firefox.settings.services.mozilla.com/v1/
143.204.55.115200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 03 Oct 2022 20:46:58 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: -bzugdUI5B5I8L0Hh2r4DS0tLXUI__3turrh5eGZbIyEgreSmIPDHA==
Age: 408
r3.o.lencr.org/
23.36.76.249200 OK 503 B IP 23.36.76.249:0
ASN #20940 Akamai International B.V.
Hash 9955bda9c9ef64bc5700a14af0bae25e
8de7b7469e905af0374bdfcc3006bbb844f13e94
1f611155394fac39439b8ec8217d8cd493d6b588d372d264e0d66c03129c50c6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1F611155394FAC39439B8EC8217D8CD493D6B588D372D264E0D66C03129C50C6"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16906
Expires: Tue, 04 Oct 2022 01:35:32 GMT
Date: Mon, 03 Oct 2022 20:53:46 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.49200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.49:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Mon, 03 Oct 2022 05:28:28 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: izplFRNqY5rIbtedjewDA4Zgf6bs0etmSx7okEBhwvZxwFg1uGMC4w==
age: 55519
X-Firefox-Spdy: h2
diklat.lpem.org/graph/opt-net.onlinesvc/login.php?sslchannel=true&sessionid=b6mvxzso1rcydbkblnq6qsyfb1bkgwexeiog1pktzbnfrdtej10bpzw61bon55gmrqisqwethxb5famf6ejq1fvchcswug2mnipofox18agatuuqjxw7srqi9anureqsm1
182.23.64.24301 Moved Permanently 426 B URL HTTP/1.1 diklat.lpem.org/graph/opt-net.onlinesvc/login.php?sslchannel=true&sessionid=b6mvxzso1rcydbkblnq6qsyfb1bkgwexeiog1pktzbnfrdtej10bpzw61bon55gmrqisqwethxb5famf6ejq1fvchcswug2mnipofox18agatuuqjxw7srqi9anureqsm1
IP 182.23.64.24:0
ASN #38513 PT Aplikanusa Lintasarta
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 8c9d79b798584c1eb0870e0f7d96669f
f811495a1c1fe87ca543d4836ade2619d059c619
e7bfc4a762ac57a657188453d7b501f3dc01ab77596a3f8d07701ded8b6a7848
GET /graph/opt-net.onlinesvc/login.php?sslchannel=true&sessionid=b6mvxzso1rcydbkblnq6qsyfb1bkgwexeiog1pktzbnfrdtej10bpzw61bon55gmrqisqwethxb5famf6ejq1fvchcswug2mnipofox18agatuuqjxw7srqi9anureqsm1 HTTP/1.1
Host: diklat.lpem.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Mon, 03 Oct 2022 20:53:46 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Location: https://diklat.lpem.org/graph/opt-net.onlinesvc/login.php?sslchannel=true&sessionid=b6mvxzso1rcydbkblnq6qsyfb1bkgwexeiog1pktzbnfrdtej10bpzw61bon55gmrqisqwethxb5famf6ejq1fvchcswug2mnipofox18agatuuqjxw7srqi9anureqsm1
Content-Length: 426
Keep-Alive: timeout=5, max=500
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 03 Oct 2022 20:53:46 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.115200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Mon, 03 Oct 2022 20:29:33 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Mon, 03 Oct 2022 21:03:40 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Se-HEsel4LR8saNKebtQ50Q0-Sqfv4e8lp1pbn2rlYnCtsLElWwVug==
Age: 1453
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 321fa9a78e31dcb66601ac5890bfba73
c325580db79bde6fd00d2d0c7e3f675e4c0046bb
83029b324b4c36522ae47eef9614c124b0ad2994de412d7ea82f990ad8ae9d92
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1459
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 03 Oct 2022 20:53:47 GMT
Last-Modified: Mon, 03 Oct 2022 20:29:28 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
52.13.69.101101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.13.69.101:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: NZUUb70y4B1ZAnhbtmpNWQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: eZWvAQ1qVpvtmvCIfT8I1myZ/Uc=
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 9e40b2c69615f45f2bc898334ab3e343
6a569648ed10564e126d3bbf3f91352e6b3f6d4f
4f1d0982c58b9bbeaa266b99292baa1a00c9e39280f73d5a525722c851e15981
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 03 Oct 2022 20:53:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 129fe858bf2aa7291fd2c6dd4cf9d226
e3e048b964b851ebbdcfb5bd80ebdbad13720cf6
addc7e4ddab73c8c7ee50f6d33fc1e4ff73b71cc014e481049a393c3b87b0924
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 03 Oct 2022 20:53:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
maps.google.com/maps/api/js?libraries=geometry%2Cplaces%2Cweather%2Cpanoramio%2Cdrawing&language=en&ver=6.0.2
216.58.211.14200 OK 59 kB URL HTTP/2 maps.google.com/maps/api/js?libraries=geometry%2Cplaces%2Cweather%2Cpanoramio%2Cdrawing&language=en&ver=6.0.2
IP 216.58.211.14:0
File type ASCII text, with very long lines (2537)
Hash 738f3fc4df6e8f8419e99fadc20c895f
f3e3b8a2473a04c268f289660864f2491834d54f
10504757a18d13c1155addf7bd150273c4180101f8f374fa9e97650f6a9715f9
GET /maps/api/js?libraries=geometry%2Cplaces%2Cweather%2Cpanoramio%2Cdrawing&language=en&ver=6.0.2 HTTP/1.1
Host: maps.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diklat.lpem.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-encoding: gzip
server: mafe
content-length: 59354
x-xss-protection: 0
x-frame-options: SAMEORIGIN
server-timing: gfet4t7; dur=11
date: Mon, 03 Oct 2022 20:37:53 GMT
expires: Mon, 03 Oct 2022 21:07:53 GMT
cache-control: public, max-age=1800
content-type: text/javascript; charset=UTF-8
age: 955
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Poppins%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CABeeZee%3Aregular%2Citalic&subset=devanagari%2Clatin%2Clatin-ext&ver=6.0.2
142.250.74.10200 OK 1.4 kB URL HTTP/2 fonts.googleapis.com/css?family=Poppins%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CABeeZee%3Aregular%2Citalic&subset=devanagari%2Clatin%2Clatin-ext&ver=6.0.2
IP 142.250.74.10:0
Hash e8a47abab8ae173a5759bdbbc09da00f
8e80d79d0ac953906a57cd2aa9a70e85a4b80c73
5c8441ab9263f4668ae93b3cf1383e29ade4e17d22e03f107e080aff3fcbb3a6
GET /css?family=Poppins%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CABeeZee%3Aregular%2Citalic&subset=devanagari%2Clatin%2Clatin-ext&ver=6.0.2 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diklat.lpem.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 03 Oct 2022 20:53:48 GMT
date: Mon, 03 Oct 2022 20:53:48 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 129fe858bf2aa7291fd2c6dd4cf9d226
e3e048b964b851ebbdcfb5bd80ebdbad13720cf6
addc7e4ddab73c8c7ee50f6d33fc1e4ff73b71cc014e481049a393c3b87b0924
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 03 Oct 2022 20:53:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
diklat.lpem.org/wp-content/plugins/learnpress-course-review/assets/css/course-review.css?ver=6.0.2
182.23.64.24200 OK 1.9 kB URL HTTP/2 diklat.lpem.org/wp-content/plugins/learnpress-course-review/assets/css/course-review.css?ver=6.0.2
IP 182.23.64.24:0
ASN #38513 PT Aplikanusa Lintasarta
Hash 99b1d81c35d562132347274c31e38845
35932869754a153dbb8d0ca70d749656496b5bf5
1962970a640856033f6141115f5b5155ccb1f7de6e053d3075c53ab92c298a9b
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/learnpress-course-review/assets/css/course-review.css?ver=6.0.2 HTTP/1.1
Host: diklat.lpem.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diklat.lpem.org/graph/opt-net.onlinesvc/login.php?sslchannel=true&sessionid=b6mvxzso1rcydbkblnq6qsyfb1bkgwexeiog1pktzbnfrdtej10bpzw61bon55gmrqisqwethxb5famf6ejq1fvchcswug2mnipofox18agatuuqjxw7srqi9anureqsm1
Cookie: _learn_press_session_45fb306c9145076fa6144b47d42e7e57=882e68b0027eee9dd67a7b074275df54%7C%7C1665003227%7C%7C5804fb1c5b4170f02bfa6514f55f39bc; qtrans_front_language=en; _wordpress_lp_guest=b0e109ed6ad22aada551d92e31edeb53
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Mon, 15 Aug 2022 07:13:30 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-frame-options: DENY, SAMEORIGIN
content-length: 1891
content-type: text/css
date: Mon, 03 Oct 2022 20:53:48 GMT
server: Apache
X-Firefox-Spdy: h2
diklat.lpem.org/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.3
182.23.64.24200 OK 1.0 kB URL HTTP/2 diklat.lpem.org/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.3
IP 182.23.64.24:0
ASN #38513 PT Aplikanusa Lintasarta
Hash 71b280bd7e5fb3b9f802068cd2fed62c
e28340cdc4157de949703f6d8ac5ef30062d4b03
7fd1e96c6fb9768e9fe2efd586f8a02c3b58a503e2783dc9e5724e765b1d3219
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.3 HTTP/1.1
Host: diklat.lpem.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diklat.lpem.org/graph/opt-net.onlinesvc/login.php?sslchannel=true&sessionid=b6mvxzso1rcydbkblnq6qsyfb1bkgwexeiog1pktzbnfrdtej10bpzw61bon55gmrqisqwethxb5famf6ejq1fvchcswug2mnipofox18agatuuqjxw7srqi9anureqsm1
Cookie: _learn_press_session_45fb306c9145076fa6144b47d42e7e57=882e68b0027eee9dd67a7b074275df54%7C%7C1665003227%7C%7C5804fb1c5b4170f02bfa6514f55f39bc; qtrans_front_language=en; _wordpress_lp_guest=b0e109ed6ad22aada551d92e31edeb53
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Tue, 06 Sep 2022 09:56:19 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-frame-options: DENY, SAMEORIGIN
content-length: 1048
content-type: text/css
date: Mon, 03 Oct 2022 20:53:48 GMT
server: Apache
X-Firefox-Spdy: h2
diklat.lpem.org/wp-content/plugins/learnpress-wishlist/assets/css/wishlist.css?ver=6.0.2
182.23.64.24200 OK 656 B URL HTTP/2 diklat.lpem.org/wp-content/plugins/learnpress-wishlist/assets/css/wishlist.css?ver=6.0.2
IP 182.23.64.24:0
ASN #38513 PT Aplikanusa Lintasarta
Hash 353f6c6f65cafab89a93623335edeece
3bb4cd372eeeba40ecb6611a753c39e9211c95d4
472614bcb1ae7fa88fbe2225903171c7189570bf0bc9b87aa835b0e05c7eacd6
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/learnpress-wishlist/assets/css/wishlist.css?ver=6.0.2 HTTP/1.1
Host: diklat.lpem.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diklat.lpem.org/graph/opt-net.onlinesvc/login.php?sslchannel=true&sessionid=b6mvxzso1rcydbkblnq6qsyfb1bkgwexeiog1pktzbnfrdtej10bpzw61bon55gmrqisqwethxb5famf6ejq1fvchcswug2mnipofox18agatuuqjxw7srqi9anureqsm1
Cookie: _learn_press_session_45fb306c9145076fa6144b47d42e7e57=882e68b0027eee9dd67a7b074275df54%7C%7C1665003227%7C%7C5804fb1c5b4170f02bfa6514f55f39bc; qtrans_front_language=en; _wordpress_lp_guest=b0e109ed6ad22aada551d92e31edeb53
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Mon, 15 Aug 2022 07:17:34 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-frame-options: DENY, SAMEORIGIN
content-length: 656
content-type: text/css
date: Mon, 03 Oct 2022 20:53:48 GMT
server: Apache
X-Firefox-Spdy: h2
diklat.lpem.org/wp-content/plugins/goodlayers-core/plugins/fontawesome/font-awesome.css?ver=6.0.2
182.23.64.24200 OK 7.9 kB URL HTTP/2 diklat.lpem.org/wp-content/plugins/goodlayers-core/plugins/fontawesome/font-awesome.css?ver=6.0.2
IP 182.23.64.24:0
ASN #38513 PT Aplikanusa Lintasarta
File type ASCII text, with very long lines (30800), with CRLF line terminators
Hash 17daf59bb99b3ad107441703976da7a2
4e72e1e49f27e7d451d2d1dc7621623cf042f488
eae4f2ee67ce355ca83f017a0a6aaa9989af2771c880b18f8cc6cbd3eb122fcc
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/goodlayers-core/plugins/fontawesome/font-awesome.css?ver=6.0.2 HTTP/1.1
Host: diklat.lpem.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diklat.lpem.org/graph/opt-net.onlinesvc/login.php?sslchannel=true&sessionid=b6mvxzso1rcydbkblnq6qsyfb1bkgwexeiog1pktzbnfrdtej10bpzw61bon55gmrqisqwethxb5famf6ejq1fvchcswug2mnipofox18agatuuqjxw7srqi9anureqsm1
Cookie: _learn_press_session_45fb306c9145076fa6144b47d42e7e57=882e68b0027eee9dd67a7b074275df54%7C%7C1665003227%7C%7C5804fb1c5b4170f02bfa6514f55f39bc; qtrans_front_language=en; _wordpress_lp_guest=b0e109ed6ad22aada551d92e31edeb53
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Mon, 15 Aug 2022 02:29:51 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-frame-options: DENY, SAMEORIGIN
content-length: 7883
content-type: text/css
date: Mon, 03 Oct 2022 20:53:48 GMT
server: Apache
X-Firefox-Spdy: h2
diklat.lpem.org/wp-content/plugins/goodlayers-core/plugins/style.css?ver=1662511682
182.23.64.24200 OK 7.9 kB URL HTTP/2 diklat.lpem.org/wp-content/plugins/goodlayers-core/plugins/style.css?ver=1662511682
IP 182.23.64.24:0
ASN #38513 PT Aplikanusa Lintasarta
File type ASCII text, with very long lines (39108)
Hash e013b59c2d82ed1c81fd0296b3ce91df
a86ebcc9dde303f3dd5e46db48e742373b419b29
097df06c4ba0def384090bcf4bbbd3fccd7186f4ed27d7ae97e847e3c972fbea
GET /wp-content/plugins/goodlayers-core/plugins/style.css?ver=1662511682 HTTP/1.1
Host: diklat.lpem.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diklat.lpem.org/graph/opt-net.onlinesvc/login.php?sslchannel=true&sessionid=b6mvxzso1rcydbkblnq6qsyfb1bkgwexeiog1pktzbnfrdtej10bpzw61bon55gmrqisqwethxb5famf6ejq1fvchcswug2mnipofox18agatuuqjxw7srqi9anureqsm1
Cookie: _learn_press_session_45fb306c9145076fa6144b47d42e7e57=882e68b0027eee9dd67a7b074275df54%7C%7C1665003227%7C%7C5804fb1c5b4170f02bfa6514f55f39bc; qtrans_front_language=en; _wordpress_lp_guest=b0e109ed6ad22aada551d92e31edeb53
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Wed, 07 Sep 2022 00:48:02 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-frame-options: DENY, SAMEORIGIN
content-length: 7918
content-type: text/css
date: Mon, 03 Oct 2022 20:53:48 GMT
server: Apache
X-Firefox-Spdy: h2
diklat.lpem.org/wp-content/plugins/goodlayers-core/plugins/elegant/elegant-font.css?ver=6.0.2
182.23.64.24200 OK 4.7 kB URL HTTP/2 diklat.lpem.org/wp-content/plugins/goodlayers-core/plugins/elegant/elegant-font.css?ver=6.0.2
IP 182.23.64.24:0
ASN #38513 PT Aplikanusa Lintasarta
File type ASCII text, with very long lines (21733), with no line terminators
Hash cb3a8def299fd2d81a34faadb8e17f8c
18d9383da51dae257cc8e5d00e4eb2afdade192e
f1c8c03e0e409a8f28b989eb558f2b80bdee7ce40d5cf4ac8758046b8e25640c
GET /wp-content/plugins/goodlayers-core/plugins/elegant/elegant-font.css?ver=6.0.2 HTTP/1.1
Host: diklat.lpem.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diklat.lpem.org/graph/opt-net.onlinesvc/login.php?sslchannel=true&sessionid=b6mvxzso1rcydbkblnq6qsyfb1bkgwexeiog1pktzbnfrdtej10bpzw61bon55gmrqisqwethxb5famf6ejq1fvchcswug2mnipofox18agatuuqjxw7srqi9anureqsm1
Cookie: _learn_press_session_45fb306c9145076fa6144b47d42e7e57=882e68b0027eee9dd67a7b074275df54%7C%7C1665003227%7C%7C5804fb1c5b4170f02bfa6514f55f39bc; qtrans_front_language=en; _wordpress_lp_guest=b0e109ed6ad22aada551d92e31edeb53
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Mon, 15 Aug 2022 02:29:51 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-frame-options: DENY, SAMEORIGIN
content-length: 4699
content-type: text/css
date: Mon, 03 Oct 2022 20:53:48 GMT
server: Apache
X-Firefox-Spdy: h2
diklat.lpem.org/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2
182.23.64.24200 OK 15 kB URL HTTP/2 diklat.lpem.org/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2
IP 182.23.64.24:0
ASN #38513 PT Aplikanusa Lintasarta
File type ASCII text, with very long lines (43771)
Hash bf35c103a20814c77700ce356e3bbd34
dfc3389b9ea5a5b250a8d3c78fc7b4ab778fe85f
7c203dc4d91160389a46a2d319d3a356ce816f97aa0ebe43d0a3a5eeb39c9ecc
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.0.2 HTTP/1.1
Host: diklat.lpem.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diklat.lpem.org/graph/opt-net.onlinesvc/login.php?sslchannel=true&sessionid=b6mvxzso1rcydbkblnq6qsyfb1bkgwexeiog1pktzbnfrdtej10bpzw61bon55gmrqisqwethxb5famf6ejq1fvchcswug2mnipofox18agatuuqjxw7srqi9anureqsm1
Cookie: _learn_press_session_45fb306c9145076fa6144b47d42e7e57=882e68b0027eee9dd67a7b074275df54%7C%7C1665003227%7C%7C5804fb1c5b4170f02bfa6514f55f39bc; qtrans_front_language=en; _wordpress_lp_guest=b0e109ed6ad22aada551d92e31edeb53
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sat, 13 Aug 2022 08:52:44 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-frame-options: DENY, SAMEORIGIN
content-length: 15141
content-type: text/css
date: Mon, 03 Oct 2022 20:53:48 GMT
server: Apache
X-Firefox-Spdy: h2
diklat.lpem.org/wp-content/plugins/photo-gallery/css/bwg-fonts/fonts.css?ver=0.0.1
182.23.64.24200 OK 926 B URL HTTP/2 diklat.lpem.org/wp-content/plugins/photo-gallery/css/bwg-fonts/fonts.css?ver=0.0.1
IP 182.23.64.24:0
ASN #38513 PT Aplikanusa Lintasarta
Hash ce9a1d702b6ca01b7f503201b26e5d1e
af4cc748d5231aeeb94265cd5e9c585e393747e1
d10ee89b63134293ffa41bec5dab346ebc32a75860b0ecc3ad54e6edbf6df5e0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/photo-gallery/css/bwg-fonts/fonts.css?ver=0.0.1 HTTP/1.1
Host: diklat.lpem.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diklat.lpem.org/graph/opt-net.onlinesvc/login.php?sslchannel=true&sessionid=b6mvxzso1rcydbkblnq6qsyfb1bkgwexeiog1pktzbnfrdtej10bpzw61bon55gmrqisqwethxb5famf6ejq1fvchcswug2mnipofox18agatuuqjxw7srqi9anureqsm1
Cookie: _learn_press_session_45fb306c9145076fa6144b47d42e7e57=882e68b0027eee9dd67a7b074275df54%7C%7C1665003227%7C%7C5804fb1c5b4170f02bfa6514f55f39bc; qtrans_front_language=en; _wordpress_lp_guest=b0e109ed6ad22aada551d92e31edeb53
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Tue, 13 Sep 2022 00:59:19 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-frame-options: DENY, SAMEORIGIN
content-length: 926
content-type: text/css
date: Mon, 03 Oct 2022 20:53:48 GMT
server: Apache
X-Firefox-Spdy: h2
diklat.lpem.org/wp-content/plugins/goodlayers-core/include/css/page-builder.css?ver=6.0.2
182.23.64.24200 OK 49 kB URL HTTP/2 diklat.lpem.org/wp-content/plugins/goodlayers-core/include/css/page-builder.css?ver=6.0.2
IP 182.23.64.24:0
ASN #38513 PT Aplikanusa Lintasarta
Hash 0893afef3af29d31f7a71f3dd02d1bd9
2e7480713dcee21b463522ae9442a0061edc9bc7
321ffa8bb777a9582613bc8f97e0b1dbc21d11de1cfe0cec009315a7fdfa7f8b
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/goodlayers-core/include/css/page-builder.css?ver=6.0.2 HTTP/1.1
Host: diklat.lpem.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diklat.lpem.org/graph/opt-net.onlinesvc/login.php?sslchannel=true&sessionid=b6mvxzso1rcydbkblnq6qsyfb1bkgwexeiog1pktzbnfrdtej10bpzw61bon55gmrqisqwethxb5famf6ejq1fvchcswug2mnipofox18agatuuqjxw7srqi9anureqsm1
Cookie: _learn_press_session_45fb306c9145076fa6144b47d42e7e57=882e68b0027eee9dd67a7b074275df54%7C%7C1665003227%7C%7C5804fb1c5b4170f02bfa6514f55f39bc; qtrans_front_language=en; _wordpress_lp_guest=b0e109ed6ad22aada551d92e31edeb53
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Mon, 15 Aug 2022 02:29:51 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-frame-options: DENY, SAMEORIGIN
content-length: 48893
content-type: text/css
date: Mon, 03 Oct 2022 20:53:48 GMT
server: Apache
X-Firefox-Spdy: h2
diklat.lpem.org/wp-content/plugins/photo-gallery/css/sumoselect.min.css?ver=3.4.6
182.23.64.24200 OK 2.3 kB URL HTTP/2 diklat.lpem.org/wp-content/plugins/photo-gallery/css/sumoselect.min.css?ver=3.4.6
IP 182.23.64.24:0
ASN #38513 PT Aplikanusa Lintasarta
File type ASCII text, with very long lines (7609)
Hash c0f89388cdbbc6aaacfb811ef56744a5
a16ab4e7e24b2aed3375add29c994ea5515b339a
6931f709aba218d53630f73b5635910751fb92cf0aa3e1cac3e1f75b63bd78bc
GET /wp-content/plugins/photo-gallery/css/sumoselect.min.css?ver=3.4.6 HTTP/1.1
Host: diklat.lpem.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diklat.lpem.org/graph/opt-net.onlinesvc/login.php?sslchannel=true&sessionid=b6mvxzso1rcydbkblnq6qsyfb1bkgwexeiog1pktzbnfrdtej10bpzw61bon55gmrqisqwethxb5famf6ejq1fvchcswug2mnipofox18agatuuqjxw7srqi9anureqsm1
Cookie: _learn_press_session_45fb306c9145076fa6144b47d42e7e57=882e68b0027eee9dd67a7b074275df54%7C%7C1665003227%7C%7C5804fb1c5b4170f02bfa6514f55f39bc; qtrans_front_language=en; _wordpress_lp_guest=b0e109ed6ad22aada551d92e31edeb53
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Tue, 13 Sep 2022 00:59:19 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-frame-options: DENY, SAMEORIGIN
content-length: 2347
content-type: text/css
date: Mon, 03 Oct 2022 20:53:48 GMT
server: Apache
X-Firefox-Spdy: h2
diklat.lpem.org/wp-content/plugins/wonderplugin-carousel/engine/wonderplugincarouselengine.css?ver=6.0.2
182.23.64.24200 OK 1.3 kB URL HTTP/2 diklat.lpem.org/wp-content/plugins/wonderplugin-carousel/engine/wonderplugincarouselengine.css?ver=6.0.2
IP 182.23.64.24:0
ASN #38513 PT Aplikanusa Lintasarta
File type ASCII text, with very long lines (18544)
Hash 87ff265ada378267a79b61b8258415d7
b46a92d6a5d5e5a553ad2f7b19e84781da65e3d1
40ef1471b717f860af333c57dd96b0cac2b8bf0f80e1805d9aa236f2eb3d76da
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wonderplugin-carousel/engine/wonderplugincarouselengine.css?ver=6.0.2 HTTP/1.1
Host: diklat.lpem.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diklat.lpem.org/graph/opt-net.onlinesvc/login.php?sslchannel=true&sessionid=b6mvxzso1rcydbkblnq6qsyfb1bkgwexeiog1pktzbnfrdtej10bpzw61bon55gmrqisqwethxb5famf6ejq1fvchcswug2mnipofox18agatuuqjxw7srqi9anureqsm1
Cookie: _learn_press_session_45fb306c9145076fa6144b47d42e7e57=882e68b0027eee9dd67a7b074275df54%7C%7C1665003227%7C%7C5804fb1c5b4170f02bfa6514f55f39bc; qtrans_front_language=en; _wordpress_lp_guest=b0e109ed6ad22aada551d92e31edeb53
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Fri, 28 Sep 2018 11:50:09 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-frame-options: DENY, SAMEORIGIN
content-length: 1313
content-type: text/css
date: Mon, 03 Oct 2022 20:53:48 GMT
server: Apache
X-Firefox-Spdy: h2
diklat.lpem.org/wp-content/plugins/photo-gallery/css/jquery.mCustomScrollbar.min.css?ver=3.1.5
182.23.64.24200 OK 5.5 kB URL HTTP/2 diklat.lpem.org/wp-content/plugins/photo-gallery/css/jquery.mCustomScrollbar.min.css?ver=3.1.5
IP 182.23.64.24:0
ASN #38513 PT Aplikanusa Lintasarta
File type ASCII text, with very long lines (42839), with no line terminators
Hash d6dd83fd224e7f2ae4ceda27833822e1
ac4c32e72ed6211288fb72c0859676f6f5718fc5
45be5b82e891a6e32fd2e1b041b9692d0b63805be162528f400586244b7f4cb1
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/photo-gallery/css/jquery.mCustomScrollbar.min.css?ver=3.1.5 HTTP/1.1
Host: diklat.lpem.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diklat.lpem.org/graph/opt-net.onlinesvc/login.php?sslchannel=true&sessionid=b6mvxzso1rcydbkblnq6qsyfb1bkgwexeiog1pktzbnfrdtej10bpzw61bon55gmrqisqwethxb5famf6ejq1fvchcswug2mnipofox18agatuuqjxw7srqi9anureqsm1
Cookie: _learn_press_session_45fb306c9145076fa6144b47d42e7e57=882e68b0027eee9dd67a7b074275df54%7C%7C1665003227%7C%7C5804fb1c5b4170f02bfa6514f55f39bc; qtrans_front_language=en; _wordpress_lp_guest=b0e109ed6ad22aada551d92e31edeb53
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Tue, 13 Sep 2022 00:59:19 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-frame-options: DENY, SAMEORIGIN
content-length: 5522
content-type: text/css
date: Mon, 03 Oct 2022 20:53:48 GMT
server: Apache
X-Firefox-Spdy: h2
diklat.lpem.org/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.2.22
182.23.64.24200 OK 15 kB URL HTTP/2 diklat.lpem.org/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.2.22
IP 182.23.64.24:0
ASN #38513 PT Aplikanusa Lintasarta
File type Unicode text, UTF-8 text, with very long lines (12602), with CRLF line terminators
Hash 670062e22c0ca02c6a7f1680e14ddf92
824c8fc017241bbdc521452162fe4dbd5c482679
fd63addbf02a46a44b11bd3371f403aa39a1c4043e36023bf8e02f62e80079eb
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.2.22 HTTP/1.1
Host: diklat.lpem.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diklat.lpem.org/graph/opt-net.onlinesvc/login.php?sslchannel=true&sessionid=b6mvxzso1rcydbkblnq6qsyfb1bkgwexeiog1pktzbnfrdtej10bpzw61bon55gmrqisqwethxb5famf6ejq1fvchcswug2mnipofox18agatuuqjxw7srqi9anureqsm1
Cookie: _learn_press_session_45fb306c9145076fa6144b47d42e7e57=882e68b0027eee9dd67a7b074275df54%7C%7C1665003227%7C%7C5804fb1c5b4170f02bfa6514f55f39bc; qtrans_front_language=en; _wordpress_lp_guest=b0e109ed6ad22aada551d92e31edeb53
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Tue, 06 Sep 2022 09:56:24 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-frame-options: DENY, SAMEORIGIN
content-length: 15392
content-type: text/css
date: Mon, 03 Oct 2022 20:53:48 GMT
server: Apache
X-Firefox-Spdy: h2
diklat.lpem.org/wp-content/plugins/wp-google-map-plugin/assets/css/frontend.css?ver=6.0.2
182.23.64.24200 OK 1.1 kB URL HTTP/2 diklat.lpem.org/wp-content/plugins/wp-google-map-plugin/assets/css/frontend.css?ver=6.0.2
IP 182.23.64.24:0
ASN #38513 PT Aplikanusa Lintasarta
File type ASCII text, with CRLF line terminators
Hash 4e557ff78252905da017c169b09b5a4c
f0879206f868a19b411ea3fc20363b82ea807fbe
0d7adc81fd86534acede107cb0d9180762b02a2261a6ccfda81d6df4558cfc25
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wp-google-map-plugin/assets/css/frontend.css?ver=6.0.2 HTTP/1.1
Host: diklat.lpem.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diklat.lpem.org/graph/opt-net.onlinesvc/login.php?sslchannel=true&sessionid=b6mvxzso1rcydbkblnq6qsyfb1bkgwexeiog1pktzbnfrdtej10bpzw61bon55gmrqisqwethxb5famf6ejq1fvchcswug2mnipofox18agatuuqjxw7srqi9anureqsm1
Cookie: _learn_press_session_45fb306c9145076fa6144b47d42e7e57=882e68b0027eee9dd67a7b074275df54%7C%7C1665003227%7C%7C5804fb1c5b4170f02bfa6514f55f39bc; qtrans_front_language=en; _wordpress_lp_guest=b0e109ed6ad22aada551d92e31edeb53
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Tue, 06 Sep 2022 09:56:28 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-frame-options: DENY, SAMEORIGIN
content-length: 1122
content-type: text/css
date: Mon, 03 Oct 2022 20:53:48 GMT
server: Apache
X-Firefox-Spdy: h2
diklat.lpem.org/wp-content/plugins/learnpress/assets/css/widgets.min.css?ver=4.1.7
182.23.64.24200 OK 1.9 kB URL HTTP/2 diklat.lpem.org/wp-content/plugins/learnpress/assets/css/widgets.min.css?ver=4.1.7
IP 182.23.64.24:0
ASN #38513 PT Aplikanusa Lintasarta
File type Unicode text, UTF-8 text, with very long lines (12693), with no line terminators
Hash d88428c2168c88df7a8ce0957b459e19
5c24774053a63534ea4fa885b1b36eb9dae8f508
297885f71de2be605174f6a8ce235ce0cc5919f1673ed49c09a233d85ae7a178
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/learnpress/assets/css/widgets.min.css?ver=4.1.7 HTTP/1.1
Host: diklat.lpem.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diklat.lpem.org/graph/opt-net.onlinesvc/login.php?sslchannel=true&sessionid=b6mvxzso1rcydbkblnq6qsyfb1bkgwexeiog1pktzbnfrdtej10bpzw61bon55gmrqisqwethxb5famf6ejq1fvchcswug2mnipofox18agatuuqjxw7srqi9anureqsm1
Cookie: _learn_press_session_45fb306c9145076fa6144b47d42e7e57=882e68b0027eee9dd67a7b074275df54%7C%7C1665003227%7C%7C5804fb1c5b4170f02bfa6514f55f39bc; qtrans_front_language=en; _wordpress_lp_guest=b0e109ed6ad22aada551d92e31edeb53
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Wed, 14 Sep 2022 09:55:11 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-frame-options: DENY, SAMEORIGIN
content-length: 1896
content-type: text/css
date: Mon, 03 Oct 2022 20:53:48 GMT
server: Apache
X-Firefox-Spdy: h2
diklat.lpem.org/wp-content/plugins/photo-gallery/js/jquery.mCustomScrollbar.concat.min.js?ver=3.1.5
182.23.64.24200 OK 15 kB URL HTTP/2 diklat.lpem.org/wp-content/plugins/photo-gallery/js/jquery.mCustomScrollbar.concat.min.js?ver=3.1.5
IP 182.23.64.24:0
ASN #38513 PT Aplikanusa Lintasarta
File type ASCII text, with very long lines (32001)
Hash 91284abd43d6a9f9d91b60516c6bb73f
0acdb590f8473f125967f3f8a870aed43dcdcc4d
7566e1d6ad3a9bcec6f4f0fbd8410125c3489d2b7526e9cb82a80e7b909796d3
GET /wp-content/plugins/photo-gallery/js/jquery.mCustomScrollbar.concat.min.js?ver=3.1.5 HTTP/1.1
Host: diklat.lpem.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diklat.lpem.org/graph/opt-net.onlinesvc/login.php?sslchannel=true&sessionid=b6mvxzso1rcydbkblnq6qsyfb1bkgwexeiog1pktzbnfrdtej10bpzw61bon55gmrqisqwethxb5famf6ejq1fvchcswug2mnipofox18agatuuqjxw7srqi9anureqsm1
Cookie: _learn_press_session_45fb306c9145076fa6144b47d42e7e57=882e68b0027eee9dd67a7b074275df54%7C%7C1665003227%7C%7C5804fb1c5b4170f02bfa6514f55f39bc; qtrans_front_language=en; _wordpress_lp_guest=b0e109ed6ad22aada551d92e31edeb53
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Tue, 13 Sep 2022 00:59:19 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-frame-options: DENY, SAMEORIGIN
content-length: 15180
content-type: application/javascript
date: Mon, 03 Oct 2022 20:53:48 GMT
server: Apache
X-Firefox-Spdy: h2
diklat.lpem.org/wp-content/plugins/photo-gallery/js/jquery.sumoselect.min.js?ver=3.4.6
182.23.64.24200 OK 8.9 kB URL HTTP/2 diklat.lpem.org/wp-content/plugins/photo-gallery/js/jquery.sumoselect.min.js?ver=3.4.6
IP 182.23.64.24:0
ASN #38513 PT Aplikanusa Lintasarta
File type ASCII text, with very long lines (1518)
Hash 69be0492110454eb6a00388b22e79cf9
de7e0552c167a8d0251400b75554e5e72c76053c
02547985fef41ab7da7b14befaf159588e9b7c2e8c85bc2e7dfd6db2be5b5335
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/photo-gallery/js/jquery.sumoselect.min.js?ver=3.4.6 HTTP/1.1
Host: diklat.lpem.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diklat.lpem.org/graph/opt-net.onlinesvc/login.php?sslchannel=true&sessionid=b6mvxzso1rcydbkblnq6qsyfb1bkgwexeiog1pktzbnfrdtej10bpzw61bon55gmrqisqwethxb5famf6ejq1fvchcswug2mnipofox18agatuuqjxw7srqi9anureqsm1
Cookie: _learn_press_session_45fb306c9145076fa6144b47d42e7e57=882e68b0027eee9dd67a7b074275df54%7C%7C1665003227%7C%7C5804fb1c5b4170f02bfa6514f55f39bc; qtrans_front_language=en; _wordpress_lp_guest=b0e109ed6ad22aada551d92e31edeb53
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Tue, 13 Sep 2022 00:59:19 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-frame-options: DENY, SAMEORIGIN
content-length: 8852
content-type: application/javascript
date: Mon, 03 Oct 2022 20:53:48 GMT
server: Apache
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.249200 OK 503 B IP 23.36.76.249:0
ASN #20940 Akamai International B.V.
Hash ff433c9569a3557d806b1480aeafece9
20bbd46383b85326837f45290ff87df708b3b310
e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10721
Expires: Mon, 03 Oct 2022 23:52:29 GMT
Date: Mon, 03 Oct 2022 20:53:48 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.249200 OK 503 B IP 23.36.76.249:0
ASN #20940 Akamai International B.V.
Hash ff433c9569a3557d806b1480aeafece9
20bbd46383b85326837f45290ff87df708b3b310
e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10721
Expires: Mon, 03 Oct 2022 23:52:29 GMT
Date: Mon, 03 Oct 2022 20:53:48 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.249200 OK 503 B IP 23.36.76.249:0
ASN #20940 Akamai International B.V.
Hash ff433c9569a3557d806b1480aeafece9
20bbd46383b85326837f45290ff87df708b3b310
e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10721
Expires: Mon, 03 Oct 2022 23:52:29 GMT
Date: Mon, 03 Oct 2022 20:53:48 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.249200 OK 503 B IP 23.36.76.249:0
ASN #20940 Akamai International B.V.
Hash ff433c9569a3557d806b1480aeafece9
20bbd46383b85326837f45290ff87df708b3b310
e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10721
Expires: Mon, 03 Oct 2022 23:52:29 GMT
Date: Mon, 03 Oct 2022 20:53:48 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.249200 OK 503 B IP 23.36.76.249:0
ASN #20940 Akamai International B.V.
Hash ff433c9569a3557d806b1480aeafece9
20bbd46383b85326837f45290ff87df708b3b310
e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10721
Expires: Mon, 03 Oct 2022 23:52:29 GMT
Date: Mon, 03 Oct 2022 20:53:48 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb5f7661f-9945-4971-aac6-d15570c4d954.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb5f7661f-9945-4971-aac6-d15570c4d954.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6a90e53b55500427aed06efa3a9baa8c
43a66cd291d1413d7147a29b2a7b27277a443f0b
2cf5790e81140bc56b46163787f84c54a07f58e90001837624f426aafa8031c5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb5f7661f-9945-4971-aac6-d15570c4d954.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8277
x-amzn-requestid: a7d76241-7da1-4c84-9c73-2e3a71b81b52
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZTMfEGHiIAMFpmw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63378df9-3727a65235e4dbc60cc11cf0;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 00:46:49 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 8n1l3bN8ykztmC-wGNH_w7xASHFplZa2LvHs8psQ146XILdvEHLWgw==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 b13f158bdf9805ca47e07c0c35870c12.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 16:41:17 GMT
age: 15151
etag: "43a66cd291d1413d7147a29b2a7b27277a443f0b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcd0be942-f345-4da4-974e-a9fe16b90b3c.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcd0be942-f345-4da4-974e-a9fe16b90b3c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 523edd86af4757d0bc5fa5b3b8a3596a
8118ee462077c291b9d6f1402b85b55a9ceba8c2
c27de9970317636df8c4a517a9ed38e573235b351bf92c9b8bb1f964cd100031
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcd0be942-f345-4da4-974e-a9fe16b90b3c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9083
x-amzn-requestid: fda71fd3-ef25-4a63-94ae-1bfc8aef8d14
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZZXD2H0DIAMFjrg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a054b-198915fc17ce3dab571b7575;Sampled=0
x-amzn-remapped-date: Sun, 02 Oct 2022 21:40:27 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: BobS2JU-TqDuL8q31SVlerM15cRoMhL1oM5MkL7MVhY9RZG_Ukp5yA==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 21:46:36 GMT
age: 83232
etag: "8118ee462077c291b9d6f1402b85b55a9ceba8c2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg
34.120.237.76200 OK 6.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 206fb65e75dbadf119512f71e0b78402
58ff0bf8ce7528b303d28bab01a80ad721705569
56c8d5f3b3060ee54bf81995269b86c070855d8c33bf437161339a45b309703f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6315
x-amzn-requestid: 6aa75b16-32e4-48a7-9fb0-9e3d5528c2d5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWSdsHUnIAMFXtw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338cabd-742d8a436403683e0cd9368f;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 23:18:21 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 5sAzc5Ewv4g6Wqq6JJiLylG3Jyy_nlWrr5Oteeo6ebEgq7Rvss4XaQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 04:42:51 GMT
age: 58257
etag: "58ff0bf8ce7528b303d28bab01a80ad721705569"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F954ddf3b-951c-46b3-a8ce-00e3bd3ef239.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F954ddf3b-951c-46b3-a8ce-00e3bd3ef239.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash bed17699f6b123b33b8df416b23c4cac
36458cca636c4ffc873df8acd254ff726b1a9544
65dac85ddf2d9918696ea270a5a3d034e07e43ca5714f169747feee09fc4b897
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F954ddf3b-951c-46b3-a8ce-00e3bd3ef239.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10490
x-amzn-requestid: a7e4d6b4-be77-41a9-94dd-83167d5b002e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y5tUrE72oAMFZYQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632d5c1d-1ba0805b629e657b60ff1b85;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 07:11:25 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: DZ6ZMlje50ktV6_cABRx3fr4Dke7Z2UhNhBDi1aCK00kRPTlnG691A==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 03:36:14 GMT
age: 62254
etag: "36458cca636c4ffc873df8acd254ff726b1a9544"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F382faf63-655f-460a-9545-c4d888a724c6.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F382faf63-655f-460a-9545-c4d888a724c6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 36debc920b17e124779c01af9101a59e
b105f7bf041365d644c98c7e11ffa75e4656d29d
f518ccd094d0e187b91cfd36dfb282566c0d088ce13501157dc97c702211d938
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F382faf63-655f-460a-9545-c4d888a724c6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10839
x-amzn-requestid: 67718257-ee21-44f0-80bd-f15cea37ac5c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZZWcKFD0IAMFV7Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a044d-09a45a242bf4bdfe0f4608e4;Sampled=0
x-amzn-remapped-date: Sun, 02 Oct 2022 21:36:13 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: pS33yyA441ZNn2dtNy6mVDnm-rmd_Vi_M0q9ZN2AKGMUT7l-nEuEvw==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 5954c6394458ffb44c970b3819d7ff2a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 21:58:18 GMT
age: 82530
etag: "b105f7bf041365d644c98c7e11ffa75e4656d29d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98a090b5-0736-4ddd-b6ca-3c76661e7051.jpeg
34.120.237.76200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98a090b5-0736-4ddd-b6ca-3c76661e7051.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 721a8d8f94c3796abf021978fcdbc831
3fc3aeae907a0ce0db21753c67c1000681e48b8e
cb497b15e7c2e49930b99f8d6659f0394acefb7b11613ca04397ee782dac759d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98a090b5-0736-4ddd-b6ca-3c76661e7051.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8158
x-amzn-requestid: 424c8c6c-7075-4ace-97e6-2b0a609d1b7e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZZXDxGRlIAMFZrA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a054b-046d963a345c15e81dc74e4d;Sampled=0
x-amzn-remapped-date: Sun, 02 Oct 2022 21:40:27 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: aFBTRAsXhi4io7fSc02hftf9hRQ-J5yaBgU4Wgwijyir30xjTjdMLQ==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 b8c4a4ca04bb1976e020396d211bc8dc.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 21:46:36 GMT
age: 83232
etag: "3fc3aeae907a0ce0db21753c67c1000681e48b8e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
diklat.lpem.org/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
182.23.64.24200 OK 36 kB URL HTTP/2 diklat.lpem.org/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP 182.23.64.24:0
ASN #38513 PT Aplikanusa Lintasarta
File type ASCII text, with very long lines (65447)
Hash 19794544ea8a95a7f373243810e83876
ddc367f688e43f1fb864933be9ba4a425d98b146
e02d14430d46b20d28fa1a666b5b31996c2afe85f58e933d8d6acd473cc4957e
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: diklat.lpem.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diklat.lpem.org/graph/opt-net.onlinesvc/login.php?sslchannel=true&sessionid=b6mvxzso1rcydbkblnq6qsyfb1bkgwexeiog1pktzbnfrdtej10bpzw61bon55gmrqisqwethxb5famf6ejq1fvchcswug2mnipofox18agatuuqjxw7srqi9anureqsm1
Cookie: _learn_press_session_45fb306c9145076fa6144b47d42e7e57=882e68b0027eee9dd67a7b074275df54%7C%7C1665003227%7C%7C5804fb1c5b4170f02bfa6514f55f39bc; qtrans_front_language=en; _wordpress_lp_guest=b0e109ed6ad22aada551d92e31edeb53
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sat, 13 Aug 2022 08:52:44 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-frame-options: DENY, SAMEORIGIN
content-length: 36108
content-type: application/javascript
date: Mon, 03 Oct 2022 20:53:48 GMT
server: Apache
X-Firefox-Spdy: h2
diklat.lpem.org/wp-content/plugins/photo-gallery/js/jquery.fullscreen.min.js?ver=0.6.0
182.23.64.24200 OK 2.4 kB URL HTTP/2 diklat.lpem.org/wp-content/plugins/photo-gallery/js/jquery.fullscreen.min.js?ver=0.6.0
IP 182.23.64.24:0
ASN #38513 PT Aplikanusa Lintasarta
File type Unicode text, UTF-8 text, with very long lines (5661)
Hash 47261a811d739c1fba01ff83aeea678f
5b7b57114b6a09da6354be20dfc66e2f3cd89c3b
62421ccdeb51ae3443f3fe17741981fb3bd3988d64959ae3d4b5fa43a1baf686
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/photo-gallery/js/jquery.fullscreen.min.js?ver=0.6.0 HTTP/1.1
Host: diklat.lpem.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diklat.lpem.org/graph/opt-net.onlinesvc/login.php?sslchannel=true&sessionid=b6mvxzso1rcydbkblnq6qsyfb1bkgwexeiog1pktzbnfrdtej10bpzw61bon55gmrqisqwethxb5famf6ejq1fvchcswug2mnipofox18agatuuqjxw7srqi9anureqsm1
Cookie: _learn_press_session_45fb306c9145076fa6144b47d42e7e57=882e68b0027eee9dd67a7b074275df54%7C%7C1665003227%7C%7C5804fb1c5b4170f02bfa6514f55f39bc; qtrans_front_language=en; _wordpress_lp_guest=b0e109ed6ad22aada551d92e31edeb53
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Tue, 13 Sep 2022 00:59:19 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-frame-options: DENY, SAMEORIGIN
content-length: 2365
content-type: application/javascript
date: Mon, 03 Oct 2022 20:53:48 GMT
server: Apache
X-Firefox-Spdy: h2
diklat.lpem.org/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.3
182.23.64.24200 OK 4.4 kB URL HTTP/2 diklat.lpem.org/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.3
IP 182.23.64.24:0
ASN #38513 PT Aplikanusa Lintasarta
File type HTML document, ASCII text, with very long lines (12211), with no line terminators
Hash 0ff03b57ed84ebe34743bff840bb4dc5
f0293c02d948fc18c72d86b988bafafc6625fcc1
bb82f68c94d89b9179229a499a19246b2c027db3ec30226180f9cef211501c5a
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.3 HTTP/1.1
Host: diklat.lpem.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diklat.lpem.org/graph/opt-net.onlinesvc/login.php?sslchannel=true&sessionid=b6mvxzso1rcydbkblnq6qsyfb1bkgwexeiog1pktzbnfrdtej10bpzw61bon55gmrqisqwethxb5famf6ejq1fvchcswug2mnipofox18agatuuqjxw7srqi9anureqsm1
Cookie: _learn_press_session_45fb306c9145076fa6144b47d42e7e57=882e68b0027eee9dd67a7b074275df54%7C%7C1665003227%7C%7C5804fb1c5b4170f02bfa6514f55f39bc; qtrans_front_language=en; _wordpress_lp_guest=b0e109ed6ad22aada551d92e31edeb53
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Tue, 06 Sep 2022 09:56:19 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-frame-options: DENY, SAMEORIGIN
content-length: 4394
content-type: application/javascript
date: Mon, 03 Oct 2022 20:53:48 GMT
server: Apache
X-Firefox-Spdy: h2
diklat.lpem.org/wp-content/plugins/learnpress-wishlist/assets/js/wishlist.js?ver=6.0.2
182.23.64.24200 OK 697 B URL HTTP/2 diklat.lpem.org/wp-content/plugins/learnpress-wishlist/assets/js/wishlist.js?ver=6.0.2
IP 182.23.64.24:0
ASN #38513 PT Aplikanusa Lintasarta
Hash 5a8b64d076749253e1bef30c545a588f
cabda7ff7f17d95aa1291871d412051ac595b8e4
5765c9bb9a36d9518f43ac5ca3b3e959c80ee8302c36b1ee7aa5b55a5fea1ce4
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/learnpress-wishlist/assets/js/wishlist.js?ver=6.0.2 HTTP/1.1
Host: diklat.lpem.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diklat.lpem.org/graph/opt-net.onlinesvc/login.php?sslchannel=true&sessionid=b6mvxzso1rcydbkblnq6qsyfb1bkgwexeiog1pktzbnfrdtej10bpzw61bon55gmrqisqwethxb5famf6ejq1fvchcswug2mnipofox18agatuuqjxw7srqi9anureqsm1
Cookie: _learn_press_session_45fb306c9145076fa6144b47d42e7e57=882e68b0027eee9dd67a7b074275df54%7C%7C1665003227%7C%7C5804fb1c5b4170f02bfa6514f55f39bc; qtrans_front_language=en; _wordpress_lp_guest=b0e109ed6ad22aada551d92e31edeb53
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Mon, 15 Aug 2022 07:17:34 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-frame-options: DENY, SAMEORIGIN
content-length: 697
content-type: application/javascript
date: Mon, 03 Oct 2022 20:53:48 GMT
server: Apache
X-Firefox-Spdy: h2
diklat.lpem.org/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
182.23.64.24200 OK 4.6 kB URL HTTP/2 diklat.lpem.org/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 182.23.64.24:0
ASN #38513 PT Aplikanusa Lintasarta
File type ASCII text, with very long lines (11126)
Hash 7cec71a53f4e94ce6da66a0fd94b9e5c
ac8f00b06df2956b97202b24ce8d818934283b5b
9bdd49aa215000ec53e722aa93cbe0e30f509bd1430ac5b5b509bf9b78a78d31
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: diklat.lpem.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diklat.lpem.org/graph/opt-net.onlinesvc/login.php?sslchannel=true&sessionid=b6mvxzso1rcydbkblnq6qsyfb1bkgwexeiog1pktzbnfrdtej10bpzw61bon55gmrqisqwethxb5famf6ejq1fvchcswug2mnipofox18agatuuqjxw7srqi9anureqsm1
Cookie: _learn_press_session_45fb306c9145076fa6144b47d42e7e57=882e68b0027eee9dd67a7b074275df54%7C%7C1665003227%7C%7C5804fb1c5b4170f02bfa6514f55f39bc; qtrans_front_language=en; _wordpress_lp_guest=b0e109ed6ad22aada551d92e31edeb53
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sat, 13 Aug 2022 08:52:44 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-frame-options: DENY, SAMEORIGIN
content-length: 4563
content-type: application/javascript
date: Mon, 03 Oct 2022 20:53:48 GMT
server: Apache
X-Firefox-Spdy: h2
diklat.lpem.org/wp-content/plugins/photo-gallery/js/jquery.mobile.min.js?ver=1.4.5
182.23.64.24200 OK 10 kB URL HTTP/2 diklat.lpem.org/wp-content/plugins/photo-gallery/js/jquery.mobile.min.js?ver=1.4.5
IP 182.23.64.24:0
ASN #38513 PT Aplikanusa Lintasarta
File type HTML document, ASCII text, with very long lines (25075)
Hash ea8a82b3277446e2f40f27d6fbfdea92
496c31c8f7a6318443a0e8addebaa984c87edef5
b50388241be422a6665bacfe85d47a40d57ac9f117ecf0c2f4aee873d11ef955
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/photo-gallery/js/jquery.mobile.min.js?ver=1.4.5 HTTP/1.1
Host: diklat.lpem.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diklat.lpem.org/graph/opt-net.onlinesvc/login.php?sslchannel=true&sessionid=b6mvxzso1rcydbkblnq6qsyfb1bkgwexeiog1pktzbnfrdtej10bpzw61bon55gmrqisqwethxb5famf6ejq1fvchcswug2mnipofox18agatuuqjxw7srqi9anureqsm1
Cookie: _learn_press_session_45fb306c9145076fa6144b47d42e7e57=882e68b0027eee9dd67a7b074275df54%7C%7C1665003227%7C%7C5804fb1c5b4170f02bfa6514f55f39bc; qtrans_front_language=en; _wordpress_lp_guest=b0e109ed6ad22aada551d92e31edeb53
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Tue, 13 Sep 2022 00:59:19 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-frame-options: DENY, SAMEORIGIN
content-length: 10194
content-type: application/javascript
date: Mon, 03 Oct 2022 20:53:48 GMT
server: Apache
X-Firefox-Spdy: h2
diklat.lpem.org/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.2.22
182.23.64.24200 OK 51 kB URL HTTP/2 diklat.lpem.org/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.2.22
IP 182.23.64.24:0
ASN #38513 PT Aplikanusa Lintasarta
File type ASCII text, with very long lines (41022), with CRLF line terminators
Hash d845764850dabef25ad59fd2da07a52c
b06d9827ee0344fafe42505d8d1c61e501e6b74e
8c11a96c913dc27dd4aa90a56f468cb63bf6441bdb17d4279d353069172b4c28
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.2.22 HTTP/1.1
Host: diklat.lpem.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diklat.lpem.org/graph/opt-net.onlinesvc/login.php?sslchannel=true&sessionid=b6mvxzso1rcydbkblnq6qsyfb1bkgwexeiog1pktzbnfrdtej10bpzw61bon55gmrqisqwethxb5famf6ejq1fvchcswug2mnipofox18agatuuqjxw7srqi9anureqsm1
Cookie: _learn_press_session_45fb306c9145076fa6144b47d42e7e57=882e68b0027eee9dd67a7b074275df54%7C%7C1665003227%7C%7C5804fb1c5b4170f02bfa6514f55f39bc; qtrans_front_language=en; _wordpress_lp_guest=b0e109ed6ad22aada551d92e31edeb53
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Tue, 06 Sep 2022 09:56:24 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-frame-options: DENY, SAMEORIGIN
content-length: 51155
content-type: application/javascript
date: Mon, 03 Oct 2022 20:53:48 GMT
server: Apache
X-Firefox-Spdy: h2
diklat.lpem.org/wp-content/plugins/qtranslate-x/flags/us.png
182.23.64.24200 OK 384 B URL HTTP/2 diklat.lpem.org/wp-content/plugins/qtranslate-x/flags/us.png
IP 182.23.64.24:0
ASN #38513 PT Aplikanusa Lintasarta
File type PNG image data, 18 x 12, 8-bit/color RGB, non-interlaced\012- data
Hash d28dfb273a3ee11542ad34cd3f69cbdd
38d88d536cd40cee09b85ecb7adabc6a50984622
c99dea435c2dd0fd0c02a4d3f16c1255ac3f8c640b099b9d3c902562e697cbb2
GET /wp-content/plugins/qtranslate-x/flags/us.png HTTP/1.1
Host: diklat.lpem.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diklat.lpem.org/graph/opt-net.onlinesvc/login.php?sslchannel=true&sessionid=b6mvxzso1rcydbkblnq6qsyfb1bkgwexeiog1pktzbnfrdtej10bpzw61bon55gmrqisqwethxb5famf6ejq1fvchcswug2mnipofox18agatuuqjxw7srqi9anureqsm1
Cookie: _learn_press_session_45fb306c9145076fa6144b47d42e7e57=882e68b0027eee9dd67a7b074275df54%7C%7C1665003227%7C%7C5804fb1c5b4170f02bfa6514f55f39bc; qtrans_front_language=en; _wordpress_lp_guest=b0e109ed6ad22aada551d92e31edeb53
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Mon, 16 May 2016 06:29:58 GMT
accept-ranges: bytes
content-length: 384
x-frame-options: DENY, SAMEORIGIN
content-type: image/png
date: Mon, 03 Oct 2022 20:53:48 GMT
server: Apache
X-Firefox-Spdy: h2
diklat.lpem.org/wp-content/plugins/qtranslate-x/flags/id.png
182.23.64.24200 OK 123 B URL HTTP/2 diklat.lpem.org/wp-content/plugins/qtranslate-x/flags/id.png
IP 182.23.64.24:0
ASN #38513 PT Aplikanusa Lintasarta
File type PNG image data, 18 x 12, 8-bit/color RGB, non-interlaced\012- data
Hash 0e750ecbc866906e31b38a21d1b2960e
4ab704dd7538d083082b2e97dae4c67fdedcbdcf
36e6707ba1d2a840de4a29c4026acf7493951e1ffd091a4c57c37410dcf5a189
GET /wp-content/plugins/qtranslate-x/flags/id.png HTTP/1.1
Host: diklat.lpem.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diklat.lpem.org/graph/opt-net.onlinesvc/login.php?sslchannel=true&sessionid=b6mvxzso1rcydbkblnq6qsyfb1bkgwexeiog1pktzbnfrdtej10bpzw61bon55gmrqisqwethxb5famf6ejq1fvchcswug2mnipofox18agatuuqjxw7srqi9anureqsm1
Cookie: _learn_press_session_45fb306c9145076fa6144b47d42e7e57=882e68b0027eee9dd67a7b074275df54%7C%7C1665003227%7C%7C5804fb1c5b4170f02bfa6514f55f39bc; qtrans_front_language=en; _wordpress_lp_guest=b0e109ed6ad22aada551d92e31edeb53
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Mon, 16 May 2016 06:29:58 GMT
accept-ranges: bytes
content-length: 123
x-frame-options: DENY, SAMEORIGIN
content-type: image/png
date: Mon, 03 Oct 2022 20:53:48 GMT
server: Apache
X-Firefox-Spdy: h2
diklat.lpem.org/wp-content/plugins/photo-gallery/js/circle-progress.js?ver=1.7.4
182.23.64.24200 OK 5.2 kB URL HTTP/2 diklat.lpem.org/wp-content/plugins/photo-gallery/js/circle-progress.js?ver=1.7.4
IP 182.23.64.24:0
ASN #38513 PT Aplikanusa Lintasarta
Hash f8dea3704c2a202b58a4a7b6d7fd559b
958b45c8f5611a9358327805ec8733ce59e7867e
aa072aa45f2793507a68faab6438b6c49f90c72423ff5cb12faf703de7b6c49b
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/photo-gallery/js/circle-progress.js?ver=1.7.4 HTTP/1.1
