Report - scoffersonline.com.au/biub/login.php/

Report Overview

Submitted URL
scoffersonline.com.au/biub/login.php/
IP
27.54.88.193
ASN
#38719 Dreamscape Networks Limited
Submitted
2023-05-18 23:26:01
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
11
Threat Detection Systems
4

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
region1.analytics.google.com	unknown	1997-09-15	2022-03-17	2023-05-18	2.1 kB	1.3 kB	216.239.32.36
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2023-05-18	1.5 kB	31 kB	142.250.74.106
scoffersonline.com.au	unknown	unknown	2017-02-21	2023-05-18	767 B	627 B	27.54.88.193
ocsp.pki.goog	175	2016-06-13	2018-07-01	2023-05-18	4.0 kB	8.4 kB	142.250.74.131
cdn.s.id	unknown	2013-08-14	2018-08-31	2023-05-18	14 kB	1.4 MB	52.85.242.26
ekr.zdassets.com	2396	2013-01-28	2018-06-14	2023-05-18	468 B	1.5 kB	104.18.72.113
protagcdn.com	62031	2020-04-17	2020-04-17	2023-05-18	400 B	396 kB	104.26.6.142
ocsp.usertrust.com	899	1997-12-05	2012-05-21	2023-05-18	332 B	1.0 kB	172.64.155.188
s.id	134714	2013-08-14	2014-12-04	2023-05-18	466 B	594 B	188.114.97.1
ocsp.r2m02.amazontrust.com	unknown	2007-05-11	2022-10-12	2023-05-18	680 B	1.8 kB	143.204.48.16
www.googletagmanager.com	75	2011-11-11	2013-05-22	2023-05-18	3.0 kB	668 kB	142.250.74.168
static.zdassets.com	2154	2013-01-28	2018-06-24	2023-05-18	1.3 kB	263 kB	104.18.70.113
www.google.no	25607	2001-02-26	2016-04-05	2023-05-18	1.0 kB	1.1 kB	142.250.74.163
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2023-05-18	2.7 kB	209 kB	216.58.207.227
app.s.id	unknown	2013-08-14	2018-11-27	2023-05-18	2.1 kB	2.9 kB	45.126.58.78
home.s.id	488728	2013-08-14	2018-08-25	2023-05-18	1.2 kB	20 kB	188.114.97.1
zendesk-eu.my.sentry.io	unknown	2012-04-07	2022-03-29	2023-05-18	488 B	426 B	34.89.128.121
blog.s.id	unknown	2013-08-14	2018-06-15	2023-05-18	2.4 kB	98 kB	188.114.97.1
static.cloudflareinsights.com	1294	2019-08-30	2019-09-24	2023-05-18	486 B	20 kB	104.16.56.101

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-05-18 23:25:42	low	Client IP	Internal IP	ET INFO URL Shortener Service Domain in DNS Lookup (s .id)
2023-05-18 23:25:42	low	Client IP	Internal IP	ET INFO URL Shortener Service Domain in DNS Lookup (s .id)
2023-05-18 23:25:42	low	Client IP	188.114.97.1	ET INFO Observed URL Shortening Service Domain (s .id in TLS SNI)
2023-05-18 23:25:42	low	Client IP	Internal IP	ET INFO URL Shortener Service Domain in DNS Lookup (s .id)
2023-05-18 23:25:42	low	Client IP	Internal IP	ET INFO URL Shortener Service Domain in DNS Lookup (s .id)
2023-05-18 23:25:43	low	Client IP	Internal IP	ET INFO URL Shortener Service Domain in DNS Lookup (s .id)
2023-05-18 23:25:43	low	Client IP	Internal IP	ET INFO URL Shortener Service Domain in DNS Lookup (s .id)
2023-05-18 23:25:43	low	Client IP	Internal IP	ET INFO URL Shortener Service Domain in DNS Lookup (s .id)
2023-05-18 23:25:43	low	Client IP	Internal IP	ET INFO URL Shortener Service Domain in DNS Lookup (s .id)
2023-05-18 23:25:45	low	Client IP	Internal IP	ET INFO URL Shortener Service Domain in DNS Lookup (s .id)
2023-05-18 23:25:45	low	Client IP	Internal IP	ET INFO URL Shortener Service Domain in DNS Lookup (s .id)

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-05-18	medium	scoffersonline.com.au/biub/login.php/
2023-05-18	medium	home.s.id/forbidden

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (27)

	URL	Size	First Seen	Last Seen
	cdn.s.id/app/p_23051719a06c/blog/_next/static/chunks/852-53491df802f0da4c.js	16 kB	2023-05-17	2023-05-20
Pretty URL cdn.s.id/app/p_23051719a06c/blog/_next/static/chunks/852-53491df802f0da4c.js IP 52.85.242.26 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-17 15:01:01 Last Seen2023-05-20 15:40:41 Times Seen22 Hash 9d40741fe4379ec246935f71e95c88ca 8fce523629c64b1d6fef07ad469de6fbe9259901 e9727737fdaed5977d5959eb6c81a4cbf0d29dbd70c33801765f824202f17bf8 Loading...

	static.zdassets.com/web_widget/latest/web-widget-framework-4156df7a230d696d9dfa.js	167 kB	2023-05-05	2023-05-21
Pretty URL static.zdassets.com/web_widget/latest/web-widget-framework-4156df7a230d696d9dfa.js IP 104.18.70.113 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-05 05:20:37 Last Seen2023-05-21 22:01:24 Times Seen414 Hash 8fb65d85b93d5ff05784a92cb5fd6750 5e587d968922ebaf89564f5c396cdcdd5fcaa08e 099bd9867467f5ad904780b6a1c2a93aaa54e869c4ffec16f12878cd9bce907a Loading...

	blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect	196 B	2023-03-07	2024-04-03
Pretty URL blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 16:34:55 Last Seen2024-04-03 06:33:17 Times Seen426 Hash c98323db1bef176960d2b1950e0800fd c3a3c7d59a039b6194c714e0af1aa73911ebd01d 5496584f2fe4ce363c48545e26b6c7756cb8399ccc481157002e175ba144422c Loading...

	cdn.s.id/app/p_23051719a06c/blog/_next/static/chunks/webpack-8f590d0bde37e35a.js	2.1 kB	2023-05-17	2023-05-20
Pretty URL cdn.s.id/app/p_23051719a06c/blog/_next/static/chunks/webpack-8f590d0bde37e35a.js IP 52.85.242.26 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-17 15:01:01 Last Seen2023-05-20 15:40:41 Times Seen22 Hash c65746863a47de05779c17b063dc1efb 5c623a6e3962eba5b7464683247d72e4c5e478ce 55350f9f3b0807b411a938c6bfc56645289a14e9991b641ae14ec77291168a59 Loading...

	cdn.s.id/app/p_23051719a06c/blog/_next/static/chunks/9849d5b5-45be35bd4b4157cd.js	2.7 kB	2023-04-20	2023-10-01
Pretty URL cdn.s.id/app/p_23051719a06c/blog/_next/static/chunks/9849d5b5-45be35bd4b4157cd.js IP 52.85.242.26 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-20 15:40:46 Last Seen2023-10-01 14:45:37 Times Seen387 Hash ce5b46313723bd3cf5036595cef68bd3 db66130bdb125cc740f587250e0eff78a6043e89 3fd155d8504c42656f9a67bde0f6fa8c8313701dce4ca486a7d598dff22e1801 Loading...

	cdn.s.id/app/p_23051719a06c/blog/_next/static/chunks/pages/post/%5B...article%5D-51c50a194a28d7a1.js	23 kB	2023-05-05	2023-05-20
Pretty URL cdn.s.id/app/p_23051719a06c/blog/_next/static/chunks/pages/post/%5B...article%5D-51c50a194a28d7a1.js IP 52.85.242.26 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-05 17:01:56 Last Seen2023-05-20 15:40:41 Times Seen92 Hash f3116f16f654e0dafdc43b1087577abf 25f71306d01b09e2caf25ee602f2e6577eda3039 4b0b85c742b9a2f7dc0cad9a5c33db6318f4965bd48d93ed24e33451a756a51d Loading...

	www.googletagmanager.com/gtag/js?id=G-LBWQJM5WLF	229 kB	2023-05-19	2023-05-19
Pretty URL www.googletagmanager.com/gtag/js?id=G-LBWQJM5WLF IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-19 01:26:05 Last Seen2023-05-19 01:26:05 Times Seen2 Hash aefbd32dbb595358f684c2e43dd195a1 8c95ca8ace570dca428d15ef5e23df6c2dff7d6b 61225540c3ab173cff3714f00900c870ed8e72b6752acb70e228e6c4cb7c9387 Loading...

	blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect	251 B	2023-03-07	2024-04-03
Pretty URL blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 16:34:55 Last Seen2024-04-03 06:33:17 Times Seen426 Hash 968e084e30b878c76ecc20cc4cc6472a 9a01eea90ba2c553da933d93b626bf2afc8c72bd ed14e6cc5bb7748e4223f42b08b919001c2f851002a821b369c718bea43a2924 Loading...

	protagcdn.com/s/s.id/site.js	396 kB	2023-03-09	2023-07-17
Pretty URL protagcdn.com/s/s.id/site.js IP 104.26.6.142 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 14:57:53 Last Seen2023-07-17 21:59:01 Times Seen288 Hash 8b8ec52f223555670199afe98a1d5564 aafb241e22187b7a353ccb61547f6f2145833a44 1c47c23e57e44c1206678fcea2854a507dbd61c7db44ec7429767d82e09e6527 Loading...

	cdn.s.id/app/p_23051719a06c/blog/_next/static/chunks/framework-2647c7e378e02044.js	141 kB	2023-04-20	2024-02-05
Pretty URL cdn.s.id/app/p_23051719a06c/blog/_next/static/chunks/framework-2647c7e378e02044.js IP 52.85.242.26 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-20 15:40:46 Last Seen2024-02-05 20:07:03 Times Seen395 Hash 1639a143b632bdca2ff0b6a30c784aeb d64cbc59de02eddaaa1e5f361f6927b8c1c0d712 df6ff92ab9484674635dab18aa6d97d4bdea7d26fffc3c53fc890c218e23ff7e Loading...

	cdn.s.id/app/p_23051719a06c/blog/_next/static/chunks/main-ae57ee9c17c390d0.js	93 kB	2023-05-03	2023-07-03
Pretty URL cdn.s.id/app/p_23051719a06c/blog/_next/static/chunks/main-ae57ee9c17c390d0.js IP 52.85.242.26 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-03 20:55:46 Last Seen2023-07-03 18:21:56 Times Seen272 Hash 1e2fd193041b6a319eb1776ae861be5e a3599fe7ad22029089faf569ce2e66060527fded e5da21f851857a02fb23a30c384c45585a17a6aa89cd3957ae10c678a24b9648 Loading...

	cdn.s.id/app/p_23051719a06c/blog/_next/static/chunks/pages/_app-c6ec76c3a975b3a2.js	154 kB	2023-05-17	2023-05-20
Pretty URL cdn.s.id/app/p_23051719a06c/blog/_next/static/chunks/pages/_app-c6ec76c3a975b3a2.js IP 52.85.242.26 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-17 15:01:01 Last Seen2023-05-20 15:40:41 Times Seen22 Hash 78afddc1a9fed9b552383b06736dcb8e 4764a8eeac1cb7f04a8369a4401f5f871a7206bf 2e29805c7c89eb674d68bdcd6d72e2e927e0c273e0b5889b78bd099062d5d9a2 Loading...

	blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect	247 B	2023-03-07	2024-04-03
Pretty URL blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 16:34:55 Last Seen2024-04-03 06:33:17 Times Seen426 Hash ec9604d9253043e4c7ea1655cfefbb31 96f618deb14181f0b85c6a518ba3e5dcb4d909ff fdd1eeb2bdbe7baaf66d5fba08c2145b14a49acc590d9f02c1f9d8c534633aca Loading...

	blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect	260 B	2023-03-07	2024-04-03
Pretty URL blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 16:34:55 Last Seen2024-04-03 06:33:17 Times Seen426 Hash 06b4795adbd64ddcd90f3d56f8b77cab 82e1f620412efa5e13c1666218f356113f9c136b e847d77bd3b904a315099c754caeafb93a6aa049a5f7386c252f0d9579d2db42 Loading...

	blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect	224 B	2023-03-07	2024-04-03
Pretty URL blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 16:34:55 Last Seen2024-04-03 06:33:17 Times Seen426 Hash 5d3fad59fc126716231fd01bee254004 264df770cdff4f3ff4b54a280e53671e7b08d6a7 5a24aac7b928921204e217584dcea7740f14c86d961e6b30ff5219505cbeebcb Loading...

	cdn.s.id/app/p_23051719a06c/blog/_next/static/5k8J39F0todj9zRcNMRQY/_buildManifest.js	999 B	2023-05-17	2023-05-20
Pretty URL cdn.s.id/app/p_23051719a06c/blog/_next/static/5k8J39F0todj9zRcNMRQY/_buildManifest.js IP 52.85.242.26 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-17 15:01:01 Last Seen2023-05-20 15:40:41 Times Seen22 Hash 02a3e73961259a75adac1fbc4b019a04 8cebd162e670fb388e2e50659ab2bfa5cd42c89d c3afcadeded2f93fe3af477d552a3316f0c0ca26566f2a9fed9bfbd8cef0c61a Loading...

	static.cloudflareinsights.com/beacon.min.js/v52afc6f149f6479b8c77fa569edb01181681764108816	20 kB	2023-04-18	2024-04-21
Pretty URL static.cloudflareinsights.com/beacon.min.js/v52afc6f149f6479b8c77fa569edb01181681764108816 IP 104.16.56.101 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-18 04:27:55 Last Seen2024-04-21 01:34:52 Times Seen14481 Hash d294b48fb7400508953205265f95d2e1 fd545d38241c9c56e81f61e45cd239976ecd0b46 13a548e040a1ec08f77911fed1d559b95e5daae0ee227e632140e003c7268e7b Loading...

	cdn.s.id/app/p_23051719a06c/blog/_next/static/5k8J39F0todj9zRcNMRQY/_ssgManifest.js	77 B	2023-03-07	2024-04-24
Pretty URL cdn.s.id/app/p_23051719a06c/blog/_next/static/5k8J39F0todj9zRcNMRQY/_ssgManifest.js IP 52.85.242.26 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:02 Last Seen2024-04-24 19:23:31 Times Seen85235 Hash b6652df95db52feb4daf4eca35380933 65451d110137761b318c82d9071c042db80c4036 6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e Loading...

	static.zdassets.com/ekr/snippet.js?key=1dc98855-fcfe-49a8-9ac6-f3d16b24538f	24 kB	2023-05-15	2023-07-10
Pretty URL static.zdassets.com/ekr/snippet.js?key=1dc98855-fcfe-49a8-9ac6-f3d16b24538f IP 104.18.70.113 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-15 05:31:54 Last Seen2023-07-10 06:05:33 Times Seen3558 Hash 9ce7e23b1a5cf89ecf9e795e0ccb61b4 d3c8c1151af2925bb8e1a8f1d1b679ae31285189 622be2eb8ef5825d74867a56c04c9274812a7276da1f7bd218401deb24fdc045 Loading...

	www.googletagmanager.com/gtag/js?id=G-GJLS9JMJCK	226 kB	2023-05-19	2023-05-19
Pretty URL www.googletagmanager.com/gtag/js?id=G-GJLS9JMJCK IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-19 01:26:05 Last Seen2023-05-19 01:26:05 Times Seen2 Hash e6398bb9a58f3103f8e82d6711bd2dc2 d2fb1fae2a52234220095f8e01549dc7cb55a5d7 1c09f6f3539bc01ecd6a63210e8524b4a46dcaae8189e850a8bec15725f90185 Loading...

	blog.s.id/post/2022/05/19/sandbox%20eval%20code	136 B	2023-04-11	2024-04-24
Pretty URL blog.s.id/post/2022/05/19/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-04-11 21:23:25 Last Seen2024-04-24 20:09:22 Times Seen31232 Hash fb4eb094524daea58bf7f82331598541 f5ca39eb98fa1685f8647514a627d3d7f216f7ef 7cbf1e77bb9277bac7030ded2087246adf5c59564a5a1f28ce8c09be6ef48683 Loading...

	securepubads.g.doubleclick.net/tag/js/gpt.js	13 kB	2023-04-05	2024-04-24
Pretty URL securepubads.g.doubleclick.net/tag/js/gpt.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-05 04:46:03 Last Seen2024-04-24 20:09:22 Times Seen30669 Hash 0c9ed134ae3d5ffe972da2a3e59dc428 620df222551395592e46e4c5f425cf23dcdad891 5f9efa604bfe2aee8c1a90376125a098306ba390530a6f9b2ecb0a67cdac178d Loading...

	blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect	271 B	2023-03-07	2024-04-03
Pretty URL blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 16:34:55 Last Seen2024-04-03 06:33:17 Times Seen424 Hash c1058202d22ac09579022379d86826ee 1999a6d0d08b35ccd64a0ee69ae169dd3a0b3356 dad812433366937d85265938bb652a2801d9d6d4c0912abb0786fe65142fe715 Loading...

	unknown	236 B	2023-05-11	2024-04-03
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-11 12:15:07 Last Seen2024-04-03 06:33:17 Times Seen339 Hash 69b1d9624dd2b4afe3b1bbb3065b5604 db391c0e83bfb261be30fb17489be412bec71b3f 097c9819b553f9882d00aaca5acd161e47f7e8ad49e266f2dd234b87bc6ae948 Loading...

	blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect	265 B	2023-03-07	2024-04-03
Pretty URL blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 16:34:55 Last Seen2024-04-03 06:33:17 Times Seen425 Hash fba27f31e4e9d8b289492f2b860c88bf d96931f79cad01f3243dbff8ff9a869377367457 e7342621a7cf816200c668419e0c97d9660d7cc2bd00cfb3989143b50832bb99 Loading...

	blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect	250 B	2023-03-07	2024-04-03
Pretty URL blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 16:34:55 Last Seen2024-04-03 06:33:17 Times Seen425 Hash a09918f345473da9d2f47ab9183868c8 210b67093ea8191ac2ad306976309c2cbfcd65ea ded8c2c2e016a529301571dca274c50855566e990281c816b223fd6ad68076c2 Loading...

	cdn.s.id/app/p_23051719a06c/blog/_next/static/chunks/389-3c58604d16d9e910.js	165 kB	2023-05-03	2023-05-20
Pretty URL cdn.s.id/app/p_23051719a06c/blog/_next/static/chunks/389-3c58604d16d9e910.js IP 52.85.242.26 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-03 20:55:46 Last Seen2023-05-20 15:40:41 Times Seen104 Hash de0723fc0f8847ef36892fad204fd180 47f047705fda7522490c9158e6dba1d6949de3f2 a918e36093fc1bc6aa3ba45dfdda02d32adeda69135a97167213d17f7c52bdbb Loading...

HTTP Transactions (79)

URL IP Response Size

ocsp.usertrust.com/

172.64.155.188

472 B

URL
ocsp.usertrust.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
b06cdbbade9aebf6cf2b395bf67ff29f
4f4b3e9066bc97a211ddb94f51a2e6fefdd958f0
c8911714623fa7b7aecc8c5f19942b255f05ed2fbbc66d4a377664c04c9f8835

HTTP Headers

POST / HTTP/1.1
Host: ocsp.usertrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 18 May 2023 23:25:43 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 18 May 2023 05:16:31 GMT
Expires: Thu, 25 May 2023 05:16:30 GMT
Etag: "4f4b3e9066bc97a211ddb94f51a2e6fefdd958f0"
Cache-Control: max-age=554172,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7c97dc6858050b61-OSL

scoffersonline.com.au/biub/login.php/

27.54.88.193

126 B

URL
scoffersonline.com.au/biub/login.php/
IP
27.54.88.193:0
ASN
#38719 Dreamscape Networks Limited

File type
HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Size
126 B (126 bytes)
Hash
25f4889425b3c0b7b14fe7149c2575ad
5d096315fa8eba5aaf6d870e034a455914386293
77cf3a26f2ad6fd43cfa593d8d5dcf0c224b25a624e0e2f63e0947d02edf650b

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /biub/login.php/ HTTP/1.1
Host: scoffersonline.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
server: nginx
date: Thu, 18 May 2023 23:25:44 GMT
content-type: text/html; charset=UTF-8
content-length: 126
x-powered-by: PHP/8.0.28
location: https://s.id/kY66E
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

s.id/kY66E

188.114.97.1

0 B

URL
s.id/kY66E
IP
188.114.97.1:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /kY66E HTTP/1.1
Host: s.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Thu, 18 May 2023 23:25:45 GMT
content-length: 0
location: https://home.s.id/forbidden#action
cache-control: private, max-age=30
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JQFnoyHeGoejYPsmBq5tt7qOvRKHK2vQ1RObqzACOuuVgeyroj2%2Fw3n6W1pGT1wiRA7qo%2B3WZq%2FmkwVEgToYO1AIdw0V0K67DlaUcuS43SVq%2BukabPCE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7c97dc74de0cb523-OSL
X-Firefox-Spdy: h2

scoffersonline.com.au/

27.54.88.193

20 B

URL
scoffersonline.com.au/
IP
27.54.88.193:0
ASN
#38719 Dreamscape Networks Limited

File type
gzip compressed data, from Unix\012- data
Size
20 B (20 bytes)
Hash
7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2

HTTP Headers

GET / HTTP/1.1
Host: scoffersonline.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 18 May 2023 23:25:45 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Powered-By: PHP/8.0.28
Upgrade: h2,h2c
Content-Encoding: gzip

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
c699ce1e772308ecf6366febe5960a8a
537ebf215a921d1d955fbb71bd1f5de8d6073653
37750111f787a4da6a50b19a9fbf5b23a2f8d8e0220dfad4d166b5a07ce450f7

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 18 May 2023 23:25:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
c699ce1e772308ecf6366febe5960a8a
537ebf215a921d1d955fbb71bd1f5de8d6073653
37750111f787a4da6a50b19a9fbf5b23a2f8d8e0220dfad4d166b5a07ce450f7

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 18 May 2023 23:25:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

cdn.s.id/app/p_23051719a06c/user/_next/static/Fr2juJhcUrCJQWTEU3QX5/_ssgManifest.js

52.85.242.26

91 B

URL
cdn.s.id/app/p_23051719a06c/user/_next/static/Fr2juJhcUrCJQWTEU3QX5/_ssgManifest.js
IP
52.85.242.26:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
91 B (91 bytes)
Hash
5ce0d2713404bd05c9502cc490488dca
552f4970f95812a42a366cf0752db5c4c4218236
ddeea69d5116852145775870dab4d86b4e909e7a02c03465efaa67d5b0f744be

HTTP Headers

GET /app/p_23051719a06c/user/_next/static/Fr2juJhcUrCJQWTEU3QX5/_ssgManifest.js HTTP/1.1
Host: cdn.s.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://home.s.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-length: 91
date: Wed, 17 May 2023 12:50:30 GMT
last-modified: Wed, 17 May 2023 12:41:51 GMT
etag: "5ce0d2713404bd05c9502cc490488dca"
x-amz-server-side-encryption: AES256
cache-control: immutable,max-age=31536000,public
content-encoding: utf-8
x-amz-version-id: tyY6JkFbYydWLufdI3teAnhXuAYJlEOv
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 909148671fe00df5415904e5ad7e738c.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: HpQr6f7iN7gxHvPonBdB6MpuCxqVHmjCh6QVYcEiuwpA9wEpy5nXXw==
age: 124517
vary: Origin
X-Firefox-Spdy: h2

cdn.s.id/app/p_23051719a06c/user/images/errors/403.svg

52.85.242.26

4.4 kB

URL
cdn.s.id/app/p_23051719a06c/user/images/errors/403.svg
IP
52.85.242.26:0
ASN
#16509 AMAZON-02

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (532)
Size
4.4 kB (4406 bytes)
Hash
a6f7dffd03977a861d575b73f92240c8
33186c93e96f9a6e2370ac1a21551a9d7bfcc802
92c39b5c986c8a9c713d77081a0272187a847c57192fe03fc152d25fc4c35668

HTTP Headers

GET /app/p_23051719a06c/user/images/errors/403.svg HTTP/1.1
Host: cdn.s.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://home.s.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 4406
date: Wed, 17 May 2023 13:05:07 GMT
last-modified: Wed, 17 May 2023 12:41:52 GMT
etag: "a6f7dffd03977a861d575b73f92240c8"
x-amz-server-side-encryption: AES256
cache-control: immutable,max-age=31536000,public
content-encoding: utf-8
x-amz-version-id: 9qtIR8CSBG8K0Rhu3HOFKFCccMQ5q9p3
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 909148671fe00df5415904e5ad7e738c.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: GsyHdkaEGW-s7ohrT6TpNMXhC09KdZ8BDvPzT7LldYyAqRcaN0jhzg==
age: 123639
vary: Origin
X-Firefox-Spdy: h2

cdn.s.id/app/p_23051719a06c/user/_next/static/chunks/webpack-692e2682c452858b.js

52.85.242.26

5.6 kB

URL
cdn.s.id/app/p_23051719a06c/user/_next/static/chunks/webpack-692e2682c452858b.js
IP
52.85.242.26:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (5598), with no line terminators
Size
5.6 kB (5598 bytes)
Hash
3cccdf71cd91ce3fdd4ef05e8b405491
7839c1729afaa225fabcbf74a91e440485b0dfeb
4995accfcdc14dddbfac7de1a35e45ea26ed5f29b617482d0d4ae57bb9eac13c

HTTP Headers

GET /app/p_23051719a06c/user/_next/static/chunks/webpack-692e2682c452858b.js HTTP/1.1
Host: cdn.s.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://home.s.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
content-length: 5598
date: Wed, 17 May 2023 12:50:29 GMT
last-modified: Wed, 17 May 2023 12:41:51 GMT
etag: "3cccdf71cd91ce3fdd4ef05e8b405491"
x-amz-server-side-encryption: AES256
cache-control: immutable,max-age=31536000,public
content-encoding: utf-8
x-amz-version-id: _3xTfRatl31IVGG7Q1I0VCtbaye.mYZS
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 909148671fe00df5415904e5ad7e738c.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: M-cmlTuR-xmXprZW72GigBf5T373wYrSIf5bzKRwk4PjtNmTjc6Lzg==
age: 124518
vary: Origin
X-Firefox-Spdy: h2

cdn.s.id/app/p_23051719a06c/user/_next/static/Fr2juJhcUrCJQWTEU3QX5/_buildManifest.js

52.85.242.26

10 kB

URL
cdn.s.id/app/p_23051719a06c/user/_next/static/Fr2juJhcUrCJQWTEU3QX5/_buildManifest.js
IP
52.85.242.26:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (10149), with no line terminators
Size
10 kB (10149 bytes)
Hash
288d3f0d7cc161cc2d298b603d79b4f6
f9c7002d8c48fe8a1b4459cd6389f4a0067f8936
254c8e52c80da6135bc2a11d3abadd6a6b7785111eb96911a4f4a5b3f15cd34a

HTTP Headers

GET /app/p_23051719a06c/user/_next/static/Fr2juJhcUrCJQWTEU3QX5/_buildManifest.js HTTP/1.1
Host: cdn.s.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://home.s.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-length: 10149
date: Wed, 17 May 2023 12:50:30 GMT
last-modified: Wed, 17 May 2023 12:41:51 GMT
etag: "288d3f0d7cc161cc2d298b603d79b4f6"
x-amz-server-side-encryption: AES256
cache-control: immutable,max-age=31536000,public
content-encoding: utf-8
x-amz-version-id: B5rRjzFILubZ40Gu5KQd9zOW99DweCE.
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 909148671fe00df5415904e5ad7e738c.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: mI4OtlxbNNJVmlAOyJU9Wed1UGTVaVSolb4Id-bfP0dOwkED5Fh5YA==
age: 124517
vary: Origin
X-Firefox-Spdy: h2

cdn.s.id/app/p_23051719a06c/user/images/sid-logo-new-light.svg

52.85.242.26

3.9 kB

URL
cdn.s.id/app/p_23051719a06c/user/images/sid-logo-new-light.svg
IP
52.85.242.26:0
ASN
#16509 AMAZON-02

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
3.9 kB (3904 bytes)
Hash
b3e9be8f1d6a2b7f3f961c636bd7a812
206229a9f6dba2f2aad30dde2ae671a7ae740027
1af5eacc5472d595046d8320feb556463d66ca3711b5fc2e6449e5cc49cd167f

