edb102ccdf6803
f5637efb37b5eecff77e60e6bcf5f599991f334f
fa76d7a82dc15baf02b207cea874d1332c20a0ebe1eea99929a6f2746608412c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0794d5a0-7014-425b-9ea0-5dca44ddb4dd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8745
x-amzn-requestid: e1d8dab6-4c15-4752-b528-21854c93a11c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CguJ5Hy5oAMFyAg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64235d72-4bd62c8472f7257a155b2a80;Sampled=0
x-amzn-remapped-date: Tue, 28 Mar 2023 21:34:42 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: YJQbVC3HpHtLrNiTzsUmCOMIWgRik2lIhvpAz0DfmUNSznCXw6ipYw==
via: 1.1 8f251d23da31b683c3c9d6fad6ca944c.cloudfront.net (CloudFront), 1.1 60b744e5b364d04abea9fa6686121242.cloudfront.net (CloudFront), 1.1 google
date: Fri, 31 Mar 2023 06:47:32 GMT
age: 8030
etag: "f5637efb37b5eecff77e60e6bcf5f599991f334f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

14 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F067b6c49-6e52-4dcc-af72-f7292299f912.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
14 kB (13775 bytes)
Hash
876e5464aba1639f3b07b07d1d694514
93885a6205be71d16187782b1803f53d5c8538cb
6e2b6b15f462922a9e8260f55cfcd94d488d1a48435458db43270ea3b825d8c4

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F067b6c49-6e52-4dcc-af72-f7292299f912.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 13775
x-amzn-requestid: 43d1a1f3-b189-4fcd-a298-429123d1921b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CnUloF9woAMFU4w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64260156-13778451622503253ea252eb;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Thu, 30 Mar 2023 21:38:30 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: bXA995GxGti4_AzSi9F19ZNvUwm5_ZSBw0BB0lRIfNHcmX7Ajt6bSg==
via: 1.1 8731d2a1a7d15f67b588bf58f652f9f0.cloudfront.net (CloudFront), 1.1 331202b5b8aab67acbf389883133f256.cloudfront.net (CloudFront), 1.1 google
date: Thu, 30 Mar 2023 21:46:36 GMT
age: 40486
etag: "93885a6205be71d16187782b1803f53d5c8538cb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29b45e61-5c2e-4b1b-929e-70c72bde0787.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11114 bytes)
Hash
211d737362f7cbcd8c77cee7d29fa2f5
668d1d80c88082928c6ca01fbf1ccbfcd079f64f
05672d4ab964a706c41d73b51592ca2425983e77544f08198dd2d3a7dcc5b3a1

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29b45e61-5c2e-4b1b-929e-70c72bde0787.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11114
x-amzn-requestid: e9e6a6b5-e6e8-4ca4-9302-a1fc023a38af
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CkypoH5goAMF6Hw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6424fe3d-63c6c8465407f5dc26e9aced;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Thu, 30 Mar 2023 03:13:01 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: br3zxfuvcl_y9fkridQmtf6qWp6sd9N6bcmJuFcNcozeTRqPGOgtFQ==
via: 1.1 8ead054384c1626556ee4410cad35692.cloudfront.net (CloudFront), 1.1 aa623e134417515bd2496cb01d5e5626.cloudfront.net (CloudFront), 1.1 google
date: Thu, 30 Mar 2023 21:26:10 GMT
age: 41712
etag: "668d1d80c88082928c6ca01fbf1ccbfcd079f64f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccede828-1c24-4287-bb00-f793263370cf.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.4 kB (6380 bytes)
Hash
8a2b8f737604b7983cf686c82599dc73
aa63be93c4cd641f09ce0d5144ef60aab21caed1
78835586bfd170fee7e6f70b2b426ed186f5aeae969459c6dcbf527ba9c0deec

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccede828-1c24-4287-bb00-f793263370cf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6380
x-amzn-requestid: 0a129a69-0720-47a0-8b0e-b3200de24204
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CnUn6E19IAMF9SQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64260165-564474a42e79d1dc4eb9558f;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Thu, 30 Mar 2023 21:38:45 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: 3paQf8BhyRcZoZNox8660Zyzz0WaiQxJuHmDbj4wpo-rgbDdkxrYgQ==
via: 1.1 b5695e36d7fbc522ece27885d73757ae.cloudfront.net (CloudFront), 1.1 b48dedcc55e63f14261aa92cf2d61522.cloudfront.net (CloudFront), 1.1 google
date: Thu, 30 Mar 2023 21:47:23 GMT
age: 40439
etag: "aa63be93c4cd641f09ce0d5144ef60aab21caed1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2d531a5-067e-452b-8349-d9f2a461ba4a.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.1 kB (9055 bytes)
Hash
1688ae550e5e9181de2448a9cade8a26
a46eb0cd75f46778dc802b648f7c391ce801c700
e717e6e64c928571506bc6d19e3d9ce19bea3292f01618a6d9ddbbaffe65ffd1

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2d531a5-067e-452b-8349-d9f2a461ba4a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9055
x-amzn-requestid: 1fad6d1e-3380-4574-9796-ca6bde35b507
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CnUneEK8IAMF1EQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64260162-690f6e9933616e9b74b70435;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Thu, 30 Mar 2023 21:38:42 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: 5qljjE3ByqQaRJhcpkBZFcYVH4lCoP2idQM0iPBAT7znLfoZmO0lUg==
via: 1.1 ee6ea1e4552345de209d26f9ffb35d4a.cloudfront.net (CloudFront), 1.1 b23fb37cd7fff033ab21e3284f558a28.cloudfront.net (CloudFront), 1.1 google
date: Thu, 30 Mar 2023 21:52:53 GMT
age: 40109
etag: "a46eb0cd75f46778dc802b648f7c391ce801c700"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb5ac5665-fe23-4026-a00b-567f98678f9e.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (10706 bytes)
Hash
e55c2ccec92fa37b631f5616ba5e1b77
c3f1113bad672968f22e63693ef4481f7f5616fe
10bfe1a2cf0b6e0a2a548935a1afc061fc61990a121a84580f3969df68b7974c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb5ac5665-fe23-4026-a00b-567f98678f9e.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10706
x-amzn-requestid: 2e382033-306f-40ed-b259-76790e5e3ac9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CnUlmGujoAMFamQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64260156-3856db4579fce52a18219166;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Thu, 30 Mar 2023 21:38:30 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: pcFiVnrSVAh6gQ3VuQDE32650Yoj5bcTJrishSOFVpR3DHh4lUvdag==
via: 1.1 8ead054384c1626556ee4410cad35692.cloudfront.net (CloudFront), 1.1 4d8620b80ebe37d366388e117039aa8e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 30 Mar 2023 22:05:16 GMT
age: 39366
etag: "c3f1113bad672968f22e63693ef4481f7f5616fe"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

home.s.id/_next/static/css/710b274a670fd9ca.css

188.114.96.1

200 OK

20 kB

URL HTTP/2
home.s.id/_next/static/css/710b274a670fd9ca.css
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65452)
Size
20 kB (19800 bytes)
Hash
77ba083b9072fc150551f0b654618b08
7b4286d4ff1b05b323f23f97a391f561fd726ee7
7f60e7813071252ada347c2f5ec37c11ed3ca845c823b4810fa7bbf3cec66e55

HTTP Headers

GET /_next/static/css/710b274a670fd9ca.css HTTP/1.1
Host: home.s.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://home.s.id/forbidden
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 31 Mar 2023 09:01:22 GMT
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
last-modified: Wed, 29 Mar 2023 07:58:49 GMT
etag: W/"1d99d-1872c606aa8"
vary: Accept-Encoding
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: HIT
age: 176297
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j2CQoOfbc%2FbzkEbVyyB7R%2Fq9ZhX4sOSbinfcK8eIinwrCMJxK9b0jxkK3V1SrpFV%2BA1cDTCqmKLvy6jNsuH2j7DFsEgJTU0fwajUkhsKqxGApOB8U1oq0OFFhzI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7b07684a5d621c0a-OSL
content-encoding: br
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
66d3c8a2dc7656b819dfe99dd74ef41b
9ac102973657c13264a7a17ad2e3ffc6f4d1f570
23346d5aae2c9440f6a6d9c1d366003dfaefd1cc83212ce033bfdc30e5054cc6

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 31 Mar 2023 09:01:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

home.s.id/_next/static/PcNZy4V_8icnoREHs8j88/_ssgManifest.js

188.114.96.1

200 OK

535 B

URL HTTP/2
home.s.id/_next/static/PcNZy4V_8icnoREHs8j88/_ssgManifest.js
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with no line terminators
Size
535 B (535 bytes)
Hash
db4e1f236c7ba5161287f5a9fe760065
0478f8e6f680c519805c8c8aa86402ac90047bce
cd7ba03b4e3a20e08d89243156b5c77c14b462b7e3d64231878046cf3318aadb

HTTP Headers

GET /_next/static/PcNZy4V_8icnoREHs8j88/_ssgManifest.js HTTP/1.1
Host: home.s.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://home.s.id/forbidden
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 31 Mar 2023 09:01:22 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
last-modified: Thu, 30 Mar 2023 03:50:50 GMT
etag: W/"5b-18730a3bd90"
vary: Accept-Encoding
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: HIT
age: 100782
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2ByHEjD%2BiUC5MPIlKX7JaiTSWRfFhaJSJoCjlub4AYGVyitKiyCl8lC02YakyFD%2B031Dae%2FQyoXBnYMhHmtWrjL166uwNdJTGVIWlrPZw5%2BpxN4SwCliB3N%2ByPjo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7b07684a7d771c0a-OSL
content-encoding: br
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
7117d0725779b203269d6c54c3ccedcf
24f4e806fd15c39484288a88c67117c918ce0829
ecfdfee4723c973d404d5e580a8cead357de755354328bfa40c1041350a76504

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 31 Mar 2023 09:01:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

home.s.id/_next/static/chunks/framework-8ff6c737ed443ded.js

188.114.96.1

200 OK

43 kB

URL HTTP/2
home.s.id/_next/static/chunks/framework-8ff6c737ed443ded.js
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65536), with no line terminators
Size
43 kB (43022 bytes)
Hash
8b743c95db7b49855b8a38a3513f3a8c
64843cb5084545917425bc386a68d5970d161a11
6391e221fa04389c9e6b4f09b9ab6848e28235c16b011fa4862dc8dfb2098953

HTTP Headers

GET /_next/static/chunks/framework-8ff6c737ed443ded.js HTTP/1.1
Host: home.s.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://home.s.id/forbidden
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 31 Mar 2023 09:01:22 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
last-modified: Wed, 15 Mar 2023 07:10:43 GMT
etag: W/"1fbd0-186e41b5938"
vary: Accept-Encoding
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: HIT
age: 1309626
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ERG7gXkufd9z0sabNNy6afyMlEuoFPr1M4CmEzyDHLhivhNmDQbmNEd3GVM1ka4wTzIoJdPuuWPRgDlhQ6KiEaBHnUrpUOFzECNT4rWhNKIJWdk87wwuTsOKbRY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7b07684a6d6c1c0a-OSL
content-encoding: br
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=AW-10823601447

142.250.74.168

200 OK

69 kB

URL HTTP/2
www.googletagmanager.com/gtag/js?id=AW-10823601447
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (8284)
Size
69 kB (69322 bytes)
Hash
77f9cd70653a04e43ed08c357ab9851f
650c9e1129edaf4ca057d2f1ec61e9d35a5cbe2b
1d9390ed6a208b97b9cb31a1ac475f7c53d6316e216b0b5092775d083223543e

HTTP Headers

GET /gtag/js?id=AW-10823601447 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://home.s.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 31 Mar 2023 09:01:23 GMT
expires: Fri, 31 Mar 2023 09:01:23 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 69322
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=G-LJQ0V44EV5

142.250.74.168

200 OK

79 kB

URL HTTP/2
www.googletagmanager.com/gtag/js?id=G-LJQ0V44EV5
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (19390)
Size
79 kB (78659 bytes)
Hash
c24ede99a5afe2db1d420b7d3785d1cc
6b8edd00fc3e285828675dc00eb21e2e604e8510
482d3ae644429c4883e3e4049db767418da9f251bc3d7d3045ead26d4722d214

HTTP Headers

GET /gtag/js?id=G-LJQ0V44EV5 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://home.s.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 31 Mar 2023 09:01:23 GMT
expires: Fri, 31 Mar 2023 09:01:23 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 78659
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

static.cloudflareinsights.com/beacon.min.js/vb26e4fa9e5134444860be286fd8771851679335129114

104.16.57.101

200 OK

6.5 kB

URL HTTP/2
static.cloudflareinsights.com/beacon.min.js/vb26e4fa9e5134444860be286fd8771851679335129114
IP
104.16.57.101:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
6.5 kB (6509 bytes)
Hash
b6b78c07257a5d4a55af04066eb791d7
94cf48976c9ac5ddb780def56fc7e1097e09c419
7e5cc6d05c6b14b53bcab352090514ac60627d11777c38fb53b333c8e95efef1

HTTP Headers

GET /beacon.min.js/vb26e4fa9e5134444860be286fd8771851679335129114 HTTP/1.1
Host: static.cloudflareinsights.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://home.s.id
Connection: keep-alive
Referer: https://home.s.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 31 Mar 2023 09:01:23 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/2023.3.0
last-modified: Mon, 20 Mar 2023 17:58:49 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b07684b6df9b4f9-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Lily+Script+One&family=Playfair+Display:ital,wght@0,400;0,600;1,500&display=swap

142.250.74.106

200 OK

1.1 kB

URL HTTP/2
fonts.googleapis.com/css2?family=Lily+Script+One&family=Playfair+Display:ital,wght@0,400;0,600;1,500&display=swap
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type
data
Size
1.1 kB (1113 bytes)
Hash
4f767f00fdd2d0f9e6d53149b7a2854f
8b3d1626a4694699f0cc2f4765682fb9e4519171
c3937be2d031ac318f0fb36f7c87ca86a22b0749d458a233a90e206b38324615

HTTP Headers

GET /css2?family=Lily+Script+One&family=Playfair+Display:ital,wght@0,400;0,600;1,500&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://home.s.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 31 Mar 2023 09:01:23 GMT
date: Fri, 31 Mar 2023 09:01:23 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
bf29feb5d124115ffaf0b00e89ab0309
693d2ad3694d3171af6545ef4758855127b2e669
40c67d04ae6c3d13fd0a77cf0c804660a5498d0c24425162f8e21c86d9e85eb1

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 31 Mar 2023 09:01:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
bf29feb5d124115ffaf0b00e89ab0309
693d2ad3694d3171af6545ef4758855127b2e669
40c67d04ae6c3d13fd0a77cf0c804660a5498d0c24425162f8e21c86d9e85eb1

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 31 Mar 2023 09:01:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

142.250.74.35

200 OK

31 kB

URL HTTP/2
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Size
31 kB (30928 bytes)
Hash
ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

HTTP Headers

GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://home.s.id
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 28 Mar 2023 10:31:16 GMT
expires: Wed, 27 Mar 2024 10:31:16 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
age: 253807
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
bf29feb5d124115ffaf0b00e89ab0309
693d2ad3694d3171af6545ef4758855127b2e669
40c67d04ae6c3d13fd0a77cf0c804660a5498d0c24425162f8e21c86d9e85eb1

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 31 Mar 2023 09:01:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d3f7da6c5369e6ae567fd3bb52260f38
7ee3052765e1f06206bd5b7bb109d8a7be5dffca
9ead825db977e570cf3becebe7e18149863c74716d7cb65e8a85beea5ce7be0c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9EAD825DB977E570CF3BECEBE7E18149863C74716D7CB65E8A85BEEA5CE7BE0C"
Last-Modified: Wed, 29 Mar 2023 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11720
Expires: Fri, 31 Mar 2023 12:16:43 GMT
Date: Fri, 31 Mar 2023 09:01:23 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d3f7da6c5369e6ae567fd3bb52260f38
7ee3052765e1f06206bd5b7bb109d8a7be5dffca
9ead825db977e570cf3becebe7e18149863c74716d7cb65e8a85beea5ce7be0c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9EAD825DB977E570CF3BECEBE7E18149863C74716D7CB65E8A85BEEA5CE7BE0C"
Last-Modified: Wed, 29 Mar 2023 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Fri, 31 Mar 2023 15:01:23 GMT
Date: Fri, 31 Mar 2023 09:01:23 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d3f7da6c5369e6ae567fd3bb52260f38
7ee3052765e1f06206bd5b7bb109d8a7be5dffca
9ead825db977e570cf3becebe7e18149863c74716d7cb65e8a85beea5ce7be0c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9EAD825DB977E570CF3BECEBE7E18149863C74716D7CB65E8A85BEEA5CE7BE0C"
Last-Modified: Wed, 29 Mar 2023 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21579
Expires: Fri, 31 Mar 2023 15:01:02 GMT
Date: Fri, 31 Mar 2023 09:01:23 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d3f7da6c5369e6ae567fd3bb52260f38
7ee3052765e1f06206bd5b7bb109d8a7be5dffca
9ead825db977e570cf3becebe7e18149863c74716d7cb65e8a85beea5ce7be0c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9EAD825DB977E570CF3BECEBE7E18149863C74716D7CB65E8A85BEEA5CE7BE0C"
Last-Modified: Wed, 29 Mar 2023 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Fri, 31 Mar 2023 15:01:23 GMT
Date: Fri, 31 Mar 2023 09:01:23 GMT
Connection: keep-alive

home.s.id/forbidden

188.114.96.1

200 OK

20 kB

URL HTTP/2
home.s.id/forbidden
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (61209)
Size
20 kB (19770 bytes)
Hash
d1a6c213bec27c3159d79a3f91b7ed77
f713bbdbbbe710c620699d125e2524b07009856d
2cf47f01120f5621bdd7d4e0ae71797a150e359319907ac1edb286e7ff424166

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /forbidden HTTP/1.1
Host: home.s.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers

HTTP/2 200 OK
date: Fri, 31 Mar 2023 09:01:22 GMT
content-type: text/html; charset=utf-8
x-powered-by: Next.js
cache-control: private, no-cache, no-store, max-age=0, must-revalidate
vary: Accept-Encoding
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PjGbmVBtRVdXza%2B023rkXm8rLRQeJYBNjmd4LfraSfx5mdFUXr9f7kox0DkmXpmef7MvOtIcz3Uzpd%2FcUdQA8E9DtYPgPOoQuf2hGF9rKDtk69VFfIx%2F4mSBg2o%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7b076845b89f1c0a-OSL
content-encoding: br
X-Firefox-Spdy: h2

home.s.id/images/sid-logo-new-light.svg

188.114.96.1

200 OK

2.3 kB

URL HTTP/2
home.s.id/images/sid-logo-new-light.svg
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
2.3 kB (2267 bytes)
Hash
d61f2c3f63cc103341d1bc26a4978794
80fd4b5bb42c09a020496daed5e7ae26f7108eef
59e1e0b5403a1053a19b507295c59fe91745aea424d918922d2a8c058a4e5ecf

HTTP Headers

GET /images/sid-logo-new-light.svg HTTP/1.1
Host: home.s.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://home.s.id/forbidden
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 31 Mar 2023 09:01:23 GMT
content-type: image/svg+xml
cache-control: public, max-age=14400
last-modified: Sun, 06 Feb 2022 05:21:36 GMT
etag: W/"f40-17ecd7afb00"
vary: Accept-Encoding
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SxMJESUBXbXGNDS1FL7zML9sUWZeYCt9Boe8%2FqwVrINY9%2BjcXoXDbmh4HQ5NHAfiHq8L%2BvgZ3c%2BFPlBvz5dbK3FJ7G7QSI8UaFlWW3t00U4Jf3CDB5sU7Z4IBrA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7b07684a8d8d1c0a-OSL
content-encoding: br
X-Firefox-Spdy: h2

www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-98MWVCBDD7&cid=1229567822.1680253283&gtm=45je33t0&aip=1&z=970711704

142.250.74.163

200 OK

42 B

URL HTTP/2
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-98MWVCBDD7&cid=1229567822.1680253283&gtm=45je33t0&aip=1&z=970711704
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-98MWVCBDD7&cid=1229567822.1680253283&gtm=45je33t0&aip=1&z=970711704 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://home.s.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 31 Mar 2023 09:01:24 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

googleads.g.doubleclick.net/pagead/viewthroughconversion/10823601447/?random=1680253283264&cv=11&fst=1680253283264&bg=ffffff&guid=ON&async=1&gtm=45be33t0&u_w=1280&u_h=1024&url=https%3A%2F%2Fhome.s.id%2Fforbidden&hn=www.googleadservices.com&frm=0&tiba=Forbidden%20-%20S.id&auid=1290883245.1680253283&data=event%3Dgtag.config&rfmt=3&fmt=4

142.250.74.130

200 OK

1.2 kB

URL HTTP/2
googleads.g.doubleclick.net/pagead/viewthroughconversion/10823601447/?random=1680253283264&cv=11&fst=1680253283264&bg=ffffff&guid=ON&async=1&gtm=45be33t0&u_w=1280&u_h=1024&url=https%3A%2F%2Fhome.s.id%2Fforbidden&hn=www.googleadservices.com&frm=0&tiba=Forbidden%20-%20S.id&auid=1290883245.1680253283&data=event%3Dgtag.config&rfmt=3&fmt=4
IP
142.250.74.130:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (2531), with no line terminators
Size
1.2 kB (1196 bytes)
Hash
85425f10812dd954ee31e993a692a451
f87d317c45ae3e702bbf4544232166e2580f1e8b
89fa08f7fcb3d9e784df851cc08f17d270fb7e9aac7f637dac01e65896e22b6a

HTTP Headers

GET /pagead/viewthroughconversion/10823601447/?random=1680253283264&cv=11&fst=1680253283264&bg=ffffff&guid=ON&async=1&gtm=45be33t0&u_w=1280&u_h=1024&url=https%3A%2F%2Fhome.s.id%2Fforbidden&hn=www.googleadservices.com&frm=0&tiba=Forbidden%20-%20S.id&auid=1290883245.1680253283&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://home.s.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 31 Mar 2023 09:01:24 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 1196
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 31-Mar-2023 09:16:24 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
c7445f8f9dbe44a0457ed584305727c4
0582edfdc9fe490bfeb72250c218af3cff3f6cab
8fa39260f96786df1a76e9896a1a9614fd3ab4aadb1a2f98b909c55caeb9eae1

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 31 Mar 2023 09:01:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e8df31f5ac474adbf58cfa599304bcae
c3001e355800deb24f04a565cc1ccb1131c1eadc
da2ed2c8207f9290413bf7d38a0957f48cc524c6afe7b481b77a84930c7a9e38

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 31 Mar 2023 09:01:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google-analytics.com/analytics.js

142.250.74.110

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.110:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1490)
Size
20 kB (20085 bytes)
Hash
ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://home.s.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Fri, 31 Mar 2023 08:05:11 GMT
expires: Fri, 31 Mar 2023 10:05:11 GMT
cache-control: public, max-age=7200
age: 3373
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

region1.google-analytics.com/g/collect?v=2&tid=G-LJQ0V44EV5&gtm=45je33t0&_p=408732760&cid=1229567822.1680253283&ul=en-us&sr=1280x1024&_s=1&sid=1680253283&sct=1&seg=0&dl=https%3A%2F%2Fhome.s.id%2Fforbidden&dt=Forbidden%20-%20S.id&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1

216.239.34.36

204 No Content

0 B

URL HTTP/2
region1.google-analytics.com/g/collect?v=2&tid=G-LJQ0V44EV5&gtm=45je33t0&_p=408732760&cid=1229567822.1680253283&ul=en-us&sr=1280x1024&_s=1&sid=1680253283&sct=1&seg=0&dl=https%3A%2F%2Fhome.s.id%2Fforbidden&dt=Forbidden%20-%20S.id&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP
216.239.34.36:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-LJQ0V44EV5&gtm=45je33t0&_p=408732760&cid=1229567822.1680253283&ul=en-us&sr=1280x1024&_s=1&sid=1680253283&sct=1&seg=0&dl=https%3A%2F%2Fhome.s.id%2Fforbidden&dt=Forbidden%20-%20S.id&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://home.s.id
Connection: keep-alive
Referer: https://home.s.id/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://home.s.id
date: Fri, 31 Mar 2023 09:01:24 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

home.s.id/_next/static/PcNZy4V_8icnoREHs8j88/_buildManifest.js

188.114.96.1

200 OK

2.5 kB

URL HTTP/2
home.s.id/_next/static/PcNZy4V_8icnoREHs8j88/_buildManifest.js
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (9149), with no line terminators
Size
2.5 kB (2512 bytes)
Hash
48ec7280bd8f68c67da1b195894641bd
89b5bab3574847ff94bff693d7727640353f7134
d36126cf01cc8ecdc920bac9ed40021333f58811eb37313d14b2a5d682b00709

HTTP Headers

GET /_next/static/PcNZy4V_8icnoREHs8j88/_buildManifest.js HTTP/1.1
Host: home.s.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://home.s.id/forbidden
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 31 Mar 2023 09:01:22 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
last-modified: Thu, 30 Mar 2023 03:50:18 GMT
etag: W/"23bd-18730a34090"
vary: Accept-Encoding
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: HIT
age: 100782
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5Lcmp8GSX8qVcAwgMuIagLOskKAPHQPrMBZhylEiIYi4ZgslLSrLZbQyfcpIBCXBS1iQnTTz2CzKgL87F6lENzm4cWwo4OAFz3B22yPtSiOhVsqK1b06zag3UfA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7b07684a7d761c0a-OSL
content-encoding: br
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
7ea999a491ab4009f8658e78af2bfb94
f0cbd3d48c9081acfdeb53adf55135dba5bbe08b
d159c0baaa0869f3e69e16ea482178e6184d68cb6f5ae8a6156955488fd415fe

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 31 Mar 2023 09:01:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

region1.analytics.google.com/g/collect?v=2&tid=G-98MWVCBDD7&gtm=45je33t0&_p=408732760&_gaz=1&cid=1229567822.1680253283&ul=en-us&sr=1280x1024&_s=1&sid=1680253283&sct=1&seg=0&dl=https%3A%2F%2Fhome.s.id%2Fforbidden&dt=Forbidden%20-%20S.id&en=page_view&_fv=1&_ss=1&_ee=1

216.239.34.36

204 No Content

0 B

URL HTTP/2
region1.analytics.google.com/g/collect?v=2&tid=G-98MWVCBDD7&gtm=45je33t0&_p=408732760&_gaz=1&cid=1229567822.1680253283&ul=en-us&sr=1280x1024&_s=1&sid=1680253283&sct=1&seg=0&dl=https%3A%2F%2Fhome.s.id%2Fforbidden&dt=Forbidden%20-%20S.id&en=page_view&_fv=1&_ss=1&_ee=1
IP
216.239.34.36:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-98MWVCBDD7&gtm=45je33t0&_p=408732760&_gaz=1&cid=1229567822.1680253283&ul=en-us&sr=1280x1024&_s=1&sid=1680253283&sct=1&seg=0&dl=https%3A%2F%2Fhome.s.id%2Fforbidden&dt=Forbidden%20-%20S.id&en=page_view&_fv=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://home.s.id
Connection: keep-alive
Referer: https://home.s.id/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://home.s.id
date: Fri, 31 Mar 2023 09:01:24 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

api.s.id/api/redirect

45.126.58.78

204 No Content

0 B

URL HTTP/2
api.s.id/api/redirect
IP
45.126.58.78:0
ASN
#132647 Pengelola Nama Domain Internet Indonesia

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /api/redirect HTTP/1.1
Host: api.s.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: ds,x-rpc-lang
Referer: https://home.s.id/
Origin: https://home.s.id
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

HTTP/2 204 No Content
date: Fri, 31 Mar 2023 09:01:24 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://home.s.id
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With, X-RPC-Lang, DS
access-control-allow-methods: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2

stats.g.doubleclick.net/g/collect?v=2&tid=G-98MWVCBDD7&cid=1229567822.1680253283&gtm=45je33t0&aip=1

64.233.161.157

204 No Content

0 B

URL HTTP/2
stats.g.doubleclick.net/g/collect?v=2&tid=G-98MWVCBDD7&cid=1229567822.1680253283&gtm=45je33t0&aip=1
IP
64.233.161.157:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-98MWVCBDD7&cid=1229567822.1680253283&gtm=45je33t0&aip=1 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://home.s.id
Connection: keep-alive
Referer: https://home.s.id/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://home.s.id
date: Fri, 31 Mar 2023 09:01:24 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
7ea999a491ab4009f8658e78af2bfb94
f0cbd3d48c9081acfdeb53adf55135dba5bbe08b
d159c0baaa0869f3e69e16ea482178e6184d68cb6f5ae8a6156955488fd415fe

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 31 Mar 2023 09:01:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
ee15ff6931559991c58a51cbecf4c8c5
073267ce58de3587f3e1b80914852f6acd56921f
2c90a44d2191b0276c9e0d0571c263a48f2b74cb287f683517c08449bd815ea5

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 31 Mar 2023 09:01:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

api.s.id/api/user/me

45.126.58.78

401 Unauthorized

58 B

URL HTTP/2
api.s.id/api/user/me
IP
45.126.58.78:0
ASN
#132647 Pengelola Nama Domain Internet Indonesia

File type
JSON data\012- , ASCII text, with no line terminators
Size
58 B (58 bytes)
Hash
dc6337924fcba32afbaef2dc7a71ffcf
1bb7b761c6bf8bc117eddd9525d61844fa676190
4bc6fcf8abb0feb0a50bc17148052beafa7b3ac9aeb9e20ecf183791f6a9c50b

HTTP Headers

GET /api/user/me HTTP/1.1
Host: api.s.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-RPC-Lang: en
DS: 1680253283,r1r47b,92b6fe4701140509f6d5c21e0d4d227d
Origin: https://home.s.id
Connection: keep-alive
Referer: https://home.s.id/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 401 Unauthorized
date: Fri, 31 Mar 2023 09:01:24 GMT
content-type: application/json
content-length: 58
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://home.s.id
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With, X-RPC-Lang, DS
access-control-allow-methods: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
x-ratelimit-limit: 30
x-ratelimit-remaining: 29
x-ratelimit-reset: 15
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2

www.google.com/pagead/1p-user-list/10823601447/?random=1680253283264&cv=11&fst=1680253200000&bg=ffffff&guid=ON&async=1&gtm=45be33t0&u_w=1280&u_h=1024&url=https%3A%2F%2Fhome.s.id%2Fforbidden&frm=0&tiba=Forbidden%20-%20S.id&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2821380657&rmt_tld=0&ipr=y

142.250.74.164

200 OK

42 B

URL HTTP/2
www.google.com/pagead/1p-user-list/10823601447/?random=1680253283264&cv=11&fst=1680253200000&bg=ffffff&guid=ON&async=1&gtm=45be33t0&u_w=1280&u_h=1024&url=https%3A%2F%2Fhome.s.id%2Fforbidden&frm=0&tiba=Forbidden%20-%20S.id&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2821380657&rmt_tld=0&ipr=y
IP
142.250.74.164:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /pagead/1p-user-list/10823601447/?random=1680253283264&cv=11&fst=1680253200000&bg=ffffff&guid=ON&async=1&gtm=45be33t0&u_w=1280&u_h=1024&url=https%3A%2F%2Fhome.s.id%2Fforbidden&frm=0&tiba=Forbidden%20-%20S.id&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2821380657&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://home.s.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 31 Mar 2023 09:01:24 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

home.s.id/cdn-cgi/rum?

188.114.96.1

204 No Content

0 B

URL HTTP/2
home.s.id/cdn-cgi/rum?
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /cdn-cgi/rum? HTTP/1.1
Host: home.s.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/json
Content-Length: 1084
Origin: https://home.s.id
Connection: keep-alive
Referer: https://home.s.id/forbidden
Cookie: _ga_LJQ0V44EV5=GS1.1.1680253283.1.0.1680253283.0.0.0; _ga=GA1.2.1229567822.1680253283; _ga_98MWVCBDD7=GS1.1.1680253283.1.0.1680253283.60.0.0; _gcl_au=1.1.1290883245.1680253283; _gid=GA1.2.922624130.1680253284; _gat_gtag_UA_225238330_2=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 204 No Content
date: Fri, 31 Mar 2023 09:01:24 GMT
access-control-allow-origin: https://home.s.id
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 7b0768533ff01c0a-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2

api.s.id/api/redirect

45.126.58.78

200 OK

469 B

URL HTTP/2
api.s.id/api/redirect
IP
45.126.58.78:0
ASN
#132647 Pengelola Nama Domain Internet Indonesia

File type
JSON data\012- , ASCII text, with very long lines (469), with no line terminators
Size
469 B (469 bytes)
Hash
a986c42aab43f215b2cff47a241682ad
6d9a0e2cb5cc1d1fbb2be4c07b7a9bd4876a5d0b
81d6ef397a6d125f2e35713f1329b807851d4040b122463c5106c0f97ef34149

HTTP Headers

GET /api/redirect HTTP/1.1
Host: api.s.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-RPC-Lang: en
DS: 1680253283,05y8cbg,f243d27835ef19aede85fe3a994353b3
Origin: https://home.s.id
Connection: keep-alive
Referer: https://home.s.id/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
date: Fri, 31 Mar 2023 09:01:24 GMT
content-type: application/json
content-length: 469
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://home.s.id
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With, X-RPC-Lang, DS
access-control-allow-methods: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
d9bccde084c491a04e52752f2af1e16d
5a7a761608a0d79d383e104a0455f76bb0d2248e
aed5aade370f65d015700850f0a3a80c5f47066e82d200f5cf1d2d44657388dd

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 31 Mar 2023 09:01:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

static.zdassets.com/web_widget/latest/messenger/web-widget-1707-660d3cb.js

104.18.70.113

200 OK

8.0 kB

URL HTTP/2
static.zdassets.com/web_widget/latest/messenger/web-widget-1707-660d3cb.js
IP
104.18.70.113:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (24853), with no line terminators
Size
8.0 kB (7992 bytes)
Hash
8bbbd7edcae71a51b31f85b1be8211df
27e17c6f72d07f87cc331714068c966428563543
d2d090d11eb5d23868cb4367f14eee088364e624ff095a0fec109279647e5def

HTTP Headers

GET /web_widget/latest/messenger/web-widget-1707-660d3cb.js HTTP/1.1
Host: static.zdassets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 31 Mar 2023 09:01:24 GMT
content-type: application/javascript; charset=utf-8
x-amz-id-2: wlYGSfBfzT4930eGOYEEiDorzLzI8DYPV9uyonvr9pX1+o7s4eNzLSd0VcPhucSn3fzuNncSrss=
x-amz-request-id: VSW82Q446PP1D0VC
x-amz-replication-status: COMPLETED
last-modified: Tue, 28 Mar 2023 00:58:26 GMT
etag: W/"ae451f428ab96456490147d8abff0d53"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000
expires: Wed, 27 Mar 2024 00:58:25 GMT
x-amz-version-id: H.l3YGbI.40aeaIkx3GMkICfAVRRG2d2
cf-cache-status: HIT
age: 209078
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UqXKiHYc%2Brl%2BvOpq%2BXcOuWj9n64%2FDmOaskreEb5JBD548o2SAm3Z5ZY8rAlUQ8JHVoZUJ11UgZzS2Ad1UpG%2FYYEo4tQEIkA2nr1EfXmUrfCbOHgWHl2zMvb5VO1D3x6Chv92Bag%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 7b076853ef80b50c-OSL
content-encoding: br
X-Firefox-Spdy: h2

home.s.id/cdn-cgi/rum?

188.114.96.1

204 No Content

0 B

URL HTTP/2
home.s.id/cdn-cgi/rum?
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /cdn-cgi/rum? HTTP/1.1
Host: home.s.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 490
Origin: https://home.s.id
Connection: keep-alive
Referer: https://home.s.id/forbidden
Cookie: _ga_LJQ0V44EV5=GS1.1.1680253283.1.0.1680253286.0.0.0; _ga=GA1.2.1229567822.1680253283; _ga_98MWVCBDD7=GS1.1.1680253283.1.0.1680253286.57.0.0; _gcl_au=1.1.1290883245.1680253283; _gid=GA1.2.922624130.1680253284; _gat_gtag_UA_225238330_2=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 204 No Content
date: Fri, 31 Mar 2023 09:01:26 GMT
access-control-allow-origin: https://home.s.id
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 7b0768603fee1c0a-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2

blog.s.id/_next/static/chunks/pages/_app-a1aaa7198e7209b9.js

104.21.54.41

200 OK

107 kB

URL HTTP/2
blog.s.id/_next/static/chunks/pages/_app-a1aaa7198e7209b9.js
IP
104.21.54.41:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65536), with no line terminators
Size
107 kB (107182 bytes)
Hash
196985347ec95ca05d38af1cb8ad879e
6710a6e9d35135d20e5968da0e1774731acd7fd1
3254783ca37110a6c44b6c08b739205bd89daf295643cbf2d7a847979d83c176

HTTP Headers

GET /_next/static/chunks/pages/_app-a1aaa7198e7209b9.js HTTP/1.1
Host: blog.s.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect
Cookie: _ga_LJQ0V44EV5=GS1.1.1680253283.1.0.1680253286.0.0.0; _ga=GA1.2.1229567822.1680253283; _ga_98MWVCBDD7=GS1.1.1680253283.1.0.1680253286.57.0.0; _gcl_au=1.1.1290883245.1680253283; _gid=GA1.2.922624130.1680253284; _gat_gtag_UA_225238330_2=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 31 Mar 2023 09:01:26 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
last-modified: Wed, 15 Mar 2023 07:09:27 GMT
etag: W/"2d815-186e41a3058"
vary: Accept-Encoding
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: HIT
age: 1309625
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S55VAGYUaWYEucksDQWviiYcSA%2FY%2FvmpwFjhJS6asIaqD4NYVh6Twrvy8KgiMUTj93M9igXkCZop%2BXy7IEe54gDlsQbB8EpTnAJWKbWbDZIaAw%2FM9W7u205NbKk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7b0768605aa20b4d-OSL
content-encoding: br
X-Firefox-Spdy: h2

blog.s.id/_next/static/qULvRxyAT7Vjel_YkbY2z/_buildManifest.js

104.21.54.41

200 OK

79 kB

URL HTTP/2
blog.s.id/_next/static/qULvRxyAT7Vjel_YkbY2z/_buildManifest.js
IP
104.21.54.41:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (1039), with no line terminators
Size
79 kB (79107 bytes)
Hash
566a2f1153bdb3f08c5f8b89608acf13
eb0d3be83e50f64d0f76f361e655a87d88035e5a
1a0f9bb0e7c50635313b7b12bed8dce09a80b741b76756cee28f89047f26777f

HTTP Headers

GET /_next/static/qULvRxyAT7Vjel_YkbY2z/_buildManifest.js HTTP/1.1
Host: blog.s.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect
Cookie: _ga_LJQ0V44EV5=GS1.1.1680253283.1.0.1680253286.0.0.0; _ga=GA1.2.1229567822.1680253283; _ga_98MWVCBDD7=GS1.1.1680253283.1.0.1680253286.57.0.0; _gcl_au=1.1.1290883245.1680253283; _gid=GA1.2.922624130.1680253284; _gat_gtag_UA_225238330_2=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 31 Mar 2023 09:01:26 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
last-modified: Thu, 30 Mar 2023 03:48:59 GMT
etag: W/"40f-18730a20bf8"
vary: Accept-Encoding
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: HIT
age: 100780
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UsshScTIcb5frSSD6gJxruVY%2Fd3CPNldshOU6B98MfZegX6tQYYcCmZQf6ENesTT%2B1kN4De80GESlCb8WYWADjkie55kD5sc%2BThjjY0XobOwz3mGQsj%2FxQNuT%2FM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7b0768606ab70b4d-OSL
content-encoding: br
X-Firefox-Spdy: h2

blog.s.id/_next/static/qULvRxyAT7Vjel_YkbY2z/_ssgManifest.js

104.21.54.41

200 OK

52 B

URL HTTP/2
blog.s.id/_next/static/qULvRxyAT7Vjel_YkbY2z/_ssgManifest.js
IP
104.21.54.41:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with no line terminators
Size
52 B (52 bytes)
Hash
e8a5d33e4edbbba85ee35264a5786545
3d60860f109c03366c7c564afe7a1583269a2bbc
fc0060d976dcca35f738ff768cb8a2e66ab1f13792c3a996ededff7082daedc6

HTTP Headers

GET /_next/static/qULvRxyAT7Vjel_YkbY2z/_ssgManifest.js HTTP/1.1
Host: blog.s.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect
Cookie: _ga_LJQ0V44EV5=GS1.1.1680253283.1.0.1680253286.0.0.0; _ga=GA1.2.1229567822.1680253283; _ga_98MWVCBDD7=GS1.1.1680253283.1.0.1680253286.57.0.0; _gcl_au=1.1.1290883245.1680253283; _gid=GA1.2.922624130.1680253284; _gat_gtag_UA_225238330_2=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 31 Mar 2023 09:01:26 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
last-modified: Thu, 30 Mar 2023 03:48:59 GMT
etag: W/"4d-18730a20bf8"
vary: Accept-Encoding
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: HIT
age: 100780
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hyKcGkaKiNiyjM%2BDR4zDH9gwXtdCtvQYKGnYjIRA7%2F6RyOtBWbvoatDnWrplYhPkQpxj932yZqJdq3Ty8xP%2F3AUkccRKRkkkUydWbljnCGjwpH9mtE6G0AL0oiM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7b0768606ab90b4d-OSL
content-encoding: br
X-Firefox-Spdy: h2

blog.s.id/_next/static/chunks/769-42c553aad5ec5871.js

104.21.54.41

200 OK

67 kB

URL HTTP/2
blog.s.id/_next/static/chunks/769-42c553aad5ec5871.js
IP
104.21.54.41:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65536), with no line terminators
Size
67 kB (67183 bytes)
Hash
40ddf62764eec6dd5cf70333b58b6477
e28f94931474c89dd0e9953375c231263e471f77
30cd6d4099e51a5af5d253a0057cf2156c05d1909c9521e3bf4ac6b274ade295

HTTP Headers

GET /_next/static/chunks/769-42c553aad5ec5871.js HTTP/1.1
Host: blog.s.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect
Cookie: _ga_LJQ0V44EV5=GS1.1.1680253283.1.0.1680253286.0.0.0; _ga=GA1.2.1229567822.1680253283; _ga_98MWVCBDD7=GS1.1.1680253283.1.0.1680253286.57.0.0; _gcl_au=1.1.1290883245.1680253283; _gid=GA1.2.922624130.1680253284; _gat_gtag_UA_225238330_2=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 31 Mar 2023 09:01:26 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
last-modified: Wed, 15 Mar 2023 07:09:27 GMT
etag: W/"37ba9-186e41a3058"
vary: Accept-Encoding
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: HIT
age: 1309625
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c9pP5FSJ7L9DrreIoZNTM7Gruw6nusf7B1FnPJvu0eOnCgmIimM%2Bp4GOPm4N1Hb%2FTbA2tpxYChEqmSdaZUn1fexbRr7iNZuJ9epdM%2FGPKhALxH%2FOxmgUhw1Nb0w%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7b0768605aad0b4d-OSL
content-encoding: br
X-Firefox-Spdy: h2

pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2742216534640545

142.250.74.162

200 OK

48 kB

URL HTTP/2
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2742216534640545
IP
142.250.74.162:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (3599)
Size
48 kB (48349 bytes)
Hash
b9727a3554ed2c1d9d30718628c492b5
614cf8e535cb52736d0579bfd28fdc388ab74461
f91774d28cc882be4c0d7dcc670ff26dc9bccb7a3e636f15654363d4082d83aa

HTTP Headers

GET /pagead/js/adsbygoogle.js?client=ca-pub-2742216534640545 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blog.s.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 31 Mar 2023 09:01:27 GMT
expires: Fri, 31 Mar 2023 09:01:27 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 16735650785789414326
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 48349
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect

104.21.54.41

200 OK

17 kB

URL HTTP/2
blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect
IP
104.21.54.41:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (40462)
Size
17 kB (16799 bytes)
Hash
49374eeaae600e5ede765b98955425fa
c257b89448e89c4254e1a38d4b60f0dda5827e7a
bf95cd9162b5e49eb8c7c0b32305dca9ccc8178f7046535d05a8647368010026

HTTP Headers

GET /post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect HTTP/1.1
Host: blog.s.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://home.s.id/
Cookie: _ga_LJQ0V44EV5=GS1.1.1680253283.1.0.1680253283.0.0.0; _ga=GA1.2.1229567822.1680253283; _ga_98MWVCBDD7=GS1.1.1680253283.1.0.1680253283.60.0.0; _gcl_au=1.1.1290883245.1680253283; _gid=GA1.2.922624130.1680253284; _gat_gtag_UA_225238330_2=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site

HTTP/2 200 OK
date: Fri, 31 Mar 2023 09:01:26 GMT
content-type: text/html; charset=utf-8
x-powered-by: Next.js
cache-control: private, no-cache, no-store, max-age=0, must-revalidate
vary: Accept-Encoding
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0%2BkV%2BuQc23buAa0sBkc3ndDBJH4I27ilSxs6vxJDfrQKV08e8S71v6PEh8tuB%2FFpuUmoGkaNj87X6dr2w41ikRuVfLvc5hcSd%2BOEixFMh6Zdn%2FYwPz5oradI3m8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7b07685b6c430b4d-OSL
content-encoding: br
X-Firefox-Spdy: h2

blog.s.id/_next/static/chunks/webpack-434fefa8f39d8fbc.js

104.21.54.41

200 OK

5.4 kB

URL HTTP/2
blog.s.id/_next/static/chunks/webpack-434fefa8f39d8fbc.js
IP
104.21.54.41:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (1755), with no line terminators
Size
5.4 kB (5448 bytes)
Hash
127309e1148b4a3179865e35f5c7ba69
58581f2c2b9fefb65eefe1d2379937f85d3c1974
403b82c6c2cc0afc2f492f546d19fca7521fe062414cbb1600353767bf95ee0d

HTTP Headers

GET /_next/static/chunks/webpack-434fefa8f39d8fbc.js HTTP/1.1
Host: blog.s.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect
Cookie: _ga_LJQ0V44EV5=GS1.1.1680253283.1.0.1680253286.0.0.0; _ga=GA1.2.1229567822.1680253283; _ga_98MWVCBDD7=GS1.1.1680253283.1.0.1680253286.57.0.0; _gcl_au=1.1.1290883245.1680253283; _gid=GA1.2.922624130.1680253284; _gat_gtag_UA_225238330_2=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 31 Mar 2023 09:01:26 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
last-modified: Wed, 15 Mar 2023 07:09:27 GMT
etag: W/"6db-186e41a3058"
vary: Accept-Encoding
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: HIT
age: 1309625
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z%2Fe6Fw5Al7YvAsXBLqQNfSinEUxybhpFuoYZlVrJN7%2Bw42Rj%2F6SZTSRQjpS72G8NL8oiDEOHKeoIPw9Ui%2Bm71rqIocpCzPqXLPxwmzvGvWotZfRZlxIkKWU4bxg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7b0768605a9c0b4d-OSL
content-encoding: br
X-Firefox-Spdy: h2

blog.s.id/_next/static/chunks/pages/post/%5B...article%5D-9ffadfb59b43e923.js

104.21.54.41

200 OK

7.2 kB

URL HTTP/2
blog.s.id/_next/static/chunks/pages/post/%5B...article%5D-9ffadfb59b43e923.js
IP
104.21.54.41:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (18084), with no line terminators
Size
7.2 kB (7244 bytes)
Hash
1f7b1520d3b9dae450a0135e2fb55eaf
2a9329668e89b90f474d6d7186c4f9c25d8a7afd
464cc12a86d44de884a343c4d9604fbda90cb0348d94a91e3ae168858ea8a057

HTTP Headers

GET /_next/static/chunks/pages/post/%5B...article%5D-9ffadfb59b43e923.js HTTP/1.1
Host: blog.s.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect
Cookie: _ga_LJQ0V44EV5=GS1.1.1680253283.1.0.1680253286.0.0.0; _ga=GA1.2.1229567822.1680253283; _ga_98MWVCBDD7=GS1.1.1680253283.1.0.1680253286.57.0.0; _gcl_au=1.1.1290883245.1680253283; _gid=GA1.2.922624130.1680253284; _gat_gtag_UA_225238330_2=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 31 Mar 2023 09:01:26 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
last-modified: Wed, 15 Mar 2023 07:09:27 GMT
etag: W/"46a4-186e41a3058"
vary: Accept-Encoding
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: HIT
age: 1309625
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=biBMmZL2tKP9kRyZXU00DugFv4XPpafRZ5rdjkfTCyFmK8uQSgBk8YVkPPc4PfeSC6P4wlfChTEgswR7PYU%2BMqgO8jrXWhIZdJdf5Xro4AdtALXTb0IXueHPwsw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7b0768606ab40b4d-OSL
content-encoding: br
X-Firefox-Spdy: h2

static.zdassets.com/web_widget/latest/messenger/web-widget-4852-660d3cb.js

104.18.70.113

200 OK

167 kB

URL HTTP/2
static.zdassets.com/web_widget/latest/messenger/web-widget-4852-660d3cb.js
IP
104.18.70.113:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65307)
Size
167 kB (167171 bytes)
Hash
087fed04085903614a721409b738b6e5
f80b9c2053278979bcdcfd3dad6f588dd64f71b7
3e4d1e3246ad9ffe284e68e67cf6e44c8d3926fc5635d99b110ed5e358c58f01

HTTP Headers

GET /web_widget/latest/messenger/web-widget-4852-660d3cb.js HTTP/1.1
Host: static.zdassets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 31 Mar 2023 09:01:24 GMT
content-type: application/javascript; charset=utf-8
x-amz-id-2: gmyPiIPiaHNKNt9QM+fEzjdKobmVbgGolEwOMh7QjVSuSpX4sqTR2CRhWSIOHLWuh6kEUWZy77g=
x-amz-request-id: VSWAP6674S1VA6CQ
x-amz-replication-status: COMPLETED
last-modified: Tue, 28 Mar 2023 00:58:26 GMT
etag: W/"b361c19a9af081b357568069aa583838"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000
expires: Wed, 27 Mar 2024 00:58:25 GMT
x-amz-version-id: lCJr6G0FRoRJ3k9B7NLo_j8rphrHyr3h
cf-cache-status: HIT
age: 209078
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N5%2FDlUFGHHkqNRBP13GprqeR5s7x6w8WNFrJ8U1XUTr%2Fnpeq%2BmcKcD3eUd%2F7c6wG4cV6ymucw0vhkwDvjYpVaWThFws30Vx2l%2B6zgOviX4bnLtHa1et1yStSvMtc4%2F7JXPHTlno%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 7b076853ef7bb50c-OSL
content-encoding: br
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
d9bccde084c491a04e52752f2af1e16d
5a7a761608a0d79d383e104a0455f76bb0d2248e
aed5aade370f65d015700850f0a3a80c5f47066e82d200f5cf1d2d44657388dd

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 31 Mar 2023 09:01:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

adservice.google.no/adsid/integrator.js?domain=blog.s.id

142.250.74.66

200 OK

100 B

URL HTTP/2
adservice.google.no/adsid/integrator.js?domain=blog.s.id
IP
142.250.74.66:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
100 B (100 bytes)
Hash
917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac

HTTP Headers

GET /adsid/integrator.js?domain=blog.s.id HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blog.s.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Fri, 31 Mar 2023 09:01:28 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

adservice.google.com/adsid/integrator.js?domain=blog.s.id

142.250.74.66

200 OK

100 B

URL HTTP/2
adservice.google.com/adsid/integrator.js?domain=blog.s.id
IP
142.250.74.66:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
100 B (100 bytes)
Hash
917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac

HTTP Headers

GET /adsid/integrator.js?domain=blog.s.id HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blog.s.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Fri, 31 Mar 2023 09:01:28 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

home.s.id/_next/static/chunks/pages/_app-91584dffae148bc5.js

188.114.96.1

200 OK

102 kB

URL HTTP/2
home.s.id/_next/static/chunks/pages/_app-91584dffae148bc5.js
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65536), with no line terminators
Size
102 kB (102165 bytes)
Hash
760485b63ef76ce11f1626e58b8441b7
1b71be43672d4c38759731174c2565aec4a6cd44
0fa8d2ed169bc9862d9923e918058f600d3c7c92c8d260a7766d3588df4642ff

HTTP Headers

GET /_next/static/chunks/pages/_app-91584dffae148bc5.js HTTP/1.1
Host: home.s.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://home.s.id/forbidden
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 31 Mar 2023 09:01:22 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
last-modified: Thu, 30 Mar 2023 03:50:18 GMT
etag: W/"53e51-18730a34090"
vary: Accept-Encoding
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: HIT
age: 100782
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GWVTjAzfYmHHMGR3hjMX8IaEjT%2FAdI0q1%2FQq7p7qDLhjnFNO9dtmNNhguFuzLKtXk3FWuzBSjk1UGt9fJczFrybF85UdcJOccDEV74gW%2FDPIQe47IcpIMoStc24%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7b07684a6d731c0a-OSL
content-encoding: br
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
2f67dc9a5c95eca1b4911ccdfa024557
1c5fae325ebbec9280401bd05f68964e2d631afb
efe6c92a3a27c6e0566b3889c0e2b56f284afaf91d106660cfe63bee6420d99a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 31 Mar 2023 09:01:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
2f67dc9a5c95eca1b4911ccdfa024557
1c5fae325ebbec9280401bd05f68964e2d631afb
efe6c92a3a27c6e0566b3889c0e2b56f284afaf91d106660cfe63bee6420d99a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 31 Mar 2023 09:01:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

home.s.id/images/errors/403.svg

188.114.96.1

200 OK

0 B

URL HTTP/2
home.s.id/images/errors/403.svg
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /images/errors/403.svg HTTP/1.1
Host: home.s.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://home.s.id/forbidden
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 31 Mar 2023 09:01:23 GMT
content-type: image/svg+xml
cache-control: public, max-age=14400
last-modified: Tue, 27 Dec 2022 03:47:41 GMT
etag: W/"1136-18551b16f48"
vary: Accept-Encoding
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4aGi2hmvJ033yyIuG8pdhdmU20b5GWpJE8eZ6yjOWkGFGBdjdgZv3MCESf7jzU7JX6gkIbI4MwUKaawGpqYL3lm5IfyUV9iyGDRvaFsh%2FIz99NVYaZNqoYwhBNs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7b07684a8d8a1c0a-OSL
content-encoding: br
X-Firefox-Spdy: h2

blog.s.id/_next/static/chunks/471-dd22a53f3091be72.js

104.21.54.41

200 OK

0 B

URL HTTP/2
blog.s.id/_next/static/chunks/471-dd22a53f3091be72.js
IP
104.21.54.41:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /_next/static/chunks/471-dd22a53f3091be72.js HTTP/1.1
Host: blog.s.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect
Cookie: _ga_LJQ0V44EV5=GS1.1.1680253283.1.0.1680253286.0.0.0; _ga=GA1.2.1229567822.1680253283; _ga_98MWVCBDD7=GS1.1.1680253283.1.0.1680253286.57.0.0; _gcl_au=1.1.1290883245.1680253283; _gid=GA1.2.922624130.1680253284; _gat_gtag_UA_225238330_2=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 31 Mar 2023 09:01:26 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
last-modified: Wed, 15 Mar 2023 07:09:27 GMT
etag: W/"1ed84-186e41a3058"
vary: Accept-Encoding
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: HIT
age: 1309625
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vz2bGkM8lr22Mke2lOk7VNd2%2BqS%2BqXFWwrC1dDpQVd18EjbPj7nBJHPds7E5Lysb7%2B%2F7We6DQx5v%2FmRzlmnlwTqkxRWGdJ1E2ymz9t38lrQPrrqP9bKfnFo3xOk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7b0768605aac0b4d-OSL
content-encoding: br
X-Firefox-Spdy: h2

blog.s.id/_next/static/chunks/30846afe-cfd475acf1f13fd6.js

104.21.54.41

200 OK

0 B

URL HTTP/2
blog.s.id/_next/static/chunks/30846afe-cfd475acf1f13fd6.js
IP
104.21.54.41:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /_next/static/chunks/30846afe-cfd475acf1f13fd6.js HTTP/1.1
Host: blog.s.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect
Cookie: _ga_LJQ0V44EV5=GS1.1.1680253283.1.0.1680253286.0.0.0; _ga=GA1.2.1229567822.1680253283; _ga_98MWVCBDD7=GS1.1.1680253283.1.0.1680253286.57.0.0; _gcl_au=1.1.1290883245.1680253283; _gid=GA1.2.922624130.1680253284; _gat_gtag_UA_225238330_2=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 31 Mar 2023 09:01:26 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
last-modified: Wed, 15 Mar 2023 07:09:27 GMT
etag: W/"a05-186e41a3058"
vary: Accept-Encoding
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: HIT
age: 1309625
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O71SWgyjx5rLVbMKjRqhVdnG6YxJ%2BnczqUDOunoJYmRE8kKhxyMpWJHqifgAoICtcZI46U2iEqp2zu%2F5SqWZIdotP0Q1XWI8TM0c88nq1GYGp4OBzfAEvA56F1Y%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7b0768605aa50b4d-OSL
content-encoding: br
X-Firefox-Spdy: h2

blog.s.id/_next/static/chunks/main-42bee57ba94e9a13.js

104.21.54.41

200 OK

0 B

URL HTTP/2
blog.s.id/_next/static/chunks/main-42bee57ba94e9a13.js
IP
104.21.54.41:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /_next/static/chunks/main-42bee57ba94e9a13.js HTTP/1.1
Host: blog.s.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect
Cookie: _ga_LJQ0V44EV5=GS1.1.1680253283.1.0.1680253286.0.0.0; _ga=GA1.2.1229567822.1680253283; _ga_98MWVCBDD7=GS1.1.1680253283.1.0.1680253286.57.0.0; _gcl_au=1.1.1290883245.1680253283; _gid=GA1.2.922624130.1680253284; _gat_gtag_UA_225238330_2=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 31 Mar 2023 09:01:26 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
last-modified: Wed, 15 Mar 2023 07:09:27 GMT
etag: W/"193b5-186e41a3058"
vary: Accept-Encoding
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: HIT
age: 1309625
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RgurD39A%2BlKHndvBhIBJjm6pKouDHd%2Fm%2B%2BOPvDRYFPdSqg9EcORWrD5%2FhsCnRzolJmmwD9p%2B2VKxBfP%2FdreI9PIwhImmDYHxyCHjWyE6eEpM9YyixdV9KTKFXgM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7b0768605a9f0b4d-OSL
content-encoding: br
X-Firefox-Spdy: h2

sdotid.zendesk.com/embeddable/config

104.16.51.111

200 OK

0 B

URL HTTP/2
sdotid.zendesk.com/embeddable/config
IP
104.16.51.111:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /embeddable/config HTTP/1.1
Host: sdotid.zendesk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://home.s.id/
Origin: https://home.s.id
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 31 Mar 2023 09:01:24 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: 
access-control-max-age: 7200
cache-control: public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
x-zendesk-origin-server: embeddable-app-server-87c9df566-wqkw4
x-request-id: 7b07446aaceba301-JOG
x-runtime: 0.002061
vary: Origin, Accept-Encoding
x-cached: STALE
last-modified: Fri, 31 Mar 2023 08:54:29 GMT
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G%2BapeSxFECemhGH4L5rura32uOYCCmBT8MNe7sHeQb5%2F0yXhvtHPZc2wFhhCPS0F67EemNHXH9CozBrl%2B7V9f2jkSQQqFTu09902o0yNtnhbrmHT3BCN7wL2RNxbXZPJSwyesQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
set-cookie: __cfruid=19539ea1818160ccbf2483fa5a276acbe633014b-1680253284; path=/; domain=.sdotid.zendesk.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 7b0768507d25b4fd-OSL
content-encoding: br
X-Firefox-Spdy: h2

home.s.id/_next/static/chunks/webpack-3e03f7067a34f08f.js

188.114.96.1

200 OK

0 B

URL HTTP/2
home.s.id/_next/static/chunks/webpack-3e03f7067a34f08f.js
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /_next/static/chunks/webpack-3e03f7067a34f08f.js HTTP/1.1
Host: home.s.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://home.s.id/forbidden
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 31 Mar 2023 09:01:22 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
last-modified: Wed, 29 Mar 2023 07:58:49 GMT
etag: W/"1543-1872c606aa8"
vary: Accept-Encoding
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: HIT
age: 176297
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L8Bg%2BokNFSEHl1IJhB2Xawt5hSshzERhyYN%2F9iyDcwNLGX%2FoJLAwwJHADVpbK4rc6cliYP6djqbwa9JIj8bepqGidYMfLQ%2FablC3GOy4KNzLvvA1atq43soQ250%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7b07684a6d6b1c0a-OSL
content-encoding: br
X-Firefox-Spdy: h2

blog.s.id/_next/static/css/db96805030821792.css

104.21.54.41

200 OK

0 B

URL HTTP/2
blog.s.id/_next/static/css/db96805030821792.css
IP
104.21.54.41:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /_next/static/css/db96805030821792.css HTTP/1.1
Host: blog.s.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect
Cookie: _ga_LJQ0V44EV5=GS1.1.1680253283.1.0.1680253286.0.0.0; _ga=GA1.2.1229567822.1680253283; _ga_98MWVCBDD7=GS1.1.1680253283.1.0.1680253286.57.0.0; _gcl_au=1.1.1290883245.1680253283; _gid=GA1.2.922624130.1680253284; _gat_gtag_UA_225238330_2=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 31 Mar 2023 09:01:26 GMT
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
last-modified: Wed, 15 Mar 2023 07:09:27 GMT
etag: W/"f9d-186e41a3058"
vary: Accept-Encoding
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: HIT
age: 1309626
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EwAgqb20UjjZJ1PPfPx7diN%2FcjdbxOZG0aqTuUM5ylHPPvBzT7xxVeYTwTi6wq3EWM6P78fD9I0E2okjc%2BY1tiKuRsVeiQ2maMtM1snQfy15%2FYam5n3aQvJADwo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7b0768604a990b4d-OSL
content-encoding: br
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=G-98MWVCBDD7

142.250.74.168

200 OK

0 B

URL HTTP/2
www.googletagmanager.com/gtag/js?id=G-98MWVCBDD7
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /gtag/js?id=G-98MWVCBDD7 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://home.s.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 31 Mar 2023 09:01:23 GMT
expires: Fri, 31 Mar 2023 09:01:23 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 79267
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

home.s.id/_next/static/chunks/main-bba3f19427abc986.js

188.114.96.1

200 OK

0 B

URL HTTP/2
home.s.id/_next/static/chunks/main-bba3f19427abc986.js
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /_next/static/chunks/main-bba3f19427abc986.js HTTP/1.1
Host: home.s.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://home.s.id/forbidden
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 31 Mar 2023 09:01:22 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
last-modified: Wed, 15 Mar 2023 07:10:43 GMT
etag: W/"19458-186e41b5938"
vary: Accept-Encoding
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: HIT
age: 1309626
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LzKz%2FGL%2F5IwhdwTovm1TOq2taYaQWdHNOkzUD29XCOjDJ2xHBgmEdK5AWatTxG%2Bg1plT9OVAaBIM8sr9GsMXIIwO89dHwoQPyEPH1UamIzY%2F6TzDX21XDtnV2yI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7b07684a6d721c0a-OSL
content-encoding: br
X-Firefox-Spdy: h2

static.zdassets.com/web_widget/latest/messenger/web-widget-3017-660d3cb.js

104.18.70.113

200 OK

0 B

URL HTTP/2
static.zdassets.com/web_widget/latest/messenger/web-widget-3017-660d3cb.js
IP
104.18.70.113:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /web_widget/latest/messenger/web-widget-3017-660d3cb.js HTTP/1.1
Host: static.zdassets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 31 Mar 2023 09:01:24 GMT
content-type: application/javascript; charset=utf-8
x-amz-id-2: Z0h1mXL70uJbSKY84MZUkL0ClBFu6c+nSOua+oCuPf20Sy5K231aBFbUuzVh55EY5fdYZgayqko=
x-amz-request-id: VSWBW6N0BZ8APV9P
x-amz-replication-status: COMPLETED
last-modified: Tue, 28 Mar 2023 00:58:26 GMT
etag: W/"40d0e2b632d1b990738af3991e0aecb1"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000
expires: Wed, 27 Mar 2024 00:58:25 GMT
x-amz-version-id: ina_PZ0M7y.dw_MpptgwKDF7jcD.KIMt
cf-cache-status: HIT
age: 209078
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xRd1Ildy8f0qrPQcjFb7F54ivaJ59S6pZH6kipL2O2vbcWdy23vAzWJ1s9mP0noLAFUJH76HPZgwTRHrBKLMpc8iDyKPUlIXR%2FGTtc0YIfWUSRuy4zNNOdcUzmrvSfrFTmKqAzU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 7b076853ef82b50c-OSL
content-encoding: br
X-Firefox-Spdy: h2

blog.s.id/_next/static/chunks/729-5d3e4910df2038c0.js

104.21.54.41

200 OK

0 B

URL HTTP/2
blog.s.id/_next/static/chunks/729-5d3e4910df2038c0.js
IP
104.21.54.41:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /_next/static/chunks/729-5d3e4910df2038c0.js HTTP/1.1
Host: blog.s.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect
Cookie: _ga_LJQ0V44EV5=GS1.1.1680253283.1.0.1680253286.0.0.0; _ga=GA1.2.1229567822.1680253283; _ga_98MWVCBDD7=GS1.1.1680253283.1.0.1680253286.57.0.0; _gcl_au=1.1.1290883245.1680253283; _gid=GA1.2.922624130.1680253284; _gat_gtag_UA_225238330_2=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 31 Mar 2023 09:01:26 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
last-modified: Thu, 30 Mar 2023 03:48:59 GMT
etag: W/"4bf3-18730a20bf8"
vary: Accept-Encoding
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: HIT
age: 100780
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a5E4XSOHfasvixfTl8Dv4WL1qyMR%2ByuZv4Oft%2BX%2FfyMMD%2FjH7cJTMYFQa7FxX5OIYSknscSJ4J2HzDquHTfUmxyrC3c%2FSq%2FboC0yQjOTjaEsQvqJj3oxE0E6ivs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7b0768606aaf0b4d-OSL
content-encoding: br
X-Firefox-Spdy: h2

static.zdassets.com/web_widget/latest/messenger/web-widget-main-660d3cb.js

104.18.70.113

200 OK

0 B

URL HTTP/2
static.zdassets.com/web_widget/latest/messenger/web-widget-main-660d3cb.js
IP
104.18.70.113:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /web_widget/latest/messenger/web-widget-main-660d3cb.js HTTP/1.1
Host: static.zdassets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 31 Mar 2023 09:01:24 GMT
content-type: application/javascript; charset=utf-8
x-amz-id-2: 7CY4gNg1wuGSkXub6xt2qyCix3qJeiVH0Eqkb5tUk1phdDCcURWUJm4z0JJJ1wSAqvow3D8kOBY=
x-amz-request-id: 4ANA9WW213ARX0HB
x-amz-replication-status: COMPLETED
last-modified: Tue, 28 Mar 2023 00:58:26 GMT
etag: W/"2a7a35aeef02762e024fd5bff30dbdea"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000
expires: Wed, 27 Mar 2024 00:58:24 GMT
x-amz-version-id: olOcPjsMbt2uLvftNUzm_18c3QOJ7v.2
cf-cache-status: HIT
age: 209078
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VFKqGhCr%2BpxeFlFb1uosvShW3tpnm0HmWyAtyLTqfPQ0hQyXcoDVvdGBHf8GxYeyGxHCh2S60dIzxTHzlWeai8WvAl5Z%2FspCKQT07nmucyPciGHNO4ozMJ3tt8Le1%2FPB4fQNfmU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 7b0768526d3db50c-OSL
content-encoding: br
X-Firefox-Spdy: h2

home.s.id/_next/static/PcNZy4V_8icnoREHs8j88/_middlewareManifest.js

188.114.96.1

200 OK

0 B

URL HTTP/2
home.s.id/_next/static/PcNZy4V_8icnoREHs8j88/_middlewareManifest.js
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /_next/static/PcNZy4V_8icnoREHs8j88/_middlewareManifest.js HTTP/1.1
Host: home.s.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://home.s.id/forbidden
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 31 Mar 2023 09:01:22 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
last-modified: Thu, 30 Mar 2023 03:50:50 GMT
etag: W/"5c-18730a3bd90"
vary: Accept-Encoding
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: HIT
age: 100782
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xmKwwuDiUdaQCMSI8Z5TsRQKgzl432p9gb0eT%2F6NNopmfrILqMXTqiiZZaRIf9ShZx35fi4woh7AfTr7i8am0KpR08kpbUgQzhIC2Iwaa77qAw9OgpmiCu%2Fni74%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7b07684a7d7a1c0a-OSL
content-encoding: br
X-Firefox-Spdy: h2

ekr.zdassets.com/compose/4b27aa03-d3da-43eb-8382-660c054fbc9d

104.18.72.113

200 OK

0 B

URL HTTP/2
ekr.zdassets.com/compose/4b27aa03-d3da-43eb-8382-660c054fbc9d
IP
104.18.72.113:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /compose/4b27aa03-d3da-43eb-8382-660c054fbc9d HTTP/1.1
Host: ekr.zdassets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://home.s.id
Connection: keep-alive
Referer: https://home.s.id/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 31 Mar 2023 09:01:23 GMT
content-type: application/json; charset=utf-8
status: 200 OK
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-expose-headers: 
access-control-max-age: 7200
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cdn-cache-control: max-age=60
vary: Accept, Origin, Accept-Encoding
cache-control: max-age=600, public, stale-while-revalidate=600, stale-if-error=21600
etag: W/"5cdb822494faf4075722a9e5316d7499"
x-request-id: 7af38b537ad6069b-ARN, 7af38b537ad6069b-ARN
x-runtime: 0.003885
x-zendesk-zorg: yes
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kfNK1%2ByLFYaql1wdNHbdaygKOM4idtCVtHgpm8k2b1ToQYMmag6wb3HgAY47rqhTtMCynOkAnk4zkmPLCuNh1JcVZ3GfUlnDdZC8FnES8165a3d3Hj2PyjMtrpyxMUqhAT8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 7b07684bbffdb524-OSL
content-encoding: br
X-Firefox-Spdy: h2

blog.s.id/_next/static/chunks/framework-1d78b5852a861806.js

104.21.54.41

200 OK

0 B

URL HTTP/2
blog.s.id/_next/static/chunks/framework-1d78b5852a861806.js
IP
104.21.54.41:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /_next/static/chunks/framework-1d78b5852a861806.js HTTP/1.1
Host: blog.s.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect
Cookie: _ga_LJQ0V44EV5=GS1.1.1680253283.1.0.1680253286.0.0.0; _ga=GA1.2.1229567822.1680253283; _ga_98MWVCBDD7=GS1.1.1680253283.1.0.1680253286.57.0.0; _gcl_au=1.1.1290883245.1680253283; _gid=GA1.2.922624130.1680253284; _gat_gtag_UA_225238330_2=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 31 Mar 2023 09:01:26 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
last-modified: Wed, 15 Mar 2023 07:09:27 GMT
etag: W/"1fbbe-186e41a3058"
vary: Accept-Encoding
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: HIT
age: 1309626
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FvpzwuvZUQDxvc8zbqxIU%2BZSu%2BRM6nebMUBjZx0ZXArQ3dzGlAXxtRMqh65%2FJr%2FVxBnZEZCSkbdb7JUM33B2SKKXQGY6sRHUuHTbVRl3YzSAmHCiheDNGkMcDWQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7b0768605a9d0b4d-OSL
content-encoding: br
X-Firefox-Spdy: h2

static.zdassets.com/web_widget/latest/web-widget-framework-17cde1f5c77e14173e98.js

104.18.70.113

200 OK

0 B

URL HTTP/2
static.zdassets.com/web_widget/latest/web-widget-framework-17cde1f5c77e14173e98.js
IP
104.18.70.113:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /web_widget/latest/web-widget-framework-17cde1f5c77e14173e98.js HTTP/1.1
Host: static.zdassets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 31 Mar 2023 09:01:23 GMT
content-type: application/javascript; charset=utf-8
x-amz-id-2: gNSA5Gt4/K0ICYGAzIy9UajPykspKEpvgbLnLyBqWhLEmVM/1g9YG17rW5MbJycWvulAOIOZzfs2bUov//fjlw==
x-amz-request-id: YJT0A6KT9BJN81GW
x-amz-replication-status: COMPLETED
last-modified: Tue, 28 Mar 2023 00:52:42 GMT
etag: W/"9a22523a174d61325929e2f2b3281227"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000
expires: Wed, 27 Mar 2024 00:52:41 GMT
x-amz-version-id: sF00I9ZP2P.ZPdpa8jMGTZwYs_mUbya7
cf-cache-status: HIT
age: 209087
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n8k5AOC30yjxYF4cBNRmd8J6yUf7qCeW5GBlYx95r4clntXmGUx43fuqxKeU%2FP2gB0e7SdYdmxjGAn%2FRIQxE%2Fs7PLOeUq5RaX1sNrHMPcnCj6dbSShKwLzXzB99UbZnQFC7%2B8ms%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 7b07684fd9a9b50c-OSL
content-encoding: br
X-Firefox-Spdy: h2

blog.s.id/_next/static/css/74f55b331133c424.css

104.21.54.41

200 OK

0 B

URL HTTP/2
blog.s.id/_next/static/css/74f55b331133c424.css
IP
104.21.54.41:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /_next/static/css/74f55b331133c424.css HTTP/1.1
Host: blog.s.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect
Cookie: _ga_LJQ0V44EV5=GS1.1.1680253283.1.0.1680253286.0.0.0; _ga=GA1.2.1229567822.1680253283; _ga_98MWVCBDD7=GS1.1.1680253283.1.0.1680253286.57.0.0; _gcl_au=1.1.1290883245.1680253283; _gid=GA1.2.922624130.1680253284; _gat_gtag_UA_225238330_2=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 31 Mar 2023 09:01:26 GMT
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
last-modified: Wed, 29 Mar 2023 07:57:30 GMT
etag: W/"189fe-1872c5f3610"
vary: Accept-Encoding
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: HIT
age: 176170
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0jJQ0uZy%2BMk7XQuYOBqyKqt3UN74gdCz7gLcqjmF%2F3MDXcylLMSW%2F7V2DWSLt1VbnRRFnhbcmb8iEvGU3E9tghqkeARnYaBI43cq%2FLo22M%2F8WAmyzBbPHKMBUEs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7b0768604a930b4d-OSL
content-encoding: br
X-Firefox-Spdy: h2

blog.s.id/_next/static/qULvRxyAT7Vjel_YkbY2z/_middlewareManifest.js

104.21.54.41

200 OK

0 B

URL HTTP/2
blog.s.id/_next/static/qULvRxyAT7Vjel_YkbY2z/_middlewareManifest.js
IP
104.21.54.41:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /_next/static/qULvRxyAT7Vjel_YkbY2z/_middlewareManifest.js HTTP/1.1
Host: blog.s.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect
Cookie: _ga_LJQ0V44EV5=GS1.1.1680253283.1.0.1680253286.0.0.0; _ga=GA1.2.1229567822.1680253283; _ga_98MWVCBDD7=GS1.1.1680253283.1.0.1680253286.57.0.0; _gcl_au=1.1.1290883245.1680253283; _gid=GA1.2.922624130.1680253284; _gat_gtag_UA_225238330_2=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 31 Mar 2023 09:01:26 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
last-modified: Thu, 30 Mar 2023 03:49:23 GMT
etag: W/"5c-18730a269b8"
vary: Accept-Encoding
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: HIT
age: 100780
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nJly%2Bv2b4DORJiEMAwAfuCYMQxgvvKe4s9uFh3yLPh3MB%2BQpgXwd1QfHVVduv3p3vkiMIf5S0NOu5uRIgXZMVk2n%2FsokouiEmOqBjNgzs7Yhkf0%2FMLq%2FPQvnn3M%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7b0768606abd0b4d-OSL
content-encoding: br
X-Firefox-Spdy: h2

static.zdassets.com/ekr/snippet.js?key=4b27aa03-d3da-43eb-8382-660c054fbc9d

104.18.70.113

200 OK

0 B

URL HTTP/2
static.zdassets.com/ekr/snippet.js?key=4b27aa03-d3da-43eb-8382-660c054fbc9d
IP
104.18.70.113:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /ekr/snippet.js?key=4b27aa03-d3da-43eb-8382-660c054fbc9d HTTP/1.1
Host: static.zdassets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://home.s.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 31 Mar 2023 09:01:23 GMT
content-type: application/javascript
x-amz-id-2: vkl1julFjVVCeNmySgpr0CNRnNfJywI5yFKEAhmXoe/uWDYwbA4IhGFy+L8LmCWyQKx50gi/QJef+yScKd3Lnw==
x-amz-request-id: YZEQVQ41XEPXQ8NK
x-amz-replication-status: PENDING
last-modified: Fri, 17 Mar 2023 01:24:00 GMT
etag: W/"35755063f184195a50a9c07a2c71693a"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=3600, s-maxage=60
x-amz-version-id: PBHdtxERTX7HUmm2o8dmki0ZTZF0krHp
cf-cache-status: HIT
age: 35
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2YLTmZO7TegqKquw5LIokP1SKOpk6WR%2FnP1oMKCTyT57wY1nIJ6zB0awSc3XlTF8YGT7akb%2BfiUeVUi66pteHfapyp2TkCSd7rcYGzlyNzzW0qdmEIG0JyHHZ6IHVvJNAomEhWY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 7b07684afa47b50c-OSL
content-encoding: br
X-Firefox-Spdy: h2

static.zdassets.com/web_widget/latest/messenger/web-widget-locales/messenger/en-us-json-660d3cb.js

104.18.70.113

200 OK

0 B

URL HTTP/2
static.zdassets.com/web_widget/latest/messenger/web-widget-locales/messenger/en-us-json-660d3cb.js
IP
104.18.70.113:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /web_widget/latest/messenger/web-widget-locales/messenger/en-us-json-660d3cb.js HTTP/1.1
Host: static.zdassets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 31 Mar 2023 09:01:24 GMT
content-type: application/javascript; charset=utf-8
x-amz-id-2: RYdXOOKy1HOtgMm47xOnJKo3dRijpuMMyO1zDXpqYGfBkoZqDJ87+CV25KodhDqSc/z8+nhbn44=
x-amz-request-id: PF8MPK7NAMWDBKEJ
x-amz-replication-status: COMPLETED
last-modified: Tue, 28 Mar 2023 00:58:27 GMT
etag: W/"8340513af1527c72129bdfd58adc8b99"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000
expires: Wed, 27 Mar 2024 00:58:26 GMT
x-amz-version-id: t3AJIslMO6V4cKu0AIZXQursbNfEozLo
cf-cache-status: HIT
age: 209051
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=No36VuYHHtcXW7glRx5U8Yr1Tagyz4JDmhlSS%2FeX9acs5v33A6RiKJuIUxIsn1pR8LC%2Br4yVe20%2BaCe%2FAje5bHTjOXKRbGYJAxGE4piIEvznR5mDH8nXr9uWkI4TXr4zDXKPNXQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 7b076853df67b50c-OSL
content-encoding: br
X-Firefox-Spdy: h2

static.zdassets.com/web_widget/latest/messenger/web-widget-3487-660d3cb.js

104.18.70.113

200 OK

0 B

URL HTTP/2
static.zdassets.com/web_widget/latest/messenger/web-widget-3487-660d3cb.js
IP
104.18.70.113:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /web_widget/latest/messenger/web-widget-3487-660d3cb.js HTTP/1.1
Host: static.zdassets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 31 Mar 2023 09:01:24 GMT
content-type: application/javascript; charset=utf-8
x-amz-id-2: TPPZjDfCmjIgXtYb5fSDMR7L65AWfnyeWlhCSR3APpCK8GeHCCV8dc9UUZnQKEyQo3at5Aoi280=
x-amz-request-id: VSW50D2CZ4WE372X
x-amz-replication-status: COMPLETED
last-modified: Tue, 28 Mar 2023 00:58:26 GMT
etag: W/"1ee21198c6e244c8d7bf3bacbc6faa0f"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000
expires: Wed, 27 Mar 2024 00:58:25 GMT
x-amz-version-id: oD6M2RuSVTp_VfDe7Mc22J.9_zrjrF1m
cf-cache-status: HIT
age: 209078
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5U4ww3WBy2HUugT3mg6Ighhk4SdXsv%2BR21rv4B%2FBVixOOHgOZBuhtHwTDBG1wqCrfqrrzxB131rzXNqqze2lkJeYebfMPZI2qH0Tt%2BZfe4%2BqofqvemBbDqYY0Sp0AqT0ksFiWBc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 7b076853ef86b50c-OSL
content-encoding: br
X-Firefox-Spdy: h2

static.zdassets.com/web_widget/latest/messenger/web-widget-3789-660d3cb.js

104.18.70.113

200 OK

0 B

URL HTTP/2
static.zdassets.com/web_widget/latest/messenger/web-widget-3789-660d3cb.js
IP
104.18.70.113:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /web_widget/latest/messenger/web-widget-3789-660d3cb.js HTTP/1.1
Host: static.zdassets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 31 Mar 2023 09:01:24 GMT
content-type: application/javascript; charset=utf-8
x-amz-id-2: DnRzO4kZ2aL67eSj6ZrzqbA2DVNEqw53EI4vbzriZWMXdTvk3wkEbNlUqPBX661//his2bZScKs=
x-amz-request-id: VSW6M9HMY3N8E7M0
x-amz-replication-status: COMPLETED
last-modified: Tue, 28 Mar 2023 00:58:26 GMT
etag: W/"6af06a25e69c609f5b52830fc5e8a62d"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000
expires: Wed, 27 Mar 2024 00:58:24 GMT
x-amz-version-id: aES7C0WvHMN3603MIPwjba4g3yfMyK.E
cf-cache-status: HIT
age: 209078
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fx94vLxOrgiGkW0CB7%2BTYX%2BneOeZ3jqE2WUl3RpUAnh%2BQfOzWKJT6juCtoxNQomOjGqn9TkiTpPA6FRN29YChbWLc89D1yQNIW%2BI7pNZrlB39MAxM3X8E4tyHOs5oD1l9rf0EfI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 7b076853ff8fb50c-OSL
content-encoding: br
X-Firefox-Spdy: h2

home.s.id/_next/static/chunks/pages/forbidden-9c7287b02a773507.js

188.114.96.1

200 OK

0 B

URL HTTP/2
home.s.id/_next/static/chunks/pages/forbidden-9c7287b02a773507.js
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /_next/static/chunks/pages/forbidden-9c7287b02a773507.js HTTP/1.1
Host: home.s.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://home.s.id/forbidden
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 31 Mar 2023 09:01:22 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
last-modified: Wed, 15 Mar 2023 07:10:43 GMT
etag: W/"e69-186e41b5938"
vary: Accept-Encoding
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: HIT
age: 641445
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=en8uBVNuSkZ%2BS%2FvmohoOT2wQDnmZFkCuXGUZ4s1lzd27d9mk4jNx8TBgtWKusr4Jd4OelsCXuIcAD8IqHA87j3sJ0Cku575LWkRqSWOqP4XD1itzXGNLpEmtCnQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7b07684a7d741c0a-OSL
content-encoding: br
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Montserrat:wght@400;500;600;700;800&family=Work+Sans:wght@400;500;600;700&display=swap

142.250.74.106

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css2?family=Montserrat:wght@400;500;600;700;800&family=Work+Sans:wght@400;500;600;700&display=swap
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css2?family=Montserrat:wght@400;500;600;700;800&family=Work+Sans:wght@400;500;600;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://home.s.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 31 Mar 2023 09:01:23 GMT
date: Fri, 31 Mar 2023 09:01:23 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (52)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML