| track.bima-up.live/de584bf5-dcdd-4a7a-b093-7d311597bc98 | 18.192.108.151 | 302 | 0 B |
URL HTTP/1.1track.bima-up.live/de584bf5-dcdd-4a7a-b093-7d311597bc98 IP18.192.108.151:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /de584bf5-dcdd-4a7a-b093-7d311597bc98 HTTP/1.1
Host: track.bima-up.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302
Server: nginx
Date: Sun, 29 Jan 2023 07:38:32 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://lp.bima-up.live/anda-menang-kami-bayar/?cep=seRlpZC5kSuPvF-KFyijmgX3cU-enYxZHWZNl2FL4PbGMFAbWNl8Fzw0E0tvt4bG8KcZ9hl_QZq3stEpgoL_vvTv2uB0jxMLPCEG-Is0GcFR4L1fgPhMUZcmH57A224vQFu-btKSxX-nSPQqealkKb_Yr7InXAOl80pT8LWZwXRHOJZo4drB75RB1-qnA7nS6SKmJHLlMn6DvbUe3WPJTdPzXJkwCOfDL4qBdlDd6CxrNaZ4tixWeYXQzZbakuM5BEalyzfWrZsnOu08JhBjQf3pQvblo8Qsb2qVD0KZONFav84tQOnuxrSCZ7rPp4jYQ7Xz1RPYghNv4f2gREoM1llrzenc6_G2fNGUxLdC2IM&lptoken=16e574e997c5971812c7
Pragma: no-cache
Set-Cookie: de584bf5-dcdd-4a7a-b093-7d311597bc98-v4=c0UU-KspzR3ZVgK3xNjDCHV-BVR4bWfVjxp1a96Don0; Max-Age=86400; Expires=Mon, 30-Jan-2023 07:38:32 GMT; Domain=track.bima-up.live; Path=/; HttpOnly
cep-v4=j9y7avGwB3h7JjmrPa-72wLbXERmla8tX4szCwuwxHjcpF9EJa5339vA5A5xE_DuqQ9QJMHufn6unP67d3mra0KdBBfwVL_U9JcYUgh58ar9ynkhxB96AejhS8s2u0kPLJ8IjNahwC6I94giVLEne2Y-N4GjKsG-dGHOu6WCdFjzyjw3l6KOPLlCn0fGoTSYVvAymoT_JsoPmuUec-W4ajrLPfuy2v8PPCSsLUQa30PkhEaR5cBKS_3jJUgQoq2pXHKW416PNCoMhx69H57OawFflyUZ0ZXZl-Jej66Tu-mi1NnR8ZY_6G-Ux1NBDt90bwYdwEJXBSQsiLgcqFo7rniYfUT9LOt_yDvf6sBdGkU; Max-Age=86400; Expires=Mon, 30-Jan-2023 07:38:32 GMT; Domain=track.bima-up.live; Path=/; HttpOnly
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hasha2104f935c638b4767ca5ae0d738ef23 85c6af15af749be0ceeae6de17c36925b750f166 5d4789a3696bd7faa9916768cb627bbc89bf70a756d80e53860cbac13c2bc8b1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5D4789A3696BD7FAA9916768CB627BBC89BF70A756D80E53860CBAC13C2BC8B1"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2771
Expires: Sun, 29 Jan 2023 08:24:43 GMT
Date: Sun, 29 Jan 2023 07:38:32 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hash3eb88dea4fe00db1182370e72683c3ab ca520abf1e91bfd2aef40c6a1270a911071e8922 d8083ee567c7b3023111dc30f32c94237df7db30d4d2daaea0a569e8a3069ad7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D8083EE567C7B3023111DC30F32C94237DF7DB30D4D2DAAEA0A569E8A3069AD7"
Last-Modified: Sat, 28 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7448
Expires: Sun, 29 Jan 2023 09:42:40 GMT
Date: Sun, 29 Jan 2023 07:38:32 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hash302c7548412192add063ad6c8b99cf3b e5d178931a27db036ce8daae302594d3ff7050b8 fc2bd9091006189e67e8074093805ee5492ce16e1dbfba32e083abeeae34969d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FC2BD9091006189E67E8074093805EE5492CE16E1DBFBA32E083ABEEAE34969D"
Last-Modified: Sat, 28 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2540
Expires: Sun, 29 Jan 2023 08:20:52 GMT
Date: Sun, 29 Jan 2023 07:38:32 GMT
Connection: keep-alive
|
|
| firefox.settings.services.mozilla.com/v1/ | 35.241.9.150 | 200 OK | 939 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/ IP35.241.9.150:0
File typeJSON data\012- , ASCII text, with very long lines (939), with no line terminators Hashdcd75ca6daca51c5e39d431468511793 07f76d3bf23d65c9110d810fa71a994e39e085d3 73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Retry-After, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 29 Jan 2023 06:43:08 GMT
content-type: application/json
age: 3324
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain | 34.160.144.191 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain IP34.160.144.191:0
File typePEM certificate\012- , ASCII text Hash7b922915ebf1fa3639b333f994c74f24 144a3f80b98fd0652d4614f24cf6cbbee40f8938 adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: y+wHS2sp14rfpGABosHgi9hpiDvLZ0OhbUClQsuw2PzzlmT6eLc4kKGWO1y5p+vHWew62a6Mlsc=
x-amz-request-id: SR2FAPK4C3E44X2B
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 29 Jan 2023 06:50:13 GMT
age: 2899
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 07:38:32 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US | 35.241.9.150 | 200 OK | 329 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP35.241.9.150:0
File typeJSON data\012- , ASCII text, with very long lines (329), with no line terminators Hash0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Last-Modified, Pragma, ETag, Retry-After, Content-Type, Content-Length, Expires, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 29 Jan 2023 06:41:41 GMT
age: 3411
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hash9d8453299a9b12bbc3dd0388b9ac7563 0e16c8eca909c7db35b72e84745a7bb5814fb712 fb03906a3c348f4e546a0644907a4d479c95229b7dfc3d42256d4e2a1c8e553e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FB03906A3C348F4E546A0644907A4D479C95229B7DFC3D42256D4E2A1C8E553E"
Last-Modified: Fri, 27 Jan 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Sun, 29 Jan 2023 13:38:32 GMT
Date: Sun, 29 Jan 2023 07:38:32 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hash16a7b6a7128312e2f985d30df18c4487 6017bff79ffb525d9c7f9f32b999b74b5dc69602 663fd12209627f08e759c2ed1c76278a5da79dae1e0b46082dd1bb44775f7a16
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "663FD12209627F08E759C2ED1C76278A5DA79DAE1E0B46082DD1BB44775F7A16"
Last-Modified: Fri, 27 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6059
Expires: Sun, 29 Jan 2023 09:19:31 GMT
Date: Sun, 29 Jan 2023 07:38:32 GMT
Connection: keep-alive
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.163 | 200 OK | 472 B |
IP142.250.74.163:0
Hashbab8a4c1e6bb2e6c9cc00222eef1235d 1a5dd108e9f9aaf33bc048b0097a9f510d295cad fd182297a143655a9142e3ee5bbafefd76ca974094f43fb695611f6876f3ab63
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 07:38:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.163 | 200 OK | 471 B |
IP142.250.74.163:0
Hash8c630e9bbc930d1c367efa81b67be3f7 ec536695531d40a813d99a06271c7c2d698d51d3 39ca0a60c3e2e85712757ead0830d0da82beac1e4f44b6e90243e5ca9326bf4b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 07:38:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/s/gts1d4/nQd1R-k6YuY | 142.250.74.163 | 200 OK | 471 B |
URL HTTP/1.1ocsp.pki.goog/s/gts1d4/nQd1R-k6YuY IP142.250.74.163:0
Hash3fc3cf3c388f0b624f939fd2304c3642 5cb9c16a34a3ba091bf64c06cee15b4b8bf3fff7 c037a6dac2989252803eadbc22afbdeb42519cf7a13cc0ce92516192ff94cd45
POST /s/gts1d4/nQd1R-k6YuY HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 07:38:33 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| embed.lpcontent.net/leadbars/current/embed.js | 34.107.203.240 | 200 OK | 16 kB |
URL HTTP/2embed.lpcontent.net/leadbars/current/embed.js IP34.107.203.240:0
File typeASCII text, with very long lines (28113) Hashb9f809b10ab66614a668cbe638c8458c eb21b6e5016f798c3678a98c4a5d7c720b670271 9646fe51c10c2983d666660bfd15689ddffc4bda41170ad0daec76d1877577e6
GET /leadbars/current/embed.js HTTP/1.1
Host: embed.lpcontent.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lp.bima-up.live/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
vary: Accept-Encoding
x-cloud-trace-context: a5f40fbcf0f3bb8fa57fb2e073b6a6a6
content-encoding: gzip
server: Google Frontend
via: 1.1 google
content-length: 15839
date: Sun, 29 Jan 2023 07:36:31 GMT
expires: Sun, 29 Jan 2023 07:41:31 GMT
cache-control: public, max-age=300
age: 122
etag: "rvb96Q"
content-type: application/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| push.services.mozilla.com/ | 54.187.102.159 | 101 Switching Protocols | 0 B |
URL HTTP/1.1push.services.mozilla.com/ IP54.187.102.159:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: OzzbOolWWF3IKJGS+D7DqQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: dHHGNSkedz/pv2oDHHGHdh2WYOM=
|
|
| www.googletagmanager.com/gtag/js?id=G-DN42Q62RRE | 142.250.74.40 | 200 OK | 77 kB |
URL HTTP/2www.googletagmanager.com/gtag/js?id=G-DN42Q62RRE IP142.250.74.40:0
File typeASCII text, with very long lines (19467) Hash4839d922e505d5d599f8a65d6401baf4 a121186020a51dce1aca26a5f4a4ab63cb439454 7774f0b3780fa500f4f29f704ccecac93d09430eab6b0f52b381c5650155bf67
GET /gtag/js?id=G-DN42Q62RRE HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lp.bima-up.live/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 29 Jan 2023 07:38:33 GMT
expires: Sun, 29 Jan 2023 07:38:33 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 77195
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/s/gts1d4/FnnVkHgPuNk | 142.250.74.163 | 200 OK | 472 B |
URL HTTP/1.1ocsp.pki.goog/s/gts1d4/FnnVkHgPuNk IP142.250.74.163:0
Hash44b6b7a8a52259991e0fabd86051f4af 8c4148174467fea5c20b944325e65a87f6c98884 db31e5dbcd8424e9e04e1798fba48ff10bf37ae3e72216e29e5c4cc4800cd53e
POST /s/gts1d4/FnnVkHgPuNk HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 07:38:33 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| static.leadpages.net/fonts/font-awesome/5.14.0/css/all.min.css | 34.107.203.240 | 200 OK | 15 kB |
URL HTTP/2static.leadpages.net/fonts/font-awesome/5.14.0/css/all.min.css IP34.107.203.240:0
File typeASCII text, with very long lines (58749) Hashf42272a0f636e716204c0bec503ba28c 2dfd630f7b31d442fb25aca978b26c0efe377481 3ede591eca234ade8e54d107d4b391129bdedff614876fd513ab94aaa0b7e7d4
GET /fonts/font-awesome/5.14.0/css/all.min.css HTTP/1.1
Host: static.leadpages.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
vary: Accept-Encoding
x-cloud-trace-context: 6d0c6ed46f0ad3268d1bd7b3e1ebb29d
content-encoding: gzip
server: Google Frontend
via: 1.1 google
date: Wed, 18 Jan 2023 22:06:45 GMT
expires: Thu, 18 Jan 2024 22:06:45 GMT
cache-control: public, max-age=31536000
etag: "rvb96Q"
content-type: text/css
content-length: 14628
age: 898308
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.163 | 200 OK | 472 B |
IP142.250.74.163:0
Hashbab8a4c1e6bb2e6c9cc00222eef1235d 1a5dd108e9f9aaf33bc048b0097a9f510d295cad fd182297a143655a9142e3ee5bbafefd76ca974094f43fb695611f6876f3ab63
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 07:38:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.163 | 200 OK | 471 B |
IP142.250.74.163:0
Hash8c630e9bbc930d1c367efa81b67be3f7 ec536695531d40a813d99a06271c7c2d698d51d3 39ca0a60c3e2e85712757ead0830d0da82beac1e4f44b6e90243e5ca9326bf4b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 07:38:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/s/gts1d4/FnnVkHgPuNk | 142.250.74.163 | 200 OK | 472 B |
URL HTTP/1.1ocsp.pki.goog/s/gts1d4/FnnVkHgPuNk IP142.250.74.163:0
Hash44b6b7a8a52259991e0fabd86051f4af 8c4148174467fea5c20b944325e65a87f6c98884 db31e5dbcd8424e9e04e1798fba48ff10bf37ae3e72216e29e5c4cc4800cd53e
POST /s/gts1d4/FnnVkHgPuNk HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 07:38:33 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| fonts.googleapis.com/css?family=Fira+Sans:300,400,500,700|Montserrat:300,400,500,700|Open+Sans:300,400,500,700 | 142.250.74.106 | 200 OK | 1.6 kB |
URL HTTP/2fonts.googleapis.com/css?family=Fira+Sans:300,400,500,700|Montserrat:300,400,500,700|Open+Sans:300,400,500,700 IP142.250.74.106:0
Hash407cfec9ff70604d157eafe41f9481f9 60cfc39d8d8e77692cd4a22affab1537cd37d563 25687d4666ce1bf37c1f3e12732a44e90d91a15ef7e296c852b5b1e97d8ea778
GET /css?family=Fira+Sans:300,400,500,700|Montserrat:300,400,500,700|Open+Sans:300,400,500,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lp.bima-up.live/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 29 Jan 2023 07:38:33 GMT
date: Sun, 29 Jan 2023 07:38:33 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/s/gts1d4/WT_FO6-f4_k | 142.250.74.163 | 200 OK | 471 B |
URL HTTP/1.1ocsp.pki.goog/s/gts1d4/WT_FO6-f4_k IP142.250.74.163:0
Hash2ffcd000a2057271ff3b9aef46ec506d 460dd905166a3c985ef39bc15978a26d5c03ffd8 6a3c05d702734e44de8d8f85694c07d54f9d0a9b8de612a8a2a0f6946e9fecb6
POST /s/gts1d4/WT_FO6-f4_k HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 07:38:33 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| js.center.io/center.js | 216.239.32.21 | 200 OK | 5.4 kB |
IP216.239.32.21:0
File typeASCII text, with very long lines (566) Hash276609e3cfacad7622ab02bcd80a5f75 26fbc873773aada776b4cb2120a63130754f79ee 2037635942b2f0bde97187a1e26846a90f1c3e4944d5673b1be2a8d4376f2f9c
GET /center.js HTTP/1.1
Host: js.center.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lp.bima-up.live/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-cloud-trace-context: b24ba3d29f3fcd97f9f3c386f8e5db79
content-encoding: gzip
server: Google Frontend
content-length: 5417
date: Sun, 29 Jan 2023 07:33:48 GMT
expires: Sun, 29 Jan 2023 07:38:48 GMT
cache-control: public, max-age=300
age: 285
etag: "OMWYXg"
content-type: application/javascript
X-Firefox-Spdy: h2
|
|
| js.center.io/identify.html | 216.239.32.21 | 200 OK | 2.0 kB |
URL HTTP/2js.center.io/identify.html IP216.239.32.21:0
File typeHTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (612) Hashc16ca7cb44a55621b5a53b8d3066ef99 9d19d037b0f6c1c12aa6cc3e378e13093272b0d3 9fb2d501b3b8e18a65f3eff4634517306fe997abb6dc3d821216bf33e3e91f3a
GET /identify.html HTTP/1.1
Host: js.center.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lp.bima-up.live/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-cloud-trace-context: 9bd26cbb2eab58d6ba41773894ab70cb
content-encoding: gzip
server: Google Frontend
content-length: 2016
date: Sun, 29 Jan 2023 07:33:36 GMT
expires: Sun, 29 Jan 2023 07:38:36 GMT
cache-control: public, max-age=300
age: 297
etag: "OMWYXg"
content-type: text/html
X-Firefox-Spdy: h2
|
|
| ocsp.sectigo.com/ | 104.18.32.68 | 200 OK | 471 B |
IP104.18.32.68:0
Hash73a7ff43ac3116b22f3a79efb2638533 2c150ac52c970516e76b94cf7e150031d4c567bc 13aaff0d8adef1d2fffa19b0d43691178dd517a219bece4e406275b37b44e4fb
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 07:38:33 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 25 Jan 2023 20:20:01 GMT
Expires: Wed, 01 Feb 2023 20:20:00 GMT
Etag: "2c150ac52c970516e76b94cf7e150031d4c567bc"
Cache-Control: max-age=304286,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 79104f153e56b4eb-OSL
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.163 | 200 OK | 472 B |
IP142.250.74.163:0
Hashef589be52a3e55b643978f17949a73da 74545de6f144282252ff92c751f97cc835c80341 7bfa68c43e60a2627770163b5c1b96fbd7e4843984ad5ff6225c5490b8073b26
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 07:38:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.163 | 200 OK | 472 B |
IP142.250.74.163:0
Hashef589be52a3e55b643978f17949a73da 74545de6f144282252ff92c751f97cc835c80341 7bfa68c43e60a2627770163b5c1b96fbd7e4843984ad5ff6225c5490b8073b26
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 07:38:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.163 | 200 OK | 472 B |
IP142.250.74.163:0
Hashef589be52a3e55b643978f17949a73da 74545de6f144282252ff92c751f97cc835c80341 7bfa68c43e60a2627770163b5c1b96fbd7e4843984ad5ff6225c5490b8073b26
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 07:38:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.163 | 200 OK | 471 B |
IP142.250.74.163:0
Hash8cf65fcdafa84b63cf7005fe57927fcb 3f7d163a96e7f00eb2de9828624ec46e22b4b40a dfcf629cc49444f646f3a014014a91e36251b4b43655ce2e2eca55263dd196e3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 07:38:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.163 | 200 OK | 471 B |
IP142.250.74.163:0
Hash8cf65fcdafa84b63cf7005fe57927fcb 3f7d163a96e7f00eb2de9828624ec46e22b4b40a dfcf629cc49444f646f3a014014a91e36251b4b43655ce2e2eca55263dd196e3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 07:38:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.163 | 200 OK | 471 B |
IP142.250.74.163:0
Hash8cf65fcdafa84b63cf7005fe57927fcb 3f7d163a96e7f00eb2de9828624ec46e22b4b40a dfcf629cc49444f646f3a014014a91e36251b4b43655ce2e2eca55263dd196e3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 07:38:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.163 | 200 OK | 471 B |
IP142.250.74.163:0
Hash8cf65fcdafa84b63cf7005fe57927fcb 3f7d163a96e7f00eb2de9828624ec46e22b4b40a dfcf629cc49444f646f3a014014a91e36251b4b43655ce2e2eca55263dd196e3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 07:38:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 | 142.250.74.67 | 200 OK | 45 kB |
URL HTTP/2fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 IP142.250.74.67:0
File typeWeb Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data Hash565ce506190ad3af920b40baf1794cec ad3cba5d06100e09449a864d3b5e58403b478b3d 8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://lp.bima-up.live
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 23 Jan 2023 18:52:41 GMT
expires: Tue, 23 Jan 2024 18:52:41 GMT
cache-control: public, max-age=31536000
age: 477952
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/firasans/v16/va9E4kDNxMZdWfMOD5Vvl4jL.woff2 | 142.250.74.67 | 200 OK | 23 kB |
URL HTTP/2fonts.gstatic.com/s/firasans/v16/va9E4kDNxMZdWfMOD5Vvl4jL.woff2 IP142.250.74.67:0
File typeWeb Open Font Format (Version 2), TrueType, length 22592, version 1.0\012- data Hash4528524c7142b4e2d5c0438763223328 d439d881fd8c4f41e77c2fb07678e53fce3e331a ea03bd5d723c75f6d0a9419d4f9651afd78ea2a4abfcee7f926cbde0681a2671
GET /s/firasans/v16/va9E4kDNxMZdWfMOD5Vvl4jL.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://lp.bima-up.live
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 22592
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 27 Jan 2023 15:54:44 GMT
expires: Sat, 27 Jan 2024 15:54:44 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 21 Apr 2022 16:51:36 GMT
content-type: font/woff2
age: 143029
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 | 142.250.74.67 | 200 OK | 31 kB |
URL HTTP/2fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 IP142.250.74.67:0
File typeWeb Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data Hashac0d2859ea5f8fd6bcb3c305c08ec184 7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7 ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://lp.bima-up.live
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 27 Jan 2023 07:08:09 GMT
expires: Sat, 27 Jan 2024 07:08:09 GMT
cache-control: public, max-age=31536000
age: 174624
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/firasans/v16/va9B4kDNxMZdWfMOD5VnLK3eRhf6.woff2 | 142.250.74.67 | 200 OK | 24 kB |
URL HTTP/2fonts.gstatic.com/s/firasans/v16/va9B4kDNxMZdWfMOD5VnLK3eRhf6.woff2 IP142.250.74.67:0
File typeWeb Open Font Format (Version 2), TrueType, length 23724, version 1.0\012- data Hash2ca1253c8e47277b38c02353cdf32102 3cd0373fd1ae7ad8cb62ff8f2200193a7e8977e7 51aa1f55f3d344d82ece24055a31012cf77d10cc4a2f9307f5dea293118d40f1
GET /s/firasans/v16/va9B4kDNxMZdWfMOD5VnLK3eRhf6.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://lp.bima-up.live
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23724
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 26 Jan 2023 00:13:15 GMT
expires: Fri, 26 Jan 2024 00:13:15 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 21 Apr 2022 16:58:19 GMT
content-type: font/woff2
age: 285918
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.youtube.com/s/player/4248d311/www-player.css | 142.250.74.174 | 200 OK | 50 kB |
URL HTTP/2www.youtube.com/s/player/4248d311/www-player.css IP142.250.74.174:0
File typeASCII text, with very long lines (65536), with no line terminators Hash8a6331ed48be29c59230b0c7360068de 22a20436f427d6b8e26eb30ed9aab51a43d389bf 72f0818ab04697fc29d331b2add584f3cd5e269446c7297300701a4666c9d95e
GET /s/player/4248d311/www-player.css HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/jHJp1ocCeVI
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 49911
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 26 Jan 2023 17:26:43 GMT
expires: Fri, 26 Jan 2024 17:26:43 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 12 Jan 2023 01:15:11 GMT
content-type: text/css
age: 223910
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.163 | 200 OK | 471 B |
IP142.250.74.163:0
Hash8cf65fcdafa84b63cf7005fe57927fcb 3f7d163a96e7f00eb2de9828624ec46e22b4b40a dfcf629cc49444f646f3a014014a91e36251b4b43655ce2e2eca55263dd196e3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 07:38:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| www.youtube.com/s/player/4248d311/www-embed-player.vflset/www-embed-player.js | 142.250.74.174 | 200 OK | 109 kB |
URL HTTP/2www.youtube.com/s/player/4248d311/www-embed-player.vflset/www-embed-player.js IP142.250.74.174:0
File typeASCII text, with very long lines (679) Size109 kB (109432 bytes) Hash711fcfe6f1ab52d89ab3474d437c1e48 b2f3e69e9d40b193de5e76ae13c6ad9ce0a8e537 361236d1317543e128074c35d22d65a2ba70f6ce9906b07a543e6b3c96239019
GET /s/player/4248d311/www-embed-player.vflset/www-embed-player.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/jHJp1ocCeVI
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 109432
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 28 Jan 2023 07:29:42 GMT
expires: Sun, 28 Jan 2024 07:29:42 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 12 Jan 2023 01:15:11 GMT
content-type: text/javascript
age: 86931
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hash8bda1287a2cfcfdb3d1307f51166b69e c2cab120270d422f74b68b1c73eff9024c826576 c192db50a7d43f457ca7e7388c69acc982861c8eb5d7eec4d686b416b2b09290
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C192DB50A7D43F457CA7E7388C69ACC982861C8EB5D7EEC4D686B416B2B09290"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2667
Expires: Sun, 29 Jan 2023 08:23:00 GMT
Date: Sun, 29 Jan 2023 07:38:33 GMT
Connection: keep-alive
|
|
| www.youtube.com/s/player/4248d311/player_ias.vflset/en_US/base.js | 142.250.74.174 | 200 OK | 611 kB |
URL HTTP/2www.youtube.com/s/player/4248d311/player_ias.vflset/en_US/base.js IP142.250.74.174:0
File typeASCII text, with very long lines (517) Size611 kB (611243 bytes) Hash4bafbf546e35e79d802b8e836cf03e3b cff2ccd4542a73b82c18cdac6b3e4af01198566e da6660452c1ebd120eb25d4c1a742e2fe20cf5ccfbd3523acb5e1d5693170d70
GET /s/player/4248d311/player_ias.vflset/en_US/base.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/jHJp1ocCeVI
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding, Origin
content-encoding: br
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 611243
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 28 Jan 2023 10:35:46 GMT
expires: Sun, 28 Jan 2024 10:35:46 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 12 Jan 2023 01:15:11 GMT
content-type: text/javascript
age: 75767
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 | 142.250.74.67 | 200 OK | 15 kB |
URL HTTP/2fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 IP142.250.74.67:0
File typeWeb Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data Hash5d4aeb4e5f5ef754e307d7ffaef688bd 06db651cdf354c64a7383ea9c77024ef4fb4cef8 3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 26 Jan 2023 21:48:03 GMT
expires: Fri, 26 Jan 2024 21:48:03 GMT
cache-control: public, max-age=31536000
age: 208230
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.youtube.com/s/player/4248d311/fetch-polyfill.vflset/fetch-polyfill.js | 142.250.74.174 | 200 OK | 2.8 kB |
URL HTTP/2www.youtube.com/s/player/4248d311/fetch-polyfill.vflset/fetch-polyfill.js IP142.250.74.174:0
File typeAlgol 68 source text\012- Pascal source, ASCII text, with very long lines (555) Hash80fe2d229007996c8397073b00755dc7 121f82c77bcf2a297a1085e3b092415c463fcafe 033dfa8941482c82d4f1aaa4a9172fb379b9e46a02d5b36297c5476bbbfdea2c
GET /s/player/4248d311/fetch-polyfill.vflset/fetch-polyfill.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/jHJp1ocCeVI
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 2786
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 28 Jan 2023 20:21:26 GMT
expires: Sun, 28 Jan 2024 20:21:26 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 12 Jan 2023 01:15:11 GMT
content-type: text/javascript
age: 40627
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 | 142.250.74.67 | 200 OK | 16 kB |
URL HTTP/2fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 IP142.250.74.67:0
File typeWeb Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data Hash285467176f7fe6bb6a9c6873b3dad2cc ea04e4ff5142ddd69307c183def721a160e0a64e 5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 26 Jan 2023 16:40:43 GMT
expires: Fri, 26 Jan 2024 16:40:43 GMT
cache-control: public, max-age=31536000
age: 226670
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.163 | 200 OK | 472 B |
IP142.250.74.163:0
Hashef589be52a3e55b643978f17949a73da 74545de6f144282252ff92c751f97cc835c80341 7bfa68c43e60a2627770163b5c1b96fbd7e4843984ad5ff6225c5490b8073b26
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 07:38:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| propeller-tracking.com/fv.js?t=91302 | 139.45.197.240 | 200 OK | 2.2 kB |
URL HTTP/2propeller-tracking.com/fv.js?t=91302 IP139.45.197.240:0
File typeASCII text, with very long lines (5213), with no line terminators Hash0254fb1dad74628b7ad0f97d304fac92 35f7af13a08eb87023ec7df4d3c35c21b2cde79d 47fb6ce428ca80ea69b772e4f66e4e5c622a4005db601746033d04511bd27536
GET /fv.js?t=91302 HTTP/1.1
Host: propeller-tracking.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lp.bima-up.live/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 07:38:33 GMT
content-type: text/javascript; charset=utf8
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 7f53dda956b8bdbdfffbfec5955b5c31
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.163 | 200 OK | 472 B |
IP142.250.74.163:0
Hashbc7c4f207ec97cacb1eedd94d2f6b371 5f0948a39435ace8bacc4ac5fb3df19045908e42 bfb24fe4a1cb45a068b0a6432b03c20d00ea178aabea23498f2d1f0273bf6e1b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 07:38:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.163 | 200 OK | 472 B |
IP142.250.74.163:0
Hashbc7c4f207ec97cacb1eedd94d2f6b371 5f0948a39435ace8bacc4ac5fb3df19045908e42 bfb24fe4a1cb45a068b0a6432b03c20d00ea178aabea23498f2d1f0273bf6e1b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 07:38:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| lh3.googleusercontent.com/pH1B-__QYB4JNiqWLdfrDL6NQyVYHA8OGFtcuDFCMS6fxdiHMTLnAFcQ0rNDD-h6AGTzEtFM2grpXiTazhvWY1oRJeUCj0xF1Q=w16 | 216.58.211.1 | 200 OK | 306 B |
URL HTTP/2lh3.googleusercontent.com/pH1B-__QYB4JNiqWLdfrDL6NQyVYHA8OGFtcuDFCMS6fxdiHMTLnAFcQ0rNDD-h6AGTzEtFM2grpXiTazhvWY1oRJeUCj0xF1Q=w16 IP216.58.211.1:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 16x6, components 3\012- data Hash02d40e78c39675e156af99b63a4fba71 b1c37963d09eadb59eaa1a827d102c93cc913a4d 0ed4f3c70c0138d4d52c9f1fca3850d29ec909e2c60f5268b2a1abda7462d143
GET /pH1B-__QYB4JNiqWLdfrDL6NQyVYHA8OGFtcuDFCMS6fxdiHMTLnAFcQ0rNDD-h6AGTzEtFM2grpXiTazhvWY1oRJeUCj0xF1Q=w16 HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lp.bima-up.live/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 306
x-xss-protection: 0
date: Sun, 29 Jan 2023 07:13:46 GMT
expires: Sat, 28 Jan 2023 10:12:01 GMT
cache-control: public, max-age=86400, no-transform
age: 1487
etag: "v1"
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| lh3.googleusercontent.com/s-HcPfURzqhOjEIa2NK-sRGGF3x_btDbVhFjAvD8L4_0b8L1sOhoXR6y1yCzeUQpPEr0x2NDpV5o7TIL5ppEKxwcb_XyJaD9xA=w16 | 216.58.211.1 | 200 OK | 498 B |
URL HTTP/2lh3.googleusercontent.com/s-HcPfURzqhOjEIa2NK-sRGGF3x_btDbVhFjAvD8L4_0b8L1sOhoXR6y1yCzeUQpPEr0x2NDpV5o7TIL5ppEKxwcb_XyJaD9xA=w16 IP216.58.211.1:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 16x16, components 3\012- data Hash9a1305895bd9442f83415fff3521d883 18963286e387a7643ebea60a1b2a5c03b746f22a 9562aa2e4ad347d9999ef66daf5b88ccd3b66363949ff7594396b87aec04496c
GET /s-HcPfURzqhOjEIa2NK-sRGGF3x_btDbVhFjAvD8L4_0b8L1sOhoXR6y1yCzeUQpPEr0x2NDpV5o7TIL5ppEKxwcb_XyJaD9xA=w16 HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lp.bima-up.live/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 498
x-xss-protection: 0
date: Sun, 29 Jan 2023 04:07:51 GMT
expires: Sat, 28 Jan 2023 02:15:44 GMT
cache-control: public, max-age=86400, no-transform
age: 12642
etag: "v1"
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.163 | 200 OK | 472 B |
IP142.250.74.163:0
Hashbc7c4f207ec97cacb1eedd94d2f6b371 5f0948a39435ace8bacc4ac5fb3df19045908e42 bfb24fe4a1cb45a068b0a6432b03c20d00ea178aabea23498f2d1f0273bf6e1b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 07:38:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| lh3.googleusercontent.com/HzmJZp3fFS76nwlbCEWhwtE4IZl1uyuCw22s59NBA6DzuekdjR1tfA6s9JuN6k_YYPu7IyQnTW_8eHVid8pSA_slytgo88s_cw=w16 | 216.58.211.1 | 200 OK | 513 B |
URL HTTP/2lh3.googleusercontent.com/HzmJZp3fFS76nwlbCEWhwtE4IZl1uyuCw22s59NBA6DzuekdjR1tfA6s9JuN6k_YYPu7IyQnTW_8eHVid8pSA_slytgo88s_cw=w16 IP216.58.211.1:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 16x16, components 3\012- data Hash361a44383f241170edaa64306554ac80 33b3763d8d0242a71f16201c922e66786be043a7 39216f15840014369f9180f2e859d646b8a9e3b3c502bd3fb3b83cf5084d36a5
GET /HzmJZp3fFS76nwlbCEWhwtE4IZl1uyuCw22s59NBA6DzuekdjR1tfA6s9JuN6k_YYPu7IyQnTW_8eHVid8pSA_slytgo88s_cw=w16 HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lp.bima-up.live/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 513
x-xss-protection: 0
date: Sun, 29 Jan 2023 04:07:51 GMT
expires: Sun, 29 Jan 2023 07:02:15 GMT
cache-control: public, max-age=86400, no-transform
age: 12642
etag: "v1"
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| lh3.googleusercontent.com/4HHJbrsxG4owrDxldwZUkuvzYhX1LDn6dOcZTyOQ9hcPPpyyyT3Vm-cklqOdflj3YsUf4b9hWN9PRaUCmnWpVGCHFHHGobGSQw=w16 | 216.58.211.1 | 200 OK | 498 B |
URL HTTP/2lh3.googleusercontent.com/4HHJbrsxG4owrDxldwZUkuvzYhX1LDn6dOcZTyOQ9hcPPpyyyT3Vm-cklqOdflj3YsUf4b9hWN9PRaUCmnWpVGCHFHHGobGSQw=w16 IP216.58.211.1:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 16x16, components 3\012- data Hashbc7483f00f3d080acc9dff6e71918f9b 1cafe317c09983cefe3204b3101c480efa0e6f2c 419d8e4749e86614aac923a3738b912841c8184b6f97f6913b28d6412ed4e1ca
GET /4HHJbrsxG4owrDxldwZUkuvzYhX1LDn6dOcZTyOQ9hcPPpyyyT3Vm-cklqOdflj3YsUf4b9hWN9PRaUCmnWpVGCHFHHGobGSQw=w16 HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lp.bima-up.live/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 498
x-xss-protection: 0
date: Sun, 29 Jan 2023 05:57:51 GMT
expires: Sun, 29 Jan 2023 00:42:11 GMT
cache-control: public, max-age=86400, no-transform
age: 6042
etag: "v1"
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| lh3.googleusercontent.com/FF4vm0tlyzY4yPGinFPxlj6Se3WzTxPcEx7X7BAQP_NXBFVeNHHWXQW9O9PB9XADk9UbO9V3RaL3LiEG-_2FBOyf4X39_aRnOQ-k=w16 | 216.58.211.1 | 200 OK | 321 B |
URL HTTP/2lh3.googleusercontent.com/FF4vm0tlyzY4yPGinFPxlj6Se3WzTxPcEx7X7BAQP_NXBFVeNHHWXQW9O9PB9XADk9UbO9V3RaL3LiEG-_2FBOyf4X39_aRnOQ-k=w16 IP216.58.211.1:0
File typePNG image data, 16 x 7, 8-bit colormap, non-interlaced\012- data Hash4469ac89e71370537f6b3e3c9be43637 c111a83fb21c9c24bfb41c20f84e6f4183ee4046 edf54d8ef9e3c308f375b863a94cab3c48133917e96a29479ce09e4ccf1439ea