HTTP Headers

GET /app/p_23051719a06c/user/images/sid-logo-new-light.svg HTTP/1.1
Host: cdn.s.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://home.s.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 3904
date: Wed, 17 May 2023 12:50:30 GMT
last-modified: Wed, 17 May 2023 12:41:52 GMT
etag: "b3e9be8f1d6a2b7f3f961c636bd7a812"
x-amz-server-side-encryption: AES256
cache-control: immutable,max-age=31536000,public
content-encoding: utf-8
x-amz-version-id: QfXXGifTb7MqQH4q71U2uYU.Ggvw0y64
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 909148671fe00df5415904e5ad7e738c.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: rQew76IB15ykohZXYfwjBPdCwXPsb5x_cWihu1rwYy7bYMKNRJn4Iw==
age: 124517
vary: Origin
X-Firefox-Spdy: h2

cdn.s.id/app/p_23051719a06c/user/_next/static/chunks/pages/forbidden-8ba2f2f9e8409d0b.js

52.85.242.26

3.5 kB

URL
cdn.s.id/app/p_23051719a06c/user/_next/static/chunks/pages/forbidden-8ba2f2f9e8409d0b.js
IP
52.85.242.26:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (3510), with no line terminators
Size
3.5 kB (3510 bytes)
Hash
afd3c6c27ec597ea1eae60f8f4788255
cfcac0bba9d401fb7cd13e1d83023ec45f48117e
66e5b55d86c0f08fd4f4eb1b255e67e92e26350c35f70279884ac043117e5825

HTTP Headers

GET /app/p_23051719a06c/user/_next/static/chunks/pages/forbidden-8ba2f2f9e8409d0b.js HTTP/1.1
Host: cdn.s.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://home.s.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
content-length: 3510
date: Wed, 17 May 2023 13:07:03 GMT
last-modified: Wed, 17 May 2023 12:41:51 GMT
etag: "afd3c6c27ec597ea1eae60f8f4788255"
x-amz-server-side-encryption: AES256
cache-control: immutable,max-age=31536000,public
content-encoding: utf-8
x-amz-version-id: x2UoJe0py1ktl9k4CvcQ.VPq5D8dz1hR
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 909148671fe00df5415904e5ad7e738c.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: IODb7QzioZ_ydT1slcUPlBxmnqPT8c1dA1erjOo7IxrlEJVNY2l-5w==
age: 123524
vary: Origin
X-Firefox-Spdy: h2

cdn.s.id/app/p_23051719a06c/user/_next/static/chunks/main-84504437487b53da.js

52.85.242.26

93 kB

URL
cdn.s.id/app/p_23051719a06c/user/_next/static/chunks/main-84504437487b53da.js
IP
52.85.242.26:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (65536), with no line terminators
Size
93 kB (93359 bytes)
Hash
047faf5eef01a98108ec7e707d6c0a4c
5f07551bda7e2688741d2bc3248d2ea4cbbd612e
98a14d0ac05f3daa1edf06f4b1ed451a24dcf34c2af67f8377db3e19e376d646

HTTP Headers

GET /app/p_23051719a06c/user/_next/static/chunks/main-84504437487b53da.js HTTP/1.1
Host: cdn.s.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://home.s.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
content-length: 93359
date: Wed, 17 May 2023 12:50:29 GMT
last-modified: Wed, 17 May 2023 12:41:51 GMT
etag: "047faf5eef01a98108ec7e707d6c0a4c"
x-amz-server-side-encryption: AES256
cache-control: immutable,max-age=31536000,public
content-encoding: utf-8
x-amz-version-id: 1UOO4m.BAa3RdtswI2hVsuadTChScFbs
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 909148671fe00df5415904e5ad7e738c.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: ar6p7ffXfwdSymXwWfzQ46GkDkw943EXQZumvITPrzZjNbqPwME0tQ==
age: 124517
vary: Origin
X-Firefox-Spdy: h2

cdn.s.id/app/p_23051719a06c/user/_next/static/chunks/pages/_app-dc5d055735ac927c.js

52.85.242.26

310 kB

URL
cdn.s.id/app/p_23051719a06c/user/_next/static/chunks/pages/_app-dc5d055735ac927c.js
IP
52.85.242.26:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (65536), with no line terminators
Size
310 kB (309659 bytes)
Hash
ccde570c21a9e7f6efc757155527962b
88aade7a6931f1958cbe723bfc3a341e8243ad84
9ac34202df09e55676f48b1f295c7ad2154931bf396675eac22b898540b985f0

HTTP Headers

GET /app/p_23051719a06c/user/_next/static/chunks/pages/_app-dc5d055735ac927c.js HTTP/1.1
Host: cdn.s.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://home.s.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
content-length: 309659
date: Wed, 17 May 2023 12:50:29 GMT
last-modified: Wed, 17 May 2023 12:41:51 GMT
etag: "ccde570c21a9e7f6efc757155527962b"
x-amz-server-side-encryption: AES256
cache-control: immutable,max-age=31536000,public
content-encoding: utf-8
x-amz-version-id: qCehoNcxCHtROZ06FN9hTE1XwUIo.4Jk
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 909148671fe00df5415904e5ad7e738c.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: rsPhCmLpwZjVducZvCoHISK-fbbJ1ANS6g7VFVWQ3xBKWT12kp-gTw==
age: 124517
vary: Origin
X-Firefox-Spdy: h2

ocsp.r2m02.amazontrust.com/

143.204.48.16

471 B

URL
ocsp.r2m02.amazontrust.com/
IP
143.204.48.16:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
9cdcedd76476b01708f5e6c79db3092f
72e80a58155d1a5921caee703b8d0c7fea99fba4
f4a64d9bc19f193a6493a7cfee0ba1c7a557943cfb4c2736ab28f9dffca59f1c

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Thu, 18 May 2023 23:25:46 GMT
Etag: "646597be-1d7"
Expires: Fri, 19 May 2023 01:25:46 GMT
Last-Modified: Thu, 18 May 2023 03:13:02 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 80d21802b1b80c40e55ccf83433b8eac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: NdER3Z3sfhEBH4BWQAV56UEAVLnqaiFUYQMf9eNZvRHj9OlaUAggtw==

cdn.s.id/app/p_23051719a06c/user/_next/static/css/aee11e0a56029f4a.css

52.85.242.26

121 kB

URL
cdn.s.id/app/p_23051719a06c/user/_next/static/css/aee11e0a56029f4a.css
IP
52.85.242.26:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (65453)
Size
121 kB (120827 bytes)
Hash
b89b225882eb3ed89796321a7c9e6b53
c8e9be4808b86ee4a11b3d89d62b565ebe0527c9
f81124d7641aa358f947ce1d22be1ebf919316f97712bbea345fa882cd978da6

HTTP Headers

GET /app/p_23051719a06c/user/_next/static/css/aee11e0a56029f4a.css HTTP/1.1
Host: cdn.s.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://home.s.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css
content-length: 120827
date: Thu, 18 May 2023 02:04:33 GMT
last-modified: Wed, 17 May 2023 12:41:51 GMT
etag: "b89b225882eb3ed89796321a7c9e6b53"
x-amz-server-side-encryption: AES256
cache-control: immutable,max-age=31536000,public
content-encoding: utf-8
x-amz-version-id: 7RYBjM_zI3kkoaYqOhzmUxhzSpQMWgRT
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 909148671fe00df5415904e5ad7e738c.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: CV-cqK0-qGZNtUvMUt7xm-fdSv1ilwrzGUh3AVzQembuRDrXks2oLw==
age: 76874
vary: Origin
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
c699ce1e772308ecf6366febe5960a8a
537ebf215a921d1d955fbb71bd1f5de8d6073653
37750111f787a4da6a50b19a9fbf5b23a2f8d8e0220dfad4d166b5a07ce450f7

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 18 May 2023 23:25:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.r2m02.amazontrust.com/

143.204.48.16

471 B

URL
ocsp.r2m02.amazontrust.com/
IP
143.204.48.16:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
9cdcedd76476b01708f5e6c79db3092f
72e80a58155d1a5921caee703b8d0c7fea99fba4
f4a64d9bc19f193a6493a7cfee0ba1c7a557943cfb4c2736ab28f9dffca59f1c

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=7200'
Date: Thu, 18 May 2023 23:25:46 GMT
Server: ECAcc (dcb/7342)
X-Cache: Miss from cloudfront
Via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: qwg3yGUZvg_LtdBDL9IKXQJxr2QJ9oCv6gxgXCdhR0NVIkPwjXMavw==

cdn.s.id/app/p_23051719a06c/user/_next/static/chunks/framework-0203d16360ddbf38.js

52.85.242.26

141 kB

URL
cdn.s.id/app/p_23051719a06c/user/_next/static/chunks/framework-0203d16360ddbf38.js
IP
52.85.242.26:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (65200)
Size
141 kB (141073 bytes)
Hash
283b599b9087f3bd0b5c7388146fd178
d92b8e5f84d3bee2817767dfd2635d3f14d8102e
dffb777aa00ce1479132f8dbacb4a9446cea81d9fce5c2df882506a8c4c93122

HTTP Headers

GET /app/p_23051719a06c/user/_next/static/chunks/framework-0203d16360ddbf38.js HTTP/1.1
Host: cdn.s.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://home.s.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
content-length: 141073
date: Wed, 17 May 2023 12:50:29 GMT
last-modified: Wed, 17 May 2023 12:41:51 GMT
etag: "283b599b9087f3bd0b5c7388146fd178"
x-amz-server-side-encryption: AES256
cache-control: immutable,max-age=31536000,public
content-encoding: utf-8
x-amz-version-id: WwWC2Zs6oB4S4kNBl9WKNhHRah.B43AK
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 909148671fe00df5415904e5ad7e738c.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: pOhypFzmFoCMkYPMez81YUQ8c4lDCYW5gwuoIJpZCDBFGcnrqVzlfQ==
age: 124518
vary: Origin
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
5d7428ecf442c44c5aa8470b02b92a6c
c6ba2e9add1b02059f0091998397f7063a928bf0
b1e65e42bbc45457fd8219b7fa671101ee0887722bba9b729968c0c8e1d4817a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 18 May 2023 23:25:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
5d7428ecf442c44c5aa8470b02b92a6c
c6ba2e9add1b02059f0091998397f7063a928bf0
b1e65e42bbc45457fd8219b7fa671101ee0887722bba9b729968c0c8e1d4817a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 18 May 2023 23:25:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

216.58.207.227

31 kB

URL
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Size
31 kB (30928 bytes)
Hash
ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

HTTP Headers

GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://home.s.id
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 17 May 2023 19:27:09 GMT
expires: Thu, 16 May 2024 19:27:09 GMT
cache-control: public, max-age=31536000
age: 100717
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

216.58.207.227

31 kB

URL
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Size
31 kB (30928 bytes)
Hash
ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

HTTP Headers

GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://home.s.id
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 17 May 2023 19:27:09 GMT
expires: Thu, 16 May 2024 19:27:09 GMT
cache-control: public, max-age=31536000
age: 100717
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
b3937fba8ce5a36f4294fb1979680a34
5a5a4569f39892ef9fa0fc8666b4ee8bf1be8fdf
7e9c031375d71a703ea18e58d70cdcc6d7362d6f83910b33780246107e4d4c90

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 18 May 2023 23:25:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
3aea899b8759002e4855a3a44da99c0d
eda1b0300b780a6cae567a526e9beac74dc37b30
a77f69252f43262c7eb41fb69faf26ea9d3862c1b1db6d7235fb3f3d302a53c4

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 18 May 2023 23:25:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
74c738e37dab4dc4af7ae0ed5d6a3859
58b61f9aff4ccd16f5f7d2fb6a08dadbf98e7930
f2aeb01b70e69bc694f3db410a8049039eed0b3f36fed7829cccf3cb5a1d3698

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 18 May 2023 23:25:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
3aea899b8759002e4855a3a44da99c0d
eda1b0300b780a6cae567a526e9beac74dc37b30
a77f69252f43262c7eb41fb69faf26ea9d3862c1b1db6d7235fb3f3d302a53c4

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 18 May 2023 23:25:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.googletagmanager.com/gtag/js?id=AW-10823601447

142.250.74.168

71 kB

URL
www.googletagmanager.com/gtag/js?id=AW-10823601447
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (4372)
Size
71 kB (71032 bytes)
Hash
4206dfb0214615ad36f6a70a0deb2e56
4075db2f2c66553381fd566bbb10601935950964
476a348b2e557231aca3808cf37b14859cb29438f1a9099ef48ba1497823c2bc

HTTP Headers

GET /gtag/js?id=AW-10823601447 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://home.s.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 18 May 2023 23:25:46 GMT
expires: Thu, 18 May 2023 23:25:46 GMT
cache-control: private, max-age=900
last-modified: Thu, 18 May 2023 22:31:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 71032
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=G-LJQ0V44EV5

142.250.74.168

80 kB

URL
www.googletagmanager.com/gtag/js?id=G-LJQ0V44EV5
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (3288)
Size
80 kB (79706 bytes)
Hash
7d9fce5273bd7e84ed47f5f7ec9d3664
cb90baa6454531be87822038705810da1132e9be
7c0a1449d13f2ad8b06aaed02b1a3ee220dd6c5d570edd7af0a5a3fcb357b6af

HTTP Headers

GET /gtag/js?id=G-LJQ0V44EV5 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://home.s.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 18 May 2023 23:25:46 GMT
expires: Thu, 18 May 2023 23:25:46 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 79706
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=G-98MWVCBDD7

142.250.74.168

80 kB

URL
www.googletagmanager.com/gtag/js?id=G-98MWVCBDD7
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (3288)
Size
80 kB (80355 bytes)
Hash
d348a6cd061adbbf284a133be662506b
3729f1ebc4c2d1bb35c98b84713e7bce546e1f7f
756a929e684fbb0499f06b2b1c49c713905679cf047ca9115f49b530ceb79846

HTTP Headers

GET /gtag/js?id=G-98MWVCBDD7 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://home.s.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 18 May 2023 23:25:46 GMT
expires: Thu, 18 May 2023 23:25:46 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 80355
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
74c738e37dab4dc4af7ae0ed5d6a3859
58b61f9aff4ccd16f5f7d2fb6a08dadbf98e7930
f2aeb01b70e69bc694f3db410a8049039eed0b3f36fed7829cccf3cb5a1d3698

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 18 May 2023 23:25:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.googletagmanager.com/gtag/js?id=UA-225238330-2&l=dataLayer&cx=c

142.250.74.168

47 kB

URL
www.googletagmanager.com/gtag/js?id=UA-225238330-2&l=dataLayer&cx=c
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (2271)
Size
47 kB (46584 bytes)
Hash
6a8b081fe1369cc01af85d04b3582cb1
3aec4c33fb4c52a1f58dce41f2ce92a4a339659f
70e07bf471ca038c5b1fe5051fefb227c9a197b3ff40e6dcbcc135929580d84a