Host: diklat.lpem.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diklat.lpem.org/graph/opt-net.onlinesvc/login.php?sslchannel=true&sessionid=b6mvxzso1rcydbkblnq6qsyfb1bkgwexeiog1pktzbnfrdtej10bpzw61bon55gmrqisqwethxb5famf6ejq1fvchcswug2mnipofox18agatuuqjxw7srqi9anureqsm1
Cookie: _learn_press_session_45fb306c9145076fa6144b47d42e7e57=882e68b0027eee9dd67a7b074275df54%7C%7C1665003227%7C%7C5804fb1c5b4170f02bfa6514f55f39bc; qtrans_front_language=en; _wordpress_lp_guest=b0e109ed6ad22aada551d92e31edeb53
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Tue, 13 Sep 2022 00:59:19 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-frame-options: DENY, SAMEORIGIN
content-length: 5179
content-type: application/javascript
date: Mon, 03 Oct 2022 20:53:48 GMT
server: Apache
X-Firefox-Spdy: h2
diklat.lpem.org/wp-content/uploads/2018/07/top-logo-diklat-lpem.png
182.23.64.24200 OK 4.8 kB URL HTTP/2 diklat.lpem.org/wp-content/uploads/2018/07/top-logo-diklat-lpem.png
IP 182.23.64.24:0
ASN #38513 PT Aplikanusa Lintasarta
File type PNG image data, 300 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash d530e24143da52808982fb38df9b8d91
d62a21e14d80b13eef8a81089e1721a791129585
9725b64b275d01ee91595d064d0e20ff1681117a686765a85a8c41b8ad16893b
GET /wp-content/uploads/2018/07/top-logo-diklat-lpem.png HTTP/1.1
Host: diklat.lpem.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diklat.lpem.org/graph/opt-net.onlinesvc/login.php?sslchannel=true&sessionid=b6mvxzso1rcydbkblnq6qsyfb1bkgwexeiog1pktzbnfrdtej10bpzw61bon55gmrqisqwethxb5famf6ejq1fvchcswug2mnipofox18agatuuqjxw7srqi9anureqsm1
Cookie: _learn_press_session_45fb306c9145076fa6144b47d42e7e57=882e68b0027eee9dd67a7b074275df54%7C%7C1665003227%7C%7C5804fb1c5b4170f02bfa6514f55f39bc; qtrans_front_language=en; _wordpress_lp_guest=b0e109ed6ad22aada551d92e31edeb53
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Tue, 31 Jul 2018 00:40:34 GMT
accept-ranges: bytes
content-length: 4770
x-frame-options: DENY, SAMEORIGIN
content-type: image/png
date: Mon, 03 Oct 2022 20:53:48 GMT
server: Apache
X-Firefox-Spdy: h2
diklat.lpem.org/wp-includes/css/dashicons.min.css?ver=6.0.2
182.23.64.24200 OK 37 kB URL HTTP/2 diklat.lpem.org/wp-includes/css/dashicons.min.css?ver=6.0.2
IP 182.23.64.24:0
ASN #38513 PT Aplikanusa Lintasarta
File type ASCII text, with very long lines (58981)
Hash a43f072b1c6cc0bb10ff7aad98758539
659ae328009e78ece12e242b20bb7982411fd287
81d40a5ef2fc0b46563aed4ef564ac69a4ada802e618013eb8a937c04e6b3f66
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/css/dashicons.min.css?ver=6.0.2 HTTP/1.1
Host: diklat.lpem.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diklat.lpem.org/graph/opt-net.onlinesvc/login.php?sslchannel=true&sessionid=b6mvxzso1rcydbkblnq6qsyfb1bkgwexeiog1pktzbnfrdtej10bpzw61bon55gmrqisqwethxb5famf6ejq1fvchcswug2mnipofox18agatuuqjxw7srqi9anureqsm1
Cookie: _learn_press_session_45fb306c9145076fa6144b47d42e7e57=882e68b0027eee9dd67a7b074275df54%7C%7C1665003227%7C%7C5804fb1c5b4170f02bfa6514f55f39bc; qtrans_front_language=en; _wordpress_lp_guest=b0e109ed6ad22aada551d92e31edeb53
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sat, 13 Aug 2022 08:52:44 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-frame-options: DENY, SAMEORIGIN
content-length: 36769
content-type: text/css
date: Mon, 03 Oct 2022 20:53:48 GMT
server: Apache
X-Firefox-Spdy: h2
diklat.lpem.org/wp-content/plugins/photo-gallery/css/styles.min.css?ver=1.7.4
182.23.64.24200 OK 10 kB URL HTTP/2 diklat.lpem.org/wp-content/plugins/photo-gallery/css/styles.min.css?ver=1.7.4
IP 182.23.64.24:0
ASN #38513 PT Aplikanusa Lintasarta
File type ASCII text, with very long lines (48521), with no line terminators
Hash 50e353e154a75495ebc78d6334019aff
ac64e5679d76ece38cb1c3324754fd0209b214eb
5e0a63c3e0575296f8200600b055b15117a4c9289e4dbf696ec25355d3d5178d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/photo-gallery/css/styles.min.css?ver=1.7.4 HTTP/1.1
Host: diklat.lpem.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diklat.lpem.org/graph/opt-net.onlinesvc/login.php?sslchannel=true&sessionid=b6mvxzso1rcydbkblnq6qsyfb1bkgwexeiog1pktzbnfrdtej10bpzw61bon55gmrqisqwethxb5famf6ejq1fvchcswug2mnipofox18agatuuqjxw7srqi9anureqsm1
Cookie: _learn_press_session_45fb306c9145076fa6144b47d42e7e57=882e68b0027eee9dd67a7b074275df54%7C%7C1665003227%7C%7C5804fb1c5b4170f02bfa6514f55f39bc; qtrans_front_language=en; _wordpress_lp_guest=b0e109ed6ad22aada551d92e31edeb53
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Tue, 13 Sep 2022 00:59:19 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-frame-options: DENY, SAMEORIGIN
content-length: 10076
content-type: text/css
date: Mon, 03 Oct 2022 20:53:48 GMT
server: Apache
X-Firefox-Spdy: h2
diklat.lpem.org/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2
182.23.64.24200 OK 5.8 kB URL HTTP/2 diklat.lpem.org/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2
IP 182.23.64.24:0
ASN #38513 PT Aplikanusa Lintasarta
File type ASCII text, with very long lines (15660)
Hash 5dd90c13d1cb6624cba0f3bc7828c4bb
734a400e956fed5389a6e20fabf89327710cf6eb
e573bfe941e733fe9f4580cd6fd65468cf7398b6403488229dbbd7687c42f55c
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.0.2 HTTP/1.1
Host: diklat.lpem.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diklat.lpem.org/graph/opt-net.onlinesvc/login.php?sslchannel=true&sessionid=b6mvxzso1rcydbkblnq6qsyfb1bkgwexeiog1pktzbnfrdtej10bpzw61bon55gmrqisqwethxb5famf6ejq1fvchcswug2mnipofox18agatuuqjxw7srqi9anureqsm1
Cookie: _learn_press_session_45fb306c9145076fa6144b47d42e7e57=882e68b0027eee9dd67a7b074275df54%7C%7C1665003227%7C%7C5804fb1c5b4170f02bfa6514f55f39bc; qtrans_front_language=en; _wordpress_lp_guest=b0e109ed6ad22aada551d92e31edeb53
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sat, 13 Aug 2022 08:52:44 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-frame-options: DENY, SAMEORIGIN
content-length: 5792
content-type: application/javascript
date: Mon, 03 Oct 2022 20:53:48 GMT
server: Apache
X-Firefox-Spdy: h2
diklat.lpem.org/wp-content/themes/kingster/learnpress/kingster-learnpress.js?ver=6.0.2
182.23.64.24200 OK 497 B URL HTTP/2 diklat.lpem.org/wp-content/themes/kingster/learnpress/kingster-learnpress.js?ver=6.0.2
IP 182.23.64.24:0
ASN #38513 PT Aplikanusa Lintasarta
Hash af43e9d16a8b7168121a2f4990b3c1c0
8261ccd7a6ab19f40f481447f7640598e897ac19
5a4a6263a49dad5a0c1aad4fb898f048197fac0866583962cdb80fc33152cd48
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/kingster/learnpress/kingster-learnpress.js?ver=6.0.2 HTTP/1.1
Host: diklat.lpem.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diklat.lpem.org/graph/opt-net.onlinesvc/login.php?sslchannel=true&sessionid=b6mvxzso1rcydbkblnq6qsyfb1bkgwexeiog1pktzbnfrdtej10bpzw61bon55gmrqisqwethxb5famf6ejq1fvchcswug2mnipofox18agatuuqjxw7srqi9anureqsm1
Cookie: _learn_press_session_45fb306c9145076fa6144b47d42e7e57=882e68b0027eee9dd67a7b074275df54%7C%7C1665003227%7C%7C5804fb1c5b4170f02bfa6514f55f39bc; qtrans_front_language=en; _wordpress_lp_guest=b0e109ed6ad22aada551d92e31edeb53
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Tue, 22 Feb 2022 09:57:58 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-frame-options: DENY, SAMEORIGIN
content-length: 497
content-type: application/javascript
date: Mon, 03 Oct 2022 20:53:48 GMT
server: Apache
X-Firefox-Spdy: h2
diklat.lpem.org/wp-content/uploads/kingster-style-custom.css?1662511682&ver=6.0.2
182.23.64.24200 OK 15 kB URL HTTP/2 diklat.lpem.org/wp-content/uploads/kingster-style-custom.css?1662511682&ver=6.0.2
IP 182.23.64.24:0
ASN #38513 PT Aplikanusa Lintasarta
File type ASCII text, with very long lines (1069)
Hash 495a838a7bada7ed7b62a3a4db12ac64
18e3c68098b42fed219440aac72e629e6aee32cd
4d16204aa4117a19408beff88baef7945c0d9886a17802a21f625736ec0e3c51
GET /wp-content/uploads/kingster-style-custom.css?1662511682&ver=6.0.2 HTTP/1.1
Host: diklat.lpem.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diklat.lpem.org/graph/opt-net.onlinesvc/login.php?sslchannel=true&sessionid=b6mvxzso1rcydbkblnq6qsyfb1bkgwexeiog1pktzbnfrdtej10bpzw61bon55gmrqisqwethxb5famf6ejq1fvchcswug2mnipofox18agatuuqjxw7srqi9anureqsm1
Cookie: _learn_press_session_45fb306c9145076fa6144b47d42e7e57=882e68b0027eee9dd67a7b074275df54%7C%7C1665003227%7C%7C5804fb1c5b4170f02bfa6514f55f39bc; qtrans_front_language=en; _wordpress_lp_guest=b0e109ed6ad22aada551d92e31edeb53
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Wed, 07 Sep 2022 00:48:02 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-frame-options: DENY, SAMEORIGIN
content-length: 14911
content-type: text/css
date: Mon, 03 Oct 2022 20:53:48 GMT
server: Apache
X-Firefox-Spdy: h2
diklat.lpem.org/wp-includes/js/jquery/ui/effect.min.js?ver=1.13.1
182.23.64.24200 OK 7.2 kB URL HTTP/2 diklat.lpem.org/wp-includes/js/jquery/ui/effect.min.js?ver=1.13.1
IP 182.23.64.24:0
ASN #38513 PT Aplikanusa Lintasarta
File type ASCII text, with very long lines (15439)
Hash f9db5ac4eef28e71547d0ed1e890f5ae
943aa3e61c8e93d15d40ce18b0d4c300fd04700b
79f9a1b1d6e0a831cee1c8adb696792a90a4e74f0d4e7ac3bf63d42326927e9a
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/ui/effect.min.js?ver=1.13.1 HTTP/1.1
Host: diklat.lpem.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diklat.lpem.org/graph/opt-net.onlinesvc/login.php?sslchannel=true&sessionid=b6mvxzso1rcydbkblnq6qsyfb1bkgwexeiog1pktzbnfrdtej10bpzw61bon55gmrqisqwethxb5famf6ejq1fvchcswug2mnipofox18agatuuqjxw7srqi9anureqsm1
Cookie: _learn_press_session_45fb306c9145076fa6144b47d42e7e57=882e68b0027eee9dd67a7b074275df54%7C%7C1665003227%7C%7C5804fb1c5b4170f02bfa6514f55f39bc; qtrans_front_language=en; _wordpress_lp_guest=b0e109ed6ad22aada551d92e31edeb53
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sat, 13 Aug 2022 08:52:44 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-frame-options: DENY, SAMEORIGIN
content-length: 7163
content-type: application/javascript
date: Mon, 03 Oct 2022 20:53:48 GMT
server: Apache
X-Firefox-Spdy: h2
diklat.lpem.org/wp-content/plugins/photo-gallery/js/scripts.min.js?ver=1.7.4
182.23.64.24200 OK 44 kB URL HTTP/2 diklat.lpem.org/wp-content/plugins/photo-gallery/js/scripts.min.js?ver=1.7.4
IP 182.23.64.24:0
ASN #38513 PT Aplikanusa Lintasarta
File type ASCII text, with very long lines (65536), with no line terminators
Hash dd309786567b34b676cb16cf16ed0c3d
547de8b4bf3fbc6cecc26b83b5dda683cf10b2ed
8385756dfb95fddcea7d582f8be07eb97330bc1ac52f747a7e7f046dcc574eed
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/photo-gallery/js/scripts.min.js?ver=1.7.4 HTTP/1.1
Host: diklat.lpem.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diklat.lpem.org/graph/opt-net.onlinesvc/login.php?sslchannel=true&sessionid=b6mvxzso1rcydbkblnq6qsyfb1bkgwexeiog1pktzbnfrdtej10bpzw61bon55gmrqisqwethxb5famf6ejq1fvchcswug2mnipofox18agatuuqjxw7srqi9anureqsm1
Cookie: _learn_press_session_45fb306c9145076fa6144b47d42e7e57=882e68b0027eee9dd67a7b074275df54%7C%7C1665003227%7C%7C5804fb1c5b4170f02bfa6514f55f39bc; qtrans_front_language=en; _wordpress_lp_guest=b0e109ed6ad22aada551d92e31edeb53
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Tue, 13 Sep 2022 00:59:19 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-frame-options: DENY, SAMEORIGIN
content-length: 44184
content-type: application/javascript
date: Mon, 03 Oct 2022 20:53:48 GMT
server: Apache
X-Firefox-Spdy: h2
diklat.lpem.org/wp-content/plugins/wonderplugin-carousel/engine/wonderplugincarouselskins.js?ver=13.8
182.23.64.24200 OK 4.0 kB URL HTTP/2 diklat.lpem.org/wp-content/plugins/wonderplugin-carousel/engine/wonderplugincarouselskins.js?ver=13.8
IP 182.23.64.24:0
ASN #38513 PT Aplikanusa Lintasarta
File type ASCII text, with very long lines (607)
Hash 7a0e6241ab092e7a6eb36b6c862cb1c1
8adcdf0436f60e7c110cda6e12988136a1f029d7
46c23226a0541c23b4e6976ac60d9b8193cec0c159c4ed4b79723862c5b6eb0b
GET /wp-content/plugins/wonderplugin-carousel/engine/wonderplugincarouselskins.js?ver=13.8 HTTP/1.1
Host: diklat.lpem.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diklat.lpem.org/graph/opt-net.onlinesvc/login.php?sslchannel=true&sessionid=b6mvxzso1rcydbkblnq6qsyfb1bkgwexeiog1pktzbnfrdtej10bpzw61bon55gmrqisqwethxb5famf6ejq1fvchcswug2mnipofox18agatuuqjxw7srqi9anureqsm1
Cookie: _learn_press_session_45fb306c9145076fa6144b47d42e7e57=882e68b0027eee9dd67a7b074275df54%7C%7C1665003227%7C%7C5804fb1c5b4170f02bfa6514f55f39bc; qtrans_front_language=en; _wordpress_lp_guest=b0e109ed6ad22aada551d92e31edeb53
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Fri, 28 Sep 2018 11:50:08 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-frame-options: DENY, SAMEORIGIN
content-length: 4041
content-type: application/javascript
date: Mon, 03 Oct 2022 20:53:48 GMT
server: Apache
X-Firefox-Spdy: h2
diklat.lpem.org/wp-content/themes/kingster/css/style-core.css?ver=6.0.2
182.23.64.24200 OK 24 kB URL HTTP/2 diklat.lpem.org/wp-content/themes/kingster/css/style-core.css?ver=6.0.2
IP 182.23.64.24:0
ASN #38513 PT Aplikanusa Lintasarta
Hash 8ac052aba3b03d4c382a75d9fea03b63
960b85eea620fac7276e69b5e2289395efd731cb
43a55eefcfc55f2f08dee0ce6e34c8df1deacb62032c2db8289f10b2b82a51ea
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/kingster/css/style-core.css?ver=6.0.2 HTTP/1.1
Host: diklat.lpem.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diklat.lpem.org/graph/opt-net.onlinesvc/login.php?sslchannel=true&sessionid=b6mvxzso1rcydbkblnq6qsyfb1bkgwexeiog1pktzbnfrdtej10bpzw61bon55gmrqisqwethxb5famf6ejq1fvchcswug2mnipofox18agatuuqjxw7srqi9anureqsm1
Cookie: _learn_press_session_45fb306c9145076fa6144b47d42e7e57=882e68b0027eee9dd67a7b074275df54%7C%7C1665003227%7C%7C5804fb1c5b4170f02bfa6514f55f39bc; qtrans_front_language=en; _wordpress_lp_guest=b0e109ed6ad22aada551d92e31edeb53
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Tue, 22 Feb 2022 09:57:59 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-frame-options: DENY, SAMEORIGIN
content-length: 24103
content-type: text/css
date: Mon, 03 Oct 2022 20:53:48 GMT
server: Apache
X-Firefox-Spdy: h2
diklat.lpem.org/wp-content/themes/kingster/js/script-core.js?ver=1.0.0
182.23.64.24200 OK 17 kB URL HTTP/2 diklat.lpem.org/wp-content/themes/kingster/js/script-core.js?ver=1.0.0
IP 182.23.64.24:0
ASN #38513 PT Aplikanusa Lintasarta
File type ASCII text, with very long lines (10169), with CRLF line terminators
Hash 76b3610a93265aeceb76962f2439281e
63e76535a173381fdddd3bcff691ece5605833bd
af82eb671ae98641dbea682bf8f3a938c6bf9792070613965f17c1ea3954cdbc
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/kingster/js/script-core.js?ver=1.0.0 HTTP/1.1
Host: diklat.lpem.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diklat.lpem.org/graph/opt-net.onlinesvc/login.php?sslchannel=true&sessionid=b6mvxzso1rcydbkblnq6qsyfb1bkgwexeiog1pktzbnfrdtej10bpzw61bon55gmrqisqwethxb5famf6ejq1fvchcswug2mnipofox18agatuuqjxw7srqi9anureqsm1
Cookie: _learn_press_session_45fb306c9145076fa6144b47d42e7e57=882e68b0027eee9dd67a7b074275df54%7C%7C1665003227%7C%7C5804fb1c5b4170f02bfa6514f55f39bc; qtrans_front_language=en; _wordpress_lp_guest=b0e109ed6ad22aada551d92e31edeb53
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Tue, 22 Feb 2022 09:57:59 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-frame-options: DENY, SAMEORIGIN
content-length: 16724
content-type: application/javascript
date: Mon, 03 Oct 2022 20:53:48 GMT
server: Apache
X-Firefox-Spdy: h2
diklat.lpem.org/wp-content/plugins/goodlayers-core/include/js/page-builder.js?ver=1.3.9
182.23.64.24200 OK 21 kB URL HTTP/2 diklat.lpem.org/wp-content/plugins/goodlayers-core/include/js/page-builder.js?ver=1.3.9
IP 182.23.64.24:0
ASN #38513 PT Aplikanusa Lintasarta
File type ASCII text, with very long lines (317), with CRLF line terminators
Hash a82b8ac1477bde0ac23150cc94ae2e05
70abe6b67cf450b6e174185b794f0ccd56313079
3f360de5c19a9659c3ee04af2d303b6cee956bc96d06d8fbe6552742e85092d9
GET /wp-content/plugins/goodlayers-core/include/js/page-builder.js?ver=1.3.9 HTTP/1.1
Host: diklat.lpem.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diklat.lpem.org/graph/opt-net.onlinesvc/login.php?sslchannel=true&sessionid=b6mvxzso1rcydbkblnq6qsyfb1bkgwexeiog1pktzbnfrdtej10bpzw61bon55gmrqisqwethxb5famf6ejq1fvchcswug2mnipofox18agatuuqjxw7srqi9anureqsm1
Cookie: _learn_press_session_45fb306c9145076fa6144b47d42e7e57=882e68b0027eee9dd67a7b074275df54%7C%7C1665003227%7C%7C5804fb1c5b4170f02bfa6514f55f39bc; qtrans_front_language=en; _wordpress_lp_guest=b0e109ed6ad22aada551d92e31edeb53
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Mon, 15 Aug 2022 02:29:51 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-frame-options: DENY, SAMEORIGIN
content-length: 21224
content-type: application/javascript
date: Mon, 03 Oct 2022 20:53:48 GMT
server: Apache
X-Firefox-Spdy: h2
diklat.lpem.org/wp-content/plugins/wonderplugin-carousel/engine/wonderplugincarousel.js?ver=13.8
182.23.64.24200 OK 44 kB URL HTTP/2 diklat.lpem.org/wp-content/plugins/wonderplugin-carousel/engine/wonderplugincarousel.js?ver=13.8
IP 182.23.64.24:0
ASN #38513 PT Aplikanusa Lintasarta
File type ASCII text, with very long lines (777)
Hash 1b6198ded45dcd090ff997f6d81d4a20
06cd4d84788c95e08f918d7970a897e490adafce
bbc97d19eafb762d7af11c6cd736588837a8edcfba000eae3bb4f54c5ebc302f
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wonderplugin-carousel/engine/wonderplugincarousel.js?ver=13.8 HTTP/1.1
Host: diklat.lpem.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diklat.lpem.org/graph/opt-net.onlinesvc/login.php?sslchannel=true&sessionid=b6mvxzso1rcydbkblnq6qsyfb1bkgwexeiog1pktzbnfrdtej10bpzw61bon55gmrqisqwethxb5famf6ejq1fvchcswug2mnipofox18agatuuqjxw7srqi9anureqsm1
Cookie: _learn_press_session_45fb306c9145076fa6144b47d42e7e57=882e68b0027eee9dd67a7b074275df54%7C%7C1665003227%7C%7C5804fb1c5b4170f02bfa6514f55f39bc; qtrans_front_language=en; _wordpress_lp_guest=b0e109ed6ad22aada551d92e31edeb53
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Fri, 28 Sep 2018 11:50:05 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-frame-options: DENY, SAMEORIGIN
content-length: 44299
content-type: application/javascript
date: Mon, 03 Oct 2022 20:53:48 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 0ac04f7c449093fff4f846a7ae56cd4f
50aeb5664545a0dec4173920a274e906bcbcdf6f
18eff2566317aba7b70ee558e8cba42231eb4eae31e903501dc122c751d6993b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 03 Oct 2022 20:53:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 0ac04f7c449093fff4f846a7ae56cd4f
50aeb5664545a0dec4173920a274e906bcbcdf6f
18eff2566317aba7b70ee558e8cba42231eb4eae31e903501dc122c751d6993b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 03 Oct 2022 20:53:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
216.58.207.195200 OK 7.9 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 7884, version 1.0\012- data
Hash 9212f6f9860f9fc6c69b02fedf6db8c3
ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
GET /s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://diklat.lpem.org