GET /FF4vm0tlyzY4yPGinFPxlj6Se3WzTxPcEx7X7BAQP_NXBFVeNHHWXQW9O9PB9XADk9UbO9V3RaL3LiEG-_2FBOyf4X39_aRnOQ-k=w16 HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lp.bima-up.live/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.png"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 321
x-xss-protection: 0
date: Sun, 29 Jan 2023 05:57:53 GMT
expires: Sun, 29 Jan 2023 05:19:47 GMT
cache-control: public, max-age=86400, no-transform
age: 6040
etag: "v1"
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.163 | 200 OK | 472 B |
IP142.250.74.163:0
Hashbc7c4f207ec97cacb1eedd94d2f6b371 5f0948a39435ace8bacc4ac5fb3df19045908e42 bfb24fe4a1cb45a068b0a6432b03c20d00ea178aabea23498f2d1f0273bf6e1b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 07:38:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| lh3.googleusercontent.com/KbhDAWwFmQ9zgiKV8pXXrvWLJZ7Y-wip9nXb_PHKwiPhXEfftHoqF58MypTIRAqq7w2_UjhLVD0DYQOX6fojD9NxoI4R-At3ifU=w16 | 216.58.211.1 | 200 OK | 511 B |
URL HTTP/2lh3.googleusercontent.com/KbhDAWwFmQ9zgiKV8pXXrvWLJZ7Y-wip9nXb_PHKwiPhXEfftHoqF58MypTIRAqq7w2_UjhLVD0DYQOX6fojD9NxoI4R-At3ifU=w16 IP216.58.211.1:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 16x16, components 3\012- data Hashb4ffc9ae4fb1241857eae58864a4d97d c0e4b26a04be6825be66efdc95394dcb6c715c3a bcea5eec2981a66a377d569fd1a576d25cb32417466b2054cb9d55ab445b8c89
GET /KbhDAWwFmQ9zgiKV8pXXrvWLJZ7Y-wip9nXb_PHKwiPhXEfftHoqF58MypTIRAqq7w2_UjhLVD0DYQOX6fojD9NxoI4R-At3ifU=w16 HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lp.bima-up.live/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 511
x-xss-protection: 0
date: Sun, 29 Jan 2023 04:07:51 GMT
expires: Sat, 28 Jan 2023 02:15:44 GMT
cache-control: public, max-age=86400, no-transform
age: 12642
etag: "v1"
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| lh3.googleusercontent.com/quXeAoxrK0C5AkWz2TU0QFpeGj27JLv3h953VAjca5Vo9pemBz3vB-ExjE1UZAuhKhSDKeRzkRAC30S9EQSZwgZ0AfHAr2cpJjc=w16 | 216.58.211.1 | 200 OK | 495 B |
URL HTTP/2lh3.googleusercontent.com/quXeAoxrK0C5AkWz2TU0QFpeGj27JLv3h953VAjca5Vo9pemBz3vB-ExjE1UZAuhKhSDKeRzkRAC30S9EQSZwgZ0AfHAr2cpJjc=w16 IP216.58.211.1:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 16x16, components 3\012- data Hash89efa36d4d1f2c6ecfac9492fd56c5c3 2e523530198f4f00042f127152c34361418774ec 091295b36098b66b42e71518c20a8a2e1f59ccda779e22a455f72bfb105e72cd
GET /quXeAoxrK0C5AkWz2TU0QFpeGj27JLv3h953VAjca5Vo9pemBz3vB-ExjE1UZAuhKhSDKeRzkRAC30S9EQSZwgZ0AfHAr2cpJjc=w16 HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lp.bima-up.live/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 495
x-xss-protection: 0
date: Sun, 29 Jan 2023 04:07:51 GMT
expires: Sat, 28 Jan 2023 02:15:44 GMT
cache-control: public, max-age=86400, no-transform
age: 12642
etag: "v1"
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| region1.google-analytics.com/g/collect?v=2&tid=G-DN42Q62RRE>m=2oe1p0&_p=320074536&cid=966167903.1674977920&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1674977919&sct=1&seg=0&dl=https%3A%2F%2Flp.bima-up.live%2Fanda-menang-kami-bayar%2F%3Fcep%3DseRlpZC5kSuPvF-KFyijmgX3cU-enYxZHWZNl2FL4PbGMFAbWNl8Fzw0E0tvt4bG8KcZ9hl_QZq3stEpgoL_vvTv2uB0jxMLPCEG-Is0GcFR4L1fgPhMUZcmH57A224vQFu-btKSxX-nSPQqealkKb_Yr7InXAOl80pT8LWZwXRHOJZo4drB75RB1-qnA7nS6SKmJHLlMn6DvbUe3WPJTdPzXJkwCOfDL4qBdlDd6CxrNaZ4tixWeYXQzZbakuM5BEalyzfWrZsnOu08JhBjQf3pQvblo8Qsb2qVD0KZONFav84tQOnuxrSCZ7rPp4jYQ7Xz1RPYghNv4f2gREoM1llrzenc6_G2fNGUxLdC2IM%26lptoken%3D16e574e997c5971812c7&dt=BimaBet%20-%20Anda%20Menang%2C%20Kami%20Bayar!%20Tanpa%20Basa-Basi!&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 | 216.239.34.36 | 204 No Content | 0 B |
URL HTTP/2region1.google-analytics.com/g/collect?v=2&tid=G-DN42Q62RRE>m=2oe1p0&_p=320074536&cid=966167903.1674977920&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1674977919&sct=1&seg=0&dl=https%3A%2F%2Flp.bima-up.live%2Fanda-menang-kami-bayar%2F%3Fcep%3DseRlpZC5kSuPvF-KFyijmgX3cU-enYxZHWZNl2FL4PbGMFAbWNl8Fzw0E0tvt4bG8KcZ9hl_QZq3stEpgoL_vvTv2uB0jxMLPCEG-Is0GcFR4L1fgPhMUZcmH57A224vQFu-btKSxX-nSPQqealkKb_Yr7InXAOl80pT8LWZwXRHOJZo4drB75RB1-qnA7nS6SKmJHLlMn6DvbUe3WPJTdPzXJkwCOfDL4qBdlDd6CxrNaZ4tixWeYXQzZbakuM5BEalyzfWrZsnOu08JhBjQf3pQvblo8Qsb2qVD0KZONFav84tQOnuxrSCZ7rPp4jYQ7Xz1RPYghNv4f2gREoM1llrzenc6_G2fNGUxLdC2IM%26lptoken%3D16e574e997c5971812c7&dt=BimaBet%20-%20Anda%20Menang%2C%20Kami%20Bayar!%20Tanpa%20Basa-Basi!&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 IP216.239.34.36:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-DN42Q62RRE>m=2oe1p0&_p=320074536&cid=966167903.1674977920&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1674977919&sct=1&seg=0&dl=https%3A%2F%2Flp.bima-up.live%2Fanda-menang-kami-bayar%2F%3Fcep%3DseRlpZC5kSuPvF-KFyijmgX3cU-enYxZHWZNl2FL4PbGMFAbWNl8Fzw0E0tvt4bG8KcZ9hl_QZq3stEpgoL_vvTv2uB0jxMLPCEG-Is0GcFR4L1fgPhMUZcmH57A224vQFu-btKSxX-nSPQqealkKb_Yr7InXAOl80pT8LWZwXRHOJZo4drB75RB1-qnA7nS6SKmJHLlMn6DvbUe3WPJTdPzXJkwCOfDL4qBdlDd6CxrNaZ4tixWeYXQzZbakuM5BEalyzfWrZsnOu08JhBjQf3pQvblo8Qsb2qVD0KZONFav84tQOnuxrSCZ7rPp4jYQ7Xz1RPYghNv4f2gREoM1llrzenc6_G2fNGUxLdC2IM%26lptoken%3D16e574e997c5971812c7&dt=BimaBet%20-%20Anda%20Menang%2C%20Kami%20Bayar!%20Tanpa%20Basa-Basi!&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://lp.bima-up.live
Connection: keep-alive
Referer: https://lp.bima-up.live/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://lp.bima-up.live
date: Sun, 29 Jan 2023 07:38:33 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| lh3.googleusercontent.com/k5-E76_A0jxYk2JoDoQQp88HriV1P0Z3IO6YeRRTfjRI2qWsKcDLQmWl4oC_tYfMIie9esuerPPMh6iPOoUdyDl8rwBbbtKl_w=s0 | 216.58.211.1 | 200 OK | 7.4 kB |
URL HTTP/2lh3.googleusercontent.com/k5-E76_A0jxYk2JoDoQQp88HriV1P0Z3IO6YeRRTfjRI2qWsKcDLQmWl4oC_tYfMIie9esuerPPMh6iPOoUdyDl8rwBbbtKl_w=s0 IP216.58.211.1:0
File typePNG image data, 300 x 68, 8-bit/color RGBA, non-interlaced\012- data Hashc4e30fe9f2cb5b8fd172c5eabfa8fd1a fa1851e357401d44d0444f84ea47352c29e32786 16c92613a3638f8e82c3c024229696ce9980629317c3908ba073b0ede7b990d3
GET /k5-E76_A0jxYk2JoDoQQp88HriV1P0Z3IO6YeRRTfjRI2qWsKcDLQmWl4oC_tYfMIie9esuerPPMh6iPOoUdyDl8rwBbbtKl_w=s0 HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lp.bima-up.live/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.png"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 7419
x-xss-protection: 0
date: Sun, 29 Jan 2023 04:58:21 GMT
expires: Wed, 25 Jan 2023 19:07:00 GMT
cache-control: public, max-age=86400, no-transform
age: 9612
etag: "v1"
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| lh3.googleusercontent.com/S7-88rkyPNItpdIY87Irnsja7Ylq1-DA9_Q-KhD96EetRSSkLDXtRxA0fsqkuESLTzr9vrMPwD1JTSZmyzTLbm4ThEW_0tjG9v4=w16 | 216.58.211.1 | 200 OK | 494 B |
URL HTTP/2lh3.googleusercontent.com/S7-88rkyPNItpdIY87Irnsja7Ylq1-DA9_Q-KhD96EetRSSkLDXtRxA0fsqkuESLTzr9vrMPwD1JTSZmyzTLbm4ThEW_0tjG9v4=w16 IP216.58.211.1:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 16x16, components 3\012- data Hash4f0b890ac4095815aac728f2052262a7 3cbfa6f92fc4a584aba9b17cf70f39df375647c2 0d0ed7d10da3eac088124706d3406577b82a6dfa1a27fff3816ba30513cca982
GET /S7-88rkyPNItpdIY87Irnsja7Ylq1-DA9_Q-KhD96EetRSSkLDXtRxA0fsqkuESLTzr9vrMPwD1JTSZmyzTLbm4ThEW_0tjG9v4=w16 HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lp.bima-up.live/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 494
x-xss-protection: 0
date: Sun, 29 Jan 2023 04:07:51 GMT
expires: Sat, 28 Jan 2023 02:15:44 GMT
cache-control: public, max-age=86400, no-transform
age: 12642
etag: "v1"
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| lh3.googleusercontent.com/FF4vm0tlyzY4yPGinFPxlj6Se3WzTxPcEx7X7BAQP_NXBFVeNHHWXQW9O9PB9XADk9UbO9V3RaL3LiEG-_2FBOyf4X39_aRnOQ-k=w1268 | 216.58.211.1 | 200 OK | 130 kB |
URL HTTP/2lh3.googleusercontent.com/FF4vm0tlyzY4yPGinFPxlj6Se3WzTxPcEx7X7BAQP_NXBFVeNHHWXQW9O9PB9XADk9UbO9V3RaL3LiEG-_2FBOyf4X39_aRnOQ-k=w1268 IP216.58.211.1:0
File typePNG image data, 1268 x 536, 8-bit colormap, non-interlaced\012- data Size130 kB (129884 bytes) Hashe3e31462048e438e54b0fee0126774d0 f52c941c82e97cb5150337d0730c5c70f042af34 5f26ac4b3d12598847f361d9f29e178933d693d27c231a41b217d61dd7fbdc52
GET /FF4vm0tlyzY4yPGinFPxlj6Se3WzTxPcEx7X7BAQP_NXBFVeNHHWXQW9O9PB9XADk9UbO9V3RaL3LiEG-_2FBOyf4X39_aRnOQ-k=w1268 HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lp.bima-up.live/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.png"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 129884
x-xss-protection: 0
date: Sun, 29 Jan 2023 07:38:33 GMT
expires: Sun, 29 Jan 2023 20:39:40 GMT
cache-control: public, max-age=86400, no-transform
etag: "v1"
content-type: image/png
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| lh3.googleusercontent.com/pH1B-__QYB4JNiqWLdfrDL6NQyVYHA8OGFtcuDFCMS6fxdiHMTLnAFcQ0rNDD-h6AGTzEtFM2grpXiTazhvWY1oRJeUCj0xF1Q=w1268 | 216.58.211.1 | 200 OK | 17 kB |
URL HTTP/2lh3.googleusercontent.com/pH1B-__QYB4JNiqWLdfrDL6NQyVYHA8OGFtcuDFCMS6fxdiHMTLnAFcQ0rNDD-h6AGTzEtFM2grpXiTazhvWY1oRJeUCj0xF1Q=w1268 IP216.58.211.1:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1268x450, components 3\012- data Hashdd0b8a25677452e3994bb76f88a91c48 4dd5aff0dacc7d2fc90116d73ac8e9033199eded e3a5028b83f5fe2cb91f7380b9b1a42393e4f335cdccb63178bd1d2d9bb194df
GET /pH1B-__QYB4JNiqWLdfrDL6NQyVYHA8OGFtcuDFCMS6fxdiHMTLnAFcQ0rNDD-h6AGTzEtFM2grpXiTazhvWY1oRJeUCj0xF1Q=w1268 HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lp.bima-up.live/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 17286
x-xss-protection: 0
date: Sun, 29 Jan 2023 07:38:33 GMT
expires: Sun, 29 Jan 2023 20:39:40 GMT
cache-control: public, max-age=86400, no-transform
etag: "v1"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| api.leadpages.io/analytics/v1/events/capture?k=view&a=leadpage&l=gNhXck89wRbrbbtfnepL3R&v=&e=&st=&lc=en-US&pid=AEbxHzGYBGpmqeMEqpLZnR-default-prop&uid=9wLfJufdkmdHphsw3ntYKi&sid=6339qZzH4JCNmyXkkwNRzb&cid=lp-gNhXck89wRbrbbtfnepL3R&uri=https%3A%2F%2Flp.bima-up.live%2Fanda-menang-kami-bayar%2F%3Fcep%3DseRlpZC5kSuPvF-KFyijmgX3cU-enYxZHWZNl2FL4PbGMFAbWNl8Fzw0E0tvt4bG8KcZ9hl_QZq3stEpgoL_vvTv2uB0jxMLPCEG-Is0GcFR4L1fgPhMUZcmH57A224vQFu-btKSxX-nSPQqealkKb_Yr7InXAOl80pT8LWZwXRHOJZo4drB75RB1-qnA7nS6SKmJHLlMn6DvbUe3WPJTdPzXJkwCOfDL4qBdlDd6CxrNaZ4tixWeYXQzZbakuM5BEalyzfWrZsnOu08JhBjQf3pQvblo8Qsb2qVD0KZONFav84tQOnuxrSCZ7rPp4jYQ7Xz1RPYghNv4f2gREoM1llrzenc6_G2fNGUxLdC2IM%26lptoken%3D16e574e997c5971812c7&rf=&rx=1280&ry=939&tz=%2B00%3A00 | 35.192.151.63 | 200 OK | 35 B |