HTTP Headers

GET /gtag/js?id=UA-225238330-2&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://home.s.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 18 May 2023 23:25:47 GMT
expires: Thu, 18 May 2023 23:25:47 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 46584
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

static.zdassets.com/ekr/snippet.js?key=4b27aa03-d3da-43eb-8382-660c054fbc9d

104.18.70.113

87 kB

URL
static.zdassets.com/ekr/snippet.js?key=4b27aa03-d3da-43eb-8382-660c054fbc9d
IP
104.18.70.113:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (24203), with no line terminators
Size
87 kB (86776 bytes)
Hash
9ce7e23b1a5cf89ecf9e795e0ccb61b4
d3c8c1151af2925bb8e1a8f1d1b679ae31285189
622be2eb8ef5825d74867a56c04c9274812a7276da1f7bd218401deb24fdc045

HTTP Headers

GET /ekr/snippet.js?key=4b27aa03-d3da-43eb-8382-660c054fbc9d HTTP/1.1
Host: static.zdassets.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://home.s.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 18 May 2023 23:25:46 GMT
content-type: application/javascript
x-amz-id-2: NJE7m1ytiUXhKN4LIVjfMoU1Q7kysbfpxRordgt4ZmRpv5yUOTYGq9n7/khhH87D9W8VcgWYTUoy24B9kthQtg==
x-amz-request-id: Q6B2N48HBB8X1MDN
x-amz-replication-status: COMPLETED
last-modified: Sun, 14 May 2023 23:22:32 GMT
etag: W/"9ce7e23b1a5cf89ecf9e795e0ccb61b4"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=3600, s-maxage=60
x-amz-version-id: h_C7R95D6YonGiyqdlKE7XDlNtmjvPl8
cf-cache-status: HIT
age: 39
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9SFmOET7oGKfvJn9XDZNlPLc9neowtNMzlxToo%2Bb%2Be2e9n8Uhe9Hf7RnL6SKq2AM1IsBK7jS0YRtb7VUOQSAQkOvYZN0LReykS0535Ztx093KQOdiq%2BZ3K76IyJvLNBQfAhyJVc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 7c97dc8038e1b4fa-OSL
content-encoding: br
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=G-LJQ0V44EV5&l=dataLayer&cx=c

142.250.74.168

80 kB

URL
www.googletagmanager.com/gtag/js?id=G-LJQ0V44EV5&l=dataLayer&cx=c
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (3288)
Size
80 kB (79686 bytes)
Hash
f8c8e1113d36c415267778d24c8f2db7
171456e4767ace3b1c57f96f02f7ee0ba1e7aa1a
1a4fd9e8d2a42ccdc9d474aa2c2ae8d41c9341c0f3eb2aab78ce83d3037f1803

HTTP Headers

GET /gtag/js?id=G-LJQ0V44EV5&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://home.s.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 18 May 2023 23:25:47 GMT
expires: Thu, 18 May 2023 23:25:47 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 79686
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

app.s.id/api/user/me

45.126.58.78

0 B

URL
app.s.id/api/user/me
IP
45.126.58.78:0
ASN
#132647 Pengelola Nama Domain Internet Indonesia

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /api/user/me HTTP/1.1
Host: app.s.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: ds,x-rpc-lang
Referer: https://home.s.id/
Origin: https://home.s.id
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
date: Thu, 18 May 2023 23:25:47 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://home.s.id
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With, X-RPC-Lang, DS
access-control-allow-methods: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2

app.s.id/api/redirect

45.126.58.78

0 B

URL
app.s.id/api/redirect
IP
45.126.58.78:0
ASN
#132647 Pengelola Nama Domain Internet Indonesia

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /api/redirect HTTP/1.1
Host: app.s.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: ds,x-rpc-lang
Referer: https://home.s.id/
Origin: https://home.s.id
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
date: Thu, 18 May 2023 23:25:47 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://home.s.id
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With, X-RPC-Lang, DS
access-control-allow-methods: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
17086e67872573c91e1961c691e0318c
07a5fd603bd0d7e7b92aabcd214e6902019f16e4
b40f3c428d13b01ec88db0d377a8b32b8c5ef1c4d881f40225e54aaba88d075a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 18 May 2023 23:25:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-98MWVCBDD7&cid=833045621.1684452344&gtm=45je35h0&aip=1&z=248997624

142.250.74.163

42 B

URL
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-98MWVCBDD7&cid=833045621.1684452344&gtm=45je35h0&aip=1&z=248997624
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-98MWVCBDD7&cid=833045621.1684452344&gtm=45je35h0&aip=1&z=248997624 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://home.s.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 18 May 2023 23:25:47 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

app.s.id/api/user/me

45.126.58.78

58 B

URL
app.s.id/api/user/me
IP
45.126.58.78:0
ASN
#132647 Pengelola Nama Domain Internet Indonesia

File type
JSON data\012- , ASCII text, with no line terminators
Size
58 B (58 bytes)
Hash
dc6337924fcba32afbaef2dc7a71ffcf
1bb7b761c6bf8bc117eddd9525d61844fa676190
4bc6fcf8abb0feb0a50bc17148052beafa7b3ac9aeb9e20ecf183791f6a9c50b

HTTP Headers

GET /api/user/me HTTP/1.1
Host: app.s.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-RPC-Lang: en
DS: 1684452344,o0njxw,440cd1a4edc8d4295a5bd845a3e01a67
Origin: https://home.s.id
DNT: 1
Connection: keep-alive
Referer: https://home.s.id/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 401 Unauthorized
date: Thu, 18 May 2023 23:25:47 GMT
content-type: application/json
content-length: 58
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://home.s.id
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With, X-RPC-Lang, DS
access-control-allow-methods: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
17086e67872573c91e1961c691e0318c
07a5fd603bd0d7e7b92aabcd214e6902019f16e4
b40f3c428d13b01ec88db0d377a8b32b8c5ef1c4d881f40225e54aaba88d075a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 18 May 2023 23:25:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

home.s.id/cdn-cgi/rum?

188.114.97.1

204 No Content

0 B

URL POST HTTP/2
home.s.id/cdn-cgi/rum?
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://home.s.id/forbidden#action
Certificate
IssuerGoogle Trust Services LLC
Subjects.id
Fingerprint83:8D:A7:3C:E3:A9:84:19:28:12:27:7D:EF:E9:A2:FE:F8:13:2E:0F
ValiditySun, 16 Apr 2023 06:17:19 GMT - Sat, 15 Jul 2023 06:17:18 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /cdn-cgi/rum? HTTP/1.1
Host: home.s.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/json
Content-Length: 1060
Origin: https://home.s.id
DNT: 1
Connection: keep-alive
Referer: https://home.s.id/forbidden
Cookie: _gcl_au=1.1.1647942844.1684452344; _ga_LJQ0V44EV5=GS1.1.1684452344.1.0.1684452344.0.0.0; _ga=GA1.1.833045621.1684452344; _ga_98MWVCBDD7=GS1.1.1684452344.1.0.1684452344.60.0.0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 204 No Content
date: Thu, 18 May 2023 23:25:47 GMT
access-control-allow-origin: https://home.s.id
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 7c97dc850b82b523-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2

app.s.id/api/redirect

45.126.58.78

469 B

URL
app.s.id/api/redirect
IP
45.126.58.78:0
ASN
#132647 Pengelola Nama Domain Internet Indonesia

File type
JSON data\012- , ASCII text, with very long lines (469), with no line terminators
Size
469 B (469 bytes)
Hash
a986c42aab43f215b2cff47a241682ad
6d9a0e2cb5cc1d1fbb2be4c07b7a9bd4876a5d0b
81d6ef397a6d125f2e35713f1329b807851d4040b122463c5106c0f97ef34149

HTTP Headers

GET /api/redirect HTTP/1.1
Host: app.s.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-RPC-Lang: en
DS: 1684452344,ozlumt,0316599603ccec02f6c166f37e15f725
Origin: https://home.s.id
DNT: 1
Connection: keep-alive
Referer: https://home.s.id/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 18 May 2023 23:25:47 GMT
content-type: application/json
content-length: 469
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://home.s.id
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With, X-RPC-Lang, DS
access-control-allow-methods: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2

region1.analytics.google.com/g/collect?v=2&tid=G-98MWVCBDD7&gtm=45je35h0&_p=1809541811&_gaz=1&cid=833045621.1684452344&ul=en-us&sr=1280x1024&_s=1&sid=1684452344&sct=1&seg=0&dl=https%3A%2F%2Fhome.s.id%2Fforbidden&dt=Forbidden%20-%20S.id&en=page_view&_fv=1&_ss=1&_ee=1

216.239.32.36

0 B

URL
region1.analytics.google.com/g/collect?v=2&tid=G-98MWVCBDD7&gtm=45je35h0&_p=1809541811&_gaz=1&cid=833045621.1684452344&ul=en-us&sr=1280x1024&_s=1&sid=1684452344&sct=1&seg=0&dl=https%3A%2F%2Fhome.s.id%2Fforbidden&dt=Forbidden%20-%20S.id&en=page_view&_fv=1&_ss=1&_ee=1
IP
216.239.32.36:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-98MWVCBDD7&gtm=45je35h0&_p=1809541811&_gaz=1&cid=833045621.1684452344&ul=en-us&sr=1280x1024&_s=1&sid=1684452344&sct=1&seg=0&dl=https%3A%2F%2Fhome.s.id%2Fforbidden&dt=Forbidden%20-%20S.id&en=page_view&_fv=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://home.s.id
DNT: 1
Connection: keep-alive
Referer: https://home.s.id/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://home.s.id
date: Thu, 18 May 2023 23:25:47 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

home.s.id/forbidden

188.114.97.1

19 kB

URL
home.s.id/forbidden
IP
188.114.97.1:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjects.id
Fingerprint83:8D:A7:3C:E3:A9:84:19:28:12:27:7D:EF:E9:A2:FE:F8:13:2E:0F
ValiditySun, 16 Apr 2023 06:17:19 GMT - Sat, 15 Jul 2023 06:17:18 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (61996)
Size
19 kB (19382 bytes)
Hash
e8f1f401c67471366b116940b3a58b91
ef7b201393be023f18fc31ea1da0991ec574e3fc
97cf28012763e2b95c3866374bad63b9b91c7b0360311fc3d9c79a937345cdaf

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /forbidden HTTP/1.1
Host: home.s.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 18 May 2023 23:25:45 GMT
content-type: text/html; charset=utf-8
x-powered-by: Next.js
cache-control: private, no-cache, no-store, max-age=0, must-revalidate
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5cNeU6SVmz5GXgJVVnu%2FUJ5qKP7KGZAIyQBCVdcahk6KT61kfwjUjuBkwTqwrnjeEgBINnlECy3R3k0FTgquf9jkqKzztGvfiUPE8u%2BJFtdxLmYY%2BIkHwmEa5gI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7c97dc77c875b523-OSL
content-encoding: br
X-Firefox-Spdy: h2

cdn.s.id/app/p_23051719a06c/blog/_next/static/css/8e94c9c14c92381f.css

52.85.242.26

200 OK

105 kB

URL GET HTTP/2
cdn.s.id/app/p_23051719a06c/blog/_next/static/css/8e94c9c14c92381f.css
IP
52.85.242.26:443
ASN
#16509 AMAZON-02

Requested by
https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect
Certificate
IssuerAmazon
Subjectcdn.s.id
FingerprintFE:A0:2C:D1:AB:F9:CF:31:E4:C9:5A:F7:0F:8A:97:19:7E:04:7F:C3
ValidityTue, 20 Dec 2022 00:00:00 GMT - Thu, 18 Jan 2024 23:59:59 GMT

File type
ASCII text, with very long lines (64935)
Size
105 kB (105043 bytes)
Hash
48a9ce4408b30ec42099f9d76b251b9c
0b2b17670e0cbcf8a2cc953a7ec7e09263bf2127
52300f6278d1c0f350b67b6f440c932befe9ee1f0d7ce712a5abcd5d99a41081

HTTP Headers

GET /app/p_23051719a06c/blog/_next/static/css/8e94c9c14c92381f.css HTTP/1.1
Host: cdn.s.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://blog.s.id/
Cookie: _gcl_au=1.1.1647942844.1684452344; _ga_LJQ0V44EV5=GS1.1.1684452344.1.0.1684452344.0.0.0; _ga=GA1.1.833045621.1684452344; _ga_98MWVCBDD7=GS1.1.1684452344.1.0.1684452344.60.0.0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: text/css
content-length: 105043
date: Wed, 17 May 2023 13:35:42 GMT
last-modified: Wed, 17 May 2023 12:41:50 GMT
etag: "48a9ce4408b30ec42099f9d76b251b9c"
x-amz-server-side-encryption: AES256
cache-control: immutable,max-age=31536000,public
content-encoding: utf-8
x-amz-version-id: 00gQUhH_4SDOIQmpdDXWErQyt6H_WAWI
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 909148671fe00df5415904e5ad7e738c.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: 4EtjTrtdexm0-7m6eOKRTCclNFWoqFdU6Dk1SYKPW9j9aO5FP0Y0Xw==
age: 121808
vary: Origin
X-Firefox-Spdy: h2

cdn.s.id/app/p_23051719a06c/blog/_next/static/css/0ccc702cf5b6f291.css

52.85.242.26

200 OK

722 B

URL GET HTTP/2
cdn.s.id/app/p_23051719a06c/blog/_next/static/css/0ccc702cf5b6f291.css
IP
52.85.242.26:443
ASN
#16509 AMAZON-02

Requested by
https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect
Certificate
IssuerAmazon
Subjectcdn.s.id
FingerprintFE:A0:2C:D1:AB:F9:CF:31:E4:C9:5A:F7:0F:8A:97:19:7E:04:7F:C3
ValidityTue, 20 Dec 2022 00:00:00 GMT - Thu, 18 Jan 2024 23:59:59 GMT

File type
ASCII text, with very long lines (722), with no line terminators
Size
722 B (722 bytes)
Hash
17b149a5ca6bb2e1b1b6a41e8ed22c17
682c9c9739b50e6219758282952f347b44886d3f
ecf1b45e741c358105ec165c66cc44e962e6dbfe4948ea4a4094791472e03c6d