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 01 Oct 2022 04:06:12 GMT
expires: Sun, 01 Oct 2023 04:06:12 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
content-type: font/woff2
age: 233257
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
216.58.207.195200 OK 7.7 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 7748, version 1.0\012- data
Hash a09f2fccfee35b7247b08a1a266f0328
0da2d17e738f46d2a09e6fb7969da451719a9820
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
GET /s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://diklat.lpem.org
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7748
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 28 Sep 2022 19:31:00 GMT
expires: Thu, 28 Sep 2023 19:31:00 GMT
cache-control: public, max-age=31536000
age: 436969
last-modified: Wed, 27 Apr 2022 16:21:30 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLDD4Z1xlFQ.woff2
216.58.207.195200 OK 7.8 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLDD4Z1xlFQ.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 7824, version 1.0\012- data
Hash af4d371a10271dafeb343f1eace762bc
6d11d743bc3cfb169d70bc86450f18351dc1a905
60bf0aba6526436f3930c58c12047687fbb6bff4dd180cce4613458ed3439ea2
GET /s/poppins/v20/pxiByp8kv8JHgFVrLDD4Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://diklat.lpem.org
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7824
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 28 Sep 2022 19:50:33 GMT
expires: Thu, 28 Sep 2023 19:50:33 GMT
cache-control: public, max-age=31536000
age: 435796
last-modified: Wed, 27 Apr 2022 16:52:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
216.58.207.195200 OK 7.8 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 7816, version 1.0\012- data
Hash 25b0e113ca7cce3770d542736db26368
cb726212d5d525021752a1d8470a0fb593e0c49e
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
GET /s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://diklat.lpem.org
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7816
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 28 Sep 2022 19:30:59 GMT
expires: Thu, 28 Sep 2023 19:30:59 GMT
cache-control: public, max-age=31536000
age: 436970
last-modified: Wed, 27 Apr 2022 16:11:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 0ac04f7c449093fff4f846a7ae56cd4f
50aeb5664545a0dec4173920a274e906bcbcdf6f
18eff2566317aba7b70ee558e8cba42231eb4eae31e903501dc122c751d6993b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 03 Oct 2022 20:53:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.195200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 01 Oct 2022 12:31:58 GMT
expires: Sun, 01 Oct 2023 12:31:58 GMT
cache-control: public, max-age=31536000
age: 202911
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 30 Sep 2022 00:48:31 GMT
expires: Sat, 30 Sep 2023 00:48:31 GMT
cache-control: public, max-age=31536000
age: 331518
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
diklat.lpem.org/wp-content/plugins/goodlayers-core/plugins/script.js?ver=1662511682
182.23.64.24200 OK 228 kB URL HTTP/2 diklat.lpem.org/wp-content/plugins/goodlayers-core/plugins/script.js?ver=1662511682
IP 182.23.64.24:0
ASN #38513 PT Aplikanusa Lintasarta
Size 228 kB (227614 bytes)
Hash 6a99fe9a2ef9a91f1a333ac0ebd97053
dcb414e8a8f547eb82b571fbd2da8759c01ea080
63661098d7cf29eb9d6970183ab018482bf3a9ae0d3750d601dfedd2f15c0ed3
GET /wp-content/plugins/goodlayers-core/plugins/script.js?ver=1662511682 HTTP/1.1
Host: diklat.lpem.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diklat.lpem.org/graph/opt-net.onlinesvc/login.php?sslchannel=true&sessionid=b6mvxzso1rcydbkblnq6qsyfb1bkgwexeiog1pktzbnfrdtej10bpzw61bon55gmrqisqwethxb5famf6ejq1fvchcswug2mnipofox18agatuuqjxw7srqi9anureqsm1
Cookie: _learn_press_session_45fb306c9145076fa6144b47d42e7e57=882e68b0027eee9dd67a7b074275df54%7C%7C1665003227%7C%7C5804fb1c5b4170f02bfa6514f55f39bc; qtrans_front_language=en; _wordpress_lp_guest=b0e109ed6ad22aada551d92e31edeb53
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Wed, 07 Sep 2022 00:48:02 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-frame-options: DENY, SAMEORIGIN
content-type: application/javascript
date: Mon, 03 Oct 2022 20:53:48 GMT
server: Apache
X-Firefox-Spdy: h2
diklat.lpem.org/wp-content/themes/kingster/images/404-background.jpg
182.23.64.24200 OK 214 kB URL HTTP/2 diklat.lpem.org/wp-content/themes/kingster/images/404-background.jpg
IP 182.23.64.24:0
ASN #38513 PT Aplikanusa Lintasarta
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x1280, components 3\012- data
Size 214 kB (213688 bytes)
Hash b6dc628339686ae4d063e5e041fc079e
a53c1aca5b8cff9205651f1ac2991c0a75f6682d
056e38d3d2031b3fad84bd9434fc26d669b843887be9ba5a12cbdf80cd80c5e4
GET /wp-content/themes/kingster/images/404-background.jpg HTTP/1.1
Host: diklat.lpem.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diklat.lpem.org/wp-content/themes/kingster/css/style-core.css?ver=6.0.2
Cookie: _learn_press_session_45fb306c9145076fa6144b47d42e7e57=882e68b0027eee9dd67a7b074275df54%7C%7C1665003227%7C%7C5804fb1c5b4170f02bfa6514f55f39bc; qtrans_front_language=en; _wordpress_lp_guest=b0e109ed6ad22aada551d92e31edeb53
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Tue, 22 Feb 2022 09:57:57 GMT
accept-ranges: bytes
content-length: 213688
x-frame-options: DENY, SAMEORIGIN
content-type: image/jpeg
date: Mon, 03 Oct 2022 20:53:49 GMT
server: Apache
X-Firefox-Spdy: h2
diklat.lpem.org/wp-content/plugins/goodlayers-core/plugins/elegant/ElegantIcons.woff
182.23.64.24200 OK 64 kB URL HTTP/2 diklat.lpem.org/wp-content/plugins/goodlayers-core/plugins/elegant/ElegantIcons.woff
IP 182.23.64.24:0
ASN #38513 PT Aplikanusa Lintasarta
File type Web Open Font Format, CFF, length 63664, version 1.0\012- data
Hash fdd9e757bf61675343dcf55100422b84
f9be87fa2d1d4a95e8305afb51778db4bc759fbc
be1825e52a0dc7df04df9322f62abe2a2f2a25d98aac186de0140dfc7f6bdcae
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/goodlayers-core/plugins/elegant/ElegantIcons.woff HTTP/1.1
Host: diklat.lpem.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://diklat.lpem.org/wp-content/plugins/goodlayers-core/plugins/elegant/elegant-font.css?ver=6.0.2
Cookie: _learn_press_session_45fb306c9145076fa6144b47d42e7e57=882e68b0027eee9dd67a7b074275df54%7C%7C1665003227%7C%7C5804fb1c5b4170f02bfa6514f55f39bc; qtrans_front_language=en; _wordpress_lp_guest=b0e109ed6ad22aada551d92e31edeb53
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Mon, 15 Aug 2022 02:29:51 GMT
accept-ranges: bytes
content-length: 63664
x-frame-options: DENY, SAMEORIGIN
content-type: application/font-woff
date: Mon, 03 Oct 2022 20:53:49 GMT
server: Apache
X-Firefox-Spdy: h2
platform.twitter.com/widgets.js
93.184.220.66200 OK 29 kB URL HTTP/1.1 platform.twitter.com/widgets.js
IP 93.184.220.66:0
File type Unicode text, UTF-8 text, with very long lines (33915)
Hash 4022ee7b53654f65608ad9a3ba759687
cc243d089a8a77c0a7123434746ea36b054634dd
7af6243905b2256cb4f8fe0e77386c274592c322fb23b11784ecf86d250c7e09
GET /widgets.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diklat.lpem.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 3000
Age: 226
Cache-Control: public, max-age=1800
Content-Type: application/javascript; charset=utf-8
Date: Mon, 03 Oct 2022 20:53:49 GMT
Etag: "f26384f93da6974ed577808dfa1fede5+gzip"
Last-Modified: Wed, 28 Sep 2022 20:05:37 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F70C)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Vary: Accept-Encoding
x-amzn-internal-status: 304
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 29223
maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
142.250.74.74200 OK 23 B URL HTTP/2 maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
IP 142.250.74.74:0
File type JSON data\012- , ASCII text
Hash e3981ca10169a319d5aa062bf43a5fa1
2c6ed584767b65688ce99b1ebe1a3b7448a67421
8b0b8749aba12de93f3cf5d86f9fac9d6de7cac400a17473718f182a34ebb7e9
GET /maps/api/mapsjs/gen_204?csp_test=true HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://diklat.lpem.org
Connection: keep-alive
Referer: https://diklat.lpem.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Mon, 03 Oct 2022 20:53:49 GMT
server: scaffolding on HTTPServer2
cache-control: private
content-length: 23
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://diklat.lpem.org
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
diklat.lpem.org/wp-content/uploads/2018/08/cropped-Touch-Icon-57x57-1-32x32.png
182.23.64.24200 OK 1.6 kB URL HTTP/2 diklat.lpem.org/wp-content/uploads/2018/08/cropped-Touch-Icon-57x57-1-32x32.png
IP 182.23.64.24:0
ASN #38513 PT Aplikanusa Lintasarta
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 9d215fe687a0569d727cd86ed265bf2f
8cbedec4ec05415ebf00831ab7a82a13713eea2f
4673e33c8b3699169a7157c71337594765789b43472246c52471ad022950170e
GET /wp-content/uploads/2018/08/cropped-Touch-Icon-57x57-1-32x32.png HTTP/1.1
Host: diklat.lpem.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diklat.lpem.org/graph/opt-net.onlinesvc/login.php?sslchannel=true&sessionid=b6mvxzso1rcydbkblnq6qsyfb1bkgwexeiog1pktzbnfrdtej10bpzw61bon55gmrqisqwethxb5famf6ejq1fvchcswug2mnipofox18agatuuqjxw7srqi9anureqsm1
Cookie: _learn_press_session_45fb306c9145076fa6144b47d42e7e57=882e68b0027eee9dd67a7b074275df54%7C%7C1665003227%7C%7C5804fb1c5b4170f02bfa6514f55f39bc; qtrans_front_language=en; _wordpress_lp_guest=b0e109ed6ad22aada551d92e31edeb53
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Wed, 07 Sep 2022 00:47:55 GMT
accept-ranges: bytes
content-length: 1606
x-frame-options: DENY, SAMEORIGIN
content-type: image/png
date: Mon, 03 Oct 2022 20:53:49 GMT
server: Apache
X-Firefox-Spdy: h2
diklat.lpem.org/wp-content/uploads/2018/08/cropped-Touch-Icon-57x57-1-192x192.png
182.23.64.24200 OK 23 kB URL HTTP/2 diklat.lpem.org/wp-content/uploads/2018/08/cropped-Touch-Icon-57x57-1-192x192.png
IP 182.23.64.24:0
ASN #38513 PT Aplikanusa Lintasarta
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash f904d07a131666119e174b4e22eba4a2
05bb254b5a7c579f2f823742da185661ac3c78bf
f85e1de16ee97b99b60024a2fcf9ce31510ff650254d4f62c71078e47380b531
GET /wp-content/uploads/2018/08/cropped-Touch-Icon-57x57-1-192x192.png HTTP/1.1
Host: diklat.lpem.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diklat.lpem.org/graph/opt-net.onlinesvc/login.php?sslchannel=true&sessionid=b6mvxzso1rcydbkblnq6qsyfb1bkgwexeiog1pktzbnfrdtej10bpzw61bon55gmrqisqwethxb5famf6ejq1fvchcswug2mnipofox18agatuuqjxw7srqi9anureqsm1
Cookie: _learn_press_session_45fb306c9145076fa6144b47d42e7e57=882e68b0027eee9dd67a7b074275df54%7C%7C1665003227%7C%7C5804fb1c5b4170f02bfa6514f55f39bc; qtrans_front_language=en; _wordpress_lp_guest=b0e109ed6ad22aada551d92e31edeb53
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Wed, 07 Sep 2022 00:47:55 GMT
accept-ranges: bytes
content-length: 23205
x-frame-options: DENY, SAMEORIGIN
content-type: image/png
date: Mon, 03 Oct 2022 20:53:49 GMT
server: Apache
X-Firefox-Spdy: h2
platform.twitter.com/widgets/widget_iframe.7dae38096d06923d683a2a807172322a.html?origin=https%3A%2F%2Fdiklat.lpem.org
93.184.220.66200 OK 105 kB URL HTTP/1.1 platform.twitter.com/widgets/widget_iframe.7dae38096d06923d683a2a807172322a.html?origin=https%3A%2F%2Fdiklat.lpem.org
IP 93.184.220.66:0
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (56168)
Size 105 kB (105445 bytes)
Hash 800140747b9eaa618eb76779a72b8653
9b01fddea24a63b76d645398229523baae849fae
b4bc244dee0f2df26990afae0ccd9297f203e9757bc0a18445793ef4bb678dd2
GET /widgets/widget_iframe.7dae38096d06923d683a2a807172322a.html?origin=https%3A%2F%2Fdiklat.lpem.org HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diklat.lpem.org/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 341349
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Mon, 03 Oct 2022 20:53:49 GMT
Etag: "50d73c0b4a4c7e4697b9c6ac6f1ecd75+gzip"
Last-Modified: Wed, 28 Sep 2022 20:04:27 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F704)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105445
platform.twitter.com/js/horizon_timeline.a7991bb824d62c8d5038ddd875db8389.js
93.184.220.66200 OK 3.0 kB URL HTTP/1.1 platform.twitter.com/js/horizon_timeline.a7991bb824d62c8d5038ddd875db8389.js
IP 93.184.220.66:0
File type Unicode text, UTF-8 text, with very long lines (8212), with no line terminators
Hash 7bd62a2c188e00b0be13d8eeeaf78888
9a5999f86e0a21d9c35ccb6d053bb51bfe0d05c3
667c3d4ea595de6a3fe2b36baa07543dc53e38749c0bda81af74f76038bd4890
GET /js/horizon_timeline.a7991bb824d62c8d5038ddd875db8389.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diklat.lpem.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 341350
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Mon, 03 Oct 2022 20:53:50 GMT
Etag: "c908b448c0ca2496f191efa1401a04ff+gzip"
Last-Modified: Wed, 28 Sep 2022 20:04:20 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F71C)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 2955
syndication.twitter.com/i/jot/embeds?dnt=1&l=%7B%22experiment_key%22%3A%22tfw_horizon_timeline_12034%22%2C%22bucket%22%3A%22treatment%22%2C%22version%22%3Anull%2C%22data%22%3A%7B%7D%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1664830430013%2C%22dnt%22%3Atrue%2C%22client_version%22%3A%221c23387b1f70c%3A1664388199485%22%2C%22format_version%22%3A1%2C%22widget_origin%22%3A%22%22%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22ddg%22%2C%22section%22%3A%22tfw_horizon_timeline_12034%22%2C%22action%22%3A%22experiment%22%7D%7D&session_id=bbb1fc17bccfca3cde842755ef73d40e9b049505
104.244.42.136200 OK 43 B URL HTTP/2 syndication.twitter.com/i/jot/embeds?dnt=1&l=%7B%22experiment_key%22%3A%22tfw_horizon_timeline_12034%22%2C%22bucket%22%3A%22treatment%22%2C%22version%22%3Anull%2C%22data%22%3A%7B%7D%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1664830430013%2C%22dnt%22%3Atrue%2C%22client_version%22%3A%221c23387b1f70c%3A1664388199485%22%2C%22format_version%22%3A1%2C%22widget_origin%22%3A%22%22%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22ddg%22%2C%22section%22%3A%22tfw_horizon_timeline_12034%22%2C%22action%22%3A%22experiment%22%7D%7D&session_id=bbb1fc17bccfca3cde842755ef73d40e9b049505
IP 104.244.42.136:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
GET /i/jot/embeds?dnt=1&l=%7B%22experiment_key%22%3A%22tfw_horizon_timeline_12034%22%2C%22bucket%22%3A%22treatment%22%2C%22version%22%3Anull%2C%22data%22%3A%7B%7D%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1664830430013%2C%22dnt%22%3Atrue%2C%22client_version%22%3A%221c23387b1f70c%3A1664388199485%22%2C%22format_version%22%3A1%2C%22widget_origin%22%3A%22%22%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22ddg%22%2C%22section%22%3A%22tfw_horizon_timeline_12034%22%2C%22action%22%3A%22experiment%22%7D%7D&session_id=bbb1fc17bccfca3cde842755ef73d40e9b049505 HTTP/1.1
Host: syndication.twitter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diklat.lpem.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 03 Oct 2022 20:53:49 GMT
perf: 7626143928
vary: Origin
server: tsa_o
content-type: image/gif
cache-control: must-revalidate, max-age=600
last-modified: Mon, 03 Oct 2022 20:53:50 GMT
content-length: 43
x-transaction-id: a0c418168b9c55c7
strict-transport-security: max-age=631138519
x-response-time: 120
x-connection-hash: 644aeaa6b080505b3c039d0d37bcf8f4eaccc27858575af279b13161eb1f19db
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 7fcf68ce4ab8a8c46d949f42f2961759
83dcd143e8516eabdd91670eeb6c2a824d1fcf18
ee14566fcde4411a8290f07bc61c28b02e953fc766c8b450f2419479f49b47f7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 03 Oct 2022 20:53:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.doubleclick.net/instream/ad_status.js
142.250.74.166200 OK 29 B URL HTTP/2 static.doubleclick.net/instream/ad_status.js
IP 142.250.74.166:0
Hash 1fa71744db23d0f8df9cce6719defcb7
e4be9b7136697942a036f97cf26ebaf703ad2067
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
GET /instream/ad_status.js HTTP/1.1
Host: static.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 29
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 03 Oct 2022 20:52:31 GMT
expires: Mon, 03 Oct 2022 21:07:31 GMT
cache-control: public, max-age=900
age: 79
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 7fcf68ce4ab8a8c46d949f42f2961759
83dcd143e8516eabdd91670eeb6c2a824d1fcf18
ee14566fcde4411a8290f07bc61c28b02e953fc766c8b450f2419479f49b47f7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 03 Oct 2022 20:53:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 53e0e5a2455fedae0d6308f91d41e445
237c2856f8a89ae3673ea909164557d65268c463
ddba9b3842f879168185b6607551069b312c44de4ec015ca4b43ad154d190bc8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 03 Oct 2022 20:53:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 53e0e5a2455fedae0d6308f91d41e445
237c2856f8a89ae3673ea909164557d65268c463
ddba9b3842f879168185b6607551069b312c44de4ec015ca4b43ad154d190bc8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 03 Oct 2022 20:53:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.74200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.74:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Mon, 03 Oct 2022 20:53:50 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/id
142.250.74.162302 Found 0 B URL HTTP/2 googleads.g.doubleclick.net/pagead/id
IP 142.250.74.162:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/id HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-credentials: true
access-control-allow-origin: https://www.youtube.com
date: Mon, 03 Oct 2022 20:53:50 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 7fcf68ce4ab8a8c46d949f42f2961759
83dcd143e8516eabdd91670eeb6c2a824d1fcf18
ee14566fcde4411a8290f07bc61c28b02e953fc766c8b450f2419479f49b47f7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 03 Oct 2022 20:53:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/id
142.250.74.162302 Found 0 B URL HTTP/2 googleads.g.doubleclick.net/pagead/id
IP 142.250.74.162:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/id HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-credentials: true
access-control-allow-origin: https://www.youtube.com
date: Mon, 03 Oct 2022 20:53:50 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.74200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.74:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash d1e88cd33595f1f0fc5423037dbcfdea
cfd934d443e67cd86d14a42c4c5884f756b6cd1e
f906f043bd80441a3633b3fdbaeead5c9e1647bdd090e8fbb6090fd965c6d159
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Mon, 03 Oct 2022 20:53:50 GMT
server: ESF
cache-control: private
content-length: 30896
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