URL HTTP/1.1api.leadpages.io/analytics/v1/events/capture?k=view&a=leadpage&l=gNhXck89wRbrbbtfnepL3R&v=&e=&st=&lc=en-US&pid=AEbxHzGYBGpmqeMEqpLZnR-default-prop&uid=9wLfJufdkmdHphsw3ntYKi&sid=6339qZzH4JCNmyXkkwNRzb&cid=lp-gNhXck89wRbrbbtfnepL3R&uri=https%3A%2F%2Flp.bima-up.live%2Fanda-menang-kami-bayar%2F%3Fcep%3DseRlpZC5kSuPvF-KFyijmgX3cU-enYxZHWZNl2FL4PbGMFAbWNl8Fzw0E0tvt4bG8KcZ9hl_QZq3stEpgoL_vvTv2uB0jxMLPCEG-Is0GcFR4L1fgPhMUZcmH57A224vQFu-btKSxX-nSPQqealkKb_Yr7InXAOl80pT8LWZwXRHOJZo4drB75RB1-qnA7nS6SKmJHLlMn6DvbUe3WPJTdPzXJkwCOfDL4qBdlDd6CxrNaZ4tixWeYXQzZbakuM5BEalyzfWrZsnOu08JhBjQf3pQvblo8Qsb2qVD0KZONFav84tQOnuxrSCZ7rPp4jYQ7Xz1RPYghNv4f2gREoM1llrzenc6_G2fNGUxLdC2IM%26lptoken%3D16e574e997c5971812c7&rf=&rx=1280&ry=939&tz=%2B00%3A00 IP35.192.151.63:0
File typeGIF image data, version 89a, 1 x 1\012- data Hashc2196de8ba412c60c22ab491af7b1409 5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
GET /analytics/v1/events/capture?k=view&a=leadpage&l=gNhXck89wRbrbbtfnepL3R&v=&e=&st=&lc=en-US&pid=AEbxHzGYBGpmqeMEqpLZnR-default-prop&uid=9wLfJufdkmdHphsw3ntYKi&sid=6339qZzH4JCNmyXkkwNRzb&cid=lp-gNhXck89wRbrbbtfnepL3R&uri=https%3A%2F%2Flp.bima-up.live%2Fanda-menang-kami-bayar%2F%3Fcep%3DseRlpZC5kSuPvF-KFyijmgX3cU-enYxZHWZNl2FL4PbGMFAbWNl8Fzw0E0tvt4bG8KcZ9hl_QZq3stEpgoL_vvTv2uB0jxMLPCEG-Is0GcFR4L1fgPhMUZcmH57A224vQFu-btKSxX-nSPQqealkKb_Yr7InXAOl80pT8LWZwXRHOJZo4drB75RB1-qnA7nS6SKmJHLlMn6DvbUe3WPJTdPzXJkwCOfDL4qBdlDd6CxrNaZ4tixWeYXQzZbakuM5BEalyzfWrZsnOu08JhBjQf3pQvblo8Qsb2qVD0KZONFav84tQOnuxrSCZ7rPp4jYQ7Xz1RPYghNv4f2gREoM1llrzenc6_G2fNGUxLdC2IM%26lptoken%3D16e574e997c5971812c7&rf=&rx=1280&ry=939&tz=%2B00%3A00 HTTP/1.1
Host: api.leadpages.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://lp.bima-up.live
Connection: keep-alive
Referer: https://lp.bima-up.live/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
access-control-max-age: 600
x-request-id: 06lfh2phu4417fpn4hjg
Server: Stargate
Date: Sun, 29 Jan 2023 07:38:33 GMT
set-cookie: view.AEbxHzGYBGpmqeMEqpLZnR-default-prop.gNhXck89wRbrbbtfnepL3R=1674977914000; Domain=api.leadpages.io; expires=Mon, 30 Jan 2023 07:38:33 GMT; httponly; Max-Age=86400; Path=/analytics/v1/events/capture; SameSite=None; secure
access-control-allow-credentials: true
access-control-expose-headers: LP-Security-Token
access-control-allow-origin: https://lp.bima-up.live
X-Forwarded-For: 91.90.42.154
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.163 | 200 OK | 472 B |
IP142.250.74.163:0
Hashbc7c4f207ec97cacb1eedd94d2f6b371 5f0948a39435ace8bacc4ac5fb3df19045908e42 bfb24fe4a1cb45a068b0a6432b03c20d00ea178aabea23498f2d1f0273bf6e1b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 07:38:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| track.bima-up.live/d/.js?lpref=&lpurl=https%3A%2F%2Flp.bima-up.live%2Fanda-menang-kami-bayar%2F%3Fcep%3DseRlpZC5kSuPvF-KFyijmgX3cU-enYxZHWZNl2FL4PbGMFAbWNl8Fzw0E0tvt4bG8KcZ9hl_QZq3stEpgoL_vvTv2uB0jxMLPCEG-Is0GcFR4L1fgPhMUZcmH57A224vQFu-btKSxX-nSPQqealkKb_Yr7InXAOl80pT8LWZwXRHOJZo4drB75RB1-qnA7nS6SKmJHLlMn6DvbUe3WPJTdPzXJkwCOfDL4qBdlDd6CxrNaZ4tixWeYXQzZbakuM5BEalyzfWrZsnOu08JhBjQf3pQvblo8Qsb2qVD0KZONFav84tQOnuxrSCZ7rPp4jYQ7Xz1RPYghNv4f2gREoM1llrzenc6_G2fNGUxLdC2IM%26lptoken%3D16e574e997c5971812c7&lpt=BimaBet%20-%20Anda%20Menang%2C%20Kami%20Bayar!%20Tanpa%20Basa-Basi!&vtm=1674977920490 | 18.192.108.151 | 200 OK | 2.9 kB |
URL HTTP/2track.bima-up.live/d/.js?lpref=&lpurl=https%3A%2F%2Flp.bima-up.live%2Fanda-menang-kami-bayar%2F%3Fcep%3DseRlpZC5kSuPvF-KFyijmgX3cU-enYxZHWZNl2FL4PbGMFAbWNl8Fzw0E0tvt4bG8KcZ9hl_QZq3stEpgoL_vvTv2uB0jxMLPCEG-Is0GcFR4L1fgPhMUZcmH57A224vQFu-btKSxX-nSPQqealkKb_Yr7InXAOl80pT8LWZwXRHOJZo4drB75RB1-qnA7nS6SKmJHLlMn6DvbUe3WPJTdPzXJkwCOfDL4qBdlDd6CxrNaZ4tixWeYXQzZbakuM5BEalyzfWrZsnOu08JhBjQf3pQvblo8Qsb2qVD0KZONFav84tQOnuxrSCZ7rPp4jYQ7Xz1RPYghNv4f2gREoM1llrzenc6_G2fNGUxLdC2IM%26lptoken%3D16e574e997c5971812c7&lpt=BimaBet%20-%20Anda%20Menang%2C%20Kami%20Bayar!%20Tanpa%20Basa-Basi!&vtm=1674977920490 IP18.192.108.151:0
File typeASCII text, with very long lines (835) Hash01030a9687a65f9dde859bde8f2fe504 8581b1e3a4d1623abdf2683bd64f669034ea9380 bd8a8eb72c0aa6192e95d827213c51cd964350641da3bd34a96fd73b9e6c4f4a
GET /d/.js?lpref=&lpurl=https%3A%2F%2Flp.bima-up.live%2Fanda-menang-kami-bayar%2F%3Fcep%3DseRlpZC5kSuPvF-KFyijmgX3cU-enYxZHWZNl2FL4PbGMFAbWNl8Fzw0E0tvt4bG8KcZ9hl_QZq3stEpgoL_vvTv2uB0jxMLPCEG-Is0GcFR4L1fgPhMUZcmH57A224vQFu-btKSxX-nSPQqealkKb_Yr7InXAOl80pT8LWZwXRHOJZo4drB75RB1-qnA7nS6SKmJHLlMn6DvbUe3WPJTdPzXJkwCOfDL4qBdlDd6CxrNaZ4tixWeYXQzZbakuM5BEalyzfWrZsnOu08JhBjQf3pQvblo8Qsb2qVD0KZONFav84tQOnuxrSCZ7rPp4jYQ7Xz1RPYghNv4f2gREoM1llrzenc6_G2fNGUxLdC2IM%26lptoken%3D16e574e997c5971812c7&lpt=BimaBet%20-%20Anda%20Menang%2C%20Kami%20Bayar!%20Tanpa%20Basa-Basi!&vtm=1674977920490 HTTP/1.1
Host: track.bima-up.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lp.bima-up.live/
Cookie: _ga_DN42Q62RRE=GS1.1.1674977919.1.0.1674977919.0.0.0; _ga=GA1.1.966167903.1674977920
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 07:38:34 GMT
content-type: application/javascript;charset=UTF-8
content-length: 2863
access-control-allow-origin: *
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hashdfb84426fed94988d5c90372baff059c f1c4740830034ff8a5759d59ae3f657ea524d083 d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11114
Expires: Sun, 29 Jan 2023 10:43:48 GMT
Date: Sun, 29 Jan 2023 07:38:34 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hashdfb84426fed94988d5c90372baff059c f1c4740830034ff8a5759d59ae3f657ea524d083 d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11114
Expires: Sun, 29 Jan 2023 10:43:48 GMT
Date: Sun, 29 Jan 2023 07:38:34 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hashdfb84426fed94988d5c90372baff059c f1c4740830034ff8a5759d59ae3f657ea524d083 d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11114
Expires: Sun, 29 Jan 2023 10:43:48 GMT
Date: Sun, 29 Jan 2023 07:38:34 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hashdfb84426fed94988d5c90372baff059c f1c4740830034ff8a5759d59ae3f657ea524d083 d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11114
Expires: Sun, 29 Jan 2023 10:43:48 GMT
Date: Sun, 29 Jan 2023 07:38:34 GMT
Connection: keep-alive
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F62d5a25c-3219-4061-b58b-b783bc3a37fb.jpeg | 34.120.237.76 | 200 OK | 7.4 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F62d5a25c-3219-4061-b58b-b783bc3a37fb.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash6af6f32397882f56d14d22348e44a9f1 5a626376807e7507fa3a204c4e4e9e44aa074a37 478f32e98c0a1f0d62fa337795ca88b7927e14b684b681f7629b648bc2d709a5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F62d5a25c-3219-4061-b58b-b783bc3a37fb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7417
x-amzn-requestid: 8dca6752-c548-4526-ae81-4626843ade3e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fYbDjGREoAMFxiw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d33ee3-1c097c131b91c34b4e7df1be;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 03:02:59 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: i8JJruxoRfordb6WFNf67-GLWrA_Q930x3GCCQoUmDwXrfZtBXvsZg==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 03:34:32 GMT
age: 14642
etag: "5a626376807e7507fa3a204c4e4e9e44aa074a37"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4bff98d2-c029-496d-b1f3-f17f0e92e273.jpeg | 34.120.237.76 | 200 OK | 12 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4bff98d2-c029-496d-b1f3-f17f0e92e273.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash7da187381befeffa83fbaed380f2932e 7f4750e505e965f129c096ef40bc24c392051025 f47a20d681386b3341f23d286fb2f0a2a789bde75bdbc2d14c4747721e13d7a5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4bff98d2-c029-496d-b1f3-f17f0e92e273.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12124
x-amzn-requestid: 4032a848-72f7-4fbf-a0b2-e9cd7a2d1853
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fVMBEGtwIAMF_Zw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d1f3a0-6eec6555074c2fba0be0d90e;Sampled=0
x-amzn-remapped-date: Thu, 26 Jan 2023 03:29:36 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ixuvPYw-yLJbABGhAMsaZPkbpCy6H-R-QXKxMlIBRQgBYvnERkOs_Q==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 28 Jan 2023 23:42:35 GMT
age: 28559
etag: "7f4750e505e965f129c096ef40bc24c392051025"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce27f1aa-8d31-4110-a47f-73de0b95926d.jpeg | 34.120.237.76 | 200 OK | 12 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce27f1aa-8d31-4110-a47f-73de0b95926d.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash10a6491e2c1dfde68c7cd7297e70700f d0f195319825a6d3e5e50ad15b2fcab27cb65896 4d9353d5874e5ea03c25e1562db5f479c222a48db526fdd10ede7c2e6a4dd874
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce27f1aa-8d31-4110-a47f-73de0b95926d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11470
x-amzn-requestid: 62d61967-9380-4ca9-b11a-531425dbd2ae
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fIf6WFgAIAMF6gw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cce042-6d9fe51029094b7f37c0a648;Sampled=0
x-amzn-remapped-date: Sun, 22 Jan 2023 07:05:38 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: rUIvvkZQ028ey3klplI-x9oZFugon5HsAWT-SN2GQo5hBeBJWqoMAg==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Sat, 28 Jan 2023 23:12:28 GMT
age: 30366
etag: "d0f195319825a6d3e5e50ad15b2fcab27cb65896"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg | 34.120.237.76 | 200 OK | 9.2 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash3be81f83687ddb6c93d3ff3c09a9dba2 50a48e737310d3f31840db4301b25927fbcc12c5 e78c909e2381898e7f546183784a05dff47c31734c95358aaada8c2777ad47be
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9167
x-amzn-requestid: e6e0789c-a4a9-4ffa-a0ae-691770d1035b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fPF9YEBmIAMF0kQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cf8388-01d2093432d3959903671a69;Sampled=0
x-amzn-remapped-date: Tue, 24 Jan 2023 07:06:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: awfNeaKbFw2bjiTGwUrwUTxU-qbVS2eTjn948H8kn1hy7pi_DwLMlQ==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 28 Jan 2023 17:35:56 GMT
age: 50558