HTTP Headers

GET /app/p_23051719a06c/blog/_next/static/css/0ccc702cf5b6f291.css HTTP/1.1
Host: cdn.s.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://blog.s.id/
Cookie: _gcl_au=1.1.1647942844.1684452344; _ga_LJQ0V44EV5=GS1.1.1684452344.1.0.1684452344.0.0.0; _ga=GA1.1.833045621.1684452344; _ga_98MWVCBDD7=GS1.1.1684452344.1.0.1684452344.60.0.0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: text/css
content-length: 722
date: Wed, 17 May 2023 13:35:42 GMT
last-modified: Wed, 17 May 2023 12:41:50 GMT
etag: "17b149a5ca6bb2e1b1b6a41e8ed22c17"
x-amz-server-side-encryption: AES256
cache-control: immutable,max-age=31536000,public
content-encoding: utf-8
x-amz-version-id: O2WpulU5dcmrznL2wnhzg.QpJ_OvsER8
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 909148671fe00df5415904e5ad7e738c.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: Gm6XIyBeC1K1wH5qxAdQz3Mo8ePoU4aVyo47faww-gcYNueTfY959w==
age: 121808
vary: Origin
X-Firefox-Spdy: h2

cdn.s.id/app/p_23051719a06c/blog/_next/static/chunks/webpack-8f590d0bde37e35a.js

52.85.242.26

200 OK

2.1 kB

URL GET HTTP/2
cdn.s.id/app/p_23051719a06c/blog/_next/static/chunks/webpack-8f590d0bde37e35a.js
IP
52.85.242.26:443
ASN
#16509 AMAZON-02

Requested by
https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect
Certificate
IssuerAmazon
Subjectcdn.s.id
FingerprintFE:A0:2C:D1:AB:F9:CF:31:E4:C9:5A:F7:0F:8A:97:19:7E:04:7F:C3
ValidityTue, 20 Dec 2022 00:00:00 GMT - Thu, 18 Jan 2024 23:59:59 GMT

File type
ASCII text, with very long lines (2140), with no line terminators
Size
2.1 kB (2140 bytes)
Hash
c65746863a47de05779c17b063dc1efb
5c623a6e3962eba5b7464683247d72e4c5e478ce
55350f9f3b0807b411a938c6bfc56645289a14e9991b641ae14ec77291168a59

HTTP Headers

GET /app/p_23051719a06c/blog/_next/static/chunks/webpack-8f590d0bde37e35a.js HTTP/1.1
Host: cdn.s.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://blog.s.id/
Cookie: _gcl_au=1.1.1647942844.1684452344; _ga_LJQ0V44EV5=GS1.1.1684452344.1.0.1684452344.0.0.0; _ga=GA1.1.833045621.1684452344; _ga_98MWVCBDD7=GS1.1.1684452344.1.0.1684452344.60.0.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-length: 2140
date: Wed, 17 May 2023 13:35:42 GMT
last-modified: Wed, 17 May 2023 12:41:50 GMT
etag: "c65746863a47de05779c17b063dc1efb"
x-amz-server-side-encryption: AES256
cache-control: immutable,max-age=31536000,public
content-encoding: utf-8
x-amz-version-id: txdySo.VWX5kyup2.odq6E5u2W8IIVAY
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 909148671fe00df5415904e5ad7e738c.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: VusPuTK9YFLZqx0cloZ_mV9UFGCC_K_x01aF4jocpfLEyyBvJ4T6Wg==
age: 121808
vary: Origin
X-Firefox-Spdy: h2

cdn.s.id/app/p_23051719a06c/blog/_next/static/chunks/framework-2647c7e378e02044.js

52.85.242.26

200 OK

141 kB

URL GET HTTP/2
cdn.s.id/app/p_23051719a06c/blog/_next/static/chunks/framework-2647c7e378e02044.js
IP
52.85.242.26:443
ASN
#16509 AMAZON-02

Requested by
https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect
Certificate
IssuerAmazon
Subjectcdn.s.id
FingerprintFE:A0:2C:D1:AB:F9:CF:31:E4:C9:5A:F7:0F:8A:97:19:7E:04:7F:C3
ValidityTue, 20 Dec 2022 00:00:00 GMT - Thu, 18 Jan 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65202)
Size
141 kB (141057 bytes)
Hash
1639a143b632bdca2ff0b6a30c784aeb
d64cbc59de02eddaaa1e5f361f6927b8c1c0d712
df6ff92ab9484674635dab18aa6d97d4bdea7d26fffc3c53fc890c218e23ff7e

HTTP Headers

GET /app/p_23051719a06c/blog/_next/static/chunks/framework-2647c7e378e02044.js HTTP/1.1
Host: cdn.s.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://blog.s.id/
Cookie: _gcl_au=1.1.1647942844.1684452344; _ga_LJQ0V44EV5=GS1.1.1684452344.1.0.1684452344.0.0.0; _ga=GA1.1.833045621.1684452344; _ga_98MWVCBDD7=GS1.1.1684452344.1.0.1684452344.60.0.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-length: 141057
date: Wed, 17 May 2023 13:35:42 GMT
last-modified: Wed, 17 May 2023 12:41:50 GMT
etag: "1639a143b632bdca2ff0b6a30c784aeb"
x-amz-server-side-encryption: AES256
cache-control: immutable,max-age=31536000,public
content-encoding: utf-8
x-amz-version-id: NpY4V_IEYJZKv1asijg82gF1tLtPvAyP
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 909148671fe00df5415904e5ad7e738c.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: nikGi0kFd7KZV5kPANtefv6EYEWi24LIuBr_cOn7e9HcHE7JI5JV6w==
age: 121808
vary: Origin
X-Firefox-Spdy: h2

cdn.s.id/app/p_23051719a06c/blog/_next/static/chunks/main-ae57ee9c17c390d0.js

52.85.242.26

200 OK

93 kB

URL GET HTTP/2
cdn.s.id/app/p_23051719a06c/blog/_next/static/chunks/main-ae57ee9c17c390d0.js
IP
52.85.242.26:443
ASN
#16509 AMAZON-02

Requested by
https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect
Certificate
IssuerAmazon
Subjectcdn.s.id
FingerprintFE:A0:2C:D1:AB:F9:CF:31:E4:C9:5A:F7:0F:8A:97:19:7E:04:7F:C3
ValidityTue, 20 Dec 2022 00:00:00 GMT - Thu, 18 Jan 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
93 kB (93058 bytes)
Hash
1e2fd193041b6a319eb1776ae861be5e
a3599fe7ad22029089faf569ce2e66060527fded
e5da21f851857a02fb23a30c384c45585a17a6aa89cd3957ae10c678a24b9648

HTTP Headers

GET /app/p_23051719a06c/blog/_next/static/chunks/main-ae57ee9c17c390d0.js HTTP/1.1
Host: cdn.s.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://blog.s.id/
Cookie: _gcl_au=1.1.1647942844.1684452344; _ga_LJQ0V44EV5=GS1.1.1684452344.1.0.1684452344.0.0.0; _ga=GA1.1.833045621.1684452344; _ga_98MWVCBDD7=GS1.1.1684452344.1.0.1684452344.60.0.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-length: 93058
date: Wed, 17 May 2023 13:35:42 GMT
last-modified: Wed, 17 May 2023 12:41:50 GMT
etag: "1e2fd193041b6a319eb1776ae861be5e"
x-amz-server-side-encryption: AES256
cache-control: immutable,max-age=31536000,public
content-encoding: utf-8
x-amz-version-id: cR2VI9AIN7jKcqAiTakrNfNEi2E.Dyfr
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 909148671fe00df5415904e5ad7e738c.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: Z3lI_XQBzyMrzzdLPV_EqeUYugdd_Ur-KiSQkmXLqKE32hzIGegWOg==
age: 121808
vary: Origin
X-Firefox-Spdy: h2

cdn.s.id/app/p_23051719a06c/blog/_next/static/chunks/pages/_app-c6ec76c3a975b3a2.js

52.85.242.26

200 OK

154 kB

URL GET HTTP/2
cdn.s.id/app/p_23051719a06c/blog/_next/static/chunks/pages/_app-c6ec76c3a975b3a2.js
IP
52.85.242.26:443
ASN
#16509 AMAZON-02

Requested by
https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect
Certificate
IssuerAmazon
Subjectcdn.s.id
FingerprintFE:A0:2C:D1:AB:F9:CF:31:E4:C9:5A:F7:0F:8A:97:19:7E:04:7F:C3
ValidityTue, 20 Dec 2022 00:00:00 GMT - Thu, 18 Jan 2024 23:59:59 GMT

File type
Unicode text, UTF-8 text, with very long lines (65532), with no line terminators
Size
154 kB (153982 bytes)
Hash
78afddc1a9fed9b552383b06736dcb8e
4764a8eeac1cb7f04a8369a4401f5f871a7206bf
2e29805c7c89eb674d68bdcd6d72e2e927e0c273e0b5889b78bd099062d5d9a2

HTTP Headers

GET /app/p_23051719a06c/blog/_next/static/chunks/pages/_app-c6ec76c3a975b3a2.js HTTP/1.1
Host: cdn.s.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://blog.s.id/
Cookie: _gcl_au=1.1.1647942844.1684452344; _ga_LJQ0V44EV5=GS1.1.1684452344.1.0.1684452344.0.0.0; _ga=GA1.1.833045621.1684452344; _ga_98MWVCBDD7=GS1.1.1684452344.1.0.1684452344.60.0.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-length: 153982
date: Wed, 17 May 2023 13:35:42 GMT
last-modified: Wed, 17 May 2023 12:41:50 GMT
etag: "78afddc1a9fed9b552383b06736dcb8e"
x-amz-server-side-encryption: AES256
cache-control: immutable,max-age=31536000,public
content-encoding: utf-8
x-amz-version-id: hT_lI_x5Aj7BWQ5rltbALnHK5sp6PvBE
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 909148671fe00df5415904e5ad7e738c.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: jROHw_-17crAP0dzyvm4IrxeXugN1UMZtrpuS2WUrBSSbWZXdONqpw==
age: 121808
vary: Origin
X-Firefox-Spdy: h2

cdn.s.id/app/p_23051719a06c/blog/_next/static/chunks/9849d5b5-45be35bd4b4157cd.js

52.85.242.26

200 OK

2.7 kB

URL GET HTTP/2
cdn.s.id/app/p_23051719a06c/blog/_next/static/chunks/9849d5b5-45be35bd4b4157cd.js
IP
52.85.242.26:443
ASN
#16509 AMAZON-02

Requested by
https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect
Certificate
IssuerAmazon
Subjectcdn.s.id
FingerprintFE:A0:2C:D1:AB:F9:CF:31:E4:C9:5A:F7:0F:8A:97:19:7E:04:7F:C3
ValidityTue, 20 Dec 2022 00:00:00 GMT - Thu, 18 Jan 2024 23:59:59 GMT

File type
ASCII text, with very long lines (2686), with no line terminators
Size
2.7 kB (2686 bytes)
Hash
ce5b46313723bd3cf5036595cef68bd3
db66130bdb125cc740f587250e0eff78a6043e89
3fd155d8504c42656f9a67bde0f6fa8c8313701dce4ca486a7d598dff22e1801

HTTP Headers

GET /app/p_23051719a06c/blog/_next/static/chunks/9849d5b5-45be35bd4b4157cd.js HTTP/1.1
Host: cdn.s.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://blog.s.id/
Cookie: _gcl_au=1.1.1647942844.1684452344; _ga_LJQ0V44EV5=GS1.1.1684452344.1.0.1684452344.0.0.0; _ga=GA1.1.833045621.1684452344; _ga_98MWVCBDD7=GS1.1.1684452344.1.0.1684452344.60.0.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-length: 2686
date: Wed, 17 May 2023 13:35:43 GMT
last-modified: Wed, 17 May 2023 12:41:50 GMT
etag: "ce5b46313723bd3cf5036595cef68bd3"
x-amz-server-side-encryption: AES256
cache-control: immutable,max-age=31536000,public
content-encoding: utf-8
x-amz-version-id: JnXPEwCj_pbTINClS88OvWzlhuBocdXd
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 909148671fe00df5415904e5ad7e738c.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: XmlRU0m93zAuFHOoHRYVufEPb_NY9keVnCBwON2oiuFFuhDazeNxxQ==
age: 121807
vary: Origin
X-Firefox-Spdy: h2

cdn.s.id/app/p_23051719a06c/blog/_next/static/chunks/389-3c58604d16d9e910.js

52.85.242.26

200 OK

165 kB

URL GET HTTP/2
cdn.s.id/app/p_23051719a06c/blog/_next/static/chunks/389-3c58604d16d9e910.js
IP
52.85.242.26:443
ASN
#16509 AMAZON-02

Requested by
https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect
Certificate
IssuerAmazon
Subjectcdn.s.id
FingerprintFE:A0:2C:D1:AB:F9:CF:31:E4:C9:5A:F7:0F:8A:97:19:7E:04:7F:C3
ValidityTue, 20 Dec 2022 00:00:00 GMT - Thu, 18 Jan 2024 23:59:59 GMT

File type
ASCII text, with very long lines (64667), with CRLF line terminators
Size
165 kB (165026 bytes)
Hash
de0723fc0f8847ef36892fad204fd180
47f047705fda7522490c9158e6dba1d6949de3f2
a918e36093fc1bc6aa3ba45dfdda02d32adeda69135a97167213d17f7c52bdbb

HTTP Headers

GET /app/p_23051719a06c/blog/_next/static/chunks/389-3c58604d16d9e910.js HTTP/1.1
Host: cdn.s.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://blog.s.id/
Cookie: _gcl_au=1.1.1647942844.1684452344; _ga_LJQ0V44EV5=GS1.1.1684452344.1.0.1684452344.0.0.0; _ga=GA1.1.833045621.1684452344; _ga_98MWVCBDD7=GS1.1.1684452344.1.0.1684452344.60.0.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-length: 165026
date: Wed, 17 May 2023 14:04:23 GMT
last-modified: Wed, 17 May 2023 12:41:50 GMT
etag: "de0723fc0f8847ef36892fad204fd180"
x-amz-server-side-encryption: AES256
cache-control: immutable,max-age=31536000,public
content-encoding: utf-8
x-amz-version-id: GFbMniFtqV6feuwiyIC2F2LwQp9usLJH
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 909148671fe00df5415904e5ad7e738c.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: B1weQSRlecbWGJG9uv8a6S4Z-YtcrdQS-TiK7kxoSWCg3M84dfw0Lw==
age: 120087
vary: Origin
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Montserrat:wght@400;500;600;700;800&family=Work+Sans:wght@400;500;600;700&display=swap

142.250.74.106

17 kB

URL
fonts.googleapis.com/css2?family=Montserrat:wght@400;500;600;700;800&family=Work+Sans:wght@400;500;600;700&display=swap
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type
gzip compressed data, max compression\012- data
Size
17 kB (16718 bytes)
Hash
d477e8f463b1049d304d27bb66930ec8
37bceb3365732f3729337ce05075fcba1e04470d
d2b54d8fdcf81c8bf1e4861e33d05eee724d0c95f02a146039539193b154519e