syndication.twitter.com/srv/timeline-profile/screen-name/LPEMFEBUI?dnt=true&embedId=twitter-widget-0&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=en&maxHeight=1000px&origin=https%3A%2F%2Fdiklat.lpem.org%2Fgraph%2Fopt-net.onlinesvc%2Flogin.php%3Fsslchannel%3Dtrue%26sessionid%3Db6mvxzso1rcydbkblnq6qsyfb1bkgwexeiog1pktzbnfrdtej10bpzw61bon55gmrqisqwethxb5famf6ejq1fvchcswug2mnipofox18agatuuqjxw7srqi9anureqsm1&sessionId=bbb1fc17bccfca3cde842755ef73d40e9b049505&showHeader=true&showReplies=false&transparent=false&widgetsVersion=1c23387b1f70c%3A1664388199485
104.244.42.136200 OK 11 kB URL HTTP/2 syndication.twitter.com/srv/timeline-profile/screen-name/LPEMFEBUI?dnt=true&embedId=twitter-widget-0&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=en&maxHeight=1000px&origin=https%3A%2F%2Fdiklat.lpem.org%2Fgraph%2Fopt-net.onlinesvc%2Flogin.php%3Fsslchannel%3Dtrue%26sessionid%3Db6mvxzso1rcydbkblnq6qsyfb1bkgwexeiog1pktzbnfrdtej10bpzw61bon55gmrqisqwethxb5famf6ejq1fvchcswug2mnipofox18agatuuqjxw7srqi9anureqsm1&sessionId=bbb1fc17bccfca3cde842755ef73d40e9b049505&showHeader=true&showReplies=false&transparent=false&widgetsVersion=1c23387b1f70c%3A1664388199485
IP 104.244.42.136:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (65466), with no line terminators
Hash c02ba904b1b3ae80f83098076e1185eb
05a0d929bbaeda5515f5b522f53c7cb18967c5b1
8873dd82fc1df1b117bf932c0c4dfb30f113b1110c0539689126ce83d8130440
GET /srv/timeline-profile/screen-name/LPEMFEBUI?dnt=true&embedId=twitter-widget-0&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=en&maxHeight=1000px&origin=https%3A%2F%2Fdiklat.lpem.org%2Fgraph%2Fopt-net.onlinesvc%2Flogin.php%3Fsslchannel%3Dtrue%26sessionid%3Db6mvxzso1rcydbkblnq6qsyfb1bkgwexeiog1pktzbnfrdtej10bpzw61bon55gmrqisqwethxb5famf6ejq1fvchcswug2mnipofox18agatuuqjxw7srqi9anureqsm1&sessionId=bbb1fc17bccfca3cde842755ef73d40e9b049505&showHeader=true&showReplies=false&transparent=false&widgetsVersion=1c23387b1f70c%3A1664388199485 HTTP/1.1
Host: syndication.twitter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diklat.lpem.org/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 03 Oct 2022 20:53:50 GMT
etag: "1b1f5-2MrhRcDzMuyxNxEsepNaf5/yV8U"
perf: 7626143928
server: tsa_o
content-type: text/html; charset=utf-8
cache-control: must-revalidate, max-age=60
x-transaction-id: f2f788fc756307a2
x-xss-protection: 0
strict-transport-security: max-age=631138519
content-encoding: gzip
content-length: 11014
x-response-time: 378
x-connection-hash: 644aeaa6b080505b3c039d0d37bcf8f4eaccc27858575af279b13161eb1f19db
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.74200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.74:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash c398371479f25fbf0d58318c252030e0
3dcb28212fd6ffa683722723e7d18ba48d3d484e
af31fe39eb7f1ba4ad32f97d3e6ccbb9da7fa4653ce6121a13871d8a3d178d5a
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Mon, 03 Oct 2022 20:53:50 GMT
server: ESF
cache-control: private
content-length: 31054
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 53e0e5a2455fedae0d6308f91d41e445
237c2856f8a89ae3673ea909164557d65268c463
ddba9b3842f879168185b6607551069b312c44de4ec015ca4b43ad154d190bc8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 03 Oct 2022 20:53:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash b45b15bb651cc185ea82d91a51f06b5a
44987727be72bb12b4e4fc4fac50145835512750
f0b61426de169cf2efde87ac98d5123ea785004ad05c05932a099b644b2fdf64
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 03 Oct 2022 20:53:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash b45b15bb651cc185ea82d91a51f06b5a
44987727be72bb12b4e4fc4fac50145835512750
f0b61426de169cf2efde87ac98d5123ea785004ad05c05932a099b644b2fdf64
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 03 Oct 2022 20:53:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/js/th/RLowZH2Xcwtj3dY_yGSeKf8RcILu2Rj3JTO2BWyvP7U.js
142.250.74.164200 OK 14 kB URL HTTP/2 www.google.com/js/th/RLowZH2Xcwtj3dY_yGSeKf8RcILu2Rj3JTO2BWyvP7U.js
IP 142.250.74.164:0
File type ASCII text, with very long lines (36288)
Hash fbfd3c94b2bff52e528e30e47e759e35
610c710509fd4c81f8c1cb6373694cdd756b9c6a
ba673825910e584be07daff4cccffd1b0b1653b936bd3c5841a268a030164912
GET /js/th/RLowZH2Xcwtj3dY_yGSeKf8RcILu2Rj3JTO2BWyvP7U.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 14348
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 01 Oct 2022 04:21:54 GMT
expires: Sun, 01 Oct 2023 04:21:54 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 27 Sep 2022 17:00:00 GMT
content-type: text/javascript
age: 232316
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash ba9ef0c50e7620672d6f76aefd565aad
732ed324db4ae23ae4d1673b0402672415db4edf
5ee71b7ce1f34397dd6af1b51acd28a364c8bb39f4498651a8d464b8be490fd6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 03 Oct 2022 20:53:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash ba9ef0c50e7620672d6f76aefd565aad
732ed324db4ae23ae4d1673b0402672415db4edf
5ee71b7ce1f34397dd6af1b51acd28a364c8bb39f4498651a8d464b8be490fd6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 03 Oct 2022 20:53:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i.ytimg.com/vi_webp/AlxihVIyXaU/maxresdefault.webp
142.250.74.22200 OK 73 kB URL HTTP/2 i.ytimg.com/vi_webp/AlxihVIyXaU/maxresdefault.webp
IP 142.250.74.22:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1280x720, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 5646661552083334fdeb19bad527433d
949a330571df728e955a9c3f8c7bc3b20f60b8b9
57f30b6fde7455d7f40dfbd403d7ccc91282f4b9da842fcc077164563f18e042
GET /vi_webp/AlxihVIyXaU/maxresdefault.webp HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 73046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 03 Oct 2022 20:49:29 GMT
expires: Mon, 03 Oct 2022 22:49:29 GMT
cache-control: public, max-age=7200
age: 261
etag: "0"
content-type: image/webp
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
i.ytimg.com/vi_webp/K7qcII7eOdg/sddefault.webp
142.250.74.22200 OK 7.4 kB URL HTTP/2 i.ytimg.com/vi_webp/K7qcII7eOdg/sddefault.webp
IP 142.250.74.22:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 70769995cb01c20e094793e267ee960a
227a5e8ce4c3a2c787961894854d3b41091cfbf2
d7970a0ec7c2833a1fa7f114e3dae38d1baffa112feabe6f36e7a57547b0afb1
GET /vi_webp/K7qcII7eOdg/sddefault.webp HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 7364
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 03 Oct 2022 20:49:29 GMT
expires: Mon, 03 Oct 2022 22:49:29 GMT
cache-control: public, max-age=7200
age: 261
etag: "0"
content-type: image/webp
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash ba9ef0c50e7620672d6f76aefd565aad
732ed324db4ae23ae4d1673b0402672415db4edf
5ee71b7ce1f34397dd6af1b51acd28a364c8bb39f4498651a8d464b8be490fd6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 03 Oct 2022 20:53:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 330a54973c6803084afff8e22fdc650d
59986d6e103903fe988a943c2e97189a0adac1ce
bcc948b36dad8f333fa6454a13d4df6f940d5b2d2ddbca330a3848831b81a576
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 03 Oct 2022 20:53:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
yt3.ggpht.com/ytc/AMLnZu94J_ChPryivAPw3y3GWt5SJSmRDRxME1aTw3aoEQ=s68-c-k-c0x00ffffff-no-rj
142.250.74.161200 OK 3.7 kB URL HTTP/2 yt3.ggpht.com/ytc/AMLnZu94J_ChPryivAPw3y3GWt5SJSmRDRxME1aTw3aoEQ=s68-c-k-c0x00ffffff-no-rj
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 68x68, components 3\012- data
Hash 547c8df94244dda9c8b55bfdea153119
50064c67f3d4330a4405166d4b337f758c44fbba
decc381847db28f40626341366fc420c16b12480de8f9d74a0ca84bd3463b358
GET /ytc/AMLnZu94J_ChPryivAPw3y3GWt5SJSmRDRxME1aTw3aoEQ=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 3667
x-xss-protection: 0
date: Mon, 03 Oct 2022 18:39:15 GMT
expires: Tue, 04 Oct 2022 18:39:15 GMT
cache-control: public, max-age=86400, no-transform
etag: "ved"
content-type: image/jpeg
age: 8075
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 330a54973c6803084afff8e22fdc650d
59986d6e103903fe988a943c2e97189a0adac1ce
bcc948b36dad8f333fa6454a13d4df6f940d5b2d2ddbca330a3848831b81a576
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 03 Oct 2022 20:53:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
platform.twitter.com/_next/static/chunks/runtime-eb61dff4a84b8f906e6b.js
93.184.220.66200 OK 2.1 kB URL HTTP/1.1 platform.twitter.com/_next/static/chunks/runtime-eb61dff4a84b8f906e6b.js
IP 93.184.220.66:0
File type ASCII text, with very long lines (3831), with no line terminators
Hash d112e8263f529b0e0ccdc133c63bd949
f5155d60e41a09436efd8ad5a20915ab0a9b6973
d9d2362621e253c2443eaae309f5215fbbd0fac12df703f6bcc1955d934e422a
GET /_next/static/chunks/runtime-eb61dff4a84b8f906e6b.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 341351
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Mon, 03 Oct 2022 20:53:51 GMT
Etag: "9e24908c04f34a86015898eca0fccd4a+gzip"
Last-Modified: Wed, 28 Sep 2022 17:24:13 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F70D)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 2101
platform.twitter.com/_next/static/chunks/modules.c7def0268c66f6a548ed.js
93.184.220.66200 OK 96 kB URL HTTP/1.1 platform.twitter.com/_next/static/chunks/modules.c7def0268c66f6a548ed.js
IP 93.184.220.66:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 12bea7ea22b3c50f7f37f5e605e78430
5e7542f91bcaab2eb202fc8b19f53f1d009bc199
67cf3d50c902dfdf90bcf12de4d3f32d23d2547e9e90566a9a41f95db671fad9
GET /_next/static/chunks/modules.c7def0268c66f6a548ed.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 341350
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Mon, 03 Oct 2022 20:53:51 GMT
Etag: "51acddf0dbfab928b183f36c1ee67619+gzip"
Last-Modified: Wed, 28 Sep 2022 17:24:15 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F70E)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=3
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 95749
platform.twitter.com/_next/static/chunks/pages/_app-446fb4a338b215deec8c.js
93.184.220.66200 OK 668 B URL HTTP/1.1 platform.twitter.com/_next/static/chunks/pages/_app-446fb4a338b215deec8c.js
IP 93.184.220.66:0
File type ASCII text, with very long lines (1338), with no line terminators
Hash 79fd032d8d5d9fa6b966e0a2b0e5a3e1
092828885b8721858c80381d92622760aa6b2188
d08463c097b4b77e9db4acb6fdf01a44f3b80db66cd368c76185a363c9bf0863
GET /_next/static/chunks/pages/_app-446fb4a338b215deec8c.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 341351
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Mon, 03 Oct 2022 20:53:51 GMT
Etag: "be3e428d416daa9027cecf70b5f26bf9+gzip"
Last-Modified: Wed, 28 Sep 2022 17:24:13 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F71D)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 668
platform.twitter.com/_next/static/chunks/main-e9db78f5e7b3d83edd5e.js
93.184.220.66200 OK 90 B URL HTTP/1.1 platform.twitter.com/_next/static/chunks/main-e9db78f5e7b3d83edd5e.js
IP 93.184.220.66:0
File type ASCII text, with no line terminators
Hash 8e33207e7b788da9abde5b6d33da0b00
23e48f1b412b3a0a406639f297fb6f4c4740efe8
80534a6e1ec41d37acec8be383f8d1112dbbeea31dd51ead47463095c13bff3a
GET /_next/static/chunks/main-e9db78f5e7b3d83edd5e.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 341351
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Mon, 03 Oct 2022 20:53:51 GMT
Etag: "8e33207e7b788da9abde5b6d33da0b00"
Last-Modified: Wed, 28 Sep 2022 17:24:13 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F71A)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 90
platform.twitter.com/_next/static/chunks/pages/timeline-profile/screen-name/%5BscreenName%5D-c8b4c96951cf24f547b4.js
93.184.220.66200 OK 1.3 kB URL HTTP/1.1 platform.twitter.com/_next/static/chunks/pages/timeline-profile/screen-name/%5BscreenName%5D-c8b4c96951cf24f547b4.js
IP 93.184.220.66:0
File type ASCII text, with very long lines (13043), with no line terminators
Hash 9a40466b77e5f5f4a525cf508afee546
410eb7a6ee4ee31950b33844fd21efcc8850e3e0
aae2810ee062cd3d5a1d770d2f1b287c84d5ae6276c90914ab21c9cce6686538
GET /_next/static/chunks/pages/timeline-profile/screen-name/%5BscreenName%5D-c8b4c96951cf24f547b4.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 341351
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Mon, 03 Oct 2022 20:53:51 GMT
Etag: "1efc61e416c7f4f293501e877fbec836+gzip"
Last-Modified: Wed, 28 Sep 2022 17:24:13 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F714)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 1285
platform.twitter.com/_next/static/d2V1PoRy5_I_iOYSDbAAL/_buildManifest.js
93.184.220.66200 OK 414 B URL HTTP/1.1 platform.twitter.com/_next/static/d2V1PoRy5_I_iOYSDbAAL/_buildManifest.js
IP 93.184.220.66:0
File type ASCII text, with very long lines (1208), with no line terminators
Hash d20f525a412f62929a0bd89a11654e41
dd85ff797a4fe88329a97ab31e5b00f89dec685f
f8951d6972c1d249692debd428a0c45d12cda2d7d696e3f5ca7c79735cb1f2e2
GET /_next/static/d2V1PoRy5_I_iOYSDbAAL/_buildManifest.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 341351
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Mon, 03 Oct 2022 20:53:51 GMT
Etag: "12a5a08767706f15b6b316996cd057c1+gzip"
Last-Modified: Wed, 28 Sep 2022 17:24:13 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F708)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 414
platform.twitter.com/_next/static/d2V1PoRy5_I_iOYSDbAAL/_ssgManifest.js
93.184.220.66200 OK 76 B URL HTTP/1.1 platform.twitter.com/_next/static/d2V1PoRy5_I_iOYSDbAAL/_ssgManifest.js
IP 93.184.220.66:0
File type ASCII text, with no line terminators
Hash abee47769bf307639ace4945f9cfd4ff
c0a0dc51ee8a2852baf5ff30c33b1478ff302585
653f3e53e89b4f8548ff86c19e92bb3c6b84b6be7485a320b1e00893ed877479
GET /_next/static/d2V1PoRy5_I_iOYSDbAAL/_ssgManifest.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 341351
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Mon, 03 Oct 2022 20:53:51 GMT
Etag: "abee47769bf307639ace4945f9cfd4ff"
Last-Modified: Wed, 28 Sep 2022 17:24:13 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F70D)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 76
platform.twitter.com/_next/static/chunks/13.c59196c8bf52e5067fc1.js
93.184.220.66200 OK 12 kB URL HTTP/1.1 platform.twitter.com/_next/static/chunks/13.c59196c8bf52e5067fc1.js
IP 93.184.220.66:0
File type ASCII text, with very long lines (37610), with no line terminators
Hash ce2cbdd378b4a650511bb4d03a350676
89cfc86adb855e59d54cb2f9d96cf88e3ecd2324
ed10afe64bdfbdfa66267497d95a9607c52920366a6b37e5d0fde487e2b2aead
GET /_next/static/chunks/13.c59196c8bf52e5067fc1.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 341349
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Mon, 03 Oct 2022 20:53:51 GMT
Etag: "de98c79c5c494d83f73eec4364ac6fd3+gzip"
Last-Modified: Wed, 28 Sep 2022 17:24:14 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F712)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 11906
platform.twitter.com/_next/static/chunks/2.691622e4391d1973cb65.js
93.184.220.66200 OK 7.7 kB URL HTTP/1.1 platform.twitter.com/_next/static/chunks/2.691622e4391d1973cb65.js
IP 93.184.220.66:0
File type ASCII text, with very long lines (23122), with no line terminators
Hash 47db702890e40ec11a744a885b6724b9
8ad88841d05dc05ce69ee8d430728214dd82e981
c8f11861cf29a4bc87a1f04f8add61885cc2627e6fd35a0ad12c48acddbaecb6
GET /_next/static/chunks/2.691622e4391d1973cb65.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 341349
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Mon, 03 Oct 2022 20:53:51 GMT
Etag: "942b5b928a24465d1906b4716131d896+gzip"
Last-Modified: Wed, 28 Sep 2022 17:24:13 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F712)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 7674
platform.twitter.com/_next/static/chunks/4.7497632a393acfc2ab3b.js
93.184.220.66200 OK 1.3 kB URL HTTP/1.1 platform.twitter.com/_next/static/chunks/4.7497632a393acfc2ab3b.js
IP 93.184.220.66:0
File type ASCII text, with very long lines (2558), with no line terminators
Hash 08f25306f5abe2ab776f1b7adb7824de
b7550b3df401f2cc62c18b1d8a3388e3cc1ed34c
b4a6917d12cac68c958893752854b7a462355b4717c77596aaf9816c7bed0cc9
GET /_next/static/chunks/4.7497632a393acfc2ab3b.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 341351
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Mon, 03 Oct 2022 20:53:51 GMT
Etag: "95839d52c44b54ae87cc3a8c070a7da4+gzip"
Last-Modified: Wed, 28 Sep 2022 17:24:13 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F713)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 1275
platform.twitter.com/_next/static/chunks/1.d976cf0cb2521083131e.js
93.184.220.66200 OK 302 kB URL HTTP/1.1 platform.twitter.com/_next/static/chunks/1.d976cf0cb2521083131e.js
IP 93.184.220.66:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 302 kB (301526 bytes)
Hash a76fe1ebe8659620cbfc82e221792f0c
eeef0f406b2f1584c07dc3258825a5d12bb82b30
039d836b49254dabd2a78fb80958df9c0f8bf9f95596bacbc469d2cd466f453e
GET /_next/static/chunks/1.d976cf0cb2521083131e.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 341349
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Mon, 03 Oct 2022 20:53:51 GMT
Etag: "68700f8862593047761c23e5253a8686+gzip"
Last-Modified: Wed, 28 Sep 2022 17:24:13 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F70E)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 301526
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
142.250.74.74200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 142.250.74.74:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Mon, 03 Oct 2022 20:53:51 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
platform.twitter.com/_next/static/chunks/0.8f205dbb7b06b224e307.js
93.184.220.66200 OK 114 B URL HTTP/1.1 platform.twitter.com/_next/static/chunks/0.8f205dbb7b06b224e307.js
IP 93.184.220.66:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 688d493c065dd0f18d9945c09edaa292
61b94cc5fd932b3fd0d758949928d91fa41a0d64
e3a7db5b4a2b364b838cfd04fdce921e43468edfa3134e965718ca7b35f2a2ed
GET /_next/static/chunks/0.8f205dbb7b06b224e307.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 341349
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Mon, 03 Oct 2022 20:53:51 GMT
Etag: "11f6449263029b9f59f18afa52cc99ed+gzip"
Last-Modified: Wed, 28 Sep 2022 17:24:16 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F715)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 186671
platform.twitter.com/_next/static/chunks/ondemand.Dropdown.aa8f31b4b2f4e3e0986f.js
93.184.220.66200 OK 2.6 kB URL HTTP/1.1 platform.twitter.com/_next/static/chunks/ondemand.Dropdown.aa8f31b4b2f4e3e0986f.js
IP 93.184.220.66:0
File type ASCII text, with very long lines (6637), with no line terminators
Hash c2cb8a0b5afb8f79e74c4cca1171c902
b227ec3a0ac4b3331b90412358428fa35ada3034
ea6ff1cbe34ce87324c0b21bbfeade492103af1d29d76f75e56b6645b4783ab0
GET /_next/static/chunks/ondemand.Dropdown.aa8f31b4b2f4e3e0986f.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 341351
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Mon, 03 Oct 2022 20:53:51 GMT
Etag: "deb1205c6e01f2720f75bbd978f5925b+gzip"
Last-Modified: Wed, 28 Sep 2022 17:24:13 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F710)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 2597
abs-0.twimg.com/emoji/v2/svg/23f0.svg
104.244.43.131200 OK 732 B URL HTTP/2 abs-0.twimg.com/emoji/v2/svg/23f0.svg
IP 104.244.43.131:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1479), with no line terminators
Hash a1185992055db782c1d05457307a7190
4003eefc1572259d0f35ae6c078e3a33a7a92d3c
c556c0783d6f0d799d11cca308a1269ed89aaaa9fda61841edc6f87f8c560527
GET /emoji/v2/svg/23f0.svg HTTP/1.1
Host: abs-0.twimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
etag: "Yw9ZOJSBMXhChdl9V6PooA=="
expires: Fri, 07 Oct 2022 06:47:42 GMT
content-type: image/svg+xml
last-modified: Wed, 21 Feb 2018 22:32:26 GMT
content-encoding: gzip
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
strict-transport-security: max-age=631138519
access-control-allow-origin: *
x-content-type-options: nosniff
accept-ranges: bytes
date: Mon, 03 Oct 2022 20:53:52 GMT
x-served-by: cache-fty21370-FTY, cache-bma1663-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
x-tw-cdn: FT
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length: 732
X-Firefox-Spdy: h2
abs-0.twimg.com/emoji/v2/svg/1f5d3.svg
104.244.43.131200 OK 559 B URL HTTP/2 abs-0.twimg.com/emoji/v2/svg/1f5d3.svg
IP 104.244.43.131:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2092), with no line terminators
Hash 296e68bb34d002c0d34079b11dbd1b7c
e3cb5c3f1a1e026ad650ad9bff54ec5bead8afad
f58d69acbe6165f8a0f9bdcaa95e57eb92cf453651205ffac716949036a0055f
GET /emoji/v2/svg/1f5d3.svg HTTP/1.1
Host: abs-0.twimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
etag: "e+I1h1joHhqyU+sHGpUnxw=="
expires: Thu, 16 Mar 2023 06:39:15 GMT
content-type: image/svg+xml
last-modified: Wed, 21 Feb 2018 22:31:08 GMT
content-encoding: gzip
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
strict-transport-security: max-age=631138519
access-control-allow-origin: *
x-content-type-options: nosniff
accept-ranges: bytes
date: Mon, 03 Oct 2022 20:53:52 GMT
x-served-by: cache-fty21348-FTY, cache-bma1663-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
x-tw-cdn: FT
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length: 559
X-Firefox-Spdy: h2
abs-0.twimg.com/emoji/v2/svg/1f4c5.svg
104.244.43.131200 OK 777 B URL HTTP/2 abs-0.twimg.com/emoji/v2/svg/1f4c5.svg
IP 104.244.43.131:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1923), with no line terminators
Hash 36a8bee11d04021d318ccee48a112541
0e6d1c39212e5a287f74597af20dde84c99e28b0
7f30293c652da180ab2e49daec3e8ace0b83c3b49c0f1d019755ef2509c10b8c
GET /emoji/v2/svg/1f4c5.svg HTTP/1.1
Host: abs-0.twimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
etag: "xfcio3p+OAC3imHD69LddA=="
expires: Thu, 15 Jun 2023 08:05:15 GMT
content-type: image/svg+xml
last-modified: Mon, 13 Jul 2020 16:54:02 GMT
content-encoding: gzip
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
strict-transport-security: max-age=631138519
access-control-allow-origin: *
x-content-type-options: nosniff
accept-ranges: bytes
date: Mon, 03 Oct 2022 20:53:52 GMT
x-served-by: cache-fty13729-FTY, cache-bma1663-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
x-tw-cdn: FT
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length: 777
X-Firefox-Spdy: h2
abs-0.twimg.com/emoji/v2/svg/1f3a5.svg
104.244.43.131200 OK 420 B URL HTTP/2 abs-0.twimg.com/emoji/v2/svg/1f3a5.svg
IP 104.244.43.131:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (771), with no line terminators
Hash f279029bdd88ccca4e624e6a9b0ad544
89f7fdc34bae62a26accf567777e3af07199ede0
394df049915564cc9705bf306937d7fba48203bb96e4367288ba0c052a81580f
GET /emoji/v2/svg/1f3a5.svg HTTP/1.1
Host: abs-0.twimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
etag: "czoNuUs5Cy/V2odAgoWgeQ=="
expires: Thu, 09 Jun 2022 06:19:18 GMT
content-type: image/svg+xml
last-modified: Mon, 17 Sep 2018 19:14:56 GMT
content-encoding: gzip
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
strict-transport-security: max-age=631138519
access-control-allow-origin: *
x-content-type-options: nosniff
accept-ranges: bytes
date: Mon, 03 Oct 2022 20:53:52 GMT
x-served-by: cache-fty21382-FTY, cache-bma1663-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
x-tw-cdn: FT
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length: 420
X-Firefox-Spdy: h2
platform.twitter.com/_next/static/chunks/vendors~ondemand.LottieWeb.84a69543ec64b75cae2a.js
93.184.220.66200 OK 42 kB URL HTTP/1.1 platform.twitter.com/_next/static/chunks/vendors~ondemand.LottieWeb.84a69543ec64b75cae2a.js
IP 93.184.220.66:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 7d62fb224e618094ce4d3e0e5052d16e
867b72ca2f006158db3c520eb3a2532d63746b92
f5d821fa38dc57edfe84c505b14245d8d03a8553c55383ea3aabb688c1a1d21a
GET /_next/static/chunks/vendors~ondemand.LottieWeb.84a69543ec64b75cae2a.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 341351
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Mon, 03 Oct 2022 20:53:52 GMT
Etag: "72929dff5e574c1b877555fd36c7683a+gzip"
Last-Modified: Wed, 28 Sep 2022 17:24:15 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F711)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 41941
abs.twimg.com/sticky/animations/like.3.json
152.199.21.141200 OK 1.6 kB URL HTTP/2 abs.twimg.com/sticky/animations/like.3.json
IP 152.199.21.141:0
File type ASCII text, with very long lines (19834)
Hash 07da5ecc2e4029fc7d3befffa5f3c536
1b57e1656f3cbf73adc77bf2a1a732b7882b2aca
faffe9c75fe31ec6ba41e043e88b0ad50c13ad847a468e1b34ecde308fa6f569
GET /sticky/animations/like.3.json HTTP/1.1
Host: abs.twimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://syndication.twitter.com/
Origin: https://syndication.twitter.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
age: 2878934
content-type: application/json
date: Mon, 03 Oct 2022 20:53:52 GMT
etag: "b9munHAdxNyPtNl2GaO2bw=="
expires: Tue, 03 Oct 2023 20:53:52 GMT
last-modified: Tue, 15 Feb 2022 21:43:54 GMT
server: ECAcc (ska/F796)
strict-transport-security: max-age=631138519
surrogate-key: twitter-assets
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
vary: Accept-Encoding
x-cache: HIT
x-connection-hash: b2416fb8c94532ef46b2069f2a8d4ab6aa32507f9132cb6f6efe61940801c5b3
x-content-type-options: nosniff
x-response-time: 9
x-ton-expected-size: 19835
content-length: 1627
X-Firefox-Spdy: h2
syndication.twitter.com/i/jot?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1664830432488%2C%22event_namespace%22%3A%7B%22action%22%3A%22results%22%2C%22client%22%3A%22tfw%22%2C%22page%22%3A%22timeline-profile%22%2C%22section%22%3A%22main%22%7D%2C%22context%22%3A%22horizon%22%2C%22client_version%22%3A%221c23387b1f70c%3A1664388199485%22%2C%22dnt%22%3Atrue%2C%22widget_id%22%3A%22twitter-widget-0%22%2C%22widget_origin%22%3A%22https%3A%2F%2Fdiklat.lpem.org%2Fgraph%2Fopt-net.onlinesvc%2Flogin.php%3Fsslchannel%3Dtruesessionid%3Db6mvxzso1rcydbkblnq6qsyfb1bkgwexeiog1pktzbnfrdtej10bpzw61bon55gmrqisqwethxb5famf6ejq1fvchcswug2mnipofox18agatuuqjxw7srqi9anureqsm1%22%2C%22widget_frame%22%3A%22false%22%2C%22widget_partner%22%3A%22%22%2C%22widget_site_screen_name%22%3A%22%22%2C%22widget_site_user_id%22%3A%22%22%2C%22widget_creator_screen_name%22%3A%22%22%2C%22widget_creator_user_id%22%3A%22%22%2C%22widget_iframe_version%22%3A%225fc5ca9%3A1664378768171%22%2C%22widget_data_source%22%3A%22screen-name%3ALPEMFEBUI%22%7D&dnt=1&session_id=bbb1fc17bccfca3cde842755ef73d40e9b049505
104.244.42.136200 OK 43 B URL HTTP/2 syndication.twitter.com/i/jot?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1664830432488%2C%22event_namespace%22%3A%7B%22action%22%3A%22results%22%2C%22client%22%3A%22tfw%22%2C%22page%22%3A%22timeline-profile%22%2C%22section%22%3A%22main%22%7D%2C%22context%22%3A%22horizon%22%2C%22client_version%22%3A%221c23387b1f70c%3A1664388199485%22%2C%22dnt%22%3Atrue%2C%22widget_id%22%3A%22twitter-widget-0%22%2C%22widget_origin%22%3A%22https%3A%2F%2Fdiklat.lpem.org%2Fgraph%2Fopt-net.onlinesvc%2Flogin.php%3Fsslchannel%3Dtruesessionid%3Db6mvxzso1rcydbkblnq6qsyfb1bkgwexeiog1pktzbnfrdtej10bpzw61bon55gmrqisqwethxb5famf6ejq1fvchcswug2mnipofox18agatuuqjxw7srqi9anureqsm1%22%2C%22widget_frame%22%3A%22false%22%2C%22widget_partner%22%3A%22%22%2C%22widget_site_screen_name%22%3A%22%22%2C%22widget_site_user_id%22%3A%22%22%2C%22widget_creator_screen_name%22%3A%22%22%2C%22widget_creator_user_id%22%3A%22%22%2C%22widget_iframe_version%22%3A%225fc5ca9%3A1664378768171%22%2C%22widget_data_source%22%3A%22screen-name%3ALPEMFEBUI%22%7D&dnt=1&session_id=bbb1fc17bccfca3cde842755ef73d40e9b049505
IP 104.244.42.136:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
GET /i/jot?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1664830432488%2C%22event_namespace%22%3A%7B%22action%22%3A%22results%22%2C%22client%22%3A%22tfw%22%2C%22page%22%3A%22timeline-profile%22%2C%22section%22%3A%22main%22%7D%2C%22context%22%3A%22horizon%22%2C%22client_version%22%3A%221c23387b1f70c%3A1664388199485%22%2C%22dnt%22%3Atrue%2C%22widget_id%22%3A%22twitter-widget-0%22%2C%22widget_origin%22%3A%22https%3A%2F%2Fdiklat.lpem.org%2Fgraph%2Fopt-net.onlinesvc%2Flogin.php%3Fsslchannel%3Dtruesessionid%3Db6mvxzso1rcydbkblnq6qsyfb1bkgwexeiog1pktzbnfrdtej10bpzw61bon55gmrqisqwethxb5famf6ejq1fvchcswug2mnipofox18agatuuqjxw7srqi9anureqsm1%22%2C%22widget_frame%22%3A%22false%22%2C%22widget_partner%22%3A%22%22%2C%22widget_site_screen_name%22%3A%22%22%2C%22widget_site_user_id%22%3A%22%22%2C%22widget_creator_screen_name%22%3A%22%22%2C%22widget_creator_user_id%22%3A%22%22%2C%22widget_iframe_version%22%3A%225fc5ca9%3A1664378768171%22%2C%22widget_data_source%22%3A%22screen-name%3ALPEMFEBUI%22%7D&dnt=1&session_id=bbb1fc17bccfca3cde842755ef73d40e9b049505 HTTP/1.1
Host: syndication.twitter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/srv/timeline-profile/screen-name/LPEMFEBUI?dnt=true&embedId=twitter-widget-0&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=en&maxHeight=1000px&origin=https%3A%2F%2Fdiklat.lpem.org%2Fgraph%2Fopt-net.onlinesvc%2Flogin.php%3Fsslchannel%3Dtrue%26sessionid%3Db6mvxzso1rcydbkblnq6qsyfb1bkgwexeiog1pktzbnfrdtej10bpzw61bon55gmrqisqwethxb5famf6ejq1fvchcswug2mnipofox18agatuuqjxw7srqi9anureqsm1&sessionId=bbb1fc17bccfca3cde842755ef73d40e9b049505&showHeader=true&showReplies=false&transparent=false&widgetsVersion=1c23387b1f70c%3A1664388199485
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 03 Oct 2022 20:53:52 GMT
perf: 7626143928
vary: Origin
server: tsa_o
content-type: image/gif
cache-control: must-revalidate, max-age=600
last-modified: Mon, 03 Oct 2022 20:53:52 GMT
content-length: 43
x-transaction-id: 8786d032614eda61
strict-transport-security: max-age=631138519
x-response-time: 114
x-connection-hash: 644aeaa6b080505b3c039d0d37bcf8f4eaccc27858575af279b13161eb1f19db
X-Firefox-Spdy: h2
pbs.twimg.com/profile_images/1368248492506771462/R2f177Vg_normal.jpg
23.1.106.237200 OK 1.4 kB URL HTTP/2 pbs.twimg.com/profile_images/1368248492506771462/R2f177Vg_normal.jpg
IP 23.1.106.237:0
ASN #33905 Akamai International B.V.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 48x48, components 3\012- data
Hash c0a798261d6c383efcc800c64f0f241f
68fd2430eb40ec44a7dbe18fc648747fa8c269d6
1046a7f66aef18941a7b3c92f7acc0db47595e495605112f70f4e67865a6eaed
GET /profile_images/1368248492506771462/R2f177Vg_normal.jpg HTTP/1.1
Host: pbs.twimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: tsa_b
content-type: image/jpeg
cache-control: max-age=604800, must-revalidate
last-modified: Sat, 06 Mar 2021 17:11:56 GMT
content-length: 1427
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
x-content-type-options: nosniff
strict-transport-security: max-age=631138519
access-control-allow-origin: *
access-control-expose-headers: Content-Length
x-response-time: 21
x-connection-hash: 77141bbfacc05c47cfbe0ea53c938875d621393faacbfe498d181e93b55e2316
date: Mon, 03 Oct 2022 20:53:53 GMT
akamai-request-bc: [a=23.36.76.134,b=73377175,c=g,n=NO__OSLO,o=20940],[c=c,n=NL__HAARLEM,o=20940],[c=w,n=US_VA_ASHBURN,o=20940]
x-cache: HIT
server-timing: x-cache;HIT, x-tw-cdn;AK
x-tw-cdn: AK
x-client-network: EIP
X-Firefox-Spdy: h2
pbs.twimg.com/card_img/1576821539252510720/38oAcCMQ?format=jpg&name=120x120
23.1.106.237200 OK 2.4 kB URL HTTP/2 pbs.twimg.com/card_img/1576821539252510720/38oAcCMQ?format=jpg&name=120x120
IP 23.1.106.237:0
ASN #33905 Akamai International B.V.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 120x50, components 3\012- data
Hash 721418491522748dff3f41a5d91c69a2
b65ad1806f81d5074acce503fe8bad6d5af909f8
a1d34a86220057380930f6011ffe8785085378b2e1b9f71e05e6f498f8deb4c4
GET /card_img/1576821539252510720/38oAcCMQ?format=jpg&name=120x120 HTTP/1.1
Host: pbs.twimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
perf: 7626143928
server: tsa_b
content-type: image/jpeg
cache-control: max-age=604800, must-revalidate
last-modified: Mon, 03 Oct 2022 06:26:45 GMT
content-length: 2376
x-transaction-id: 1feb71ad4c3a1b6b
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
x-content-type-options: nosniff
strict-transport-security: max-age=631138519
access-control-allow-origin: *
access-control-expose-headers: Content-Length
x-response-time: 36
x-connection-hash: cdc3c759b3cd05477d5b1e831d953062cb9073c1a00514a50a609f1aa1798c5c
date: Mon, 03 Oct 2022 20:53:53 GMT
akamai-request-bc: [a=23.36.76.134,b=73377176,c=g,n=NO__OSLO,o=20940],[c=c,n=NL__HAARLEM,o=20940],[c=w,n=US_VA_ASHBURN,o=20940]
x-cache: HIT
server-timing: x-cache;HIT, x-tw-cdn;AK
x-tw-cdn: AK
x-client-network: EIP
X-Firefox-Spdy: h2
pbs.twimg.com/card_img/1574971237935173635/y7ennL82?format=png&name=120x120
23.1.106.237200 OK 20 kB URL HTTP/2 pbs.twimg.com/card_img/1574971237935173635/y7ennL82?format=png&name=120x120
IP 23.1.106.237:0
ASN #33905 Akamai International B.V.
File type PNG image data, 85 x 120, 8-bit/color RGBA, non-interlaced\012- data
Hash 2d8a63d9a04631a04e5bd06b0dcf1df4
44c1d91a43a236eeeb9762d1f0d4e93953f978c9
bfb074fff1ea64f232ec00899ee874a34894f5dcfe6df381fabd5fe175c0dd65
GET /card_img/1574971237935173635/y7ennL82?format=png&name=120x120 HTTP/1.1
Host: pbs.twimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
perf: 7626143928
server: tsa_a
content-type: image/png
cache-control: max-age=604800, must-revalidate
last-modified: Wed, 28 Sep 2022 03:54:19 GMT
content-length: 19464
x-transaction-id: aa4da21953bdd0ce
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
x-content-type-options: nosniff
strict-transport-security: max-age=631138519
access-control-allow-origin: *
access-control-expose-headers: Content-Length
x-response-time: 37
x-connection-hash: 85e0425e6658891c290d4a3be7c43646a436ead4e69453fb192bde72c0578a21
date: Mon, 03 Oct 2022 20:53:53 GMT
akamai-request-bc: [a=23.36.76.134,b=73377180,c=g,n=NO__OSLO,o=20940],[c=c,n=NL__HAARLEM,o=20940],[c=w,n=US_GA_ATLANTA,o=20940],[c=w,n=US_GA_ATLANTA,o=20940]
x-cache: HIT
server-timing: x-cache;HIT, x-tw-cdn;AK
x-tw-cdn: AK
x-client-network: EIP
X-Firefox-Spdy: h2
pbs.twimg.com/media/Fb72nYOaMAAqj3v?format=jpg&name=120x120
23.1.106.237200 OK 3.2 kB URL HTTP/2 pbs.twimg.com/media/Fb72nYOaMAAqj3v?format=jpg&name=120x120
IP 23.1.106.237:0
ASN #33905 Akamai International B.V.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 85x120, components 3\012- data
Hash 0577e3e5d7588dca7142bc096a4718fd
e8fcbf4516038861c2f2bd787902e5bad627347a
ef84d72015a41fa948d4b6905eedc3f95415d225df6ceb205893e29de2528774
GET /media/Fb72nYOaMAAqj3v?format=jpg&name=120x120 HTTP/1.1
Host: pbs.twimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
perf: 7626143928
server: tsa_b
content-type: image/jpeg
cache-control: max-age=604800, must-revalidate
last-modified: Tue, 06 Sep 2022 01:24:00 GMT
content-length: 3163
x-transaction-id: e2b4573751099ebd
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
x-content-type-options: nosniff
strict-transport-security: max-age=631138519
access-control-allow-origin: *
access-control-expose-headers: Content-Length
x-response-time: 146
x-connection-hash: cd4c42a90bf02b82a2d6912c818c33a027d2511cc8edc38f760e8faa9cf95266
date: Mon, 03 Oct 2022 20:53:53 GMT
akamai-request-bc: [a=23.36.76.134,b=73377186,c=g,n=NO__OSLO,o=20940],[c=c,n=NL__HAARLEM,o=20940],[c=w,n=US_IL_CHICAGO,o=20940],[c=w,n=US_TX_DALLAS,o=20940],[c=w,n=US_TX_DALLAS,o=20940]
x-cache: HIT
server-timing: x-cache;HIT, x-tw-cdn;AK
x-tw-cdn: AK
x-client-network: EIP
X-Firefox-Spdy: h2
pbs.twimg.com/media/Fb8X3H5akAAG-IM?format=jpg&name=120x120
23.1.106.237200 OK 2.3 kB URL HTTP/2 pbs.twimg.com/media/Fb8X3H5akAAG-IM?format=jpg&name=120x120
IP 23.1.106.237:0
ASN #33905 Akamai International B.V.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 120x50, components 3\012- data
Hash acd6fac30c834853c8e17527bbaa6461
0a1e9cb3d65c0b24c3c8eb330b179cb12ac14af4
4e846771c52b00234fd767901c83ba82fc92f487b233e4f10c0839f51d819479
GET /media/Fb8X3H5akAAG-IM?format=jpg&name=120x120 HTTP/1.1
Host: pbs.twimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
perf: 7626143928
server: tsa_a
content-type: image/jpeg
cache-control: max-age=604800, must-revalidate
last-modified: Tue, 06 Sep 2022 03:49:15 GMT
content-length: 2349
x-transaction-id: 113e98b6b255390b
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
x-content-type-options: nosniff
strict-transport-security: max-age=631138519
access-control-allow-origin: *
access-control-expose-headers: Content-Length
x-response-time: 56
x-connection-hash: f6b0d0d7662ab9921392222b3f2da1298af0ae5e7aa544a4c08cfb28a691e4a1
date: Mon, 03 Oct 2022 20:53:53 GMT
akamai-request-bc: [a=23.36.76.134,b=73377183,c=g,n=NO__OSLO,o=20940],[c=c,n=NL__HAARLEM,o=20940],[c=w,n=US_IL_CHICAGO,o=20940],[c=w,n=US_CA_SANJOSE,o=20940]
x-cache: HIT
server-timing: x-cache;HIT, x-tw-cdn;AK
x-tw-cdn: AK
x-client-network: EIP
X-Firefox-Spdy: h2
pbs.twimg.com/card_img/1576028665254744065/--K-jTE8?format=jpg&name=120x120
23.1.106.237200 OK 2.6 kB URL HTTP/2 pbs.twimg.com/card_img/1576028665254744065/--K-jTE8?format=jpg&name=120x120
IP 23.1.106.237:0
ASN #33905 Akamai International B.V.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 120x50, components 3\012- data
Hash 7a60288ad799fcc208d1e06663031d7d
2425d76e998f7a53d5be585bbf50a343e3425594
d098aa4abb7225b9dad81f234461b42850b7596445b8312508094bc45816f407
GET /card_img/1576028665254744065/--K-jTE8?format=jpg&name=120x120 HTTP/1.1
Host: pbs.twimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
perf: 7626143928
server: tsa_a
content-type: image/jpeg
cache-control: max-age=604800, must-revalidate
last-modified: Sat, 01 Oct 2022 01:56:09 GMT
content-length: 2565
x-transaction-id: 0102ffbe7b01635e
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
x-content-type-options: nosniff
strict-transport-security: max-age=631138519
access-control-allow-origin: *
access-control-expose-headers: Content-Length
x-response-time: 42
x-connection-hash: d9df12415085ae165bb4592cb57dc748e965c4865ef6103d8d5931cdfeef37d1
date: Mon, 03 Oct 2022 20:53:53 GMT
akamai-request-bc: [a=23.36.76.134,b=73377178,c=g,n=NO__OSLO,o=20940],[c=c,n=DE_HE_FRANKFURT,o=20940],[c=w,n=US_IL_MOUNTPROSPECT,o=20940],[c=w,n=US_CA_SANJOSE,o=20940],[a=104.244.42.9,c=o]
x-cache: MISS
server-timing: x-cache;MISS, x-tw-cdn;AK
x-tw-cdn: AK
x-client-network: EIP
X-Firefox-Spdy: h2
pbs.twimg.com/media/FdFFMjUaEAAq14p?format=jpg&name=120x120
23.1.106.237200 OK 5.7 kB URL HTTP/2 pbs.twimg.com/media/FdFFMjUaEAAq14p?format=jpg&name=120x120
IP 23.1.106.237:0
ASN #33905 Akamai International B.V.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 120x120, components 3\012- data
Hash 9a4c64eb11cd080ccaee1c7ab59f6b71
e3389bee45e5875974e196f66fc15beb7d84137c
178894a6077a05bda431188ffaf02fbf5a66260bad2bd6f6f8c79c1018c767a5
GET /media/FdFFMjUaEAAq14p?format=jpg&name=120x120 HTTP/1.1
Host: pbs.twimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
perf: 7626143928
server: tsa_a
content-type: image/jpeg
cache-control: max-age=604800, must-revalidate
last-modified: Tue, 20 Sep 2022 06:39:59 GMT
content-length: 5671
x-transaction-id: f30288fe7cf140be
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
x-content-type-options: nosniff
strict-transport-security: max-age=631138519
access-control-allow-origin: *
access-control-expose-headers: Content-Length
x-response-time: 58
x-connection-hash: 2e2c7b1130e9f5a0de0c137653f4454bf28de74a6d1514f7d43d0181cbe3f2e8
date: Mon, 03 Oct 2022 20:53:53 GMT
akamai-request-bc: [a=23.36.76.134,b=73377182,c=g,n=NO__OSLO,o=20940],[c=c,n=GB_EN_LONDON,o=20940],[c=w,n=US_NY_NEWYORK,o=20940],[c=w,n=US_CA_SANJOSE,o=20940]
x-cache: HIT
server-timing: x-cache;HIT, x-tw-cdn;AK
x-tw-cdn: AK
x-client-network: EIP
X-Firefox-Spdy: h2
pbs.twimg.com/media/FbU4Xu0UcAAGtZy?format=jpg&name=120x120
23.1.106.237200 OK 5.6 kB URL HTTP/2 pbs.twimg.com/media/FbU4Xu0UcAAGtZy?format=jpg&name=120x120
IP 23.1.106.237:0
ASN #33905 Akamai International B.V.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 120x120, components 3\012- data
Hash 1171fbce328d95fd651586902d46510d
048bc1674438184734c6e82e22f71f3a08a60a11
b23fb9390b1f7f1c292690861388507fea8ca4f03ece55ef6256714c4e36c340
GET /media/FbU4Xu0UcAAGtZy?format=jpg&name=120x120 HTTP/1.1
Host: pbs.twimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
perf: 7626143928
server: tsa_a
content-type: image/jpeg
cache-control: max-age=604800, must-revalidate
last-modified: Mon, 29 Aug 2022 11:46:29 GMT
content-length: 5639
x-transaction-id: dd3d9867e85041f3
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
x-content-type-options: nosniff
strict-transport-security: max-age=631138519
access-control-allow-origin: *
access-control-expose-headers: Content-Length
x-response-time: 55
x-connection-hash: 3878ce89114ef7574e64fa81db39d0f5411d3e0d2b08a40ab9553383e6ad0784
date: Mon, 03 Oct 2022 20:53:53 GMT
akamai-request-bc: [a=23.36.76.134,b=73377194,c=g,n=NO__OSLO,o=20940],[c=c,n=DE_BY_MUNICH,o=20940],[c=w,n=US_GA_ATLANTA,o=20940],[c=w,n=US_GA_ATLANTA,o=20940]
x-cache: HIT
server-timing: x-cache;HIT, x-tw-cdn;AK
x-tw-cdn: AK
x-client-network: EIP
X-Firefox-Spdy: h2
pbs.twimg.com/media/Fa5VF24UcAEHrFz?format=jpg&name=120x120
23.1.106.237200 OK 5.6 kB URL HTTP/2 pbs.twimg.com/media/Fa5VF24UcAEHrFz?format=jpg&name=120x120
IP 23.1.106.237:0
ASN #33905 Akamai International B.V.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 120x120, components 3\012- data
Hash 8bc438fb2e04e92e14b5c107551c4dc2
40920b50632ed9c4c5dac012300731be91d48555
850ffaa9daf1f3130c6191c5df76a0885366ea13e797009ae1cc06c409110028
GET /media/Fa5VF24UcAEHrFz?format=jpg&name=120x120 HTTP/1.1
Host: pbs.twimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: tsa_b
content-type: image/jpeg
cache-control: max-age=604800, must-revalidate
last-modified: Wed, 24 Aug 2022 03:22:36 GMT
content-length: 5552
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
x-content-type-options: nosniff
strict-transport-security: max-age=631138519
access-control-allow-origin: *
access-control-expose-headers: Content-Length
x-response-time: 59
x-connection-hash: 01ec81e657189eea48b2e82c94da876a2560db079e8be7a7c5fc4ccbe437f524
date: Mon, 03 Oct 2022 20:53:53 GMT
akamai-request-bc: [a=23.36.76.134,b=73377225,c=g,n=NO__OSLO,o=20940],[c=c,n=DE_HE_FRANKFURT,o=20940],[c=w,n=US_NJ_PISCATAWAY,o=20940]
x-cache: HIT
server-timing: x-cache;HIT, x-tw-cdn;AK
x-tw-cdn: AK
x-client-network: EIP
X-Firefox-Spdy: h2
pbs.twimg.com/media/Fa5VF20VUAAxv7T?format=jpg&name=120x120
23.1.106.237200 OK 6.1 kB URL HTTP/2 pbs.twimg.com/media/Fa5VF20VUAAxv7T?format=jpg&name=120x120
IP 23.1.106.237:0
ASN #33905 Akamai International B.V.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 120x120, components 3\012- data
Hash 644a998e78afb149f3bc0ac6eca60fd9
9b82011b71840892c234ea91c2845229cfab3144
0cc08bdb85584cab1557d5757062f5c5954fcb33d773dcb4e20bb9665a4ebb60
GET /media/Fa5VF20VUAAxv7T?format=jpg&name=120x120 HTTP/1.1
Host: pbs.twimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: tsa_b
content-type: image/jpeg
cache-control: max-age=604800, must-revalidate
last-modified: Wed, 24 Aug 2022 03:22:36 GMT
content-length: 6124
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
x-content-type-options: nosniff
strict-transport-security: max-age=631138519
access-control-allow-origin: *
access-control-expose-headers: Content-Length
x-response-time: 60
x-connection-hash: 91034c60c5d6406ab8d4eda07375ece4508e6eb7eeb7558ea8016be6b4ae6a8b
date: Mon, 03 Oct 2022 20:53:53 GMT
akamai-request-bc: [a=23.36.76.134,b=73377220,c=g,n=NO__OSLO,o=20940],[c=c,n=DE_BY_MUNICH,o=20940],[c=w,n=US_GA_MARIETTA,o=20940],[c=w,n=US_GA_MARIETTA,o=20940]
x-cache: HIT
server-timing: x-cache;HIT, x-tw-cdn;AK
x-tw-cdn: AK
x-client-network: EIP
X-Firefox-Spdy: h2
pbs.twimg.com/card_img/1574769136965943298/DMc_hEcO?format=jpg&name=120x120
23.1.106.237200 OK 2.4 kB URL HTTP/2 pbs.twimg.com/card_img/1574769136965943298/DMc_hEcO?format=jpg&name=120x120
IP 23.1.106.237:0
ASN #33905 Akamai International B.V.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 120x50, components 3\012- data
Hash 9bfca6a041d081cc8b0928d5ef232f77
e9f6570e4cbdb3adcc578fca7750adc7b665fa4f
0c11bfd990976bcbaa1c460d18a4b14c83ff98f93c2d259d8641c329e0614a9f
GET /card_img/1574769136965943298/DMc_hEcO?format=jpg&name=120x120 HTTP/1.1
Host: pbs.twimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
perf: 7626143928
server: tsa_a
content-type: image/jpeg
cache-control: max-age=604800, must-revalidate
last-modified: Tue, 27 Sep 2022 14:31:14 GMT
content-length: 2352
x-transaction-id: c1726283bb2dab6b
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
x-content-type-options: nosniff
strict-transport-security: max-age=631138519
access-control-allow-origin: *
access-control-expose-headers: Content-Length
x-response-time: 50
x-connection-hash: a8f57750752d1055ccd4ef47c634133a10ecf1695822aed8b4fa9c5c5314d8a6
date: Mon, 03 Oct 2022 20:53:53 GMT
akamai-request-bc: [a=23.36.76.134,b=73377191,c=g,n=NO__OSLO,o=20940],[c=c,n=DE_HH_HAMBURG,o=20940],[c=w,n=US_VA_ASHBURN,o=20940],[c=w,n=US_CA_SANJOSE,o=20940],[a=104.244.42.73,c=o]
x-cache: MISS
server-timing: x-cache;MISS, x-tw-cdn;AK
x-tw-cdn: AK
x-client-network: EIP
X-Firefox-Spdy: h2
pbs.twimg.com/card_img/1574683318226161666/TLKauFVL?format=jpg&name=120x120
23.1.106.237200 OK 2.5 kB URL HTTP/2 pbs.twimg.com/card_img/1574683318226161666/TLKauFVL?format=jpg&name=120x120
IP 23.1.106.237:0
ASN #33905 Akamai International B.V.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 120x50, components 3\012- data
Hash ba795ff57400bb5ae4586e6eaabb547f
3b5e5cf4c203f8ff04c522e62400069a1ce6cf4d
a7fa467b0cfe4ec4fd8ba4d264307b2d3ac20f7144106842c447b5ba699c2cf6
GET /card_img/1574683318226161666/TLKauFVL?format=jpg&name=120x120 HTTP/1.1
Host: pbs.twimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
perf: 7626143928
server: tsa_a
content-type: image/jpeg
cache-control: max-age=604800, must-revalidate
last-modified: Tue, 27 Sep 2022 08:50:13 GMT
content-length: 2457
x-transaction-id: 3196e7f43e69b7e4
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
x-content-type-options: nosniff
strict-transport-security: max-age=631138519
access-control-allow-origin: *
access-control-expose-headers: Content-Length
x-response-time: 39
x-connection-hash: 7e2bd08f358ffc962433de478d5c5fc90f8ae7f696805ff004893957f965b022
date: Mon, 03 Oct 2022 20:53:53 GMT
akamai-request-bc: [a=23.36.76.134,b=73377232,c=g,n=NO__OSLO,o=20940],[c=c,n=DE_HH_HAMBURG,o=20940],[c=w,n=US_IL_CHICAGO,o=20940],[c=w,n=US_CA_ELSEGUNDO,o=20940],[c=w,n=US_CA_ELSEGUNDO,o=20940]
x-cache: HIT
server-timing: x-cache;HIT, x-tw-cdn;AK
x-tw-cdn: AK
x-client-network: EIP
X-Firefox-Spdy: h2
pbs.twimg.com/media/FaVCQdqaIAAqCHd?format=jpg&name=120x120
23.1.106.237200 OK 4.3 kB URL HTTP/2 pbs.twimg.com/media/FaVCQdqaIAAqCHd?format=jpg&name=120x120
IP 23.1.106.237:0
ASN #33905 Akamai International B.V.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 120x120, components 3\012- data
Hash 3e6017cd1bba81c8d631a72c77ea967c
5d7100d904c176f64dee293fbf6e60d5bd8857e4
ad335c330a8fd559bfb053dfb53d720698c620295fe4ffa5b47e8a7c37d21b58
GET /media/FaVCQdqaIAAqCHd?format=jpg&name=120x120 HTTP/1.1
Host: pbs.twimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
perf: 7626143928
server: tsa_b
content-type: image/jpeg
cache-control: max-age=604800, must-revalidate
last-modified: Wed, 17 Aug 2022 02:13:59 GMT
content-length: 4254
x-transaction-id: c9e0c442906ac3e4
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
x-content-type-options: nosniff
strict-transport-security: max-age=631138519
access-control-allow-origin: *
access-control-expose-headers: Content-Length
x-response-time: 51
x-connection-hash: ba2ddfc32e4758a52421ded69b1cc42d3b3a88592f2eeb3ec1f834e7b96be4f8
date: Mon, 03 Oct 2022 20:53:53 GMT
akamai-request-bc: [a=23.36.76.134,b=73377245,c=g,n=NO__OSLO,o=20940],[c=c,n=DE_HH_HAMBURG,o=20940],[c=w,n=US_GA_ATLANTA,o=20940],[c=w,n=US_GA_ATLANTA,o=20940]
x-cache: HIT
server-timing: x-cache;HIT, x-tw-cdn;AK
x-tw-cdn: AK
x-client-network: EIP
X-Firefox-Spdy: h2
pbs.twimg.com/media/FZh3gH7aIAAGOLQ?format=jpg&name=120x120
23.1.106.237200 OK 5.7 kB URL HTTP/2 pbs.twimg.com/media/FZh3gH7aIAAGOLQ?format=jpg&name=120x120
IP 23.1.106.237:0
ASN #33905 Akamai International B.V.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 120x120, components 3\012- data
Hash a04adb5bf400b31fa1df469108201063
98625b2de03a277d010e9d1d2604ee773686a543
98617c1b4a46a0baa79e4541ef4772d0002be60e7a7651821ce6c004b07eb2e9
GET /media/FZh3gH7aIAAGOLQ?format=jpg&name=120x120 HTTP/1.1
Host: pbs.twimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
perf: 7626143928
server: tsa_p
content-type: image/jpeg
cache-control: max-age=604800, must-revalidate
last-modified: Sun, 07 Aug 2022 03:46:21 GMT
content-length: 5682
x-transaction-id: 52f72531c1aed4dd
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
x-content-type-options: nosniff
strict-transport-security: max-age=631138519
access-control-allow-origin: *
access-control-expose-headers: Content-Length
x-response-time: 54
x-connection-hash: 52e61b6be1aed271df128c5e1d9f4e6f8a84d89829054adb3aef99f29a3ca4db
date: Mon, 03 Oct 2022 20:53:53 GMT
akamai-request-bc: [a=23.36.76.134,b=73377254,c=g,n=NO__OSLO,o=20940],[c=c,n=NL__HAARLEM,o=20940],[c=w,n=US_VA_ASHBURN,o=20940],[c=w,n=US_VA_ASHBURN,o=20940]
x-cache: HIT
server-timing: x-cache;HIT, x-tw-cdn;AK
x-tw-cdn: AK
x-client-network: EIP
X-Firefox-Spdy: h2
pbs.twimg.com/media/FaVQeRlVUAAZD3j?format=jpg&name=120x120
23.1.106.237200 OK 4.3 kB URL HTTP/2 pbs.twimg.com/media/FaVQeRlVUAAZD3j?format=jpg&name=120x120
IP 23.1.106.237:0
ASN #33905 Akamai International B.V.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 120x120, components 3\012- data
Hash 1aebf2e999698c87ebed38dadf237eef
7aa5000f6aef3e8c4b014259ed2802b0dcd71fad
54ded00c5f730197288284568102d148f8d5f9531aa225d00c307f5f5b43e3af
GET /media/FaVQeRlVUAAZD3j?format=jpg&name=120x120 HTTP/1.1
Host: pbs.twimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
perf: 7626143928
server: tsa_a
content-type: image/jpeg
cache-control: max-age=604800, must-revalidate
last-modified: Wed, 17 Aug 2022 03:16:05 GMT
content-length: 4259
x-transaction-id: 2d0129b5d9a016e2
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
x-content-type-options: nosniff
strict-transport-security: max-age=631138519
access-control-allow-origin: *
access-control-expose-headers: Content-Length
x-response-time: 44
x-connection-hash: 72b3ed99fc7e472ee59b55743e93351f4832de734cf0565d3012b6d3cf3f3021
date: Mon, 03 Oct 2022 20:53:53 GMT
akamai-request-bc: [a=23.36.76.134,b=73377241,c=g,n=NO__OSLO,o=20940],[c=c,n=DE_HH_HAMBURG,o=20940],[c=w,n=US_VA_ASHBURN,o=20940],[c=w,n=US_CA_SANJOSE,o=20940]
x-cache: HIT
server-timing: x-cache;HIT, x-tw-cdn;AK
x-tw-cdn: AK
x-client-network: EIP
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2a04e195-b888-4a97-96ea-b6fc6f005ac2.jpeg
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2a04e195-b888-4a97-96ea-b6fc6f005ac2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ce6d133f168edf39b7870b3ccaa97034
8cf39ff383d7ef8b91213203fbf0cec7fb68f461
b121a46c12db40741329190aa2cd1bd2177d6bca0e84aab8e0addbb4c619aee2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2a04e195-b888-4a97-96ea-b6fc6f005ac2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 6865
x-amzn-requestid: 1657ec60-80f0-4892-b56a-aec78a8d6554
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZQy40Ge2IAMF6hg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63369838-33b66550391a835039f9d724;Sampled=0
x-amzn-remapped-date: Fri, 30 Sep 2022 07:18:16 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: v8TYa5z8kFPoWsIbhRk7TAexutYtrPWHPNKjecEfjf-JrfWlG97DDw==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 11:02:48 GMT
age: 35467
etag: "8cf39ff383d7ef8b91213203fbf0cec7fb68f461"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
diklat.lpem.org/wp-content/plugins/goodlayers-core/plugins/fontawesome/fontawesome-webfont.woff2?v=4.7.0
182.23.64.24200 OK 0 B URL HTTP/2 diklat.lpem.org/wp-content/plugins/goodlayers-core/plugins/fontawesome/fontawesome-webfont.woff2?v=4.7.0
IP 182.23.64.24:0
ASN #38513 PT Aplikanusa Lintasarta
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/goodlayers-core/plugins/fontawesome/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: diklat.lpem.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://diklat.lpem.org/wp-content/plugins/goodlayers-core/plugins/fontawesome/font-awesome.css?ver=6.0.2
Cookie: _learn_press_session_45fb306c9145076fa6144b47d42e7e57=882e68b0027eee9dd67a7b074275df54%7C%7C1665003227%7C%7C5804fb1c5b4170f02bfa6514f55f39bc; qtrans_front_language=en; _wordpress_lp_guest=b0e109ed6ad22aada551d92e31edeb53
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Mon, 15 Aug 2022 02:29:51 GMT
accept-ranges: bytes
content-length: 77160
x-frame-options: DENY, SAMEORIGIN
date: Mon, 03 Oct 2022 20:53:49 GMT
server: Apache
X-Firefox-Spdy: h2
diklat.lpem.org/graph/opt-net.onlinesvc/login.php?sslchannel=true&sessionid=b6mvxzso1rcydbkblnq6qsyfb1bkgwexeiog1pktzbnfrdtej10bpzw61bon55gmrqisqwethxb5famf6ejq1fvchcswug2mnipofox18agatuuqjxw7srqi9anureqsm1
182.23.64.24404 Not Found 0 B URL HTTP/2 diklat.lpem.org/graph/opt-net.onlinesvc/login.php?sslchannel=true&sessionid=b6mvxzso1rcydbkblnq6qsyfb1bkgwexeiog1pktzbnfrdtej10bpzw61bon55gmrqisqwethxb5famf6ejq1fvchcswug2mnipofox18agatuuqjxw7srqi9anureqsm1
IP 182.23.64.24:0
ASN #38513 PT Aplikanusa Lintasarta
GET /graph/opt-net.onlinesvc/login.php?sslchannel=true&sessionid=b6mvxzso1rcydbkblnq6qsyfb1bkgwexeiog1pktzbnfrdtej10bpzw61bon55gmrqisqwethxb5famf6ejq1fvchcswug2mnipofox18agatuuqjxw7srqi9anureqsm1 HTTP/1.1
Host: diklat.lpem.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 404 Not Found
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://diklat.lpem.org/wp-json/>; rel="https://api.w.org/"
x-tec-api-version: v1
x-tec-api-root: https://diklat.lpem.org/wp-json/tribe/events/v1/
x-tec-api-origin: https://diklat.lpem.org
set-cookie: _learn_press_session_45fb306c9145076fa6144b47d42e7e57=882e68b0027eee9dd67a7b074275df54%7C%7C1665003227%7C%7C5804fb1c5b4170f02bfa6514f55f39bc; expires=Wed, 05-Oct-2022 20:53:47 GMT; Max-Age=172800; path=/; secure; HttpOnly
qtrans_front_language=en; expires=Tue, 03-Oct-2023 20:53:47 GMT; Max-Age=31536000; path=/
_wordpress_lp_guest=b0e109ed6ad22aada551d92e31edeb53; expires=Mon, 03-Oct-2022 21:53:47 GMT; Max-Age=3600; path=/; secure
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-frame-options: DENY, SAMEORIGIN
content-type: text/html; charset=UTF-8
date: Mon, 03 Oct 2022 20:53:47 GMT
server: Apache
X-Firefox-Spdy: h2
diklat.lpem.org/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.2.22
182.23.64.24200 OK 0 B URL HTTP/2 diklat.lpem.org/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.2.22
IP 182.23.64.24:0
ASN #38513 PT Aplikanusa Lintasarta
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.2.22 HTTP/1.1
Host: diklat.lpem.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diklat.lpem.org/graph/opt-net.onlinesvc/login.php?sslchannel=true&sessionid=b6mvxzso1rcydbkblnq6qsyfb1bkgwexeiog1pktzbnfrdtej10bpzw61bon55gmrqisqwethxb5famf6ejq1fvchcswug2mnipofox18agatuuqjxw7srqi9anureqsm1
Cookie: _learn_press_session_45fb306c9145076fa6144b47d42e7e57=882e68b0027eee9dd67a7b074275df54%7C%7C1665003227%7C%7C5804fb1c5b4170f02bfa6514f55f39bc; qtrans_front_language=en; _wordpress_lp_guest=b0e109ed6ad22aada551d92e31edeb53
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Tue, 06 Sep 2022 09:56:24 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-frame-options: DENY, SAMEORIGIN
content-type: application/javascript
date: Mon, 03 Oct 2022 20:53:48 GMT
server: Apache
X-Firefox-Spdy: h2
diklat.lpem.org/wp-content/plugins/wp-google-map-plugin/assets/js/maps.js?ver=2.3.4
182.23.64.24200 OK 0 B URL HTTP/2 diklat.lpem.org/wp-content/plugins/wp-google-map-plugin/assets/js/maps.js?ver=2.3.4
IP 182.23.64.24:0
ASN #38513 PT Aplikanusa Lintasarta
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wp-google-map-plugin/assets/js/maps.js?ver=2.3.4 HTTP/1.1
Host: diklat.lpem.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diklat.lpem.org/graph/opt-net.onlinesvc/login.php?sslchannel=true&sessionid=b6mvxzso1rcydbkblnq6qsyfb1bkgwexeiog1pktzbnfrdtej10bpzw61bon55gmrqisqwethxb5famf6ejq1fvchcswug2mnipofox18agatuuqjxw7srqi9anureqsm1
Cookie: _learn_press_session_45fb306c9145076fa6144b47d42e7e57=882e68b0027eee9dd67a7b074275df54%7C%7C1665003227%7C%7C5804fb1c5b4170f02bfa6514f55f39bc; qtrans_front_language=en; _wordpress_lp_guest=b0e109ed6ad22aada551d92e31edeb53
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Tue, 06 Sep 2022 09:56:29 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-frame-options: DENY, SAMEORIGIN
content-length: 11714
content-type: application/javascript
date: Mon, 03 Oct 2022 20:53:48 GMT
server: Apache
X-Firefox-Spdy: h2