etag: "50a48e737310d3f31840db4301b25927fbcc12c5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5dcfee7f-f43c-4828-8113-8ba8eb26f727.jpeg | 34.120.237.76 | 200 OK | 10 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5dcfee7f-f43c-4828-8113-8ba8eb26f727.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashd5ed99a9aed6f367efc5c9498ce87ff1 3123eb6f550c51fe17fc62eff943b3739e239a9b 536f45bf2eb41f7056df8b34964538005d6a0a4c6157def3fbdd9487f8c79027
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5dcfee7f-f43c-4828-8113-8ba8eb26f727.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10168
x-amzn-requestid: fe58fe3c-dd23-4614-b5a2-e91ef68c2ab7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fFOD7H-NIAMFcxw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cb907f-687fc51741d7ff97182d1955;Sampled=0
x-amzn-remapped-date: Sat, 21 Jan 2023 07:13:03 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: GEghrk0LlbdfqVAHey-W84Zk9XHT2PD268Vfxf85HEvil0Ra27YgPA==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 03:43:37 GMT
age: 14097
etag: "3123eb6f550c51fe17fc62eff943b3739e239a9b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d4cfe7c-2bbe-4efd-b73a-59ea603c332f.jpeg | 34.120.237.76 | 200 OK | 5.6 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d4cfe7c-2bbe-4efd-b73a-59ea603c332f.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash4c77437e3a7361861aed8bfecbfe6bd6 fefd238c13c0fdfb7d964c90fcc8a8cbbf953034 282d15c443cb6232ae0a30046a0dc24360617355a4651cdba59b11e6f7313d8a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d4cfe7c-2bbe-4efd-b73a-59ea603c332f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5594
x-amzn-requestid: d56c9b84-dc1f-4d5c-91bf-7db55058bf67
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fLyeEGOloAMFpzA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ce3126-5013a6b971d6800c5c85a4eb;Sampled=0
x-amzn-remapped-date: Mon, 23 Jan 2023 07:03:02 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: D2ZAelkDgsd0wjoOSoPRwTzhozs84_aIcgwU-QmbDrTnHztVD0VL_A==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 28 Jan 2023 14:57:16 GMT
age: 60078
etag: "fefd238c13c0fdfb7d964c90fcc8a8cbbf953034"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.163 | 200 OK | 472 B |
IP142.250.74.163:0
Hashed8a8c45dceab588456b222e04775919 0242859712655caa3c3e9b936878c7c7874b7b5a 669f0691b8bf32a10fb219ce47ad69495e5cd2a11317b672aecca53f50b51de3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 07:38:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.163 | 200 OK | 471 B |
IP142.250.74.163:0
Hashf69c5f43bf99edb53b690cb0bba51efb e303559ff0956b6bf963b572b17da2a713ce5206 bc95b0a6b8b9a1df9c53272c4324ca1d008699b3da74110efa37ed0118c66181
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 07:38:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.163 | 200 OK | 472 B |
IP142.250.74.163:0
Hashed8a8c45dceab588456b222e04775919 0242859712655caa3c3e9b936878c7c7874b7b5a 669f0691b8bf32a10fb219ce47ad69495e5cd2a11317b672aecca53f50b51de3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 07:38:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.163 | 200 OK | 471 B |
IP142.250.74.163:0
Hashf69c5f43bf99edb53b690cb0bba51efb e303559ff0956b6bf963b572b17da2a713ce5206 bc95b0a6b8b9a1df9c53272c4324ca1d008699b3da74110efa37ed0118c66181
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 07:38:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| static.doubleclick.net/instream/ad_status.js | 142.250.74.166 | 200 OK | 29 B |
URL HTTP/2static.doubleclick.net/instream/ad_status.js IP142.250.74.166:0
Hash1fa71744db23d0f8df9cce6719defcb7 e4be9b7136697942a036f97cf26ebaf703ad2067 eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
GET /instream/ad_status.js HTTP/1.1
Host: static.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 29
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 29 Jan 2023 07:27:52 GMT
expires: Sun, 29 Jan 2023 07:42:52 GMT
cache-control: public, max-age=900
age: 642
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| googleads.g.doubleclick.net/pagead/id | 142.250.74.34 | 302 Found | 0 B |
URL HTTP/2googleads.g.doubleclick.net/pagead/id IP142.250.74.34:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/id HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-credentials: true
access-control-allow-origin: https://www.youtube.com
date: Sun, 29 Jan 2023 07:38:34 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hash7aa4afd897b136f94860deb908bba36f 12083df5580d30df887daf5abb0c900db9be30da 81a60a7a0154d2682d65632b81b36b25f2b1f0f45addb1a10fc3ab622c49c540
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "81A60A7A0154D2682D65632B81B36B25F2B1F0F45ADDB1A10FC3AB622C49C540"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7234
Expires: Sun, 29 Jan 2023 09:39:08 GMT
Date: Sun, 29 Jan 2023 07:38:34 GMT
Connection: keep-alive
|
|
| googleads.g.doubleclick.net/pagead/id | 142.250.74.34 | 302 Found | 0 B |
URL HTTP/2googleads.g.doubleclick.net/pagead/id IP142.250.74.34:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/id HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-credentials: true
access-control-allow-origin: https://www.youtube.com
date: Sun, 29 Jan 2023 07:38:34 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.163 | 200 OK | 471 B |
IP142.250.74.163:0
Hashf69c5f43bf99edb53b690cb0bba51efb e303559ff0956b6bf963b572b17da2a713ce5206 bc95b0a6b8b9a1df9c53272c4324ca1d008699b3da74110efa37ed0118c66181
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 07:38:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.163 | 200 OK | 472 B |
IP142.250.74.163:0
Hashed8a8c45dceab588456b222e04775919 0242859712655caa3c3e9b936878c7c7874b7b5a 669f0691b8bf32a10fb219ce47ad69495e5cd2a11317b672aecca53f50b51de3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 07:38:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create | 216.58.207.202 | 200 OK | 0 B |
URL HTTP/2jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create IP216.58.207.202:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Sun, 29 Jan 2023 07:38:34 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create | 216.58.207.202 | 200 OK | 31 kB |
URL HTTP/2jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create IP216.58.207.202:0
File typeJSON data\012- , ASCII text, with very long lines (65536), with no line terminators Hashce5f14729e5b47173faec22b6f2f370e c93257a03e8a40b05fa5f9e73886f46a011bab2a a3ca595ef1f9fc78c44807bb473824804736f104703eba053711051ed0a24db3
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sun, 29 Jan 2023 07:38:34 GMT
server: ESF
cache-control: private
content-length: 31044
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.163 | 200 OK | 471 B |
IP142.250.74.163:0
Hash86352d15c37831cf9bf1e41325029224 ac8b28bcc1e6dd026e1f62d1ef8b9f80a42eee21 154f5f5e116df41f5d3bd414c671138b2afc198071529a0f3573109277566cd8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 07:38:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| www.google.com/js/th/x4UJj8gT6CtT5_PZSB2sMkWT7oT3ONYvYheI_Vl_kb0.js | 216.58.211.4 | 200 OK | 14 kB |
URL HTTP/2www.google.com/js/th/x4UJj8gT6CtT5_PZSB2sMkWT7oT3ONYvYheI_Vl_kb0.js IP216.58.211.4:0
File typeASCII text, with very long lines (36171) Hasha13a76dd17af226d4a24bd16ef702377 c364171cd0f66eb4a1a8dde04e1e083154d81dbd 1dd3352cbdb7561b142954006a2bb94008486c22760c3d5ebb1b6fffeb325173
GET /js/th/x4UJj8gT6CtT5_PZSB2sMkWT7oT3ONYvYheI_Vl_kb0.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 14250
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 26 Jan 2023 12:33:25 GMT
expires: Fri, 26 Jan 2024 12:33:25 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 03 Jan 2023 15:00:00 GMT
content-type: text/javascript
age: 241509
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create | 216.58.207.202 | 200 OK | 31 kB |
URL HTTP/2jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create IP216.58.207.202:0
File typeJSON data\012- , ASCII text, with very long lines (65536), with no line terminators Hash23898e94788f33140940139a464373e9 ce9cb047e2eafb98ce4e85bbb7e4c4adcfa229b7 fb34d6641e55d55a1359c18617300b5c6fd2f6f32085b0e73348344ca3582542
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sun, 29 Jan 2023 07:38:34 GMT
server: ESF
cache-control: private
content-length: 30972
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.163 | 200 OK | 472 B |
IP142.250.74.163:0
Hashd2ade408af91f717110cf07d8d89c02a 997134ef254ea49d8aa40d48e55a715e06f9c315 81199c2fc337d94312e50e72a57ccf22e2f47060ddbd623ae9d836f24410a55a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 07:38:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.163 | 200 OK | 472 B |
IP142.250.74.163:0
Hashd2ade408af91f717110cf07d8d89c02a 997134ef254ea49d8aa40d48e55a715e06f9c315 81199c2fc337d94312e50e72a57ccf22e2f47060ddbd623ae9d836f24410a55a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 07:38:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| i.ytimg.com/vi/jHJp1ocCeVI/sddefault.jpg?sqp=-oaymwEmCIAFEOAD8quKqQMa8AEB-AH-CYAC0AWKAgwIABABGEogEyh_MA8=&rs=AOn4CLC44fQ2N9PguuwIw90WlMfoo7-ihQ | 216.58.207.246 | 200 OK | 50 kB |
URL HTTP/2i.ytimg.com/vi/jHJp1ocCeVI/sddefault.jpg?sqp=-oaymwEmCIAFEOAD8quKqQMa8AEB-AH-CYAC0AWKAgwIABABGEogEyh_MA8=&rs=AOn4CLC44fQ2N9PguuwIw90WlMfoo7-ihQ IP216.58.207.246:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 640x480, components 3\012- data Hashe708c9013a8a49c32e5e99107155e68a b603276faa7e5363c520be759e95c79dfd18c197 b3cb2e5992be82adcecad48e9ee6147eb954783bc39641b321cafd0413263e72
GET /vi/jHJp1ocCeVI/sddefault.jpg?sqp=-oaymwEmCIAFEOAD8quKqQMa8AEB-AH-CYAC0AWKAgwIABABGEogEyh_MA8=&rs=AOn4CLC44fQ2N9PguuwIw90WlMfoo7-ihQ HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 50020
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 29 Jan 2023 06:39:08 GMT
expires: Sun, 29 Jan 2023 08:39:08 GMT
cache-control: public, max-age=7200
age: 3566
etag: "0"
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| i.ytimg.com/vi/GnY5fr2LYb8/sddefault.jpg?sqp=-oaymwEmCIAFEOAD8quKqQMa8AEB-AH-CYAC0AWKAgwIABABGHIgSCg_MA8=&rs=AOn4CLCZD1lSFjLgFq-xRM2G8RiYn6zwNQ | 216.58.207.246 | 200 OK | 47 kB |
URL HTTP/2i.ytimg.com/vi/GnY5fr2LYb8/sddefault.jpg?sqp=-oaymwEmCIAFEOAD8quKqQMa8AEB-AH-CYAC0AWKAgwIABABGHIgSCg_MA8=&rs=AOn4CLCZD1lSFjLgFq-xRM2G8RiYn6zwNQ IP216.58.207.246:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 640x480, components 3\012- data Hashc0fa54d47850306ed141738d70d207e0 059158603d6c6459142ba50b134a8868461f7272 5b4e058d466cfe52a1f19d17cd3199e99ad978f7ca4e31ce2b6829aefff181c9