HTTP Headers

GET /css2?family=Montserrat:wght@400;500;600;700;800&family=Work+Sans:wght@400;500;600;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://home.s.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 18 May 2023 23:25:46 GMT
date: Thu, 18 May 2023 23:25:46 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

cdn.s.id/app/p_23051719a06c/blog/_next/static/chunks/pages/post/%5B...article%5D-51c50a194a28d7a1.js

52.85.242.26

200 OK

23 kB

URL GET HTTP/2
cdn.s.id/app/p_23051719a06c/blog/_next/static/chunks/pages/post/%5B...article%5D-51c50a194a28d7a1.js
IP
52.85.242.26:443
ASN
#16509 AMAZON-02

Requested by
https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect
Certificate
IssuerAmazon
Subjectcdn.s.id
FingerprintFE:A0:2C:D1:AB:F9:CF:31:E4:C9:5A:F7:0F:8A:97:19:7E:04:7F:C3
ValidityTue, 20 Dec 2022 00:00:00 GMT - Thu, 18 Jan 2024 23:59:59 GMT

File type
Unicode text, UTF-8 text, with very long lines (23081), with no line terminators
Size
23 kB (23083 bytes)
Hash
f3116f16f654e0dafdc43b1087577abf
25f71306d01b09e2caf25ee602f2e6577eda3039
4b0b85c742b9a2f7dc0cad9a5c33db6318f4965bd48d93ed24e33451a756a51d

HTTP Headers

GET /app/p_23051719a06c/blog/_next/static/chunks/pages/post/%5B...article%5D-51c50a194a28d7a1.js HTTP/1.1
Host: cdn.s.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://blog.s.id/
Cookie: _gcl_au=1.1.1647942844.1684452344; _ga_LJQ0V44EV5=GS1.1.1684452344.1.0.1684452344.0.0.0; _ga=GA1.1.833045621.1684452344; _ga_98MWVCBDD7=GS1.1.1684452344.1.0.1684452344.60.0.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-length: 23083
date: Wed, 17 May 2023 14:04:23 GMT
last-modified: Wed, 17 May 2023 12:41:50 GMT
etag: "f3116f16f654e0dafdc43b1087577abf"
x-amz-server-side-encryption: AES256
cache-control: immutable,max-age=31536000,public
content-encoding: utf-8
x-amz-version-id: .LsxmmRSAg4S_ICQJikH7Si7l_1rITyd
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 909148671fe00df5415904e5ad7e738c.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: 4JjLT_a0BsSmMOmaKizq8k5ZfHpLpbibcIdLOwdWhP8ZtVJjOZ45NQ==
age: 120087
vary: Origin
X-Firefox-Spdy: h2

cdn.s.id/app/p_23051719a06c/blog/_next/static/5k8J39F0todj9zRcNMRQY/_buildManifest.js

52.85.242.26

200 OK

999 B

URL GET HTTP/2
cdn.s.id/app/p_23051719a06c/blog/_next/static/5k8J39F0todj9zRcNMRQY/_buildManifest.js
IP
52.85.242.26:443
ASN
#16509 AMAZON-02

Requested by
https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect
Certificate
IssuerAmazon
Subjectcdn.s.id
FingerprintFE:A0:2C:D1:AB:F9:CF:31:E4:C9:5A:F7:0F:8A:97:19:7E:04:7F:C3
ValidityTue, 20 Dec 2022 00:00:00 GMT - Thu, 18 Jan 2024 23:59:59 GMT

File type
ASCII text, with very long lines (999), with no line terminators
Size
999 B (999 bytes)
Hash
02a3e73961259a75adac1fbc4b019a04
8cebd162e670fb388e2e50659ab2bfa5cd42c89d
c3afcadeded2f93fe3af477d552a3316f0c0ca26566f2a9fed9bfbd8cef0c61a

HTTP Headers

GET /app/p_23051719a06c/blog/_next/static/5k8J39F0todj9zRcNMRQY/_buildManifest.js HTTP/1.1
Host: cdn.s.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://blog.s.id/
Cookie: _gcl_au=1.1.1647942844.1684452344; _ga_LJQ0V44EV5=GS1.1.1684452344.1.0.1684452344.0.0.0; _ga=GA1.1.833045621.1684452344; _ga_98MWVCBDD7=GS1.1.1684452344.1.0.1684452344.60.0.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-length: 999
date: Wed, 17 May 2023 14:04:25 GMT
last-modified: Wed, 17 May 2023 12:41:50 GMT
etag: "02a3e73961259a75adac1fbc4b019a04"
x-amz-server-side-encryption: AES256
cache-control: immutable,max-age=31536000,public
content-encoding: utf-8
x-amz-version-id: LKXkdwjkuJxtHXyr8lQI_hhGg82Wg3EW
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 909148671fe00df5415904e5ad7e738c.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: 7zT89kEeazTNi4U9H7XgP1frIual7oeNSHgShmhF4yVHCOGt0IM8YA==
age: 120085
vary: Origin
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Lily+Script+One&family=Playfair+Display:ital,wght@0,400;0,600;1,500&display=swap

142.250.74.106

752 B

URL
fonts.googleapis.com/css2?family=Lily+Script+One&family=Playfair+Display:ital,wght@0,400;0,600;1,500&display=swap
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type
gzip compressed data, max compression\012- data
Size
752 B (752 bytes)
Hash
d95208a07e889ae277e1670121c64af2
e433613e59ea520750812f26866a024ba8695532
4181e59bd2a441accf73c8e4fb76f73a77062eee75e8ec3ffd05c25f5dc7ea1a

HTTP Headers

GET /css2?family=Lily+Script+One&family=Playfair+Display:ital,wght@0,400;0,600;1,500&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://home.s.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 18 May 2023 23:25:46 GMT
date: Thu, 18 May 2023 23:25:46 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

cdn.s.id/app/p_23051719a06c/blog/images/sid-logo-new-light.svg

52.85.242.26

200 OK

3.9 kB

URL GET HTTP/2
cdn.s.id/app/p_23051719a06c/blog/images/sid-logo-new-light.svg
IP
52.85.242.26:443
ASN
#16509 AMAZON-02

Requested by
https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect
Certificate
IssuerAmazon
Subjectcdn.s.id
FingerprintFE:A0:2C:D1:AB:F9:CF:31:E4:C9:5A:F7:0F:8A:97:19:7E:04:7F:C3
ValidityTue, 20 Dec 2022 00:00:00 GMT - Thu, 18 Jan 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
3.9 kB (3904 bytes)
Hash
b3e9be8f1d6a2b7f3f961c636bd7a812
206229a9f6dba2f2aad30dde2ae671a7ae740027
1af5eacc5472d595046d8320feb556463d66ca3711b5fc2e6449e5cc49cd167f

HTTP Headers

GET /app/p_23051719a06c/blog/images/sid-logo-new-light.svg HTTP/1.1
Host: cdn.s.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://blog.s.id/
Cookie: _gcl_au=1.1.1647942844.1684452344; _ga_LJQ0V44EV5=GS1.1.1684452344.1.0.1684452344.0.0.0; _ga=GA1.1.833045621.1684452344; _ga_98MWVCBDD7=GS1.1.1684452344.1.0.1684452344.60.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 3904
date: Wed, 17 May 2023 14:04:26 GMT
last-modified: Wed, 17 May 2023 12:41:50 GMT
etag: "b3e9be8f1d6a2b7f3f961c636bd7a812"
x-amz-server-side-encryption: AES256
cache-control: immutable,max-age=31536000,public
content-encoding: utf-8
x-amz-version-id: X_Q_KqXVOuYxkyv0qVdruKcLDah5JCM_
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 909148671fe00df5415904e5ad7e738c.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: REAHlTRT5y1g3kYotwpTfFIU8AGaoXeNWSe9lfNLcE67x-OkI50n3Q==
age: 120084
vary: Origin
X-Firefox-Spdy: h2

cdn.s.id/app/p_23051719a06c/blog/images/adg-red-ring.svg

52.85.242.26

200 OK

6.4 kB

URL GET HTTP/2
cdn.s.id/app/p_23051719a06c/blog/images/adg-red-ring.svg
IP
52.85.242.26:443
ASN
#16509 AMAZON-02

Requested by
https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect
Certificate
IssuerAmazon
Subjectcdn.s.id
FingerprintFE:A0:2C:D1:AB:F9:CF:31:E4:C9:5A:F7:0F:8A:97:19:7E:04:7F:C3
ValidityTue, 20 Dec 2022 00:00:00 GMT - Thu, 18 Jan 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (6438), with no line terminators
Size
6.4 kB (6438 bytes)
Hash
d8656f00411289185175620333fd7531
5cb6bb53297cb7de333679fef32a2e8ac075f59c
c7fb840478ca64f3410fff0ffa40eb38fd8a7cfc36c10f117c3869ea93c00182

HTTP Headers

GET /app/p_23051719a06c/blog/images/adg-red-ring.svg HTTP/1.1
Host: cdn.s.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://blog.s.id/
Cookie: _gcl_au=1.1.1647942844.1684452344; _ga_LJQ0V44EV5=GS1.1.1684452344.1.0.1684452344.0.0.0; _ga=GA1.1.833045621.1684452344; _ga_98MWVCBDD7=GS1.1.1684452344.1.0.1684452344.60.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 6438
date: Wed, 17 May 2023 14:04:26 GMT
last-modified: Wed, 17 May 2023 12:41:50 GMT
etag: "d8656f00411289185175620333fd7531"
x-amz-server-side-encryption: AES256
cache-control: immutable,max-age=31536000,public
content-encoding: utf-8
x-amz-version-id: McBMARgV8Bf57BDAn3q3xvFgpSbp_ITS
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 909148671fe00df5415904e5ad7e738c.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: t_dcW7HOo8IvNBlrPD-REPo9GWWRX-Zjc2drlYuoMGOofNDWcsOOMQ==
age: 120084
vary: Origin
X-Firefox-Spdy: h2

fonts.gstatic.com/s/worksans/v18/QGYsz_wNahGAdqQ43Rh_fKDp.woff2

216.58.207.227

200 OK

48 kB

URL GET HTTP/2
fonts.gstatic.com/s/worksans/v18/QGYsz_wNahGAdqQ43Rh_fKDp.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE2:33:59:47:38:D7:4A:7A:9E:28:5D:EC:AA:94:7F:92:25:D2:B1:C4
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT

File type
Web Open Font Format (Version 2), TrueType, length 47728, version 1.0\012- data
Size
48 kB (47728 bytes)
Hash
b1581ddd77372ceb06eb14adfd1bea07
1a3b0fc96fa73b808aa1f91f122a3c9bdcf93ee8
97e82d8eac8d106b28abf1b716982c40c06fffe49cc2f34cd1c299266745ef73

HTTP Headers

GET /s/worksans/v18/QGYsz_wNahGAdqQ43Rh_fKDp.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://blog.s.id
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 47728
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 May 2023 06:20:48 GMT
expires: Fri, 17 May 2024 06:20:48 GMT
cache-control: public, max-age=31536000
age: 61501
last-modified: Tue, 23 Aug 2022 17:55:22 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/worksans/v18/QGYsz_wNahGAdqQ43Rh_fKDp.woff2

216.58.207.227

200 OK

48 kB

URL GET HTTP/2
fonts.gstatic.com/s/worksans/v18/QGYsz_wNahGAdqQ43Rh_fKDp.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE2:33:59:47:38:D7:4A:7A:9E:28:5D:EC:AA:94:7F:92:25:D2:B1:C4
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT

File type
Web Open Font Format (Version 2), TrueType, length 47728, version 1.0\012- data
Size
48 kB (47728 bytes)
Hash
b1581ddd77372ceb06eb14adfd1bea07
1a3b0fc96fa73b808aa1f91f122a3c9bdcf93ee8
97e82d8eac8d106b28abf1b716982c40c06fffe49cc2f34cd1c299266745ef73

HTTP Headers

GET /s/worksans/v18/QGYsz_wNahGAdqQ43Rh_fKDp.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://blog.s.id
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 47728
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 May 2023 06:20:48 GMT
expires: Fri, 17 May 2024 06:20:48 GMT
cache-control: public, max-age=31536000
age: 61501
last-modified: Tue, 23 Aug 2022 17:55:22 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/worksans/v18/QGYsz_wNahGAdqQ43Rh_fKDp.woff2

216.58.207.227

200 OK

48 kB

URL GET HTTP/2
fonts.gstatic.com/s/worksans/v18/QGYsz_wNahGAdqQ43Rh_fKDp.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE2:33:59:47:38:D7:4A:7A:9E:28:5D:EC:AA:94:7F:92:25:D2:B1:C4
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT

File type
Web Open Font Format (Version 2), TrueType, length 47728, version 1.0\012- data
Size
48 kB (47728 bytes)
Hash
b1581ddd77372ceb06eb14adfd1bea07
1a3b0fc96fa73b808aa1f91f122a3c9bdcf93ee8
97e82d8eac8d106b28abf1b716982c40c06fffe49cc2f34cd1c299266745ef73

HTTP Headers

GET /s/worksans/v18/QGYsz_wNahGAdqQ43Rh_fKDp.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://blog.s.id
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 47728
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 May 2023 06:20:48 GMT
expires: Fri, 17 May 2024 06:20:48 GMT
cache-control: public, max-age=31536000
age: 61501
last-modified: Tue, 23 Aug 2022 17:55:22 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

cdn.s.id/app/p_23051719a06c/blog/images/sid-logo-new-dark.svg

52.85.242.26

200 OK

3.9 kB

URL GET HTTP/2
cdn.s.id/app/p_23051719a06c/blog/images/sid-logo-new-dark.svg
IP
52.85.242.26:443
ASN
#16509 AMAZON-02

Requested by
https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect
Certificate
IssuerAmazon
Subjectcdn.s.id
FingerprintFE:A0:2C:D1:AB:F9:CF:31:E4:C9:5A:F7:0F:8A:97:19:7E:04:7F:C3
ValidityTue, 20 Dec 2022 00:00:00 GMT - Thu, 18 Jan 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
3.9 kB (3904 bytes)
Hash
5f6c6d33de5cabfc68231a77c873ac2a
4d97e1c7d12deb6d6873d5ee5bcc787084d246a7
c62efa11e56d452e201244a46cc0c80d5bbd7d676487f6bb4953d71ac55e4f04

