track.bima-up.live/15d27feb-d098-471f-ac14-e952950fb3ce
302 0 B URL HTTP/1.1 track.bima-up.live/15d27feb-d098-471f-ac14-e952950fb3ce
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /15d27feb-d098-471f-ac14-e952950fb3ce HTTP/1.1
Host: track.bima-up.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302
Server: nginx
Date: Wed, 01 Feb 2023 23:51:27 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://lp.bima-up.live/anda-menang-kami-bayar/?cep=K0B0bXIvjY3v1HVxApnMGRfxr4KEF1KMp9hNkZ3Prszwxv6PXHesOMg49P3X1YR046or4foVfRH30Ljv8cTslwB10DLFb2Od6b64TuZorQ9RSrm_47ozwjMD7KatoeQ7AI2MjweIXCqIZq5rkhZzkk-qakABw4bZ9BNXGe2bcsG6fWu7cKS1TDe9G2q6iL15KjDIPlLnb42Y6v8QLVPGDnJSTTWAMPKGmHsbuE72TXT1sYuFCIaacqjr_3DFEIWJAxg9dzkGu7SlUKum8399rP-ShcOUIqp5t_GoRqsL1A2Qwgx_RgythP0o16bDVipTIhRUfwiZXlRuWas2uTRS0s3_uPM07UtQYoVQlKWE7NE&lptoken=16ce75522975728b8715
Pragma: no-cache
Set-Cookie: 15d27feb-d098-471f-ac14-e952950fb3ce-v4=CLn6IfiKu-cKj_bD2HbEDVRcjDYLBl8-gj7eTowUif8; Max-Age=86400; Expires=Thu, 02-Feb-2023 23:51:27 GMT; Domain=track.bima-up.live; Path=/; HttpOnly
cep-v4=EAN0dtvafa8CsLoWYe9EO999mKA0gSwVWfmn1_rN80nxVbI2JtdpOzoNzJpdIFftcTHGFwi51deaFRKIn-jKNtOSPg-O-U8a7YPeQO1jUzEOmOV5MYrgObIkhA1oBmpaaqcwwMdu0jQHRG0jzr5aR0ab9K-aKxLkQDzSQC_rty5qV_fp7qcQaBOs1f8TxtmCMdny2sVanj7KZvUAerijt1GZ25vQFM9K8nNkq2T-0xuBrG9kcwQVKAJFkm7Uy_ySDKo-S0Kg7HEYy96H6P_jK6Qo-OxwgsPa-Gk9U5FuMhtF9cFaW3-tZ-X1msYFq2fFm7bI3yuE6Z48WG3d0YfsfxUSczkN0NpXJjR7ekp8WdE; Max-Age=86400; Expires=Thu, 02-Feb-2023 23:51:27 GMT; Domain=track.bima-up.live; Path=/; HttpOnly
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 7e05c8461bd2dc5a149f71e2c465ea29
705983959c887e243cb55a8a1796757b579ee977
4d9ea085d5dda9dabed11af9847c2b0aa6182358673b356a4e2bd631e22a9922
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4D9EA085D5DDA9DABED11AF9847C2B0AA6182358673B356A4E2BD631E22A9922"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3774
Expires: Thu, 02 Feb 2023 00:54:21 GMT
Date: Wed, 01 Feb 2023 23:51:27 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash e935ea42be4feaed61a824b0b903913e
f966cfa80d65a805cb9d7c6a53b3340865d7c51a
eb0ce9ae50d156fe5924b2d77346735e4e93b5240cff301c9aa835bb0b385815
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EB0CE9AE50D156FE5924B2D77346735E4E93B5240CFF301C9AA835BB0B385815"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19636
Expires: Thu, 02 Feb 2023 05:18:43 GMT
Date: Wed, 01 Feb 2023 23:51:27 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Retry-After, Content-Length, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 01 Feb 2023 23:43:26 GMT
content-type: application/json
age: 481
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash a8d45deaa7ebfcd996c2055dae592ab8
55befe074589fe7b39757c145968058162a8fc6b
50d7d516f446458145a304b288a0a39d391cd37ea50dabea36ae48d291c65ba7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "50D7D516F446458145A304B288A0A39D391CD37EA50DABEA36AE48D291C65BA7"
Last-Modified: Tue, 31 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14868
Expires: Thu, 02 Feb 2023 03:59:15 GMT
Date: Wed, 01 Feb 2023 23:51:27 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: Wc6+mygJb9mrvWYVllArS8MpAGA47vDi54u7KJtDkQQ/ouv5LdsDHNHDU5Vr4n9BrlspJR4+9TA=
x-amz-request-id: KA6PA56EDBWGTDV6
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 01 Feb 2023 23:22:51 GMT
age: 1716
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 01 Feb 2023 23:51:27 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash ebc82779a7b8d0efbd995ba348a3d521
b971cb87bf52f5c63c62d0d52a6bf500a35d85ad
2ced2caeb92f0356f4d8251fc838fc4d3433812483c3d3dd60223f6eafbb176c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2CED2CAEB92F0356F4D8251FC838FC4D3433812483C3D3DD60223F6EAFBB176C"
Last-Modified: Tue, 31 Jan 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Thu, 02 Feb 2023 05:51:27 GMT
Date: Wed, 01 Feb 2023 23:51:27 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Content-Type, ETag, Last-Modified, Alert, Retry-After, Content-Length, Cache-Control, Pragma, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 01 Feb 2023 23:49:05 GMT
age: 142
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 8913af0be619500295008bb91f506660
a7b8068ba9aa506205a295b24458c2616997a0d1
6a9838d00256431807ca382fc205064b07c08d5054f2895c2ae3cc4e9094179a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A9838D00256431807CA382FC205064B07C08D5054F2895C2AE3CC4E9094179A"
Last-Modified: Wed, 01 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16011
Expires: Thu, 02 Feb 2023 04:18:19 GMT
Date: Wed, 01 Feb 2023 23:51:28 GMT
Connection: keep-alive
lp.bima-up.live/anda-menang-kami-bayar/?cep=K0B0bXIvjY3v1HVxApnMGRfxr4KEF1KMp9hNkZ3Prszwxv6PXHesOMg49P3X1YR046or4foVfRH30Ljv8cTslwB10DLFb2Od6b64TuZorQ9RSrm_47ozwjMD7KatoeQ7AI2MjweIXCqIZq5rkhZzkk-qakABw4bZ9BNXGe2bcsG6fWu7cKS1TDe9G2q6iL15KjDIPlLnb42Y6v8QLVPGDnJSTTWAMPKGmHsbuE72TXT1sYuFCIaacqjr_3DFEIWJAxg9dzkGu7SlUKum8399rP-ShcOUIqp5t_GoRqsL1A2Qwgx_RgythP0o16bDVipTIhRUfwiZXlRuWas2uTRS0s3_uPM07UtQYoVQlKWE7NE&lptoken=16ce75522975728b8715
200 OK 24 kB URL HTTP/2 lp.bima-up.live/anda-menang-kami-bayar/?cep=K0B0bXIvjY3v1HVxApnMGRfxr4KEF1KMp9hNkZ3Prszwxv6PXHesOMg49P3X1YR046or4foVfRH30Ljv8cTslwB10DLFb2Od6b64TuZorQ9RSrm_47ozwjMD7KatoeQ7AI2MjweIXCqIZq5rkhZzkk-qakABw4bZ9BNXGe2bcsG6fWu7cKS1TDe9G2q6iL15KjDIPlLnb42Y6v8QLVPGDnJSTTWAMPKGmHsbuE72TXT1sYuFCIaacqjr_3DFEIWJAxg9dzkGu7SlUKum8399rP-ShcOUIqp5t_GoRqsL1A2Qwgx_RgythP0o16bDVipTIhRUfwiZXlRuWas2uTRS0s3_uPM07UtQYoVQlKWE7NE&lptoken=16ce75522975728b8715
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (45992)
Hash f89e47b8856b23c60429f2065e2449a2
b1556781795b1fd44f052daa2559ec04c446e427
d50f7088d198b69e846928045601af64c37181bacbb642c7e3889da4ac900741
GET /anda-menang-kami-bayar/?cep=K0B0bXIvjY3v1HVxApnMGRfxr4KEF1KMp9hNkZ3Prszwxv6PXHesOMg49P3X1YR046or4foVfRH30Ljv8cTslwB10DLFb2Od6b64TuZorQ9RSrm_47ozwjMD7KatoeQ7AI2MjweIXCqIZq5rkhZzkk-qakABw4bZ9BNXGe2bcsG6fWu7cKS1TDe9G2q6iL15KjDIPlLnb42Y6v8QLVPGDnJSTTWAMPKGmHsbuE72TXT1sYuFCIaacqjr_3DFEIWJAxg9dzkGu7SlUKum8399rP-ShcOUIqp5t_GoRqsL1A2Qwgx_RgythP0o16bDVipTIhRUfwiZXlRuWas2uTRS0s3_uPM07UtQYoVQlKWE7NE&lptoken=16ce75522975728b8715 HTTP/1.1
Host: lp.bima-up.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Wed, 01 Feb 2023 23:51:27 GMT
content-type: text/html
vary: Accept-Encoding
etag: W/"663e9bd0ea23fc1bbb2af7c5ed1d909b"
last-modified: Sat, 21 May 2022 16:09:04 GMT
x-cache: MISS, HIT
cache-control: no-cache
server: Leadpages
strict-transport-security: max-age=15768000
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash de49044c9365e16fec3a6d361cb94728
2b7b69c16de6fda1ae5206f92fe781ee07bd182a
6e76887b036544a5da3918116a180876c094cc3b31676abce8d5b7b716b00c30
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 23:51:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1d4/nQd1R-k6YuY
200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/nQd1R-k6YuY
IP
Hash efecec5a6c9c74e126b3b9b5f999ce00
db008cefd57064dc5288fbc90aa55c7905fab32b
17c262c5a584966696a37afda870fcd70ae357ec5d4e75e229addf98a03b2c4a
POST /s/gts1d4/nQd1R-k6YuY HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 23:51:28 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1d4/FnnVkHgPuNk
200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/FnnVkHgPuNk
IP
Hash c9d28f84ee404387183fc2f478e90b63
abecf97a673d7f341de0223ff66a9158365041b6
31a5660e28bd5641aaabf8d4081a34acd6e9a76c28256ad0d1b025d0f05c70f8
POST /s/gts1d4/FnnVkHgPuNk HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 23:51:28 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.leadpages.net/fonts/font-awesome/5.14.0/css/all.min.css
200 OK 15 kB URL HTTP/2 static.leadpages.net/fonts/font-awesome/5.14.0/css/all.min.css
IP
File type ASCII text, with very long lines (58749)
Hash f42272a0f636e716204c0bec503ba28c
2dfd630f7b31d442fb25aca978b26c0efe377481
3ede591eca234ade8e54d107d4b391129bdedff614876fd513ab94aaa0b7e7d4
GET /fonts/font-awesome/5.14.0/css/all.min.css HTTP/1.1
Host: static.leadpages.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
vary: Accept-Encoding
x-cloud-trace-context: 6d0c6ed46f0ad3268d1bd7b3e1ebb29d
content-encoding: gzip
server: Google Frontend
via: 1.1 google
date: Wed, 18 Jan 2023 22:06:45 GMT
expires: Thu, 18 Jan 2024 22:06:45 GMT
cache-control: public, max-age=31536000
etag: "rvb96Q"
content-type: text/css
content-length: 14628
age: 1215883
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
embed.lpcontent.net/leadbars/current/embed.js
200 OK 16 kB URL HTTP/2 embed.lpcontent.net/leadbars/current/embed.js
IP
File type ASCII text, with very long lines (28113)
Hash b9f809b10ab66614a668cbe638c8458c
eb21b6e5016f798c3678a98c4a5d7c720b670271
9646fe51c10c2983d666660bfd15689ddffc4bda41170ad0daec76d1877577e6
GET /leadbars/current/embed.js HTTP/1.1
Host: embed.lpcontent.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lp.bima-up.live/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
vary: Accept-Encoding
x-cloud-trace-context: c64525803540e23ebacdec6bcbcb5d4f
content-encoding: gzip
server: Google Frontend
via: 1.1 google
content-length: 15839
date: Wed, 01 Feb 2023 23:48:24 GMT
expires: Wed, 01 Feb 2023 23:53:24 GMT
cache-control: public, max-age=300
age: 184
etag: "rvb96Q"
content-type: application/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=G-DN42Q62RRE
200 OK 77 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-DN42Q62RRE
IP
File type ASCII text, with very long lines (19467)
Hash aeee25ae8710ef9f31c9e12f8c1b5515
9f7b12ce78b9ebc446b7662f4bf1c26fd2e3ed15
bc904bc9443cbcf0b32aab485a5a4d2f3eb44d60cfe86839df95a27b9043725d
GET /gtag/js?id=G-DN42Q62RRE HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lp.bima-up.live/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 01 Feb 2023 23:51:28 GMT
expires: Wed, 01 Feb 2023 23:51:28 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 77117
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/nQd1R-k6YuY
200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/nQd1R-k6YuY
IP
Hash efecec5a6c9c74e126b3b9b5f999ce00
db008cefd57064dc5288fbc90aa55c7905fab32b
17c262c5a584966696a37afda870fcd70ae357ec5d4e75e229addf98a03b2c4a
POST /s/gts1d4/nQd1R-k6YuY HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 23:51:28 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 3yZDVHipKEL9Ui/eeRpD+Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: f+I3mzGUG6/pNmmpFy+hFhOAFPQ=
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 2751084b42dd111d0a7f28241a77201b
680a9ac2f4cf451c9a8449c4df3587595ed9cc4c
1c68a770afbcdb5405fe330f2eabefa576ea1d08740719956083d7f6b490ccf8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 23:51:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1d4/FnnVkHgPuNk
200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/FnnVkHgPuNk
IP
Hash c9d28f84ee404387183fc2f478e90b63
abecf97a673d7f341de0223ff66a9158365041b6
31a5660e28bd5641aaabf8d4081a34acd6e9a76c28256ad0d1b025d0f05c70f8
POST /s/gts1d4/FnnVkHgPuNk HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 23:51:28 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash de49044c9365e16fec3a6d361cb94728
2b7b69c16de6fda1ae5206f92fe781ee07bd182a
6e76887b036544a5da3918116a180876c094cc3b31676abce8d5b7b716b00c30
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 23:51:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1d4/WT_FO6-f4_k
200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/WT_FO6-f4_k
IP
Hash 74ce8045c96a2c70820a5ac8f95d6faf
a56d4013593cb38970742ba1d538dd213d7914a1
406070c5bd8aba6aca83bcca108f9db2e674586c125cee688963ab4b63acc1e4
POST /s/gts1d4/WT_FO6-f4_k HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 23:51:28 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
js.center.io/center.js
200 OK 5.4 kB IP
File type ASCII text, with very long lines (566)
Hash 276609e3cfacad7622ab02bcd80a5f75
26fbc873773aada776b4cb2120a63130754f79ee
2037635942b2f0bde97187a1e26846a90f1c3e4944d5673b1be2a8d4376f2f9c
GET /center.js HTTP/1.1
Host: js.center.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lp.bima-up.live/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-cloud-trace-context: b7a931e89835e87215fd7558bab8d724
content-encoding: gzip
server: Google Frontend
content-length: 5417
date: Wed, 01 Feb 2023 23:51:21 GMT
expires: Wed, 01 Feb 2023 23:56:21 GMT
cache-control: public, max-age=300
age: 7
etag: "OMWYXg"
content-type: application/javascript
X-Firefox-Spdy: h2
js.center.io/identify.html
200 OK 2.0 kB URL HTTP/2 js.center.io/identify.html
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (612)
Hash c16ca7cb44a55621b5a53b8d3066ef99
9d19d037b0f6c1c12aa6cc3e378e13093272b0d3
9fb2d501b3b8e18a65f3eff4634517306fe997abb6dc3d821216bf33e3e91f3a
GET /identify.html HTTP/1.1
Host: js.center.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lp.bima-up.live/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-cloud-trace-context: ea22733b50350a0b5faad9281a371840
content-encoding: gzip
server: Google Frontend
content-length: 2016
date: Wed, 01 Feb 2023 23:50:23 GMT
expires: Wed, 01 Feb 2023 23:55:23 GMT
cache-control: public, max-age=300
age: 65
etag: "OMWYXg"
content-type: text/html
X-Firefox-Spdy: h2
ocsp.godaddy.com/
200 OK 1.8 kB IP
Hash 12cfc38218602358daf79f6c3826ca9e
63e50257a5203604c627b6b407b71edea8237e6c
60e74047840bc422d80dc78ed49b36d2ed63e66dd24da4bc800e69f208df11e1
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Wed, 01 Feb 2023 23:51:28 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19041
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Wed, 01 Feb 2023 03:12:32 GMT
Expires: Thu, 02 Feb 2023 03:12:32 GMT
ETag: "63e50257a5203604c627b6b407b71edea8237e6c"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
region1.google-analytics.com/g/collect?v=2&tid=G-DN42Q62RRE>m=2oe1u0&_p=1398665750&cid=741457270.1675295512&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675295512&sct=1&seg=0&dl=https%3A%2F%2Flp.bima-up.live%2Fanda-menang-kami-bayar%2F%3Fcep%3DK0B0bXIvjY3v1HVxApnMGRfxr4KEF1KMp9hNkZ3Prszwxv6PXHesOMg49P3X1YR046or4foVfRH30Ljv8cTslwB10DLFb2Od6b64TuZorQ9RSrm_47ozwjMD7KatoeQ7AI2MjweIXCqIZq5rkhZzkk-qakABw4bZ9BNXGe2bcsG6fWu7cKS1TDe9G2q6iL15KjDIPlLnb42Y6v8QLVPGDnJSTTWAMPKGmHsbuE72TXT1sYuFCIaacqjr_3DFEIWJAxg9dzkGu7SlUKum8399rP-ShcOUIqp5t_GoRqsL1A2Qwgx_RgythP0o16bDVipTIhRUfwiZXlRuWas2uTRS0s3_uPM07UtQYoVQlKWE7NE%26lptoken%3D16ce75522975728b8715&dt=BimaBet%20-%20Anda%20Menang%2C%20Kami%20Bayar!%20Tanpa%20Basa-Basi!&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-DN42Q62RRE>m=2oe1u0&_p=1398665750&cid=741457270.1675295512&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675295512&sct=1&seg=0&dl=https%3A%2F%2Flp.bima-up.live%2Fanda-menang-kami-bayar%2F%3Fcep%3DK0B0bXIvjY3v1HVxApnMGRfxr4KEF1KMp9hNkZ3Prszwxv6PXHesOMg49P3X1YR046or4foVfRH30Ljv8cTslwB10DLFb2Od6b64TuZorQ9RSrm_47ozwjMD7KatoeQ7AI2MjweIXCqIZq5rkhZzkk-qakABw4bZ9BNXGe2bcsG6fWu7cKS1TDe9G2q6iL15KjDIPlLnb42Y6v8QLVPGDnJSTTWAMPKGmHsbuE72TXT1sYuFCIaacqjr_3DFEIWJAxg9dzkGu7SlUKum8399rP-ShcOUIqp5t_GoRqsL1A2Qwgx_RgythP0o16bDVipTIhRUfwiZXlRuWas2uTRS0s3_uPM07UtQYoVQlKWE7NE%26lptoken%3D16ce75522975728b8715&dt=BimaBet%20-%20Anda%20Menang%2C%20Kami%20Bayar!%20Tanpa%20Basa-Basi!&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-DN42Q62RRE>m=2oe1u0&_p=1398665750&cid=741457270.1675295512&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675295512&sct=1&seg=0&dl=https%3A%2F%2Flp.bima-up.live%2Fanda-menang-kami-bayar%2F%3Fcep%3DK0B0bXIvjY3v1HVxApnMGRfxr4KEF1KMp9hNkZ3Prszwxv6PXHesOMg49P3X1YR046or4foVfRH30Ljv8cTslwB10DLFb2Od6b64TuZorQ9RSrm_47ozwjMD7KatoeQ7AI2MjweIXCqIZq5rkhZzkk-qakABw4bZ9BNXGe2bcsG6fWu7cKS1TDe9G2q6iL15KjDIPlLnb42Y6v8QLVPGDnJSTTWAMPKGmHsbuE72TXT1sYuFCIaacqjr_3DFEIWJAxg9dzkGu7SlUKum8399rP-ShcOUIqp5t_GoRqsL1A2Qwgx_RgythP0o16bDVipTIhRUfwiZXlRuWas2uTRS0s3_uPM07UtQYoVQlKWE7NE%26lptoken%3D16ce75522975728b8715&dt=BimaBet%20-%20Anda%20Menang%2C%20Kami%20Bayar!%20Tanpa%20Basa-Basi!&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://lp.bima-up.live
Connection: keep-alive
Referer: https://lp.bima-up.live/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://lp.bima-up.live
date: Wed, 01 Feb 2023 23:51:29 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
api.leadpages.io/analytics/v1/events/capture?k=view&a=leadpage&l=gNhXck89wRbrbbtfnepL3R&v=&e=&st=&lc=en-US&pid=AEbxHzGYBGpmqeMEqpLZnR-default-prop&uid=QTTgTGv9VUXe6d5zHm9nHQ&sid=uUbxJS9chC8MFMwZ5vdnmC&cid=lp-gNhXck89wRbrbbtfnepL3R&uri=https%3A%2F%2Flp.bima-up.live%2Fanda-menang-kami-bayar%2F%3Fcep%3DK0B0bXIvjY3v1HVxApnMGRfxr4KEF1KMp9hNkZ3Prszwxv6PXHesOMg49P3X1YR046or4foVfRH30Ljv8cTslwB10DLFb2Od6b64TuZorQ9RSrm_47ozwjMD7KatoeQ7AI2MjweIXCqIZq5rkhZzkk-qakABw4bZ9BNXGe2bcsG6fWu7cKS1TDe9G2q6iL15KjDIPlLnb42Y6v8QLVPGDnJSTTWAMPKGmHsbuE72TXT1sYuFCIaacqjr_3DFEIWJAxg9dzkGu7SlUKum8399rP-ShcOUIqp5t_GoRqsL1A2Qwgx_RgythP0o16bDVipTIhRUfwiZXlRuWas2uTRS0s3_uPM07UtQYoVQlKWE7NE%26lptoken%3D16ce75522975728b8715&rf=&rx=1280&ry=939&tz=%2B00%3A00
200 OK 35 B URL HTTP/1.1 api.leadpages.io/analytics/v1/events/capture?k=view&a=leadpage&l=gNhXck89wRbrbbtfnepL3R&v=&e=&st=&lc=en-US&pid=AEbxHzGYBGpmqeMEqpLZnR-default-prop&uid=QTTgTGv9VUXe6d5zHm9nHQ&sid=uUbxJS9chC8MFMwZ5vdnmC&cid=lp-gNhXck89wRbrbbtfnepL3R&uri=https%3A%2F%2Flp.bima-up.live%2Fanda-menang-kami-bayar%2F%3Fcep%3DK0B0bXIvjY3v1HVxApnMGRfxr4KEF1KMp9hNkZ3Prszwxv6PXHesOMg49P3X1YR046or4foVfRH30Ljv8cTslwB10DLFb2Od6b64TuZorQ9RSrm_47ozwjMD7KatoeQ7AI2MjweIXCqIZq5rkhZzkk-qakABw4bZ9BNXGe2bcsG6fWu7cKS1TDe9G2q6iL15KjDIPlLnb42Y6v8QLVPGDnJSTTWAMPKGmHsbuE72TXT1sYuFCIaacqjr_3DFEIWJAxg9dzkGu7SlUKum8399rP-ShcOUIqp5t_GoRqsL1A2Qwgx_RgythP0o16bDVipTIhRUfwiZXlRuWas2uTRS0s3_uPM07UtQYoVQlKWE7NE%26lptoken%3D16ce75522975728b8715&rf=&rx=1280&ry=939&tz=%2B00%3A00
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
GET /analytics/v1/events/capture?k=view&a=leadpage&l=gNhXck89wRbrbbtfnepL3R&v=&e=&st=&lc=en-US&pid=AEbxHzGYBGpmqeMEqpLZnR-default-prop&uid=QTTgTGv9VUXe6d5zHm9nHQ&sid=uUbxJS9chC8MFMwZ5vdnmC&cid=lp-gNhXck89wRbrbbtfnepL3R&uri=https%3A%2F%2Flp.bima-up.live%2Fanda-menang-kami-bayar%2F%3Fcep%3DK0B0bXIvjY3v1HVxApnMGRfxr4KEF1KMp9hNkZ3Prszwxv6PXHesOMg49P3X1YR046or4foVfRH30Ljv8cTslwB10DLFb2Od6b64TuZorQ9RSrm_47ozwjMD7KatoeQ7AI2MjweIXCqIZq5rkhZzkk-qakABw4bZ9BNXGe2bcsG6fWu7cKS1TDe9G2q6iL15KjDIPlLnb42Y6v8QLVPGDnJSTTWAMPKGmHsbuE72TXT1sYuFCIaacqjr_3DFEIWJAxg9dzkGu7SlUKum8399rP-ShcOUIqp5t_GoRqsL1A2Qwgx_RgythP0o16bDVipTIhRUfwiZXlRuWas2uTRS0s3_uPM07UtQYoVQlKWE7NE%26lptoken%3D16ce75522975728b8715&rf=&rx=1280&ry=939&tz=%2B00%3A00 HTTP/1.1
Host: api.leadpages.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://lp.bima-up.live
Connection: keep-alive
Referer: https://lp.bima-up.live/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
access-control-max-age: 600
set-cookie: view.AEbxHzGYBGpmqeMEqpLZnR-default-prop.gNhXck89wRbrbbtfnepL3R=1675295489000; Domain=api.leadpages.io; expires=Thu, 02 Feb 2023 23:51:29 GMT; httponly; Max-Age=86400; Path=/analytics/v1/events/capture; SameSite=None; secure
Server: Stargate
access-control-allow-origin: https://lp.bima-up.live
access-control-expose-headers: LP-Security-Token
x-request-id: 06nrpihncso3hdq6qd20
access-control-allow-credentials: true
Date: Wed, 01 Feb 2023 23:51:29 GMT
X-Forwarded-For: 91.90.42.154
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash d06fd066caf4dfa1e21a722a5c468158
acb765577662906ae8e11242bed487ce1051db28
4b45760de269e60345d43ff2da6c5803722f7c052edd0a9f5258ce69b2ffa32f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 23:51:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash d06fd066caf4dfa1e21a722a5c468158
acb765577662906ae8e11242bed487ce1051db28
4b45760de269e60345d43ff2da6c5803722f7c052edd0a9f5258ce69b2ffa32f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 23:51:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash d06fd066caf4dfa1e21a722a5c468158
acb765577662906ae8e11242bed487ce1051db28
4b45760de269e60345d43ff2da6c5803722f7c052edd0a9f5258ce69b2ffa32f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 23:51:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash a38fab9935d471e375ef640d6ac4e667
017ff26d808eff453da628e880e04ce6beee3654
7e1b3c60cd7d45623686b73da1d2f6c92b7de281691b2ae5700da4728b8967ef
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7E1B3C60CD7D45623686B73DA1D2F6C92B7DE281691B2AE5700DA4728B8967EF"
Last-Modified: Tue, 31 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2495
Expires: Thu, 02 Feb 2023 00:33:04 GMT
Date: Wed, 01 Feb 2023 23:51:29 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 42d54c8c12a2f90c448a11bf42800e86
bb66d35435411c825bfcd0a091f33b7d1708191e
3b67d91fbb38e5c47b6ebff53da366b87af3a308e5c588775ac66a808761dbb1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 23:51:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 42d54c8c12a2f90c448a11bf42800e86
bb66d35435411c825bfcd0a091f33b7d1708191e
3b67d91fbb38e5c47b6ebff53da366b87af3a308e5c588775ac66a808761dbb1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 23:51:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 42d54c8c12a2f90c448a11bf42800e86
bb66d35435411c825bfcd0a091f33b7d1708191e
3b67d91fbb38e5c47b6ebff53da366b87af3a308e5c588775ac66a808761dbb1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 23:51:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
200 OK 31 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Hash ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://lp.bima-up.live
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 27 Jan 2023 07:08:09 GMT
expires: Sat, 27 Jan 2024 07:08:09 GMT
cache-control: public, max-age=31536000
age: 492200
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://lp.bima-up.live
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 30 Jan 2023 18:52:41 GMT
expires: Tue, 30 Jan 2024 18:52:41 GMT
cache-control: public, max-age=31536000
age: 190728
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/firasans/v16/va9E4kDNxMZdWfMOD5Vvl4jL.woff2
200 OK 23 kB URL HTTP/2 fonts.gstatic.com/s/firasans/v16/va9E4kDNxMZdWfMOD5Vvl4jL.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 22592, version 1.0\012- data
Hash 4528524c7142b4e2d5c0438763223328
d439d881fd8c4f41e77c2fb07678e53fce3e331a
ea03bd5d723c75f6d0a9419d4f9651afd78ea2a4abfcee7f926cbde0681a2671
GET /s/firasans/v16/va9E4kDNxMZdWfMOD5Vvl4jL.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://lp.bima-up.live
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 22592
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 27 Jan 2023 15:54:44 GMT
expires: Sat, 27 Jan 2024 15:54:44 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 21 Apr 2022 16:51:36 GMT
content-type: font/woff2
age: 460605
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 42d54c8c12a2f90c448a11bf42800e86
bb66d35435411c825bfcd0a091f33b7d1708191e
3b67d91fbb38e5c47b6ebff53da366b87af3a308e5c588775ac66a808761dbb1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 23:51:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
unphionetor.com/vctx?t=91302
204 No Content 0 B URL HTTP/2 unphionetor.com/vctx?t=91302
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /vctx?t=91302 HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://lp.bima-up.live
Connection: keep-alive
Referer: https://lp.bima-up.live/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Wed, 01 Feb 2023 23:51:29 GMT
access-control-allow-origin: https://lp.bima-up.live
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 517b802650cace65c609d431df20ca42
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 471 B IP
Hash bd77b0ce6227313b58b12ef9e56b6971
bec5fd298d45b3f63f77294678220808caa57032
32b6b0c3128db1a27ada330dcdda3659db3ac39bd12ad32e2f55c0b5e8a4b261
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 01 Feb 2023 23:51:29 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 01 Feb 2023 20:20:02 GMT
Expires: Wed, 08 Feb 2023 20:20:01 GMT
Etag: "bec5fd298d45b3f63f77294678220808caa57032"
Cache-Control: max-age=591511,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 792e98618e6f0b31-OSL
fonts.gstatic.com/s/firasans/v16/va9B4kDNxMZdWfMOD5VnLK3eRhf6.woff2
200 OK 24 kB URL HTTP/2 fonts.gstatic.com/s/firasans/v16/va9B4kDNxMZdWfMOD5VnLK3eRhf6.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 23724, version 1.0\012- data
Hash 2ca1253c8e47277b38c02353cdf32102
3cd0373fd1ae7ad8cb62ff8f2200193a7e8977e7
51aa1f55f3d344d82ece24055a31012cf77d10cc4a2f9307f5dea293118d40f1
GET /s/firasans/v16/va9B4kDNxMZdWfMOD5VnLK3eRhf6.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://lp.bima-up.live
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23724
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 26 Jan 2023 00:13:15 GMT
expires: Fri, 26 Jan 2024 00:13:15 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 21 Apr 2022 16:58:19 GMT
content-type: font/woff2
age: 603494
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12661
Expires: Thu, 02 Feb 2023 03:22:30 GMT
Date: Wed, 01 Feb 2023 23:51:29 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 42d54c8c12a2f90c448a11bf42800e86
bb66d35435411c825bfcd0a091f33b7d1708191e
3b67d91fbb38e5c47b6ebff53da366b87af3a308e5c588775ac66a808761dbb1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 23:51:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12661
Expires: Thu, 02 Feb 2023 03:22:30 GMT
Date: Wed, 01 Feb 2023 23:51:29 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12661
Expires: Thu, 02 Feb 2023 03:22:30 GMT
Date: Wed, 01 Feb 2023 23:51:29 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9dac6192-89b0-4161-86a2-38f3998a1bc4.jpeg
200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9dac6192-89b0-4161-86a2-38f3998a1bc4.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f1d06527f75868ea84da730b7c8b5660
6c0cb65a477d6bc7d013529411d5735bd39e3d46
2ff4fb12b9ac4dff67bf89cc69f1bfce3ffa738696f904172044a5a537a704c9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9dac6192-89b0-4161-86a2-38f3998a1bc4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6783
x-amzn-requestid: 5ab60169-ec65-483a-828b-3312c74ee4b2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frc5BGjqoAMFV6g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadb6c-73a465244f89adaa27626246;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:36:44 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: S012XKdrl7ID1qnfD-G2fcAxWoseP_mAnaDi12Y-UmdBW8yXgGlpgQ==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:18:46 GMT
age: 5563
etag: "6c0cb65a477d6bc7d013529411d5735bd39e3d46"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12661
Expires: Thu, 02 Feb 2023 03:22:30 GMT
Date: Wed, 01 Feb 2023 23:51:29 GMT
Connection: keep-alive
www.youtube.com/s/player/dac945fd/www-player.css
200 OK 50 kB URL HTTP/2 www.youtube.com/s/player/dac945fd/www-player.css
IP
File type ASCII text, with very long lines (65536), with no line terminators
Hash 44fae7c4844ce1fc313ca62747036427
d5986b7a3504d913d8ee2077a337e9565a91e32d
a766a46ce1639acea30dc538bc4fc2735f421d3163c61a2ad87ac02d33c473af
GET /s/player/dac945fd/www-player.css HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/jHJp1ocCeVI
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 49943
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 30 Jan 2023 16:49:09 GMT
expires: Tue, 30 Jan 2024 16:49:09 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 30 Jan 2023 01:18:05 GMT
content-type: text/css
age: 198140
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 26 Jan 2023 21:48:03 GMT
expires: Fri, 26 Jan 2024 21:48:03 GMT
cache-control: public, max-age=31536000
age: 525806
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.youtube.com/s/player/dac945fd/www-embed-player.vflset/www-embed-player.js
200 OK 110 kB URL HTTP/2 www.youtube.com/s/player/dac945fd/www-embed-player.vflset/www-embed-player.js
IP
File type ASCII text, with very long lines (679)
Size 110 kB (109695 bytes)
Hash 40b186ad1170470b0d89a7e3c4608ff2
f5ecf32b5b67c3d911bd81a246209f5473d7b6ae
f776addb3f8c34016bb4533baf1859485f3e2f92cfda097f1d5a4eb97bf06f82
GET /s/player/dac945fd/www-embed-player.vflset/www-embed-player.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/jHJp1ocCeVI
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 109695
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 30 Jan 2023 16:50:17 GMT
expires: Tue, 30 Jan 2024 16:50:17 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 30 Jan 2023 01:18:05 GMT
content-type: text/javascript
age: 198072
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 26 Jan 2023 16:40:43 GMT
expires: Fri, 26 Jan 2024 16:40:43 GMT
cache-control: public, max-age=31536000
age: 544246
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00c1df1d-5e83-46c4-87de-093028c17afe.jpeg
200 OK 7.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00c1df1d-5e83-46c4-87de-093028c17afe.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dbb3b7fe13504478f3fe5e8c0190b8db
b8ca03ed416b5ab9cd118f32a1890ffa764a7aec
e47f269c393ee8d87bfce593f31fd49309e1d9b47b8745dd3b6568036da50d55
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00c1df1d-5e83-46c4-87de-093028c17afe.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7416
x-amzn-requestid: c4e8c4e6-5f2a-4b94-ad48-f10fb51c78c2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frc5BH1-IAMF17g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadb6c-40e58e6e49f919a3740bb92a;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:36:44 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 2-O9YJrb-baVaEYFpesrbfMrIDBautEp2f5ilm1-vmHcjUGxE0c1VA==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:18:55 GMT
age: 5554
etag: "b8ca03ed416b5ab9cd118f32a1890ffa764a7aec"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash d06fd066caf4dfa1e21a722a5c468158
acb765577662906ae8e11242bed487ce1051db28
4b45760de269e60345d43ff2da6c5803722f7c052edd0a9f5258ce69b2ffa32f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 23:51:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg
200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3366ef4f8733cb9c89a5c88f63a0a441
7da46843b6d885f38a4759a08e6c899906ab7b97
7114397ee5c251cc5cb46f3433c2cc17ff68a08e0872e227671198e9b61eba0a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9600
x-amzn-requestid: 48094e1a-d550-4a91-b87c-4a08505f7cce
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fVsWcFN7IAMF2pg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d2275c-5ced593a7e2126c9494563df;Sampled=0
x-amzn-remapped-date: Thu, 26 Jan 2023 07:10:20 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: aZOeDFqBJQoGwLpIs-GpPvY0FKGCAOXY6MgzG32qzX-kVzUCKKv-kw==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 02:29:58 GMT
age: 76891
etag: "7da46843b6d885f38a4759a08e6c899906ab7b97"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.youtube.com/s/player/dac945fd/fetch-polyfill.vflset/fetch-polyfill.js
200 OK 2.8 kB URL HTTP/2 www.youtube.com/s/player/dac945fd/fetch-polyfill.vflset/fetch-polyfill.js
IP
File type Algol 68 source text\012- Pascal source, ASCII text, with very long lines (555)
Hash 80fe2d229007996c8397073b00755dc7
121f82c77bcf2a297a1085e3b092415c463fcafe
033dfa8941482c82d4f1aaa4a9172fb379b9e46a02d5b36297c5476bbbfdea2c
GET /s/player/dac945fd/fetch-polyfill.vflset/fetch-polyfill.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/jHJp1ocCeVI
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 2786
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 30 Jan 2023 16:50:17 GMT
expires: Tue, 30 Jan 2024 16:50:17 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 30 Jan 2023 01:18:05 GMT
content-type: text/javascript
age: 198072
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdab614ba-4572-4b54-9079-a26b68b1ece7.jpeg
200 OK 15 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdab614ba-4572-4b54-9079-a26b68b1ece7.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6bb5b89e738516f4862491eec286bf6d
8fb46b9ca85f2c578eb2a56d0007859183e12209
7f164a37b675bf39f8473392b07a2a383397da003303965fb190fd4f455bb43b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdab614ba-4572-4b54-9079-a26b68b1ece7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 15051
x-amzn-requestid: 72a3f2ae-538e-40dc-9496-86c28334ba0d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frc6jGTAIAMFy4A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadb76-72178ed13a2e70d462785b90;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:36:54 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: CKTfQzCvXa4oL6Lm2n8Rw_9Uhj69YfgpDTP9s0zoaX5qW1vcqWIXDA==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 21:46:26 GMT
age: 7503
etag: "8fb46b9ca85f2c578eb2a56d0007859183e12209"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5b1e36ab-6847-48e2-8227-fc589124cb93.jpeg
200 OK 7.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5b1e36ab-6847-48e2-8227-fc589124cb93.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6f4dbd75e0cdc28265ccbe825c5c5b6c
78187b014be0ee8bf7543fb873915db8a9c8dbc4
bf49642b990d73f58ca5f9ee979271ba2ab80bae94c8f333fa5737b16016d1c8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5b1e36ab-6847-48e2-8227-fc589124cb93.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7036
x-amzn-requestid: 9d54dd82-add1-4d7d-97b7-53c92eecb724
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fmJxCHAqoAMF3qA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d8bcd3-109d34d11a9834886e3080ee;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 07:01:39 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: U45NW79hI4Vtd7fV7kXnxqlxRQzC-u9PVlNK4D1pBkAa8CBYuUf9ig==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 07:06:05 GMT
age: 60324
etag: "78187b014be0ee8bf7543fb873915db8a9c8dbc4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
track.bima-up.live/d/.js?lpref=&lpurl=https%3A%2F%2Flp.bima-up.live%2Fanda-menang-kami-bayar%2F%3Fcep%3DK0B0bXIvjY3v1HVxApnMGRfxr4KEF1KMp9hNkZ3Prszwxv6PXHesOMg49P3X1YR046or4foVfRH30Ljv8cTslwB10DLFb2Od6b64TuZorQ9RSrm_47ozwjMD7KatoeQ7AI2MjweIXCqIZq5rkhZzkk-qakABw4bZ9BNXGe2bcsG6fWu7cKS1TDe9G2q6iL15KjDIPlLnb42Y6v8QLVPGDnJSTTWAMPKGmHsbuE72TXT1sYuFCIaacqjr_3DFEIWJAxg9dzkGu7SlUKum8399rP-ShcOUIqp5t_GoRqsL1A2Qwgx_RgythP0o16bDVipTIhRUfwiZXlRuWas2uTRS0s3_uPM07UtQYoVQlKWE7NE%26lptoken%3D16ce75522975728b8715&lpt=BimaBet%20-%20Anda%20Menang%2C%20Kami%20Bayar!%20Tanpa%20Basa-Basi!&vtm=1675295513073
200 OK 2.9 kB URL HTTP/2 track.bima-up.live/d/.js?lpref=&lpurl=https%3A%2F%2Flp.bima-up.live%2Fanda-menang-kami-bayar%2F%3Fcep%3DK0B0bXIvjY3v1HVxApnMGRfxr4KEF1KMp9hNkZ3Prszwxv6PXHesOMg49P3X1YR046or4foVfRH30Ljv8cTslwB10DLFb2Od6b64TuZorQ9RSrm_47ozwjMD7KatoeQ7AI2MjweIXCqIZq5rkhZzkk-qakABw4bZ9BNXGe2bcsG6fWu7cKS1TDe9G2q6iL15KjDIPlLnb42Y6v8QLVPGDnJSTTWAMPKGmHsbuE72TXT1sYuFCIaacqjr_3DFEIWJAxg9dzkGu7SlUKum8399rP-ShcOUIqp5t_GoRqsL1A2Qwgx_RgythP0o16bDVipTIhRUfwiZXlRuWas2uTRS0s3_uPM07UtQYoVQlKWE7NE%26lptoken%3D16ce75522975728b8715&lpt=BimaBet%20-%20Anda%20Menang%2C%20Kami%20Bayar!%20Tanpa%20Basa-Basi!&vtm=1675295513073
IP
File type ASCII text, with very long lines (835)
Hash e1611231ac07f4359377f171e783b6c8
5f3d946c2038a778a0c8b50705ad98d1c5bce770
4c479ec54c602827ac1bb166ca506d5a79cc7005ba46d9a6a7b90188764f96cc
GET /d/.js?lpref=&lpurl=https%3A%2F%2Flp.bima-up.live%2Fanda-menang-kami-bayar%2F%3Fcep%3DK0B0bXIvjY3v1HVxApnMGRfxr4KEF1KMp9hNkZ3Prszwxv6PXHesOMg49P3X1YR046or4foVfRH30Ljv8cTslwB10DLFb2Od6b64TuZorQ9RSrm_47ozwjMD7KatoeQ7AI2MjweIXCqIZq5rkhZzkk-qakABw4bZ9BNXGe2bcsG6fWu7cKS1TDe9G2q6iL15KjDIPlLnb42Y6v8QLVPGDnJSTTWAMPKGmHsbuE72TXT1sYuFCIaacqjr_3DFEIWJAxg9dzkGu7SlUKum8399rP-ShcOUIqp5t_GoRqsL1A2Qwgx_RgythP0o16bDVipTIhRUfwiZXlRuWas2uTRS0s3_uPM07UtQYoVQlKWE7NE%26lptoken%3D16ce75522975728b8715&lpt=BimaBet%20-%20Anda%20Menang%2C%20Kami%20Bayar!%20Tanpa%20Basa-Basi!&vtm=1675295513073 HTTP/1.1
Host: track.bima-up.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lp.bima-up.live/
Cookie: _ga_DN42Q62RRE=GS1.1.1675295512.1.0.1675295512.0.0.0; _ga=GA1.1.741457270.1675295512
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
server: nginx
date: Wed, 01 Feb 2023 23:51:29 GMT
content-type: application/javascript;charset=UTF-8
content-length: 2863
access-control-allow-origin: *
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash c43be37ada8286b3de43d5243f14cc99
fcae7b35ab4e523b3b98c8d6acd99620727e3cb1
004bd0c1c2b361313d8866105ffca22936e699e769e895771a372d5312928949
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "004BD0C1C2B361313D8866105FFCA22936E699E769E895771A372D5312928949"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5384
Expires: Thu, 02 Feb 2023 01:21:13 GMT
Date: Wed, 01 Feb 2023 23:51:29 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 737fb1a7e54ea78dd56b4ac44a2c1de8
4fc7537db04c8cedc6a98ea38cfcaa6ba5c8a3a7
596cb4e532b0f523b844981b7e60fba87eb3a904b0a40dfdc3802a02650f790e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 23:51:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lh3.googleusercontent.com/quXeAoxrK0C5AkWz2TU0QFpeGj27JLv3h953VAjca5Vo9pemBz3vB-ExjE1UZAuhKhSDKeRzkRAC30S9EQSZwgZ0AfHAr2cpJjc=w16
200 OK 495 B URL HTTP/2 lh3.googleusercontent.com/quXeAoxrK0C5AkWz2TU0QFpeGj27JLv3h953VAjca5Vo9pemBz3vB-ExjE1UZAuhKhSDKeRzkRAC30S9EQSZwgZ0AfHAr2cpJjc=w16
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 16x16, components 3\012- data
Hash 89efa36d4d1f2c6ecfac9492fd56c5c3
2e523530198f4f00042f127152c34361418774ec
091295b36098b66b42e71518c20a8a2e1f59ccda779e22a455f72bfb105e72cd
GET /quXeAoxrK0C5AkWz2TU0QFpeGj27JLv3h953VAjca5Vo9pemBz3vB-ExjE1UZAuhKhSDKeRzkRAC30S9EQSZwgZ0AfHAr2cpJjc=w16 HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lp.bima-up.live/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 495
x-xss-protection: 0
date: Wed, 01 Feb 2023 22:08:52 GMT
expires: Tue, 24 Jan 2023 01:20:55 GMT
cache-control: public, max-age=86400, no-transform
age: 6157
etag: "v1"
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
lh3.googleusercontent.com/HzmJZp3fFS76nwlbCEWhwtE4IZl1uyuCw22s59NBA6DzuekdjR1tfA6s9JuN6k_YYPu7IyQnTW_8eHVid8pSA_slytgo88s_cw=w16
200 OK 513 B URL HTTP/2 lh3.googleusercontent.com/HzmJZp3fFS76nwlbCEWhwtE4IZl1uyuCw22s59NBA6DzuekdjR1tfA6s9JuN6k_YYPu7IyQnTW_8eHVid8pSA_slytgo88s_cw=w16
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 16x16, components 3\012- data
Hash 361a44383f241170edaa64306554ac80
33b3763d8d0242a71f16201c922e66786be043a7
39216f15840014369f9180f2e859d646b8a9e3b3c502bd3fb3b83cf5084d36a5
GET /HzmJZp3fFS76nwlbCEWhwtE4IZl1uyuCw22s59NBA6DzuekdjR1tfA6s9JuN6k_YYPu7IyQnTW_8eHVid8pSA_slytgo88s_cw=w16 HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lp.bima-up.live/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 513
x-xss-protection: 0
date: Wed, 01 Feb 2023 20:21:53 GMT
expires: Sat, 28 Jan 2023 04:20:19 GMT
cache-control: public, max-age=86400, no-transform
age: 12576
etag: "v1"
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
lh3.googleusercontent.com/s-HcPfURzqhOjEIa2NK-sRGGF3x_btDbVhFjAvD8L4_0b8L1sOhoXR6y1yCzeUQpPEr0x2NDpV5o7TIL5ppEKxwcb_XyJaD9xA=w16
200 OK 498 B URL HTTP/2 lh3.googleusercontent.com/s-HcPfURzqhOjEIa2NK-sRGGF3x_btDbVhFjAvD8L4_0b8L1sOhoXR6y1yCzeUQpPEr0x2NDpV5o7TIL5ppEKxwcb_XyJaD9xA=w16
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 16x16, components 3\012- data
Hash 9a1305895bd9442f83415fff3521d883
18963286e387a7643ebea60a1b2a5c03b746f22a
9562aa2e4ad347d9999ef66daf5b88ccd3b66363949ff7594396b87aec04496c
GET /s-HcPfURzqhOjEIa2NK-sRGGF3x_btDbVhFjAvD8L4_0b8L1sOhoXR6y1yCzeUQpPEr0x2NDpV5o7TIL5ppEKxwcb_XyJaD9xA=w16 HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lp.bima-up.live/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 498
x-xss-protection: 0
date: Wed, 01 Feb 2023 20:21:53 GMT
expires: Fri, 27 Jan 2023 05:32:48 GMT
cache-control: public, max-age=86400, no-transform
age: 12576
etag: "v1"
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
lh3.googleusercontent.com/4HHJbrsxG4owrDxldwZUkuvzYhX1LDn6dOcZTyOQ9hcPPpyyyT3Vm-cklqOdflj3YsUf4b9hWN9PRaUCmnWpVGCHFHHGobGSQw=w16
200 OK 498 B URL HTTP/2 lh3.googleusercontent.com/4HHJbrsxG4owrDxldwZUkuvzYhX1LDn6dOcZTyOQ9hcPPpyyyT3Vm-cklqOdflj3YsUf4b9hWN9PRaUCmnWpVGCHFHHGobGSQw=w16
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 16x16, components 3\012- data
Hash bc7483f00f3d080acc9dff6e71918f9b
1cafe317c09983cefe3204b3101c480efa0e6f2c
419d8e4749e86614aac923a3738b912841c8184b6f97f6913b28d6412ed4e1ca
GET /4HHJbrsxG4owrDxldwZUkuvzYhX1LDn6dOcZTyOQ9hcPPpyyyT3Vm-cklqOdflj3YsUf4b9hWN9PRaUCmnWpVGCHFHHGobGSQw=w16 HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lp.bima-up.live/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 498
x-xss-protection: 0
date: Wed, 01 Feb 2023 22:08:52 GMT
expires: Tue, 24 Jan 2023 15:53:34 GMT
cache-control: public, max-age=86400, no-transform
age: 6157
etag: "v1"
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
lh3.googleusercontent.com/S7-88rkyPNItpdIY87Irnsja7Ylq1-DA9_Q-KhD96EetRSSkLDXtRxA0fsqkuESLTzr9vrMPwD1JTSZmyzTLbm4ThEW_0tjG9v4=w16
200 OK 494 B URL HTTP/2 lh3.googleusercontent.com/S7-88rkyPNItpdIY87Irnsja7Ylq1-DA9_Q-KhD96EetRSSkLDXtRxA0fsqkuESLTzr9vrMPwD1JTSZmyzTLbm4ThEW_0tjG9v4=w16
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 16x16, components 3\012- data
Hash 4f0b890ac4095815aac728f2052262a7
3cbfa6f92fc4a584aba9b17cf70f39df375647c2
0d0ed7d10da3eac088124706d3406577b82a6dfa1a27fff3816ba30513cca982
GET /S7-88rkyPNItpdIY87Irnsja7Ylq1-DA9_Q-KhD96EetRSSkLDXtRxA0fsqkuESLTzr9vrMPwD1JTSZmyzTLbm4ThEW_0tjG9v4=w16 HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lp.bima-up.live/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 494
x-xss-protection: 0
date: Wed, 01 Feb 2023 20:21:53 GMT
expires: Mon, 23 Jan 2023 07:16:54 GMT
cache-control: public, max-age=86400, no-transform
age: 12576
etag: "v1"
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 737fb1a7e54ea78dd56b4ac44a2c1de8
4fc7537db04c8cedc6a98ea38cfcaa6ba5c8a3a7
596cb4e532b0f523b844981b7e60fba87eb3a904b0a40dfdc3802a02650f790e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 23:51:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lh3.googleusercontent.com/FF4vm0tlyzY4yPGinFPxlj6Se3WzTxPcEx7X7BAQP_NXBFVeNHHWXQW9O9PB9XADk9UbO9V3RaL3LiEG-_2FBOyf4X39_aRnOQ-k=w16
200 OK 321 B URL HTTP/2 lh3.googleusercontent.com/FF4vm0tlyzY4yPGinFPxlj6Se3WzTxPcEx7X7BAQP_NXBFVeNHHWXQW9O9PB9XADk9UbO9V3RaL3LiEG-_2FBOyf4X39_aRnOQ-k=w16
IP
File type PNG image data, 16 x 7, 8-bit colormap, non-interlaced\012- data
Hash 4469ac89e71370537f6b3e3c9be43637
c111a83fb21c9c24bfb41c20f84e6f4183ee4046
edf54d8ef9e3c308f375b863a94cab3c48133917e96a29479ce09e4ccf1439ea
GET /FF4vm0tlyzY4yPGinFPxlj6Se3WzTxPcEx7X7BAQP_NXBFVeNHHWXQW9O9PB9XADk9UbO9V3RaL3LiEG-_2FBOyf4X39_aRnOQ-k=w16 HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lp.bima-up.live/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.png"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 321
x-xss-protection: 0
date: Wed, 01 Feb 2023 20:21:55 GMT
expires: Tue, 31 Jan 2023 13:15:50 GMT
cache-control: public, max-age=86400, no-transform
age: 12574
etag: "v1"
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 737fb1a7e54ea78dd56b4ac44a2c1de8
4fc7537db04c8cedc6a98ea38cfcaa6ba5c8a3a7
596cb4e532b0f523b844981b7e60fba87eb3a904b0a40dfdc3802a02650f790e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 23:51:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 737fb1a7e54ea78dd56b4ac44a2c1de8
4fc7537db04c8cedc6a98ea38cfcaa6ba5c8a3a7
596cb4e532b0f523b844981b7e60fba87eb3a904b0a40dfdc3802a02650f790e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 23:51:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lh3.googleusercontent.com/pH1B-__QYB4JNiqWLdfrDL6NQyVYHA8OGFtcuDFCMS6fxdiHMTLnAFcQ0rNDD-h6AGTzEtFM2grpXiTazhvWY1oRJeUCj0xF1Q=w16
200 OK 306 B URL HTTP/2 lh3.googleusercontent.com/pH1B-__QYB4JNiqWLdfrDL6NQyVYHA8OGFtcuDFCMS6fxdiHMTLnAFcQ0rNDD-h6AGTzEtFM2grpXiTazhvWY1oRJeUCj0xF1Q=w16
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 16x6, components 3\012- data
Hash 02d40e78c39675e156af99b63a4fba71
b1c37963d09eadb59eaa1a827d102c93cc913a4d
0ed4f3c70c0138d4d52c9f1fca3850d29ec909e2c60f5268b2a1abda7462d143
GET /pH1B-__QYB4JNiqWLdfrDL6NQyVYHA8OGFtcuDFCMS6fxdiHMTLnAFcQ0rNDD-h6AGTzEtFM2grpXiTazhvWY1oRJeUCj0xF1Q=w16 HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lp.bima-up.live/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 306
x-xss-protection: 0
date: Wed, 01 Feb 2023 20:21:55 GMT
expires: Sat, 28 Jan 2023 02:15:48 GMT
cache-control: public, max-age=86400, no-transform
age: 12574
etag: "v1"
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
lh3.googleusercontent.com/KbhDAWwFmQ9zgiKV8pXXrvWLJZ7Y-wip9nXb_PHKwiPhXEfftHoqF58MypTIRAqq7w2_UjhLVD0DYQOX6fojD9NxoI4R-At3ifU=w16
200 OK 511 B URL HTTP/2 lh3.googleusercontent.com/KbhDAWwFmQ9zgiKV8pXXrvWLJZ7Y-wip9nXb_PHKwiPhXEfftHoqF58MypTIRAqq7w2_UjhLVD0DYQOX6fojD9NxoI4R-At3ifU=w16
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 16x16, components 3\012- data
Hash b4ffc9ae4fb1241857eae58864a4d97d
c0e4b26a04be6825be66efdc95394dcb6c715c3a
bcea5eec2981a66a377d569fd1a576d25cb32417466b2054cb9d55ab445b8c89
GET /KbhDAWwFmQ9zgiKV8pXXrvWLJZ7Y-wip9nXb_PHKwiPhXEfftHoqF58MypTIRAqq7w2_UjhLVD0DYQOX6fojD9NxoI4R-At3ifU=w16 HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lp.bima-up.live/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 511
x-xss-protection: 0
date: Wed, 01 Feb 2023 22:08:52 GMT
expires: Mon, 23 Jan 2023 21:59:11 GMT
cache-control: public, max-age=86400, no-transform
age: 6157
etag: "v1"
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
lh3.googleusercontent.com/k5-E76_A0jxYk2JoDoQQp88HriV1P0Z3IO6YeRRTfjRI2qWsKcDLQmWl4oC_tYfMIie9esuerPPMh6iPOoUdyDl8rwBbbtKl_w=s0
200 OK 7.4 kB URL HTTP/2 lh3.googleusercontent.com/k5-E76_A0jxYk2JoDoQQp88HriV1P0Z3IO6YeRRTfjRI2qWsKcDLQmWl4oC_tYfMIie9esuerPPMh6iPOoUdyDl8rwBbbtKl_w=s0
IP
File type PNG image data, 300 x 68, 8-bit/color RGBA, non-interlaced\012- data
Hash c4e30fe9f2cb5b8fd172c5eabfa8fd1a
fa1851e357401d44d0444f84ea47352c29e32786
16c92613a3638f8e82c3c024229696ce9980629317c3908ba073b0ede7b990d3
GET /k5-E76_A0jxYk2JoDoQQp88HriV1P0Z3IO6YeRRTfjRI2qWsKcDLQmWl4oC_tYfMIie9esuerPPMh6iPOoUdyDl8rwBbbtKl_w=s0 HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lp.bima-up.live/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.png"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 7419
x-xss-protection: 0
date: Wed, 01 Feb 2023 20:21:53 GMT
expires: Thu, 26 Jan 2023 17:30:05 GMT
cache-control: public, max-age=86400, no-transform
age: 12576
etag: "v1"
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
lh3.googleusercontent.com/FF4vm0tlyzY4yPGinFPxlj6Se3WzTxPcEx7X7BAQP_NXBFVeNHHWXQW9O9PB9XADk9UbO9V3RaL3LiEG-_2FBOyf4X39_aRnOQ-k=w1268
200 OK 130 kB URL HTTP/2 lh3.googleusercontent.com/FF4vm0tlyzY4yPGinFPxlj6Se3WzTxPcEx7X7BAQP_NXBFVeNHHWXQW9O9PB9XADk9UbO9V3RaL3LiEG-_2FBOyf4X39_aRnOQ-k=w1268
IP
File type PNG image data, 1268 x 536, 8-bit colormap, non-interlaced\012- data
Size 130 kB (129884 bytes)
Hash e3e31462048e438e54b0fee0126774d0
f52c941c82e97cb5150337d0730c5c70f042af34
5f26ac4b3d12598847f361d9f29e178933d693d27c231a41b217d61dd7fbdc52
GET /FF4vm0tlyzY4yPGinFPxlj6Se3WzTxPcEx7X7BAQP_NXBFVeNHHWXQW9O9PB9XADk9UbO9V3RaL3LiEG-_2FBOyf4X39_aRnOQ-k=w1268 HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lp.bima-up.live/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.png"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 129884
x-xss-protection: 0
date: Wed, 01 Feb 2023 23:51:30 GMT
expires: Sun, 29 Jan 2023 23:56:18 GMT
cache-control: public, max-age=86400, no-transform
etag: "v1"
content-type: image/png
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
lh3.googleusercontent.com/pH1B-__QYB4JNiqWLdfrDL6NQyVYHA8OGFtcuDFCMS6fxdiHMTLnAFcQ0rNDD-h6AGTzEtFM2grpXiTazhvWY1oRJeUCj0xF1Q=w1268
200 OK 17 kB URL HTTP/2 lh3.googleusercontent.com/pH1B-__QYB4JNiqWLdfrDL6NQyVYHA8OGFtcuDFCMS6fxdiHMTLnAFcQ0rNDD-h6AGTzEtFM2grpXiTazhvWY1oRJeUCj0xF1Q=w1268
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1268x450, components 3\012- data
Hash dd0b8a25677452e3994bb76f88a91c48
4dd5aff0dacc7d2fc90116d73ac8e9033199eded
e3a5028b83f5fe2cb91f7380b9b1a42393e4f335cdccb63178bd1d2d9bb194df
GET /pH1B-__QYB4JNiqWLdfrDL6NQyVYHA8OGFtcuDFCMS6fxdiHMTLnAFcQ0rNDD-h6AGTzEtFM2grpXiTazhvWY1oRJeUCj0xF1Q=w1268 HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lp.bima-up.live/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 17286
x-xss-protection: 0
date: Wed, 01 Feb 2023 23:51:30 GMT
expires: Sun, 29 Jan 2023 23:56:18 GMT
cache-control: public, max-age=86400, no-transform
etag: "v1"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash a456cd9684a2ff020b854f178c06b509
b5a9e34f112cbe6d41b695ce7234cfe83de1356e
75b3ff1ea527598880cd41f65ebc03440b0ed019d53f8de1b4588de04bc4919e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 23:51:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.doubleclick.net/instream/ad_status.js
200 OK 29 B URL HTTP/2 static.doubleclick.net/instream/ad_status.js
IP
Hash 1fa71744db23d0f8df9cce6719defcb7
e4be9b7136697942a036f97cf26ebaf703ad2067
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
GET /instream/ad_status.js HTTP/1.1
Host: static.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 29
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 01 Feb 2023 23:43:12 GMT
expires: Wed, 01 Feb 2023 23:58:12 GMT
cache-control: public, max-age=900
age: 498
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 2dc2e297877f6332a114de88eeeaca61
cc91e58f3dd132b078223d21cd3177f0819e40e7
94f1191402d63bc2757d7ec854bc418dd6929b5aa9efb815d9bd35f8dab98fef
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 23:51:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/id
302 Found 0 B URL HTTP/2 googleads.g.doubleclick.net/pagead/id
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/id HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-credentials: true
access-control-allow-origin: https://www.youtube.com
date: Wed, 01 Feb 2023 23:51:30 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash a456cd9684a2ff020b854f178c06b509
b5a9e34f112cbe6d41b695ce7234cfe83de1356e
75b3ff1ea527598880cd41f65ebc03440b0ed019d53f8de1b4588de04bc4919e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 23:51:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 2dc2e297877f6332a114de88eeeaca61
cc91e58f3dd132b078223d21cd3177f0819e40e7
94f1191402d63bc2757d7ec854bc418dd6929b5aa9efb815d9bd35f8dab98fef
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 23:51:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
api.leadpages.io/analytics/v1/observations/capture?origin=&version=1.2.5&correlateBy=nDgb4bzCj9ZG2fvvhLwSeg&kind=text,timer,counter,text,text,timer,text,timer&label=bar_embed_embedded,bar_embed_script_load,bar_embed_delayed_trigger_queue,bar_embed_embedded,bar_embed_embedded,bar_embed_show,bar_embed_shown,bar_embed_delayed_trigger_show&value=PDxHE2EuKzaRgSXfPiQJUh,214,1,PDxHE2EuKzaRgSXfPiQJUh,PDxHE2EuKzaRgSXfPiQJUh,2,PDxHE2EuKzaRgSXfPiQJUh,3&tags=,,,,,,,
200 OK 762 B URL HTTP/1.1 api.leadpages.io/analytics/v1/observations/capture?origin=&version=1.2.5&correlateBy=nDgb4bzCj9ZG2fvvhLwSeg&kind=text,timer,counter,text,text,timer,text,timer&label=bar_embed_embedded,bar_embed_script_load,bar_embed_delayed_trigger_queue,bar_embed_embedded,bar_embed_embedded,bar_embed_show,bar_embed_shown,bar_embed_delayed_trigger_show&value=PDxHE2EuKzaRgSXfPiQJUh,214,1,PDxHE2EuKzaRgSXfPiQJUh,PDxHE2EuKzaRgSXfPiQJUh,2,PDxHE2EuKzaRgSXfPiQJUh,3&tags=,,,,,,,
IP
File type gzip compressed data, max compression\012- data
Hash 77a36f7fba3de554e724a9c732a5b0d0
c74271d8e1145aafc1e610223d02bd8c01f8c82c
e0c67d0ce332f10e0d8014a1758c2aafc10493f15448ef58cc8f91fdb91247cc
GET /analytics/v1/observations/capture?origin=&version=1.2.5&correlateBy=nDgb4bzCj9ZG2fvvhLwSeg&kind=text,timer,counter,text,text,timer,text,timer&label=bar_embed_embedded,bar_embed_script_load,bar_embed_delayed_trigger_queue,bar_embed_embedded,bar_embed_embedded,bar_embed_show,bar_embed_shown,bar_embed_delayed_trigger_show&value=PDxHE2EuKzaRgSXfPiQJUh,214,1,PDxHE2EuKzaRgSXfPiQJUh,PDxHE2EuKzaRgSXfPiQJUh,2,PDxHE2EuKzaRgSXfPiQJUh,3&tags=,,,,,,, HTTP/1.1
Host: api.leadpages.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://lp.bima-up.live
Connection: keep-alive
Referer: https://lp.bima-up.live/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
access-control-allow-credentials: true
Server: Stargate
access-control-allow-origin: https://lp.bima-up.live
access-control-expose-headers: LP-Security-Token
Date: Wed, 01 Feb 2023 23:51:30 GMT
x-request-id: 06nrpiscr02i42jqqr30
access-control-max-age: 600
X-Forwarded-For: 91.90.42.154
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Wed, 01 Feb 2023 23:51:30 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash e58a66525d6d6965ebd1aab3325466f8
b9c3c4a450d7d3cecab5ba0d504d84a92f2745bb
1e766d5ca3e52c3445bc55777b5884761bffbe48a2b62f92e695ce59eb3f2d14
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Wed, 01 Feb 2023 23:51:30 GMT
server: ESF
cache-control: private
content-length: 30742
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash df4a6d84addba49571d9f6ae44c61a3f
28c8093de27e27645cf6dfd5ae93a62fc77b9be5
cb6623b08b6245ea11bb871729613e453046d427d738a8c6431c5da8347e6e05
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 23:51:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/js/th/J0Wtb-3apQjiEgHhOVup9kp7pTLa1a3i127gprViyoA.js
200 OK 14 kB URL HTTP/2 www.google.com/js/th/J0Wtb-3apQjiEgHhOVup9kp7pTLa1a3i127gprViyoA.js
IP
File type ASCII text, with very long lines (36008)
Hash 8a1e64e80c9189aaa07733ae98ea030b
de788d5e003c05a2b43c8f16557e6a4f27eb00ff
cdfd098bd8fb947a53ebeaf0e8e0bdd0d6a31eb6a7c0e1403331403cc48a5a1e
GET /js/th/J0Wtb-3apQjiEgHhOVup9kp7pTLa1a3i127gprViyoA.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 14261
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 26 Jan 2023 10:05:58 GMT
expires: Fri, 26 Jan 2024 10:05:58 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 03 Jan 2023 15:00:00 GMT
content-type: text/javascript
age: 567932
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
unphionetor.com/vbl?t=91302&bid=undefined&aid=undefined
204 No Content 0 B URL HTTP/2 unphionetor.com/vbl?t=91302&bid=undefined&aid=undefined
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
POST /vbl?t=91302&bid=undefined&aid=undefined HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://lp.bima-up.live
Connection: keep-alive
Referer: https://lp.bima-up.live/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Wed, 01 Feb 2023 23:51:30 GMT
access-control-allow-origin: https://lp.bima-up.live
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 92efea4fa45a38be9219ba777aa44f19
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 54a5d7128374fd2b2d10232cd8f96fb8
7665a10ac9c0afea7e87b6f354d54e569fcac34e
422b7067d74c36d8c55a0f7bc03cd4dfe314803a6bfff91f6a36381ee23c46ee
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Wed, 01 Feb 2023 23:51:30 GMT
server: ESF
cache-control: private
content-length: 30753
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash df74d0c5bbc711a484e4508808c3357a
304f6b29d37c4f6ae20a4031ec6b3a879f9928c8
14200bd4d7eff065de2b62f1770c31edb357a95390c619867f00660a88e92ae8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 23:51:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash df74d0c5bbc711a484e4508808c3357a
304f6b29d37c4f6ae20a4031ec6b3a879f9928c8
14200bd4d7eff065de2b62f1770c31edb357a95390c619867f00660a88e92ae8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 23:51:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i.ytimg.com/vi/jHJp1ocCeVI/sddefault.jpg?sqp=-oaymwEmCIAFEOAD8quKqQMa8AEB-AH-CYAC0AWKAgwIABABGEogEyh_MA8=&rs=AOn4CLC44fQ2N9PguuwIw90WlMfoo7-ihQ
200 OK 50 kB URL HTTP/2 i.ytimg.com/vi/jHJp1ocCeVI/sddefault.jpg?sqp=-oaymwEmCIAFEOAD8quKqQMa8AEB-AH-CYAC0AWKAgwIABABGEogEyh_MA8=&rs=AOn4CLC44fQ2N9PguuwIw90WlMfoo7-ihQ
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 640x480, components 3\012- data
Hash e708c9013a8a49c32e5e99107155e68a
b603276faa7e5363c520be759e95c79dfd18c197
b3cb2e5992be82adcecad48e9ee6147eb954783bc39641b321cafd0413263e72
GET /vi/jHJp1ocCeVI/sddefault.jpg?sqp=-oaymwEmCIAFEOAD8quKqQMa8AEB-AH-CYAC0AWKAgwIABABGEogEyh_MA8=&rs=AOn4CLC44fQ2N9PguuwIw90WlMfoo7-ihQ HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 50020
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 01 Feb 2023 23:23:33 GMT
expires: Thu, 02 Feb 2023 01:23:33 GMT
cache-control: public, max-age=7200
age: 1677
etag: "0"
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
i.ytimg.com/vi/GnY5fr2LYb8/sddefault.jpg?sqp=-oaymwEmCIAFEOAD8quKqQMa8AEB-AH-CYAC0AWKAgwIABABGHIgSCg_MA8=&rs=AOn4CLCZD1lSFjLgFq-xRM2G8RiYn6zwNQ
200 OK 47 kB URL HTTP/2 i.ytimg.com/vi/GnY5fr2LYb8/sddefault.jpg?sqp=-oaymwEmCIAFEOAD8quKqQMa8AEB-AH-CYAC0AWKAgwIABABGHIgSCg_MA8=&rs=AOn4CLCZD1lSFjLgFq-xRM2G8RiYn6zwNQ
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 640x480, components 3\012- data
Hash c0fa54d47850306ed141738d70d207e0
059158603d6c6459142ba50b134a8868461f7272
5b4e058d466cfe52a1f19d17cd3199e99ad978f7ca4e31ce2b6829aefff181c9
GET /vi/GnY5fr2LYb8/sddefault.jpg?sqp=-oaymwEmCIAFEOAD8quKqQMa8AEB-AH-CYAC0AWKAgwIABABGHIgSCg_MA8=&rs=AOn4CLCZD1lSFjLgFq-xRM2G8RiYn6zwNQ HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 47127
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 01 Feb 2023 23:51:30 GMT
expires: Thu, 02 Feb 2023 01:51:30 GMT
cache-control: public, max-age=7200
etag: "0"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash df74d0c5bbc711a484e4508808c3357a
304f6b29d37c4f6ae20a4031ec6b3a879f9928c8
14200bd4d7eff065de2b62f1770c31edb357a95390c619867f00660a88e92ae8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 23:51:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
yt3.ggpht.com/ytc/AL5GRJUg67O7s0ah_-Wi1_bt360JhCxlgHiZYzOOR8gWFNC3ffVUwuq3Yv80Ky1iGjU9=s68-c-k-c0x00ffffff-no-rj
200 OK 957 B URL HTTP/2 yt3.ggpht.com/ytc/AL5GRJUg67O7s0ah_-Wi1_bt360JhCxlgHiZYzOOR8gWFNC3ffVUwuq3Yv80Ky1iGjU9=s68-c-k-c0x00ffffff-no-rj
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 68x68, components 3\012- data
Hash 844f749dc4e184993fab0c52b28358be
12387e690220e80b63ba1ff22ec245a1f11ac403
82f57af64c9ae441f0a2418e9dbcf1241ebf14b1671818d445334e4fe8080a01
GET /ytc/AL5GRJUg67O7s0ah_-Wi1_bt360JhCxlgHiZYzOOR8gWFNC3ffVUwuq3Yv80Ky1iGjU9=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 957
x-xss-protection: 0
date: Wed, 01 Feb 2023 20:50:24 GMT
expires: Thu, 02 Feb 2023 20:50:24 GMT
cache-control: public, max-age=86400, no-transform
content-type: image/jpeg
age: 10866
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
yt3.ggpht.com/ytc/AL5GRJVIDcJSsoWuy6A-RK4LR1yDZ_VPKIGSPQ82a16YMZJ9x-djNyVhX1MRJu_g5qtK=s68-c-k-c0x00ffffff-no-rj
200 OK 816 B URL HTTP/2 yt3.ggpht.com/ytc/AL5GRJVIDcJSsoWuy6A-RK4LR1yDZ_VPKIGSPQ82a16YMZJ9x-djNyVhX1MRJu_g5qtK=s68-c-k-c0x00ffffff-no-rj
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 68x68, components 3\012- data
Hash 123d34287ce35dcece86c70234fdf440
583fcefe1d06501ba7265e461ba0d3d037c4c03a
b1cd9e2fed6185f4fbbe0b5dfe6db72061ef02873b916eed1570caa2de380379
GET /ytc/AL5GRJVIDcJSsoWuy6A-RK4LR1yDZ_VPKIGSPQ82a16YMZJ9x-djNyVhX1MRJu_g5qtK=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 816
x-xss-protection: 0
date: Wed, 01 Feb 2023 22:04:25 GMT
expires: Thu, 02 Feb 2023 22:04:25 GMT
cache-control: public, max-age=86400, no-transform
content-type: image/jpeg
age: 6425
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
api.leadpages.io/analytics/v1/events/capture?k=view&a=leadbar&l=PDxHE2EuKzaRgSXfPiQJUh&v=&e=&st=&lc=en-US&pid=AEbxHzGYBGpmqeMEqpLZnR-default-prop&uid=QTTgTGv9VUXe6d5zHm9nHQ&sid=BiHtcdKCyTYT7WmfTP2M7P&cid=lp-PDxHE2EuKzaRgSXfPiQJUh&uri=https%3A%2F%2Funtungbebek.lpages.co%2Fserve-leadbar%2FPDxHE2EuKzaRgSXfPiQJUh%2F%3Fcep%3DK0B0bXIvjY3v1HVxApnMGRfxr4KEF1KMp9hNkZ3Prszwxv6PXHesOMg49P3X1YR046or4foVfRH30Ljv8cTslwB10DLFb2Od6b64TuZorQ9RSrm_47ozwjMD7KatoeQ7AI2MjweIXCqIZq5rkhZzkk-qakABw4bZ9BNXGe2bcsG6fWu7cKS1TDe9G2q6iL15KjDIPlLnb42Y6v8QLVPGDnJSTTWAMPKGmHsbuE72TXT1sYuFCIaacqjr_3DFEIWJAxg9dzkGu7SlUKum8399rP-ShcOUIqp5t_GoRqsL1A2Qwgx_RgythP0o16bDVipTIhRUfwiZXlRuWas2uTRS0s3_uPM07UtQYoVQlKWE7NE%26lptoken%3D16ce75522975728b8715&rf=https%3A%2F%2Flp.bima-up.live%2F&rx=1268&ry=61&tz=%2B00%3A00
200 OK 35 B URL HTTP/1.1 api.leadpages.io/analytics/v1/events/capture?k=view&a=leadbar&l=PDxHE2EuKzaRgSXfPiQJUh&v=&e=&st=&lc=en-US&pid=AEbxHzGYBGpmqeMEqpLZnR-default-prop&uid=QTTgTGv9VUXe6d5zHm9nHQ&sid=BiHtcdKCyTYT7WmfTP2M7P&cid=lp-PDxHE2EuKzaRgSXfPiQJUh&uri=https%3A%2F%2Funtungbebek.lpages.co%2Fserve-leadbar%2FPDxHE2EuKzaRgSXfPiQJUh%2F%3Fcep%3DK0B0bXIvjY3v1HVxApnMGRfxr4KEF1KMp9hNkZ3Prszwxv6PXHesOMg49P3X1YR046or4foVfRH30Ljv8cTslwB10DLFb2Od6b64TuZorQ9RSrm_47ozwjMD7KatoeQ7AI2MjweIXCqIZq5rkhZzkk-qakABw4bZ9BNXGe2bcsG6fWu7cKS1TDe9G2q6iL15KjDIPlLnb42Y6v8QLVPGDnJSTTWAMPKGmHsbuE72TXT1sYuFCIaacqjr_3DFEIWJAxg9dzkGu7SlUKum8399rP-ShcOUIqp5t_GoRqsL1A2Qwgx_RgythP0o16bDVipTIhRUfwiZXlRuWas2uTRS0s3_uPM07UtQYoVQlKWE7NE%26lptoken%3D16ce75522975728b8715&rf=https%3A%2F%2Flp.bima-up.live%2F&rx=1268&ry=61&tz=%2B00%3A00
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
GET /analytics/v1/events/capture?k=view&a=leadbar&l=PDxHE2EuKzaRgSXfPiQJUh&v=&e=&st=&lc=en-US&pid=AEbxHzGYBGpmqeMEqpLZnR-default-prop&uid=QTTgTGv9VUXe6d5zHm9nHQ&sid=BiHtcdKCyTYT7WmfTP2M7P&cid=lp-PDxHE2EuKzaRgSXfPiQJUh&uri=https%3A%2F%2Funtungbebek.lpages.co%2Fserve-leadbar%2FPDxHE2EuKzaRgSXfPiQJUh%2F%3Fcep%3DK0B0bXIvjY3v1HVxApnMGRfxr4KEF1KMp9hNkZ3Prszwxv6PXHesOMg49P3X1YR046or4foVfRH30Ljv8cTslwB10DLFb2Od6b64TuZorQ9RSrm_47ozwjMD7KatoeQ7AI2MjweIXCqIZq5rkhZzkk-qakABw4bZ9BNXGe2bcsG6fWu7cKS1TDe9G2q6iL15KjDIPlLnb42Y6v8QLVPGDnJSTTWAMPKGmHsbuE72TXT1sYuFCIaacqjr_3DFEIWJAxg9dzkGu7SlUKum8399rP-ShcOUIqp5t_GoRqsL1A2Qwgx_RgythP0o16bDVipTIhRUfwiZXlRuWas2uTRS0s3_uPM07UtQYoVQlKWE7NE%26lptoken%3D16ce75522975728b8715&rf=https%3A%2F%2Flp.bima-up.live%2F&rx=1268&ry=61&tz=%2B00%3A00 HTTP/1.1
Host: api.leadpages.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://untungbebek.lpages.co
Connection: keep-alive
Referer: https://untungbebek.lpages.co/
Cookie: view.AEbxHzGYBGpmqeMEqpLZnR-default-prop.gNhXck89wRbrbbtfnepL3R=1675295489000
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
access-control-max-age: 600
set-cookie: view.AEbxHzGYBGpmqeMEqpLZnR-default-prop.PDxHE2EuKzaRgSXfPiQJUh=1675295491000; Domain=api.leadpages.io; expires=Thu, 02 Feb 2023 23:51:30 GMT; httponly; Max-Age=86400; Path=/analytics/v1/events/capture; SameSite=None; secure
Server: Stargate
access-control-allow-origin: https://untungbebek.lpages.co
access-control-expose-headers: LP-Security-Token
x-request-id: 06nrpj0bpk78ml0rdr4g
access-control-allow-credentials: true
Date: Wed, 01 Feb 2023 23:51:30 GMT
X-Forwarded-For: 91.90.42.154
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Wed, 01 Feb 2023 23:51:30 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
200 OK 114 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 9f13130be445d8cedcf4b517d69b5c46
2542990147289804516a39fdef5413ce851f9b7d
9f181c17cfbbb01e4e5b0849f8ed25203d68156c118c03c932bb8d3794fc6f37
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 1199
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Wed, 01 Feb 2023 23:51:30 GMT
server: ESF
cache-control: private
content-length: 114
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
200 OK 114 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash e6c21fc66eba7dcc42dc9f52bf999113
de7fb33c0d0d3d7b092d573d9b5343941e1507df
d2ad7da1552252f891614f510325e6468bd8cdb227e848075c26ec45717d5c83
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 1012
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Wed, 01 Feb 2023 23:51:31 GMT
server: ESF
cache-control: private
content-length: 114
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash a4e78cd2b7bf5fc6f1cca140e98534e8
beedc5c234343a7b45e8ff799278e0d4f2900e80
daeb448f468ee0c0cbe0ce17b660c7e849d313c9590c8808412052eb77a0444f
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Wed, 01 Feb 2023 23:51:31 GMT
server: ESF
cache-control: private
content-length: 30769
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
api.leadpages.io/analytics/v1/observations/capture?version=1.7.13&origin=page-speed&kind=timer,timer,timer,timer,timer,timer,timer,timer,timer,timer&label=domain-lookup,connect,request,ttfb,response,loading,interactive,content-loaded,complete,load&value=2,479,246,748,6,760,2000,2037,3377,3379
200 OK 35 B URL HTTP/1.1 api.leadpages.io/analytics/v1/observations/capture?version=1.7.13&origin=page-speed&kind=timer,timer,timer,timer,timer,timer,timer,timer,timer,timer&label=domain-lookup,connect,request,ttfb,response,loading,interactive,content-loaded,complete,load&value=2,479,246,748,6,760,2000,2037,3377,3379
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
GET /analytics/v1/observations/capture?version=1.7.13&origin=page-speed&kind=timer,timer,timer,timer,timer,timer,timer,timer,timer,timer&label=domain-lookup,connect,request,ttfb,response,loading,interactive,content-loaded,complete,load&value=2,479,246,748,6,760,2000,2037,3377,3379 HTTP/1.1
Host: api.leadpages.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lp.bima-up.live/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
access-control-allow-credentials: true
Date: Wed, 01 Feb 2023 23:51:31 GMT
Server: Stargate
x-request-id: 06nrpj336265qkh1bob0
access-control-expose-headers: LP-Security-Token
X-Forwarded-For: 91.90.42.154
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
200 OK 114 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 5024cd03621b22c368a3db818337d555
6ed320d7d440c4e21fb36d661588ecd267c85413
05ba855aac99471ee715115820bf158dac30e8d6eefc0b36ec5de40100cf982e
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 1175
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Wed, 01 Feb 2023 23:51:31 GMT
server: ESF
cache-control: private
content-length: 114
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
api.leadpages.io/analytics/v1/observations/capture?origin=&version=1.2.5&correlateBy=nDgb4bzCj9ZG2fvvhLwSeg&kind=timer&label=bar_embed_load&value=593&tags=
200 OK 35 B URL HTTP/1.1 api.leadpages.io/analytics/v1/observations/capture?origin=&version=1.2.5&correlateBy=nDgb4bzCj9ZG2fvvhLwSeg&kind=timer&label=bar_embed_load&value=593&tags=
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
GET /analytics/v1/observations/capture?origin=&version=1.2.5&correlateBy=nDgb4bzCj9ZG2fvvhLwSeg&kind=timer&label=bar_embed_load&value=593&tags= HTTP/1.1
Host: api.leadpages.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://lp.bima-up.live
Connection: keep-alive
Referer: https://lp.bima-up.live/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
access-control-allow-credentials: true
Server: Stargate
access-control-allow-origin: https://lp.bima-up.live
access-control-expose-headers: LP-Security-Token
Date: Wed, 01 Feb 2023 23:51:31 GMT
x-request-id: 06nrpj33rem2ksbgnie0
access-control-max-age: 600
X-Forwarded-For: 91.90.42.154
api.leadpages.io/analytics/v1/observations/capture?version=1.8.6&correlateBy=78d3VBKWZowkQszV4ErFmE&origin=center-js&kind=timer,timer,counter,timer&label=load-center,load-identify,ident-new,send-events&value=160,44,1,559
200 OK 35 B URL HTTP/1.1 api.leadpages.io/analytics/v1/observations/capture?version=1.8.6&correlateBy=78d3VBKWZowkQszV4ErFmE&origin=center-js&kind=timer,timer,counter,timer&label=load-center,load-identify,ident-new,send-events&value=160,44,1,559
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
GET /analytics/v1/observations/capture?version=1.8.6&correlateBy=78d3VBKWZowkQszV4ErFmE&origin=center-js&kind=timer,timer,counter,timer&label=load-center,load-identify,ident-new,send-events&value=160,44,1,559 HTTP/1.1
Host: api.leadpages.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://lp.bima-up.live
Connection: keep-alive
Referer: https://lp.bima-up.live/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
access-control-allow-credentials: true
Server: Stargate
access-control-allow-origin: https://lp.bima-up.live
access-control-expose-headers: LP-Security-Token
Date: Wed, 01 Feb 2023 23:51:33 GMT
x-request-id: 06nrpji86glqoi5o9640
access-control-max-age: 600
X-Forwarded-For: 91.90.42.154
unphionetor.com/vbri?t=91302&bid=undefined&aid=undefined&tp=6664
204 No Content 0 B URL HTTP/2 unphionetor.com/vbri?t=91302&bid=undefined&aid=undefined&tp=6664
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
POST /vbri?t=91302&bid=undefined&aid=undefined&tp=6664 HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://lp.bima-up.live
Connection: keep-alive
Referer: https://lp.bima-up.live/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Wed, 01 Feb 2023 23:51:33 GMT
access-control-allow-origin: https://lp.bima-up.live
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: a274c836ced41caa9a27a65f29367067
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
api.leadpages.io/analytics/v1/observations/capture?version=1.8.6&correlateBy=vKXLQzUffuFvRLyS5C9zH6&origin=center-js&kind=timer,timer,counter,timer&label=load-center,load-identify,ident-exists,send-events&value=4,764,1,147
200 OK 35 B URL HTTP/1.1 api.leadpages.io/analytics/v1/observations/capture?version=1.8.6&correlateBy=vKXLQzUffuFvRLyS5C9zH6&origin=center-js&kind=timer,timer,counter,timer&label=load-center,load-identify,ident-exists,send-events&value=4,764,1,147
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
GET /analytics/v1/observations/capture?version=1.8.6&correlateBy=vKXLQzUffuFvRLyS5C9zH6&origin=center-js&kind=timer,timer,counter,timer&label=load-center,load-identify,ident-exists,send-events&value=4,764,1,147 HTTP/1.1
Host: api.leadpages.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://untungbebek.lpages.co
Connection: keep-alive
Referer: https://untungbebek.lpages.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
access-control-allow-credentials: true
Server: Stargate
access-control-allow-origin: https://untungbebek.lpages.co
access-control-expose-headers: LP-Security-Token
Date: Wed, 01 Feb 2023 23:51:35 GMT
x-request-id: 06nrpk21uqi6e527lol0
access-control-max-age: 600
X-Forwarded-For: 91.90.42.154
untungbebek.lpages.co/serve-leadbar/PDxHE2EuKzaRgSXfPiQJUh/?cep=K0B0bXIvjY3v1HVxApnMGRfxr4KEF1KMp9hNkZ3Prszwxv6PXHesOMg49P3X1YR046or4foVfRH30Ljv8cTslwB10DLFb2Od6b64TuZorQ9RSrm_47ozwjMD7KatoeQ7AI2MjweIXCqIZq5rkhZzkk-qakABw4bZ9BNXGe2bcsG6fWu7cKS1TDe9G2q6iL15KjDIPlLnb42Y6v8QLVPGDnJSTTWAMPKGmHsbuE72TXT1sYuFCIaacqjr_3DFEIWJAxg9dzkGu7SlUKum8399rP-ShcOUIqp5t_GoRqsL1A2Qwgx_RgythP0o16bDVipTIhRUfwiZXlRuWas2uTRS0s3_uPM07UtQYoVQlKWE7NE&lptoken=16ce75522975728b8715
200 OK 0 B URL HTTP/2 untungbebek.lpages.co/serve-leadbar/PDxHE2EuKzaRgSXfPiQJUh/?cep=K0B0bXIvjY3v1HVxApnMGRfxr4KEF1KMp9hNkZ3Prszwxv6PXHesOMg49P3X1YR046or4foVfRH30Ljv8cTslwB10DLFb2Od6b64TuZorQ9RSrm_47ozwjMD7KatoeQ7AI2MjweIXCqIZq5rkhZzkk-qakABw4bZ9BNXGe2bcsG6fWu7cKS1TDe9G2q6iL15KjDIPlLnb42Y6v8QLVPGDnJSTTWAMPKGmHsbuE72TXT1sYuFCIaacqjr_3DFEIWJAxg9dzkGu7SlUKum8399rP-ShcOUIqp5t_GoRqsL1A2Qwgx_RgythP0o16bDVipTIhRUfwiZXlRuWas2uTRS0s3_uPM07UtQYoVQlKWE7NE&lptoken=16ce75522975728b8715
IP
GET /serve-leadbar/PDxHE2EuKzaRgSXfPiQJUh/?cep=K0B0bXIvjY3v1HVxApnMGRfxr4KEF1KMp9hNkZ3Prszwxv6PXHesOMg49P3X1YR046or4foVfRH30Ljv8cTslwB10DLFb2Od6b64TuZorQ9RSrm_47ozwjMD7KatoeQ7AI2MjweIXCqIZq5rkhZzkk-qakABw4bZ9BNXGe2bcsG6fWu7cKS1TDe9G2q6iL15KjDIPlLnb42Y6v8QLVPGDnJSTTWAMPKGmHsbuE72TXT1sYuFCIaacqjr_3DFEIWJAxg9dzkGu7SlUKum8399rP-ShcOUIqp5t_GoRqsL1A2Qwgx_RgythP0o16bDVipTIhRUfwiZXlRuWas2uTRS0s3_uPM07UtQYoVQlKWE7NE&lptoken=16ce75522975728b8715 HTTP/1.1
Host: untungbebek.lpages.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lp.bima-up.live/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 01 Feb 2023 23:51:29 GMT
content-type: text/html
vary: Accept-Encoding
etag: W/"009a7dae7bacc32fa10579bedbe1913d"
last-modified: Sat, 21 May 2022 16:05:44 GMT
x-cache: MISS, HIT
cache-control: no-cache
server: Leadpages
strict-transport-security: max-age=15768000
content-encoding: br
X-Firefox-Spdy: h2
propeller-tracking.com/fv.js?t=91302
200 OK 0 B URL HTTP/2 propeller-tracking.com/fv.js?t=91302
IP
GET /fv.js?t=91302 HTTP/1.1
Host: propeller-tracking.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lp.bima-up.live/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 01 Feb 2023 23:51:29 GMT
content-type: text/javascript; charset=utf8
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 16c088c644f46afa728ffa3d2f687d5c
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Fira+Sans:300,400,500,700|Montserrat:300,400,500,700|Open+Sans:300,400,500,700
200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Fira+Sans:300,400,500,700|Montserrat:300,400,500,700|Open+Sans:300,400,500,700
IP
GET /css?family=Fira+Sans:300,400,500,700|Montserrat:300,400,500,700|Open+Sans:300,400,500,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lp.bima-up.live/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 01 Feb 2023 23:51:28 GMT
date: Wed, 01 Feb 2023 23:51:28 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.youtube.com/embed/GnY5fr2LYb8
200 OK 0 B URL HTTP/2 www.youtube.com/embed/GnY5fr2LYb8
IP
GET /embed/GnY5fr2LYb8 HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lp.bima-up.live/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 01 Feb 2023 23:51:29 GMT
strict-transport-security: max-age=31536000
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-resource-policy: cross-origin
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=g_PYkc0dn0E; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
DEVICE_INFO=ChxOekU1TlRNek9UTXpOalE0TkRnNE9EYzFNUT09EIH2654GGIH2654G; Domain=.youtube.com; Expires=Mon, 31-Jul-2023 23:51:29 GMT; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=XjTItDf_7TI; Domain=.youtube.com; Expires=Mon, 31-Jul-2023 23:51:29 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+604; expires=Fri, 31-Jan-2025 23:51:29 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.youtube.com/embed/NRuszNqkJww
200 OK 0 B URL HTTP/2 www.youtube.com/embed/NRuszNqkJww
IP
GET /embed/NRuszNqkJww HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lp.bima-up.live/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 01 Feb 2023 23:51:29 GMT
strict-transport-security: max-age=31536000
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=7qaXlYqJIU4; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
DEVICE_INFO=ChxOekU1TlRNek9UTXpOelF4TURVNU1EWTNPUT09EIH2654GGIH2654G; Domain=.youtube.com; Expires=Mon, 31-Jul-2023 23:51:29 GMT; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=TcGcFznQpQc; Domain=.youtube.com; Expires=Mon, 31-Jul-2023 23:51:29 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+669; expires=Fri, 31-Jan-2025 23:51:29 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.youtube.com/s/player/dac945fd/player_ias.vflset/en_US/base.js
200 OK 0 B URL HTTP/2 www.youtube.com/s/player/dac945fd/player_ias.vflset/en_US/base.js
IP
GET /s/player/dac945fd/player_ias.vflset/en_US/base.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/jHJp1ocCeVI
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding, Origin
content-encoding: br
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 613933
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 30 Jan 2023 16:59:36 GMT
expires: Tue, 30 Jan 2024 16:59:36 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 30 Jan 2023 01:18:05 GMT
content-type: text/javascript
age: 197513
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
18.192.108.151
216.58.207.227
23.36.77.32
139.45.197.236
0.0.0.0