GET /vi/GnY5fr2LYb8/sddefault.jpg?sqp=-oaymwEmCIAFEOAD8quKqQMa8AEB-AH-CYAC0AWKAgwIABABGHIgSCg_MA8=&rs=AOn4CLCZD1lSFjLgFq-xRM2G8RiYn6zwNQ HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 47127
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 29 Jan 2023 07:38:34 GMT
expires: Sun, 29 Jan 2023 09:38:34 GMT
cache-control: public, max-age=7200
etag: "0"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.163 | 200 OK | 472 B |
IP142.250.74.163:0
Hashd2ade408af91f717110cf07d8d89c02a 997134ef254ea49d8aa40d48e55a715e06f9c315 81199c2fc337d94312e50e72a57ccf22e2f47060ddbd623ae9d836f24410a55a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 07:38:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| yt3.ggpht.com/ytc/AL5GRJUg67O7s0ah_-Wi1_bt360JhCxlgHiZYzOOR8gWFNC3ffVUwuq3Yv80Ky1iGjU9=s68-c-k-c0x00ffffff-no-rj | 142.250.74.161 | 200 OK | 957 B |
URL HTTP/2yt3.ggpht.com/ytc/AL5GRJUg67O7s0ah_-Wi1_bt360JhCxlgHiZYzOOR8gWFNC3ffVUwuq3Yv80Ky1iGjU9=s68-c-k-c0x00ffffff-no-rj IP142.250.74.161:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 68x68, components 3\012- data Hash844f749dc4e184993fab0c52b28358be 12387e690220e80b63ba1ff22ec245a1f11ac403 82f57af64c9ae441f0a2418e9dbcf1241ebf14b1671818d445334e4fe8080a01
GET /ytc/AL5GRJUg67O7s0ah_-Wi1_bt360JhCxlgHiZYzOOR8gWFNC3ffVUwuq3Yv80Ky1iGjU9=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 957
x-xss-protection: 0
date: Sun, 29 Jan 2023 07:30:21 GMT
expires: Mon, 30 Jan 2023 07:30:21 GMT
cache-control: public, max-age=86400, no-transform
content-type: image/jpeg
age: 494
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| yt3.ggpht.com/ytc/AL5GRJVIDcJSsoWuy6A-RK4LR1yDZ_VPKIGSPQ82a16YMZJ9x-djNyVhX1MRJu_g5qtK=s68-c-k-c0x00ffffff-no-rj | 142.250.74.161 | 200 OK | 816 B |
URL HTTP/2yt3.ggpht.com/ytc/AL5GRJVIDcJSsoWuy6A-RK4LR1yDZ_VPKIGSPQ82a16YMZJ9x-djNyVhX1MRJu_g5qtK=s68-c-k-c0x00ffffff-no-rj IP142.250.74.161:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 68x68, components 3\012- data Hash123d34287ce35dcece86c70234fdf440 583fcefe1d06501ba7265e461ba0d3d037c4c03a b1cd9e2fed6185f4fbbe0b5dfe6db72061ef02873b916eed1570caa2de380379
GET /ytc/AL5GRJVIDcJSsoWuy6A-RK4LR1yDZ_VPKIGSPQ82a16YMZJ9x-djNyVhX1MRJu_g5qtK=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 816
x-xss-protection: 0
date: Sun, 29 Jan 2023 07:34:32 GMT
expires: Mon, 30 Jan 2023 07:34:32 GMT
cache-control: public, max-age=86400, no-transform
content-type: image/jpeg
age: 243
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| js.center.io/identify.html | 216.239.32.21 | 304 Not Modified | 0 B |
URL HTTP/2js.center.io/identify.html IP216.239.32.21:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /identify.html HTTP/1.1
Host: js.center.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://untungbebek.lpages.co/
Cookie: centerVisitorId=9wLfJufdkmdHphsw3ntYKi
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
If-None-Match: "OMWYXg"
TE: trailers
HTTP/2 304 Not Modified
date: Sun, 29 Jan 2023 07:35:56 GMT
expires: Sun, 29 Jan 2023 07:40:56 GMT
age: 159
etag: "OMWYXg"
cache-control: public, max-age=300
X-Firefox-Spdy: h2
|
|
| unphionetor.com/vbl?t=91302&bid=undefined&aid=undefined | 139.45.197.236 | 204 No Content | 0 B |
URL HTTP/2unphionetor.com/vbl?t=91302&bid=undefined&aid=undefined IP139.45.197.236:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
POST /vbl?t=91302&bid=undefined&aid=undefined HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://lp.bima-up.live
Connection: keep-alive
Referer: https://lp.bima-up.live/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Sun, 29 Jan 2023 07:38:35 GMT
access-control-allow-origin: https://lp.bima-up.live
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: be32c3e423221b7c6bb98781f5d428fa
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| api.leadpages.io/analytics/v1/events/capture?k=view&a=leadbar&l=PDxHE2EuKzaRgSXfPiQJUh&v=&e=&st=&lc=en-US&pid=AEbxHzGYBGpmqeMEqpLZnR-default-prop&uid=9wLfJufdkmdHphsw3ntYKi&sid=c7EVYK37QGa5i5hDCab9cT&cid=lp-PDxHE2EuKzaRgSXfPiQJUh&uri=https%3A%2F%2Funtungbebek.lpages.co%2Fserve-leadbar%2FPDxHE2EuKzaRgSXfPiQJUh%2F%3Fcep%3DseRlpZC5kSuPvF-KFyijmgX3cU-enYxZHWZNl2FL4PbGMFAbWNl8Fzw0E0tvt4bG8KcZ9hl_QZq3stEpgoL_vvTv2uB0jxMLPCEG-Is0GcFR4L1fgPhMUZcmH57A224vQFu-btKSxX-nSPQqealkKb_Yr7InXAOl80pT8LWZwXRHOJZo4drB75RB1-qnA7nS6SKmJHLlMn6DvbUe3WPJTdPzXJkwCOfDL4qBdlDd6CxrNaZ4tixWeYXQzZbakuM5BEalyzfWrZsnOu08JhBjQf3pQvblo8Qsb2qVD0KZONFav84tQOnuxrSCZ7rPp4jYQ7Xz1RPYghNv4f2gREoM1llrzenc6_G2fNGUxLdC2IM%26lptoken%3D16e574e997c5971812c7&rf=https%3A%2F%2Flp.bima-up.live%2F&rx=1268&ry=61&tz=%2B00%3A00 | 35.192.151.63 | 200 OK | 35 B |
URL HTTP/1.1api.leadpages.io/analytics/v1/events/capture?k=view&a=leadbar&l=PDxHE2EuKzaRgSXfPiQJUh&v=&e=&st=&lc=en-US&pid=AEbxHzGYBGpmqeMEqpLZnR-default-prop&uid=9wLfJufdkmdHphsw3ntYKi&sid=c7EVYK37QGa5i5hDCab9cT&cid=lp-PDxHE2EuKzaRgSXfPiQJUh&uri=https%3A%2F%2Funtungbebek.lpages.co%2Fserve-leadbar%2FPDxHE2EuKzaRgSXfPiQJUh%2F%3Fcep%3DseRlpZC5kSuPvF-KFyijmgX3cU-enYxZHWZNl2FL4PbGMFAbWNl8Fzw0E0tvt4bG8KcZ9hl_QZq3stEpgoL_vvTv2uB0jxMLPCEG-Is0GcFR4L1fgPhMUZcmH57A224vQFu-btKSxX-nSPQqealkKb_Yr7InXAOl80pT8LWZwXRHOJZo4drB75RB1-qnA7nS6SKmJHLlMn6DvbUe3WPJTdPzXJkwCOfDL4qBdlDd6CxrNaZ4tixWeYXQzZbakuM5BEalyzfWrZsnOu08JhBjQf3pQvblo8Qsb2qVD0KZONFav84tQOnuxrSCZ7rPp4jYQ7Xz1RPYghNv4f2gREoM1llrzenc6_G2fNGUxLdC2IM%26lptoken%3D16e574e997c5971812c7&rf=https%3A%2F%2Flp.bima-up.live%2F&rx=1268&ry=61&tz=%2B00%3A00 IP35.192.151.63:0
File typeGIF image data, version 89a, 1 x 1\012- data Hashc2196de8ba412c60c22ab491af7b1409 5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
GET /analytics/v1/events/capture?k=view&a=leadbar&l=PDxHE2EuKzaRgSXfPiQJUh&v=&e=&st=&lc=en-US&pid=AEbxHzGYBGpmqeMEqpLZnR-default-prop&uid=9wLfJufdkmdHphsw3ntYKi&sid=c7EVYK37QGa5i5hDCab9cT&cid=lp-PDxHE2EuKzaRgSXfPiQJUh&uri=https%3A%2F%2Funtungbebek.lpages.co%2Fserve-leadbar%2FPDxHE2EuKzaRgSXfPiQJUh%2F%3Fcep%3DseRlpZC5kSuPvF-KFyijmgX3cU-enYxZHWZNl2FL4PbGMFAbWNl8Fzw0E0tvt4bG8KcZ9hl_QZq3stEpgoL_vvTv2uB0jxMLPCEG-Is0GcFR4L1fgPhMUZcmH57A224vQFu-btKSxX-nSPQqealkKb_Yr7InXAOl80pT8LWZwXRHOJZo4drB75RB1-qnA7nS6SKmJHLlMn6DvbUe3WPJTdPzXJkwCOfDL4qBdlDd6CxrNaZ4tixWeYXQzZbakuM5BEalyzfWrZsnOu08JhBjQf3pQvblo8Qsb2qVD0KZONFav84tQOnuxrSCZ7rPp4jYQ7Xz1RPYghNv4f2gREoM1llrzenc6_G2fNGUxLdC2IM%26lptoken%3D16e574e997c5971812c7&rf=https%3A%2F%2Flp.bima-up.live%2F&rx=1268&ry=61&tz=%2B00%3A00 HTTP/1.1
Host: api.leadpages.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://untungbebek.lpages.co
Connection: keep-alive
Referer: https://untungbebek.lpages.co/
Cookie: view.AEbxHzGYBGpmqeMEqpLZnR-default-prop.gNhXck89wRbrbbtfnepL3R=1674977914000
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
access-control-max-age: 600
x-request-id: 06lfh38s3suuok3800ag
Server: Stargate
Date: Sun, 29 Jan 2023 07:38:35 GMT
set-cookie: view.AEbxHzGYBGpmqeMEqpLZnR-default-prop.PDxHE2EuKzaRgSXfPiQJUh=1674977916000; Domain=api.leadpages.io; expires=Mon, 30 Jan 2023 07:38:35 GMT; httponly; Max-Age=86400; Path=/analytics/v1/events/capture; SameSite=None; secure
access-control-allow-credentials: true
access-control-expose-headers: LP-Security-Token
access-control-allow-origin: https://untungbebek.lpages.co
X-Forwarded-For: 91.90.42.154
|
|
| api.leadpages.io/analytics/v1/observations/capture?version=1.7.13&origin=page-speed&kind=timer,timer,timer,timer,timer,timer,timer,timer,timer,timer&label=domain-lookup,connect,request,ttfb,response,loading,interactive,content-loaded,complete,load&value=51,433,247,747,5,765,1287,1327,3270,3273 | 35.192.151.63 | 200 OK | 35 B |
URL HTTP/1.1api.leadpages.io/analytics/v1/observations/capture?version=1.7.13&origin=page-speed&kind=timer,timer,timer,timer,timer,timer,timer,timer,timer,timer&label=domain-lookup,connect,request,ttfb,response,loading,interactive,content-loaded,complete,load&value=51,433,247,747,5,765,1287,1327,3270,3273 IP35.192.151.63:0
File typeGIF image data, version 89a, 1 x 1\012- data Hashc2196de8ba412c60c22ab491af7b1409 5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
GET /analytics/v1/observations/capture?version=1.7.13&origin=page-speed&kind=timer,timer,timer,timer,timer,timer,timer,timer,timer,timer&label=domain-lookup,connect,request,ttfb,response,loading,interactive,content-loaded,complete,load&value=51,433,247,747,5,765,1287,1327,3270,3273 HTTP/1.1
Host: api.leadpages.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lp.bima-up.live/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
access-control-allow-credentials: true
Date: Sun, 29 Jan 2023 07:38:36 GMT
x-request-id: 06jdk85vfiir58nepn90
access-control-expose-headers: LP-Security-Token
Server: Stargate
X-Forwarded-For: 91.90.42.154
|
|
| api.leadpages.io/analytics/v1/observations/capture?origin=&version=1.2.5&correlateBy=cYEj3Nm7BXzDeaxomoPW7s&kind=text,timer,counter,text,text,timer,text,timer,timer&label=bar_embed_embedded,bar_embed_script_load,bar_embed_delayed_trigger_queue,bar_embed_embedded,bar_embed_embedded,bar_embed_show,bar_embed_shown,bar_embed_delayed_trigger_show,bar_embed_load&value=PDxHE2EuKzaRgSXfPiQJUh,209,1,PDxHE2EuKzaRgSXfPiQJUh,PDxHE2EuKzaRgSXfPiQJUh,4,PDxHE2EuKzaRgSXfPiQJUh,4,1266&tags=,,,,,,,, | 35.192.151.63 | 200 OK | 35 B |
URL HTTP/1.1api.leadpages.io/analytics/v1/observations/capture?origin=&version=1.2.5&correlateBy=cYEj3Nm7BXzDeaxomoPW7s&kind=text,timer,counter,text,text,timer,text,timer,timer&label=bar_embed_embedded,bar_embed_script_load,bar_embed_delayed_trigger_queue,bar_embed_embedded,bar_embed_embedded,bar_embed_show,bar_embed_shown,bar_embed_delayed_trigger_show,bar_embed_load&value=PDxHE2EuKzaRgSXfPiQJUh,209,1,PDxHE2EuKzaRgSXfPiQJUh,PDxHE2EuKzaRgSXfPiQJUh,4,PDxHE2EuKzaRgSXfPiQJUh,4,1266&tags=,,,,,,,, IP35.192.151.63:0
File typeGIF image data, version 89a, 1 x 1\012- data Hashc2196de8ba412c60c22ab491af7b1409 5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
GET /analytics/v1/observations/capture?origin=&version=1.2.5&correlateBy=cYEj3Nm7BXzDeaxomoPW7s&kind=text,timer,counter,text,text,timer,text,timer,timer&label=bar_embed_embedded,bar_embed_script_load,bar_embed_delayed_trigger_queue,bar_embed_embedded,bar_embed_embedded,bar_embed_show,bar_embed_shown,bar_embed_delayed_trigger_show,bar_embed_load&value=PDxHE2EuKzaRgSXfPiQJUh,209,1,PDxHE2EuKzaRgSXfPiQJUh,PDxHE2EuKzaRgSXfPiQJUh,4,PDxHE2EuKzaRgSXfPiQJUh,4,1266&tags=,,,,,,,, HTTP/1.1
Host: api.leadpages.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://lp.bima-up.live
Connection: keep-alive
Referer: https://lp.bima-up.live/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
access-control-max-age: 600
x-request-id: 06lfh3bsrgkqc3fg1tog
Server: Stargate
Date: Sun, 29 Jan 2023 07:38:36 GMT
access-control-allow-credentials: true
access-control-expose-headers: LP-Security-Token
access-control-allow-origin: https://lp.bima-up.live
X-Forwarded-For: 91.90.42.154
|
|
| unphionetor.com/vbri?t=91302&bid=undefined&aid=undefined&tp=5891 | 139.45.197.236 | 204 No Content | 0 B |
URL HTTP/2unphionetor.com/vbri?t=91302&bid=undefined&aid=undefined&tp=5891 IP139.45.197.236:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
POST /vbri?t=91302&bid=undefined&aid=undefined&tp=5891 HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://lp.bima-up.live
Connection: keep-alive
Referer: https://lp.bima-up.live/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Sun, 29 Jan 2023 07:38:37 GMT
access-control-allow-origin: https://lp.bima-up.live
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 226960abff2e433ca1daeac9ca7a26a6
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| api.leadpages.io/analytics/v1/observations/capture?version=1.8.6&correlateBy=t45egSKDNHuqEVpsWh4Rjz&origin=center-js&kind=timer,timer,counter,timer&label=load-center,load-identify,ident-new,send-events&value=113,55,1,622 | 35.192.151.63 | 200 OK | 35 B |
URL HTTP/1.1api.leadpages.io/analytics/v1/observations/capture?version=1.8.6&correlateBy=t45egSKDNHuqEVpsWh4Rjz&origin=center-js&kind=timer,timer,counter,timer&label=load-center,load-identify,ident-new,send-events&value=113,55,1,622 IP35.192.151.63:0
File typeGIF image data, version 89a, 1 x 1\012- data Hashc2196de8ba412c60c22ab491af7b1409 5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
GET /analytics/v1/observations/capture?version=1.8.6&correlateBy=t45egSKDNHuqEVpsWh4Rjz&origin=center-js&kind=timer,timer,counter,timer&label=load-center,load-identify,ident-new,send-events&value=113,55,1,622 HTTP/1.1
Host: api.leadpages.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://lp.bima-up.live
Connection: keep-alive
Referer: https://lp.bima-up.live/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
access-control-max-age: 600
x-request-id: 06lfh3r5pnd01dhmbvs0
Server: Stargate
Date: Sun, 29 Jan 2023 07:38:38 GMT
access-control-allow-credentials: true
access-control-expose-headers: LP-Security-Token
access-control-allow-origin: https://lp.bima-up.live
X-Forwarded-For: 91.90.42.154
|
|
| api.leadpages.io/analytics/v1/observations/capture?version=1.8.6&correlateBy=iEdXn2etWpjBFZVKLPoYu3&origin=center-js&kind=timer,timer,counter,timer&label=load-center,load-identify,ident-exists,send-events&value=4,410,1,144 | 35.192.151.63 | 200 OK | 35 B |
URL HTTP/1.1api.leadpages.io/analytics/v1/observations/capture?version=1.8.6&correlateBy=iEdXn2etWpjBFZVKLPoYu3&origin=center-js&kind=timer,timer,counter,timer&label=load-center,load-identify,ident-exists,send-events&value=4,410,1,144 IP35.192.151.63:0
File typeGIF image data, version 89a, 1 x 1\012- data Hashc2196de8ba412c60c22ab491af7b1409 5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
GET /analytics/v1/observations/capture?version=1.8.6&correlateBy=iEdXn2etWpjBFZVKLPoYu3&origin=center-js&kind=timer,timer,counter,timer&label=load-center,load-identify,ident-exists,send-events&value=4,410,1,144 HTTP/1.1
Host: api.leadpages.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://untungbebek.lpages.co
Connection: keep-alive
Referer: https://untungbebek.lpages.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
access-control-max-age: 600
x-request-id: 06jdk948u8guknrc52ng
Server: Stargate
Date: Sun, 29 Jan 2023 07:38:40 GMT
access-control-allow-credentials: true
access-control-expose-headers: LP-Security-Token
access-control-allow-origin: https://untungbebek.lpages.co
X-Forwarded-For: 91.90.42.154
|
|
| lp.bima-up.live/anda-menang-kami-bayar/?cep=seRlpZC5kSuPvF-KFyijmgX3cU-enYxZHWZNl2FL4PbGMFAbWNl8Fzw0E0tvt4bG8KcZ9hl_QZq3stEpgoL_vvTv2uB0jxMLPCEG-Is0GcFR4L1fgPhMUZcmH57A224vQFu-btKSxX-nSPQqealkKb_Yr7InXAOl80pT8LWZwXRHOJZo4drB75RB1-qnA7nS6SKmJHLlMn6DvbUe3WPJTdPzXJkwCOfDL4qBdlDd6CxrNaZ4tixWeYXQzZbakuM5BEalyzfWrZsnOu08JhBjQf3pQvblo8Qsb2qVD0KZONFav84tQOnuxrSCZ7rPp4jYQ7Xz1RPYghNv4f2gREoM1llrzenc6_G2fNGUxLdC2IM&lptoken=16e574e997c5971812c7 | 35.202.21.90 | 200 OK | 0 B |
URL HTTP/2lp.bima-up.live/anda-menang-kami-bayar/?cep=seRlpZC5kSuPvF-KFyijmgX3cU-enYxZHWZNl2FL4PbGMFAbWNl8Fzw0E0tvt4bG8KcZ9hl_QZq3stEpgoL_vvTv2uB0jxMLPCEG-Is0GcFR4L1fgPhMUZcmH57A224vQFu-btKSxX-nSPQqealkKb_Yr7InXAOl80pT8LWZwXRHOJZo4drB75RB1-qnA7nS6SKmJHLlMn6DvbUe3WPJTdPzXJkwCOfDL4qBdlDd6CxrNaZ4tixWeYXQzZbakuM5BEalyzfWrZsnOu08JhBjQf3pQvblo8Qsb2qVD0KZONFav84tQOnuxrSCZ7rPp4jYQ7Xz1RPYghNv4f2gREoM1llrzenc6_G2fNGUxLdC2IM&lptoken=16e574e997c5971812c7 IP35.202.21.90:0
GET /anda-menang-kami-bayar/?cep=seRlpZC5kSuPvF-KFyijmgX3cU-enYxZHWZNl2FL4PbGMFAbWNl8Fzw0E0tvt4bG8KcZ9hl_QZq3stEpgoL_vvTv2uB0jxMLPCEG-Is0GcFR4L1fgPhMUZcmH57A224vQFu-btKSxX-nSPQqealkKb_Yr7InXAOl80pT8LWZwXRHOJZo4drB75RB1-qnA7nS6SKmJHLlMn6DvbUe3WPJTdPzXJkwCOfDL4qBdlDd6CxrNaZ4tixWeYXQzZbakuM5BEalyzfWrZsnOu08JhBjQf3pQvblo8Qsb2qVD0KZONFav84tQOnuxrSCZ7rPp4jYQ7Xz1RPYghNv4f2gREoM1llrzenc6_G2fNGUxLdC2IM&lptoken=16e574e997c5971812c7 HTTP/1.1
Host: lp.bima-up.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Sun, 29 Jan 2023 07:38:32 GMT
content-type: text/html
vary: Accept-Encoding
etag: W/"663e9bd0ea23fc1bbb2af7c5ed1d909b"
last-modified: Sat, 21 May 2022 16:09:04 GMT
x-cache: HIT
cache-control: no-cache
server: Leadpages
strict-transport-security: max-age=15768000
content-encoding: br
X-Firefox-Spdy: h2
|
|
| untungbebek.lpages.co/serve-leadbar/PDxHE2EuKzaRgSXfPiQJUh/?cep=seRlpZC5kSuPvF-KFyijmgX3cU-enYxZHWZNl2FL4PbGMFAbWNl8Fzw0E0tvt4bG8KcZ9hl_QZq3stEpgoL_vvTv2uB0jxMLPCEG-Is0GcFR4L1fgPhMUZcmH57A224vQFu-btKSxX-nSPQqealkKb_Yr7InXAOl80pT8LWZwXRHOJZo4drB75RB1-qnA7nS6SKmJHLlMn6DvbUe3WPJTdPzXJkwCOfDL4qBdlDd6CxrNaZ4tixWeYXQzZbakuM5BEalyzfWrZsnOu08JhBjQf3pQvblo8Qsb2qVD0KZONFav84tQOnuxrSCZ7rPp4jYQ7Xz1RPYghNv4f2gREoM1llrzenc6_G2fNGUxLdC2IM&lptoken=16e574e997c5971812c7 | 35.202.21.90 | 200 OK | 0 B |
URL HTTP/2untungbebek.lpages.co/serve-leadbar/PDxHE2EuKzaRgSXfPiQJUh/?cep=seRlpZC5kSuPvF-KFyijmgX3cU-enYxZHWZNl2FL4PbGMFAbWNl8Fzw0E0tvt4bG8KcZ9hl_QZq3stEpgoL_vvTv2uB0jxMLPCEG-Is0GcFR4L1fgPhMUZcmH57A224vQFu-btKSxX-nSPQqealkKb_Yr7InXAOl80pT8LWZwXRHOJZo4drB75RB1-qnA7nS6SKmJHLlMn6DvbUe3WPJTdPzXJkwCOfDL4qBdlDd6CxrNaZ4tixWeYXQzZbakuM5BEalyzfWrZsnOu08JhBjQf3pQvblo8Qsb2qVD0KZONFav84tQOnuxrSCZ7rPp4jYQ7Xz1RPYghNv4f2gREoM1llrzenc6_G2fNGUxLdC2IM&lptoken=16e574e997c5971812c7 IP35.202.21.90:0
GET /serve-leadbar/PDxHE2EuKzaRgSXfPiQJUh/?cep=seRlpZC5kSuPvF-KFyijmgX3cU-enYxZHWZNl2FL4PbGMFAbWNl8Fzw0E0tvt4bG8KcZ9hl_QZq3stEpgoL_vvTv2uB0jxMLPCEG-Is0GcFR4L1fgPhMUZcmH57A224vQFu-btKSxX-nSPQqealkKb_Yr7InXAOl80pT8LWZwXRHOJZo4drB75RB1-qnA7nS6SKmJHLlMn6DvbUe3WPJTdPzXJkwCOfDL4qBdlDd6CxrNaZ4tixWeYXQzZbakuM5BEalyzfWrZsnOu08JhBjQf3pQvblo8Qsb2qVD0KZONFav84tQOnuxrSCZ7rPp4jYQ7Xz1RPYghNv4f2gREoM1llrzenc6_G2fNGUxLdC2IM&lptoken=16e574e997c5971812c7 HTTP/1.1
Host: untungbebek.lpages.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lp.bima-up.live/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 29 Jan 2023 07:38:34 GMT
content-type: text/html
vary: Accept-Encoding
etag: W/"009a7dae7bacc32fa10579bedbe1913d"
last-modified: Sat, 21 May 2022 16:05:44 GMT
x-cache: MISS, HIT
cache-control: no-cache
server: Leadpages
strict-transport-security: max-age=15768000
content-encoding: br
X-Firefox-Spdy: h2
|
|
| www.youtube.com/embed/jHJp1ocCeVI | 142.250.74.174 | 200 OK | 0 B |
URL HTTP/2www.youtube.com/embed/jHJp1ocCeVI IP142.250.74.174:0
GET /embed/jHJp1ocCeVI HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lp.bima-up.live/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 29 Jan 2023 07:38:33 GMT
strict-transport-security: max-age=31536000
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=YupFgWodKbw; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
DEVICE_INFO=ChxOekU1TXprM05UTTFPVFExT1RFNU16QXdPUT09EPnE2J4GGPnE2J4G; Domain=.youtube.com; Expires=Fri, 28-Jul-2023 07:38:33 GMT; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=idz3PqVCa7o; Domain=.youtube.com; Expires=Fri, 28-Jul-2023 07:38:33 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+243; expires=Tue, 28-Jan-2025 07:38:33 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.youtube.com/embed/GnY5fr2LYb8 | 142.250.74.174 | 200 OK | 0 B |
URL HTTP/2www.youtube.com/embed/GnY5fr2LYb8 IP142.250.74.174:0
GET /embed/GnY5fr2LYb8 HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lp.bima-up.live/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 29 Jan 2023 07:38:33 GMT
strict-transport-security: max-age=31536000
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-resource-policy: cross-origin
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=5r9s7q_Ezrw; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=5BP0H8692BQ; Domain=.youtube.com; Expires=Fri, 28-Jul-2023 07:38:33 GMT; Path=/; Secure; HttpOnly; SameSite=none
DEVICE_INFO=ChxOekU1TXprM05UTTFPRGt3TXpVeE1UYzVOdz09EPnE2J4GGPnE2J4G; Domain=.youtube.com; Expires=Fri, 28-Jul-2023 07:38:33 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+630; expires=Tue, 28-Jan-2025 07:38:33 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.youtube.com/embed/NRuszNqkJww | 142.250.74.174 | 200 OK | 0 B |
URL HTTP/2www.youtube.com/embed/NRuszNqkJww IP142.250.74.174:0
GET /embed/NRuszNqkJww HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lp.bima-up.live/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 29 Jan 2023 07:38:33 GMT
strict-transport-security: max-age=31536000
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=X6zI3diraOo; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=m_sHXcrvxZw; Domain=.youtube.com; Expires=Fri, 28-Jul-2023 07:38:33 GMT; Path=/; Secure; HttpOnly; SameSite=none
DEVICE_INFO=ChxOekU1TXprM05UTTFPVE15TXpJd05qQXlNUT09EPnE2J4GGPnE2J4G; Domain=.youtube.com; Expires=Fri, 28-Jul-2023 07:38:33 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+963; expires=Tue, 28-Jan-2025 07:38:33 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|