HTTP Headers

GET /app/p_23051719a06c/blog/images/sid-logo-new-dark.svg HTTP/1.1
Host: cdn.s.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://blog.s.id/
Cookie: _gcl_au=1.1.1647942844.1684452344; _ga_LJQ0V44EV5=GS1.1.1684452344.1.0.1684452344.0.0.0; _ga=GA1.1.833045621.1684452344; _ga_98MWVCBDD7=GS1.1.1684452344.1.0.1684452344.60.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 3904
date: Wed, 17 May 2023 14:04:25 GMT
last-modified: Wed, 17 May 2023 12:41:50 GMT
etag: "5f6c6d33de5cabfc68231a77c873ac2a"
x-amz-server-side-encryption: AES256
cache-control: immutable,max-age=31536000,public
content-encoding: utf-8
x-amz-version-id: cwJHTBzdXPv2XAuqZj_GsP6zLoRzFHof
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 909148671fe00df5415904e5ad7e738c.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: 4tX4v10MyV-PAkeC79h0MIcadxMxiNqN1nW0QJ32rfMkZCVZaEUclQ==
age: 120085
vary: Origin
X-Firefox-Spdy: h2

zendesk-eu.my.sentry.io/api/113/envelope/?sentry_key=460f708319894406a8ebaea641969c60&sentry_version=7

34.89.128.121

2 B

URL
zendesk-eu.my.sentry.io/api/113/envelope/?sentry_key=460f708319894406a8ebaea641969c60&sentry_version=7
IP
34.89.128.121:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
JSON data\012- , ASCII text, with no line terminators
Size
2 B (2 bytes)
Hash
99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

HTTP Headers

POST /api/113/envelope/?sentry_key=460f708319894406a8ebaea641969c60&sentry_version=7 HTTP/1.1
Host: zendesk-eu.my.sentry.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 134
Origin: https://home.s.id
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 18 May 2023 23:25:49 GMT
content-type: application/json
content-length: 2
access-control-allow-origin: *
vary: origin,access-control-request-method,access-control-request-headers
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time: 0
x-upstream-remote-address: 10.2.136.153:3000
x-upstream: relay
X-Firefox-Spdy: h2

blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect

188.114.97.1

200 OK

95 kB

URL User Request GET HTTP/2
blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjects.id
Fingerprint83:8D:A7:3C:E3:A9:84:19:28:12:27:7D:EF:E9:A2:FE:F8:13:2E:0F
ValiditySun, 16 Apr 2023 06:17:19 GMT - Sat, 15 Jul 2023 06:17:18 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (47403)
Size
95 kB (95375 bytes)
Hash
2b8a7096d64e8a2f7cc080b27417b34d
18c8bf55e9d27b6007aabb3a6a7476e6394eb49a
2ab71831a31d7ba4fea4c9f576055d8ce481c2f3d37fd69db9f6fc9b24020031

HTTP Headers

GET /post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect HTTP/1.1
Host: blog.s.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://home.s.id/
Cookie: _gcl_au=1.1.1647942844.1684452344; _ga_LJQ0V44EV5=GS1.1.1684452344.1.0.1684452344.0.0.0; _ga=GA1.1.833045621.1684452344; _ga_98MWVCBDD7=GS1.1.1684452344.1.0.1684452344.60.0.0
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 18 May 2023 23:25:48 GMT
content-type: text/html; charset=utf-8
x-powered-by: Next.js
cache-control: private, no-cache, no-store, max-age=0, must-revalidate
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L9SPfG%2BKl%2FW5nJSLueMfL%2FqF4Pjt6Wn8UTo%2Be%2Fz7H1tTvlfQsy7%2FCWKI5SEnS%2BDUj%2FfRP0K6msGI5H9CyXt33SlrAq2izfzk7KRYAGJ5emqKj%2BEukIWeY6IjQQM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7c97dc8a1fb2b523-OSL
content-encoding: br
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=G-LBWQJM5WLF

142.250.74.168

200 OK

80 kB

URL GET HTTP/3
www.googletagmanager.com/gtag/js?id=G-LBWQJM5WLF
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint55:51:32:58:36:72:A1:C8:50:5E:5A:8D:CE:A5:2F:DC:D7:1E:62:03
ValidityMon, 24 Apr 2023 11:56:06 GMT - Mon, 17 Jul 2023 11:56:05 GMT

File type
ASCII text, with very long lines (3288)
Size
80 kB (80254 bytes)
Hash
aefbd32dbb595358f684c2e43dd195a1
8c95ca8ace570dca428d15ef5e23df6c2dff7d6b
61225540c3ab173cff3714f00900c870ed8e72b6752acb70e228e6c4cb7c9387

HTTP Headers

GET /gtag/js?id=G-LBWQJM5WLF HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://blog.s.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 18 May 2023 23:25:49 GMT
expires: Thu, 18 May 2023 23:25:49 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 80254
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

blog.s.id/cdn-cgi/rum?

188.114.97.1

204 No Content

0 B

URL POST HTTP/2
blog.s.id/cdn-cgi/rum?
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect
Certificate
IssuerGoogle Trust Services LLC
Subjects.id
Fingerprint83:8D:A7:3C:E3:A9:84:19:28:12:27:7D:EF:E9:A2:FE:F8:13:2E:0F
ValiditySun, 16 Apr 2023 06:17:19 GMT - Sat, 15 Jul 2023 06:17:18 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /cdn-cgi/rum? HTTP/1.1
Host: blog.s.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/json
Content-Length: 1211
Origin: https://blog.s.id
DNT: 1
Connection: keep-alive
Referer: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect
Cookie: _gcl_au=1.1.1647942844.1684452344; _ga_LJQ0V44EV5=GS1.1.1684452344.1.0.1684452344.0.0.0; _ga=GA1.1.833045621.1684452344; _ga_98MWVCBDD7=GS1.1.1684452344.1.0.1684452344.60.0.0; _ga_GJLS9JMJCK=GS1.1.1684452346.1.0.1684452346.0.0.0; _ga_LBWQJM5WLF=GS1.1.1684452346.1.0.1684452346.60.0.0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 204 No Content
date: Thu, 18 May 2023 23:25:49 GMT
access-control-allow-origin: https://blog.s.id
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 7c97dc908cd7b523-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2

ekr.zdassets.com/compose/1dc98855-fcfe-49a8-9ac6-f3d16b24538f

104.18.72.113

200 OK

213 B

URL GET HTTP/2
ekr.zdassets.com/compose/1dc98855-fcfe-49a8-9ac6-f3d16b24538f
IP
104.18.72.113:443
ASN
#13335 CLOUDFLARENET

Requested by
https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect
Certificate
IssuerCloudflare, Inc.
Subjectzdassets.com
Fingerprint8A:25:1A:C6:2D:0B:57:20:0E:AC:67:73:C0:21:62:12:0D:EA:56:28
ValidityThu, 10 Nov 2022 00:00:00 GMT - Thu, 09 Nov 2023 23:59:59 GMT

File type
JSON data\012- , ASCII text, with very long lines (319), with no line terminators
Size
213 B (213 bytes)
Hash
85b8e7d4edf55267109712e3d61f1815
09a890c192d6b723660df7e7169300390d66ed0a
1748f7fd83003294df841b0b263aebf7e64ef42590c2cd5882cdd6a6e73a6982

HTTP Headers

GET /compose/1dc98855-fcfe-49a8-9ac6-f3d16b24538f HTTP/1.1
Host: ekr.zdassets.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://blog.s.id
DNT: 1
Connection: keep-alive
Referer: https://blog.s.id/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 18 May 2023 23:25:49 GMT
content-type: application/json; charset=utf-8
status: 200 OK
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-expose-headers: 
access-control-max-age: 7200
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cdn-cache-control: max-age=60
vary: Accept, Origin, Accept-Encoding
cache-control: max-age=600, public, stale-while-revalidate=600, stale-if-error=21600
etag: W/"1748f7fd83003294df841b0b263aebf7"
x-request-id: 7c97c1c56c52abd8-SEA, 7c97c1c56c52abd8-SEA
x-runtime: 0.003771
x-zendesk-zorg: yes
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9vUY1WDHPfV9pWyXWYudvLS8HtWAcKWyGgO5jY2RZnvFiNyTMutdrafhi1ktKAvPeBJMuVZ715YajJx%2FbhNRaeupJ2hFSPNGvELZ7KhtceoS1QMDBgrGtWTU35V3cPQqvgo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 7c97dc8fcf6cb4f4-OSL
content-encoding: br
X-Firefox-Spdy: h2

static.zdassets.com/ekr/snippet.js?key=1dc98855-fcfe-49a8-9ac6-f3d16b24538f

104.18.70.113

200 OK

6.5 kB

URL GET HTTP/2
static.zdassets.com/ekr/snippet.js?key=1dc98855-fcfe-49a8-9ac6-f3d16b24538f
IP
104.18.70.113:443
ASN
#13335 CLOUDFLARENET

Requested by
https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect
Certificate
IssuerCloudflare, Inc.
Subjectzdassets.com
Fingerprint8A:25:1A:C6:2D:0B:57:20:0E:AC:67:73:C0:21:62:12:0D:EA:56:28
ValidityThu, 10 Nov 2022 00:00:00 GMT - Thu, 09 Nov 2023 23:59:59 GMT

File type
ASCII text, with very long lines (24203), with no line terminators
Size
6.5 kB (6495 bytes)
Hash
9ce7e23b1a5cf89ecf9e795e0ccb61b4
d3c8c1151af2925bb8e1a8f1d1b679ae31285189
622be2eb8ef5825d74867a56c04c9274812a7276da1f7bd218401deb24fdc045

HTTP Headers

GET /ekr/snippet.js?key=1dc98855-fcfe-49a8-9ac6-f3d16b24538f HTTP/1.1
Host: static.zdassets.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://blog.s.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 18 May 2023 23:25:49 GMT
content-type: application/javascript
x-amz-id-2: NJE7m1ytiUXhKN4LIVjfMoU1Q7kysbfpxRordgt4ZmRpv5yUOTYGq9n7/khhH87D9W8VcgWYTUoy24B9kthQtg==
x-amz-request-id: Q6B2N48HBB8X1MDN
x-amz-replication-status: COMPLETED
last-modified: Sun, 14 May 2023 23:22:32 GMT
etag: W/"9ce7e23b1a5cf89ecf9e795e0ccb61b4"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=3600, s-maxage=60
x-amz-version-id: h_C7R95D6YonGiyqdlKE7XDlNtmjvPl8
cf-cache-status: HIT
age: 42
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I2FIpMTjFLZ66qdC4LYckTxUlSPLMp%2B1sQQAJ99b6pyofj3sMCR1VhRI70Jqn8CBGu7Qx04uGGSZ3VXPnGOtaTm47WvxjqZo%2BGFqlsj9g5mezLkewdCv%2BdbAZKC7h1Td%2FKIsMmQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 7c97dc8f3ce4b4fa-OSL
content-encoding: br
X-Firefox-Spdy: h2

region1.analytics.google.com/g/collect?v=2&tid=G-LBWQJM5WLF&gtm=45je35h0&_p=346796632&_gaz=1&cid=833045621.1684452344&ul=en-us&sr=1280x1024&_s=1&sid=1684452346&sct=1&seg=0&dl=https%3A%2F%2Fblog.s.id%2Fpost%2F2022%2F05%2F19%2Foops-you-accessing-forbidden-link-what-is-that-9m00gu9i3%3Futm_source%3Dhome_sid%26utm_medium%3Dredirect&dr=https%3A%2F%2Fhome.s.id%2F&dt=Oops%2C%20You%20accessing%20Forbidden%20Link!%20What%20is%20that%3F%20-%20S.id&en=page_view&_fv=1&_ss=1&_ee=1

216.239.32.36

204 No Content

0 B

URL POST HTTP/3
region1.analytics.google.com/g/collect?v=2&tid=G-LBWQJM5WLF&gtm=45je35h0&_p=346796632&_gaz=1&cid=833045621.1684452344&ul=en-us&sr=1280x1024&_s=1&sid=1684452346&sct=1&seg=0&dl=https%3A%2F%2Fblog.s.id%2Fpost%2F2022%2F05%2F19%2Foops-you-accessing-forbidden-link-what-is-that-9m00gu9i3%3Futm_source%3Dhome_sid%26utm_medium%3Dredirect&dr=https%3A%2F%2Fhome.s.id%2F&dt=Oops%2C%20You%20accessing%20Forbidden%20Link!%20What%20is%20that%3F%20-%20S.id&en=page_view&_fv=1&_ss=1&_ee=1
IP
216.239.32.36:443
ASN
#15169 GOOGLE

Requested by
https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint55:51:32:58:36:72:A1:C8:50:5E:5A:8D:CE:A5:2F:DC:D7:1E:62:03
ValidityMon, 24 Apr 2023 11:56:06 GMT - Mon, 17 Jul 2023 11:56:05 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-LBWQJM5WLF&gtm=45je35h0&_p=346796632&_gaz=1&cid=833045621.1684452344&ul=en-us&sr=1280x1024&_s=1&sid=1684452346&sct=1&seg=0&dl=https%3A%2F%2Fblog.s.id%2Fpost%2F2022%2F05%2F19%2Foops-you-accessing-forbidden-link-what-is-that-9m00gu9i3%3Futm_source%3Dhome_sid%26utm_medium%3Dredirect&dr=https%3A%2F%2Fhome.s.id%2F&dt=Oops%2C%20You%20accessing%20Forbidden%20Link!%20What%20is%20that%3F%20-%20S.id&en=page_view&_fv=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://blog.s.id
DNT: 1
Connection: keep-alive
Referer: https://blog.s.id/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers

HTTP/3 204 No Content
access-control-allow-origin: https://blog.s.id
date: Thu, 18 May 2023 23:25:50 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.googletagmanager.com/gtag/js?id=G-GJLS9JMJCK

142.250.74.168

200 OK

226 kB

URL GET HTTP/3
www.googletagmanager.com/gtag/js?id=G-GJLS9JMJCK
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint55:51:32:58:36:72:A1:C8:50:5E:5A:8D:CE:A5:2F:DC:D7:1E:62:03
ValidityMon, 24 Apr 2023 11:56:06 GMT - Mon, 17 Jul 2023 11:56:05 GMT

File type
ASCII text, with very long lines (3288)
Size
226 kB (225947 bytes)
Hash
e6398bb9a58f3103f8e82d6711bd2dc2
d2fb1fae2a52234220095f8e01549dc7cb55a5d7
1c09f6f3539bc01ecd6a63210e8524b4a46dcaae8189e850a8bec15725f90185

HTTP Headers

GET /gtag/js?id=G-GJLS9JMJCK HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://blog.s.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 18 May 2023 23:25:49 GMT
expires: Thu, 18 May 2023 23:25:49 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 79650
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

blog.s.id/favicon.ico

188.114.97.1

200 OK

369 B

URL GET HTTP/2
blog.s.id/favicon.ico
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect
Certificate
IssuerGoogle Trust Services LLC
Subjects.id
Fingerprint83:8D:A7:3C:E3:A9:84:19:28:12:27:7D:EF:E9:A2:FE:F8:13:2E:0F
ValiditySun, 16 Apr 2023 06:17:19 GMT - Sat, 15 Jul 2023 06:17:18 GMT

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Size
369 B (369 bytes)
Hash
2137def2d03d166159c9d82347e2f023
d566cfac9656ce95ba623921422c02b7ff0b49c5
cfe37d249e5eda84e78c2c746fa7c094303fdb0288caa687c895e02a3d46c114

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: blog.s.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect
Cookie: _gcl_au=1.1.1647942844.1684452344; _ga_LJQ0V44EV5=GS1.1.1684452344.1.0.1684452344.0.0.0; _ga=GA1.1.833045621.1684452344; _ga_98MWVCBDD7=GS1.1.1684452344.1.0.1684452344.60.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 18 May 2023 23:25:49 GMT
content-type: image/x-icon
cache-control: public, max-age=14400
last-modified: Fri, 04 Mar 2022 07:03:55 GMT
etag: W/"171-17f53bdff78"
vary: Accept-Encoding
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VHyPK7dRoE%2FHlP%2FFuoh6PlM5OvnrDtVClYo%2BqG9No7%2BPi0qDYhu%2FLPl9BxDvlPMYT6N2dI5HezbWap%2FFCQCTNb8h3JsilFqlUVgSH3fcxcUlwNKH%2B30cqZblgck%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7c97dc8fac49b523-OSL
content-encoding: br
X-Firefox-Spdy: h2

static.zdassets.com/web_widget/latest/web-widget-framework-4156df7a230d696d9dfa.js

104.18.70.113

200 OK

167 kB

URL GET HTTP/2
static.zdassets.com/web_widget/latest/web-widget-framework-4156df7a230d696d9dfa.js
IP
104.18.70.113:443
ASN
#13335 CLOUDFLARENET

Requested by
https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect
Certificate
IssuerCloudflare, Inc.
Subjectzdassets.com
Fingerprint8A:25:1A:C6:2D:0B:57:20:0E:AC:67:73:C0:21:62:12:0D:EA:56:28
ValidityThu, 10 Nov 2022 00:00:00 GMT - Thu, 09 Nov 2023 23:59:59 GMT

File type

Size
167 kB (166934 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /web_widget/latest/web-widget-framework-4156df7a230d696d9dfa.js HTTP/1.1
Host: static.zdassets.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 18 May 2023 23:25:49 GMT
content-type: application/javascript; charset=utf-8
x-amz-id-2: QragrPajtgWXI2GSOKNz+36HPUXiDNzgWDUbdUopsGuQKzksAEgLtbYMf9RsvWr4AYE8rzx6WUAUlbFHJWRQAQ==
x-amz-request-id: 4ASD6BC4DB3A1F8V
x-amz-replication-status: COMPLETED
last-modified: Fri, 05 May 2023 01:12:08 GMT
etag: W/"8fb65d85b93d5ff05784a92cb5fd6750"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000
expires: Sat, 04 May 2024 01:12:06 GMT
x-amz-version-id: tWrlWgSWj4y2kCVtosT1irVWDwD.aQlK
cf-cache-status: HIT
age: 1379
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2VgSpTJwr8U7zzFUd1d8HHKTfORYUU7QvQkkp9emakmD2DGhMzrLV5mlND%2BptOdK9jsB7Ay8FMMsRAlWJU6n8%2BUqO8fCO0nIYj4LSkjQITaiRwtXZOlc09oUUfqf2hWLz0cEgag%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 7c97dc915eb4b4fa-OSL
content-encoding: br
X-Firefox-Spdy: h2

cdn.s.id/app/p_23051719a06c/blog/_next/static/5k8J39F0todj9zRcNMRQY/_ssgManifest.js

52.85.242.26

200 OK

77 B

URL GET HTTP/2
cdn.s.id/app/p_23051719a06c/blog/_next/static/5k8J39F0todj9zRcNMRQY/_ssgManifest.js
IP
52.85.242.26:443
ASN
#16509 AMAZON-02

Requested by
https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect
Certificate
IssuerAmazon
Subjectcdn.s.id
FingerprintFE:A0:2C:D1:AB:F9:CF:31:E4:C9:5A:F7:0F:8A:97:19:7E:04:7F:C3
ValidityTue, 20 Dec 2022 00:00:00 GMT - Thu, 18 Jan 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
77 B (77 bytes)
Hash
b6652df95db52feb4daf4eca35380933
65451d110137761b318c82d9071c042db80c4036
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e

HTTP Headers

GET /app/p_23051719a06c/blog/_next/static/5k8J39F0todj9zRcNMRQY/_ssgManifest.js HTTP/1.1
Host: cdn.s.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://blog.s.id/
Cookie: _gcl_au=1.1.1647942844.1684452344; _ga_LJQ0V44EV5=GS1.1.1684452344.1.0.1684452344.0.0.0; _ga=GA1.1.833045621.1684452344; _ga_98MWVCBDD7=GS1.1.1684452344.1.0.1684452344.60.0.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
content-length: 77
date: Wed, 17 May 2023 14:04:24 GMT
last-modified: Wed, 17 May 2023 12:41:50 GMT
etag: "b6652df95db52feb4daf4eca35380933"
x-amz-server-side-encryption: AES256
cache-control: immutable,max-age=31536000,public
content-encoding: utf-8
x-amz-version-id: F2tQeF0e3ndPmVBfgLLS54MW0_maK.KO
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 909148671fe00df5415904e5ad7e738c.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: RvgnMG3CEquTasnvadG5R_Pc65m8z_KE5Ron9GJXClTRd1TenErAAQ==
age: 120085
vary: Origin
X-Firefox-Spdy: h2

static.cloudflareinsights.com/beacon.min.js/v52afc6f149f6479b8c77fa569edb01181681764108816

104.16.56.101

200 OK

20 kB

URL GET HTTP/2
static.cloudflareinsights.com/beacon.min.js/v52afc6f149f6479b8c77fa569edb01181681764108816
IP
104.16.56.101:443
ASN
#13335 CLOUDFLARENET

Requested by
https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint89:79:35:ED:04:A2:CA:50:F7:9A:B8:FE:DF:A5:0C:B1:F2:E6:DD:E8
ValidityMon, 10 Apr 2023 00:00:00 GMT - Tue, 09 Apr 2024 23:59:59 GMT

File type
ASCII text, with very long lines (19927), with no line terminators
Size
20 kB (19927 bytes)
Hash
d294b48fb7400508953205265f95d2e1
fd545d38241c9c56e81f61e45cd239976ecd0b46
13a548e040a1ec08f77911fed1d559b95e5daae0ee227e632140e003c7268e7b

HTTP Headers

GET /beacon.min.js/v52afc6f149f6479b8c77fa569edb01181681764108816 HTTP/1.1
Host: static.cloudflareinsights.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://blog.s.id
DNT: 1
Connection: keep-alive
Referer: https://blog.s.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 18 May 2023 23:25:49 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/2023.4.2
last-modified: Mon, 17 Apr 2023 20:41:48 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c97dc8e896d0afe-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

region1.analytics.google.com/g/collect?v=2&tid=G-98MWVCBDD7&gtm=45je35h0&_p=1809541811&cid=833045621.1684452344&ul=en-us&sr=1280x1024&_eu=AEA&_s=2&sid=1684452344&sct=1&seg=0&dl=https%3A%2F%2Fhome.s.id%2Fforbidden&dt=Forbidden%20-%20S.id&en=scroll&epn.percent_scrolled=90

216.239.32.36

204 No Content

0 B

URL POST HTTP/3
region1.analytics.google.com/g/collect?v=2&tid=G-98MWVCBDD7&gtm=45je35h0&_p=1809541811&cid=833045621.1684452344&ul=en-us&sr=1280x1024&_eu=AEA&_s=2&sid=1684452344&sct=1&seg=0&dl=https%3A%2F%2Fhome.s.id%2Fforbidden&dt=Forbidden%20-%20S.id&en=scroll&epn.percent_scrolled=90
IP
216.239.32.36:443
ASN
#15169 GOOGLE

Requested by
https://home.s.id/forbidden#action
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint55:51:32:58:36:72:A1:C8:50:5E:5A:8D:CE:A5:2F:DC:D7:1E:62:03
ValidityMon, 24 Apr 2023 11:56:06 GMT - Mon, 17 Jul 2023 11:56:05 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-98MWVCBDD7&gtm=45je35h0&_p=1809541811&cid=833045621.1684452344&ul=en-us&sr=1280x1024&_eu=AEA&_s=2&sid=1684452344&sct=1&seg=0&dl=https%3A%2F%2Fhome.s.id%2Fforbidden&dt=Forbidden%20-%20S.id&en=scroll&epn.percent_scrolled=90 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://home.s.id
DNT: 1
Connection: keep-alive
Referer: https://home.s.id/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/3 204 No Content
access-control-allow-origin: https://home.s.id
date: Thu, 18 May 2023 23:25:49 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

protagcdn.com/s/s.id/site.js

104.26.6.142

200 OK

396 kB

URL GET HTTP/2
protagcdn.com/s/s.id/site.js
IP
104.26.6.142:443
ASN
#13335 CLOUDFLARENET

Requested by
https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect
Certificate
IssuerLet's Encrypt
Subjectprotagcdn.com
Fingerprint77:9F:9C:0E:AB:36:C9:7A:8F:76:3D:6F:68:D8:E4:46:11:80:72:BC
ValidityTue, 02 May 2023 23:36:49 GMT - Mon, 31 Jul 2023 23:36:48 GMT

File type

Size
396 kB (395566 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /s/s.id/site.js HTTP/1.1
Host: protagcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://blog.s.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 18 May 2023 23:25:49 GMT
content-type: application/javascript
cache-control: public, max-age=1800
cf-bgj: minify
cf-polished: origSize=396346
expires: Thu, 18 May 2023 23:55:49 GMT
last-modified: Tue, 28 Jun 2022 09:03:45 GMT
pragma: no-cache
vary: Accept-Encoding
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XOdgJ9G4xr6TCVdb9YyztWQkViS481sRi6lKFITMEn3Epx7dtS1KR9E44pq3hZ8145Qxz%2FF7Ps4DqV9p%2FI19R2EBds0nKe2GXVzYJo%2BeaT1LuiogJeo5IsspBkcljqE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c97dc912960b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-LBWQJM5WLF&cid=833045621.1684452344&gtm=45je35h0&aip=1&z=150167225

142.250.74.163

200 OK

42 B

URL GET HTTP/3
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-LBWQJM5WLF&cid=833045621.1684452344&gtm=45je35h0&aip=1&z=150167225
IP
142.250.74.163:443
ASN
#15169 GOOGLE

Requested by
https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.no
FingerprintDC:04:40:A7:66:FE:43:A4:60:74:CB:F5:05:B7:C5:30:60:15:0E:C8
ValidityMon, 24 Apr 2023 12:02:59 GMT - Mon, 17 Jul 2023 12:02:58 GMT

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-LBWQJM5WLF&cid=833045621.1684452344&gtm=45je35h0&aip=1&z=150167225 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://blog.s.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 18 May 2023 23:25:49 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

cdn.s.id/app/p_23051719a06c/blog/_next/static/chunks/852-53491df802f0da4c.js

52.85.242.26

200 OK

16 kB

URL GET HTTP/2
cdn.s.id/app/p_23051719a06c/blog/_next/static/chunks/852-53491df802f0da4c.js
IP
52.85.242.26:443
ASN
#16509 AMAZON-02

Requested by
https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect
Certificate
IssuerAmazon
Subjectcdn.s.id
FingerprintFE:A0:2C:D1:AB:F9:CF:31:E4:C9:5A:F7:0F:8A:97:19:7E:04:7F:C3
ValidityTue, 20 Dec 2022 00:00:00 GMT - Thu, 18 Jan 2024 23:59:59 GMT

File type
HTML document, ASCII text, with very long lines (15946), with no line terminators
Size
16 kB (15946 bytes)
Hash
9d40741fe4379ec246935f71e95c88ca
8fce523629c64b1d6fef07ad469de6fbe9259901
e9727737fdaed5977d5959eb6c81a4cbf0d29dbd70c33801765f824202f17bf8

HTTP Headers

GET /app/p_23051719a06c/blog/_next/static/chunks/852-53491df802f0da4c.js HTTP/1.1
Host: cdn.s.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://blog.s.id/
Cookie: _gcl_au=1.1.1647942844.1684452344; _ga_LJQ0V44EV5=GS1.1.1684452344.1.0.1684452344.0.0.0; _ga=GA1.1.833045621.1684452344; _ga_98MWVCBDD7=GS1.1.1684452344.1.0.1684452344.60.0.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
content-length: 15946
date: Thu, 18 May 2023 07:12:05 GMT
last-modified: Wed, 17 May 2023 12:41:50 GMT
etag: "9d40741fe4379ec246935f71e95c88ca"
x-amz-server-side-encryption: AES256
cache-control: immutable,max-age=31536000,public
content-encoding: utf-8
x-amz-version-id: uq8BoKvtlwh_rRBOefTLHoQ2O8IgnRPd
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 909148671fe00df5415904e5ad7e738c.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: 3DxAghIZnGr9fb3v2zwARPK6Ga6L4RhhFWql1GcATMcuPbdamJDaPQ==
age: 58425
vary: Origin
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Montserrat:wght@400;500;600;700&family=Work+Sans:wght@400;500;600;700&display=swap

142.250.74.106

200 OK

12 kB

URL GET HTTP/3
fonts.googleapis.com/css2?family=Montserrat:wght@400;500;600;700&family=Work+Sans:wght@400;500;600;700&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://blog.s.id/post/2022/05/19/oops-you-accessing-forbidden-link-what-is-that-9m00gu9i3?utm_source=home_sid&utm_medium=redirect
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint9B:D0:53:C4:55:9D:41:A4:94:03:4A:2B:6A:5B:57:EB:EB:A5:F0:4A
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT

File type
ASCII text
Size
12 kB (12084 bytes)
Hash
b2dfb29442dc1bdbba96360e76a2d8ff
08abbec340dad80efd39b15d0e4729f886214ed7
ac2af12c81be58d6906f22b9dbdb6d9753a775ca31d71c993839c8674acd020f

HTTP Headers

GET /css2?family=Montserrat:wght@400;500;600;700&family=Work+Sans:wght@400;500;600;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://blog.s.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 18 May 2023 23:25:49 GMT
date: Thu, 18 May 2023 23:25:49 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (27)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML