Report - hackingdiabetes.org/

Report Overview

Submitted URL
hackingdiabetes.org/
IP
104.21.42.176
ASN
#13335 CLOUDFLARENET
Submitted
2023-03-27 20:03:21
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
2
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
silatas.pn-sangatta.go.id	unknown	2022-06-08T18:22:18Z	2023-03-14T10:17:56Z	474 B	18 kB	103.7.226.171
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-29T05:09:04Z	1.7 kB	3.5 kB	216.58.211.3
thestorestarters.com	unknown	2017-02-09T20:00:19Z	2023-02-20T14:58:51Z	450 B	9.6 kB	172.67.181.12
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-29T05:09:11Z	1.7 kB	4.4 kB	23.33.119.27
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-29T05:09:03Z	782 B	2.4 kB	35.241.9.150
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-29T05:09:31Z	413 B	5.9 kB	34.160.144.191
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-29T05:09:31Z	333 B	391 B	34.117.237.239
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-29T05:09:32Z	606 B	238 B	34.117.65.55
i.postimg.cc	23840	2018-04-11T12:01:12Z	2023-03-29T12:30:48Z	1.2 kB	1.0 MB	162.19.61.80
i.ibb.co	13485	2018-11-25T11:13:48Z	2023-03-29T13:51:20Z	2.0 kB	5.5 kB	162.19.58.157
hackingdiabetes.org	unknown	2016-04-28T22:17:40Z	2023-03-01T19:30:42Z	351 B	658 B	104.21.42.176
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-29T05:09:12Z	3.2 kB	53 kB	34.120.237.76
cdn.ampproject.org	329	2015-10-09T06:27:01Z	2023-03-29T05:34:15Z	2.3 kB	146 kB	142.250.74.65

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-03-27 20:03:32	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-03-27 20:03:32	medium	Client IP	Internal IP	ET DNS Query for .cc TLD

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (9)

	URL	Size	First Seen	Last Seen
	cdn.ampproject.org/v0/amp-carousel-0.1.js	39 kB	2023-03-26	2023-04-05
Pretty URL cdn.ampproject.org/v0/amp-carousel-0.1.js IP 142.250.74.65 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 13:36:35 Last Seen2023-04-05 01:52:47 Times Seen22 Hash 2c6e33a84a75fe03057fb662b87327de d92dd25bfa91bb41360ba07719e0e4b4a9e97e51 a387bfa60827ad30dddfc77cf8d1d10a6a921134dc0771ce186c83c0f61b4a8d Loading...

	cdn.ampproject.org/v0/amp-anim-0.1.js	6.2 kB	2023-03-26	2023-04-01
Pretty URL cdn.ampproject.org/v0/amp-anim-0.1.js IP 142.250.74.65 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 13:36:35 Last Seen2023-04-01 11:00:39 Times Seen17 Hash 150c92adc6f286b84e5f3b4685059ceb aebbc404a333dc70505393c0eaa0a4f3edfdbd87 2332b92db45cc51e2af972ac342107938b803a24a3f8fdb41443963dfb061ecc Loading...

	cdn.ampproject.org/v0/amp-lightbox-0.1.js	27 kB	2023-03-26	2023-04-01
Pretty URL cdn.ampproject.org/v0/amp-lightbox-0.1.js IP 142.250.74.65 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 13:36:35 Last Seen2023-04-01 10:37:31 Times Seen7 Hash 74604c1ea42a9e6bef7e381e95b63af4 31e13c5d058d4618506cb7427a350639cd81b898 70810fff5a9c98e3f6c67405c4c01245e1bb8d5fa51ff58f6d7cdbe489857d4f Loading...

	cdn.ampproject.org/v0/amp-iframe-0.1.js	26 kB	2023-03-26	2023-04-02
Pretty URL cdn.ampproject.org/v0/amp-iframe-0.1.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 13:36:35 Last Seen2023-04-02 21:33:34 Times Seen10 Hash c3aa5ae0f8ad26b18d173ace7a1f1646 c262269c7a8872f8c899b71ac0a98c2f2389248b 8bcb6f03385e4fd67a3537f6191dc019e325ab8064517ec102a60b5f25ea0aa7 Loading...

	cdn.ampproject.org/v0.js	283 kB	2023-03-26	2023-04-05
Pretty URL cdn.ampproject.org/v0.js IP 142.250.74.65 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 13:55:39 Last Seen2023-04-05 02:00:55 Times Seen25 Hash 9a2e0e6b09711f922415f1da110404f3 f08a3e8a1c5ea56936cf822ca5212854b0fee2d5 53e5ce6b2351efc14fb7d6becebaf224ab84ebb49ca66aac8060f721e6589eeb Loading...

	cdn.ampproject.org/v0/amp-analytics-0.1.js	112 kB	2023-03-26	2023-04-05
Pretty URL cdn.ampproject.org/v0/amp-analytics-0.1.js IP 142.250.74.65 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 13:51:28 Last Seen2023-04-05 01:56:20 Times Seen33 Hash 08a4f77359d90e21dd942ac8e6207ecb c09d73411dc3bd7f3eb2a385a563a92e452aac76 e2c08e4934ae4c7818d41f0dff0712b7e54b8d507ae0cc2bb6ef883a7ec5e5ca Loading...

	cdn.ampproject.org/v0/amp-sidebar-0.1.js	31 kB	2023-03-26	2023-04-05
Pretty URL cdn.ampproject.org/v0/amp-sidebar-0.1.js IP 142.250.74.65 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 13:36:35 Last Seen2023-04-05 01:52:47 Times Seen12 Hash deb9ac435870296d54874d4343aa83e3 50c9e9e3284cc1fbc08e273521c357ed0cd1cddf c3be0dcb64ce9c91194d3990067637bec66036c527ead4150f642d73418fda12 Loading...

	cdn.ampproject.org/rtv/012303151529000/v0/amp-auto-lightbox-0.1.js	7.9 kB	2023-03-26	2023-05-24
Pretty URL cdn.ampproject.org/rtv/012303151529000/v0/amp-auto-lightbox-0.1.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 13:36:35 Last Seen2023-05-24 04:42:53 Times Seen37 Hash 14833d02dd810291118275b6cd03bbd2 985a41b1bd255f960bbb34c899ed6625a8faf1f1 28386caebd744e1fe92aba2bca68f77e77f54c6000ac4edf14b3dd4cfd83cac1 Loading...

	cdn.ampproject.org/rtv/012303151529000/v0/amp-loader-0.1.js	13 kB	2023-03-26	2023-05-24
Pretty URL cdn.ampproject.org/rtv/012303151529000/v0/amp-loader-0.1.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 13:36:35 Last Seen2023-05-24 04:42:53 Times Seen38 Hash f7e53bd503d2bb49720646ecae4fe2f1 a2930e9645fa54cf33413cc7d36d4cd4146e21f0 bac2f6087e11a12a3bc674e9f45aaae103ddf213a5d02eed15454cae1b181226 Loading...

HTTP Transactions (38)

	URL	IP	Response	Size
	hackingdiabetes.org/	104.21.42.176	301 Moved Permanently	0 B
URL HTTP/1.1 hackingdiabetes.org/ IP 104.21.42.176:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET / HTTP/1.1 Host: hackingdiabetes.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1` HTTP/1.1 301 Moved Permanently Date: Mon, 27 Mar 2023 20:03:10 GMT Transfer-Encoding: chunked Connection: keep-alive Cache-Control: max-age=3600 Expires: Mon, 27 Mar 2023 21:03:10 GMT Location: https://thestorestarters.com/ Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yrnj9hoU2VWiEcQphrc4fbiA8YCpDacccmGJ9WJq9RbLeHLJSa0DhMwP4EyWoqEj4Oqk%2Fz%2FEwtMgH5UNaO3v3j5klb1%2FPpv8Du5SdXngwhwwdUUwjbv7HN9w86Hl1wOXoIDhpWvt"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Vary: Accept-Encoding Server: cloudflare CF-RAY: 7aea3c371dfafab8-OSL alt-svc: h2=":443"; ma=60

	r3.o.lencr.org/	23.33.119.27	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.33.119.27:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 93f633ce30c038eb581544323c5a971e 2f60526cb750c6babccc207f75fb5a8ae6f7598b 0ff6df80a892199848fb943af78541b66efc09a7ab70d4b169906fdbac1eabf8 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "0FF6DF80A892199848FB943AF78541B66EFC09A7AB70D4B169906FDBAC1EABF8" Last-Modified: Mon, 27 Mar 2023 14:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=10260 Expires: Mon, 27 Mar 2023 22:54:10 GMT Date: Mon, 27 Mar 2023 20:03:10 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.33.119.27	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.33.119.27:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash c83d39f350161ed2f5d20dcd68e47c92 2695a888e652cb314f8094cc6073c3364336d272 62e5cc6aea61c3c32acd964d4bbe143806416008181eebc4451a8f035b69a0bc HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "62E5CC6AEA61C3C32ACD964D4BBE143806416008181EEBC4451A8F035B69A0BC" Last-Modified: Mon, 27 Mar 2023 06:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=8564 Expires: Mon, 27 Mar 2023 22:25:54 GMT Date: Mon, 27 Mar 2023 20:03:10 GMT Connection: keep-alive`

	firefox.settings.services.mozilla.com/v1/	35.241.9.150	200 OK	939 B
URL HTTP/2 firefox.settings.services.mozilla.com/v1/ IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size 939 B (939 bytes) Hash 4ad6984a756720fbfff47b37a75513a2 355e35258114452af8b9638985ed9d8ef3bf0aca 43181fccb10652c68cae86e5e32b4e8f426fb5ad49d8125cb99e072cff573cf5 HTTP Headers `GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Retry-After, Content-Length, Alert, Content-Type, Backoff content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 939 via: 1.1 google date: Mon, 27 Mar 2023 19:15:45 GMT content-type: application/json age: 2845 cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2`

	r3.o.lencr.org/	23.33.119.27	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.33.119.27:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 5ad3eec59bebbf969f175627757507c1 b176af3a70db378c9e1f219bab24d9d446070d6f 704fa284035b4c9aa487331b516f5f11c324e204756ae2503bad2606ed34f25e HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "704FA284035B4C9AA487331B516F5F11C324E204756AE2503BAD2606ED34F25E" Last-Modified: Mon, 27 Mar 2023 05:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=20445 Expires: Tue, 28 Mar 2023 01:43:55 GMT Date: Mon, 27 Mar 2023 20:03:10 GMT Connection: keep-alive`

	content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain	34.160.144.191	200 OK	5.3 kB
URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain IP 34.160.144.191:0 ASN #15169 GOOGLE File type PEM certificate\012- , ASCII text Size 5.3 kB (5348 bytes) Hash e7bace7c1e04d44012e37ddffe36e5d5 3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2 6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2 HTTP Headers `GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK x-amz-id-2: zJ81WQ5noE3eQMHPlkWShK6uHOHqEibRpgn4DWFPxY11LMAvCPQXvOx28HlCo659M1oirvyGxGE= x-amz-request-id: FR5R3RAZ051DTY7B x-amz-server-side-encryption: AES256 content-disposition: attachment accept-ranges: bytes server: AmazonS3 content-length: 5348 via: 1.1 google date: Mon, 27 Mar 2023 19:55:54 GMT age: 436 last-modified: Sat, 11 Mar 2023 16:53:15 GMT etag: "e7bace7c1e04d44012e37ddffe36e5d5" content-type: binary/octet-stream cache-control: public,max-age=3600 alt-svc: clear X-Firefox-Spdy: h2

	contile.services.mozilla.com/v1/tiles	34.117.237.239	200 OK	12 B
URL HTTP/2 contile.services.mozilla.com/v1/tiles IP 34.117.237.239:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with no line terminators Size 12 B (12 bytes) Hash 23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3 HTTP Headers `GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK server: nginx date: Mon, 27 Mar 2023 20:03:10 GMT content-type: application/json content-length: 12 access-control-allow-credentials: true access-control-expose-headers: content-type vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2`

	r3.o.lencr.org/	23.33.119.27	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.33.119.27:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 851b891e49332c30f51deef69914384f 6f07f7aa983efed1662b863a4539515f95de3d48 d977e120a6b5d0d18b760b852f591ab9f2dbc6216fd2114f6b47461da2b57e0f HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "D977E120A6B5D0D18B760B852F591AB9F2DBC6216FD2114F6B47461DA2B57E0F" Last-Modified: Sat, 25 Mar 2023 04:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=2780 Expires: Mon, 27 Mar 2023 20:49:31 GMT Date: Mon, 27 Mar 2023 20:03:11 GMT Connection: keep-alive`

	firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US	35.241.9.150	200 OK	329 B
URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size 329 B (329 bytes) Hash 0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300 HTTP Headers `GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: ETag, Last-Modified, Retry-After, Content-Length, Alert, Cache-Control, Expires, Content-Type, Backoff, Pragma content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 329 via: 1.1 google date: Mon, 27 Mar 2023 19:14:35 GMT age: 2916 last-modified: Fri, 25 Mar 2022 17:45:46 GMT etag: "1648230346554" content-type: application/json cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2

	push.services.mozilla.com/	34.117.65.55	101 Switching Protocols	0 B
URL HTTP/1.1 push.services.mozilla.com/ IP 34.117.65.55:0 ASN #15169 GOOGLE File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: +RAOQWigWM1kyxhuMq4/EA== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket `HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: lL0F3wqJnTq8bTssbYnOiGCU3Q8= Date: Mon, 27 Mar 2023 20:03:11 GMT Via: 1.1 google Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000`

	r3.o.lencr.org/	23.33.119.27	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.33.119.27:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash be1cd1cf8e462ca6f6acb2f132e614d5 037f3bc7ab850fa2c69f2584bb24340b25bb6f3c e212abd38fd1ccc428a4c480913938f8ea6e9da873ebe73df55cdbee7fff2efa HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "E212ABD38FD1CCC428A4C480913938F8EA6E9DA873EBE73DF55CDBEE7FFF2EFA" Last-Modified: Sun, 26 Mar 2023 15:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=7806 Expires: Mon, 27 Mar 2023 22:13:19 GMT Date: Mon, 27 Mar 2023 20:03:13 GMT Connection: keep-alive`

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F217b24c4-6cf4-4be4-bdbf-764890bd9672.jpeg	34.120.237.76	200 OK	4.8 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F217b24c4-6cf4-4be4-bdbf-764890bd9672.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 4.8 kB (4775 bytes) Hash 8cc79a830964d923d24a45f5ccc9939b 557cc4827414912c41319ad961c14cce71ed4a18 b3b1c73b34057cb6e41920f3d55213ad8c193076525767c051960ec26d17ca3c HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F217b24c4-6cf4-4be4-bdbf-764890bd9672.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 4775 x-amzn-requestid: 28d0e56d-ed03-4686-bd49-34f193f1c65a x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CK96KF9coAMFvMA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-641aa9da-122cd32a6f23e8442a52464c;Sampled=0 x-amzn-remapped-date: Wed, 22 Mar 2023 07:10:18 GMT x-amz-cf-pop: HIO52-P1, SEA19-C1 x-cache: Hit from cloudfront x-amz-cf-id: psNReeBG7nAuKQXIMl1zwCVmvtZ-xwn6Fx8oAIX4wi4GCNUWNWOGMA== via: 1.1 4e4278a2778e72cc34feef6db603088c.cloudfront.net (CloudFront), 1.1 34f8ef0e4c880df0650a814412a26ea6.cloudfront.net (CloudFront), 1.1 google date: Sun, 26 Mar 2023 22:12:36 GMT age: 78637 etag: "557cc4827414912c41319ad961c14cce71ed4a18" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00ac1765-db6c-42e3-99bf-d857d27a34b9.jpeg	34.120.237.76	200 OK	5.6 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00ac1765-db6c-42e3-99bf-d857d27a34b9.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 5.6 kB (5556 bytes) Hash c831201ad81f55c63c1b101ce854a810 0e9b952f6489f0a5f4862d3bea2fbe0ecdd379e5 c854489720d2ca4a95eef00addda0fcdaf481402d044df7725282654a97eb54a HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00ac1765-db6c-42e3-99bf-d857d27a34b9.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 5556 x-amzn-requestid: 6b050645-14aa-47f7-b4a5-2e27abbe5115 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CM69eHE3IAMF0Yw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-641b71ef-6ab2948e2bf2578f29798372;Sampled=0 x-amzn-remapped-date: Wed, 22 Mar 2023 21:23:59 GMT x-amz-cf-pop: SEA19-C1 x-cache: Hit from cloudfront x-amz-cf-id: CgU9j02Bnw0UdIwQ3sRCDvJoPitHIAUTRDhLH_PMXYlAPoAwSbv6Iw== via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 4d8620b80ebe37d366388e117039aa8e.cloudfront.net (CloudFront), 1.1 google date: Mon, 27 Mar 2023 05:36:52 GMT age: 51981 etag: "0e9b952f6489f0a5f4862d3bea2fbe0ecdd379e5" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4429ed9b-a655-45dc-a59b-78db53c9c2f6.jpeg	34.120.237.76	200 OK	12 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4429ed9b-a655-45dc-a59b-78db53c9c2f6.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 12 kB (12017 bytes) Hash e999a9d79efe60a30b2942c5f2940294 c3891c43b16521f66eb3a52d83694de2ddd39871 290ed1232883a4ec63ef42c30f40b819983c5544e35261d2d1e0d1e55d0c8b07 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4429ed9b-a655-45dc-a59b-78db53c9c2f6.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 12017 x-amzn-requestid: 4f61a0c7-4b18-4289-b47c-eeeff93d873f x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: Ca6yQGNtoAMFsxw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-64210b41-350e4e2425d9606e478872b5;Sampled=0 x-amzn-remapped-date: Mon, 27 Mar 2023 03:19:29 GMT x-amz-cf-pop: HIO52-P1, SEA19-C1 x-cache: Hit from cloudfront x-amz-cf-id: TCzHm5qTtnAUDSmayc-LLFmDfV7o6PaaYYfVtN_w7cC3o66HCa3DEg== via: 1.1 b3cdce1c2fc39b89f45c98c417351f26.cloudfront.net (CloudFront), 1.1 0a2ce08fa1ec3c33302a7547d3305978.cloudfront.net (CloudFront), 1.1 google date: Mon, 27 Mar 2023 03:34:08 GMT age: 59345 etag: "c3891c43b16521f66eb3a52d83694de2ddd39871" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d7ce900-ce9b-481b-9205-9748eeded2e8.jpeg	34.120.237.76	200 OK	10 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d7ce900-ce9b-481b-9205-9748eeded2e8.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 10 kB (10405 bytes) Hash 22905e8a7c8b1741dd51842c114a6517 c5900fe2396e0ca371c4847af4e96149850c3577 1525f9f39c09370fcb1f58f079f2d741a4c6d13fba26e6dd5b79466153d7685e HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d7ce900-ce9b-481b-9205-9748eeded2e8.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 10405 x-amzn-requestid: 0b8dad7a-2ec1-4eed-9a2c-06079ed46662 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CRi69E9xoAMFiJg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-641d4b79-2f606ac041c5db24583c8d51;Sampled=0 x-amzn-remapped-date: Fri, 24 Mar 2023 07:04:25 GMT x-amz-cf-pop: SEA19-C1 x-cache: Hit from cloudfront x-amz-cf-id: qbbEi0tXZLKo6qjrbJMtTHdhWziYrLrgzY1hzt_LrQJoeDDBbJnZBA== via: 1.1 4b800f7fa2c3fbb9f4f3c505b0df315e.cloudfront.net (CloudFront), 1.1 b48dedcc55e63f14261aa92cf2d61522.cloudfront.net (CloudFront), 1.1 google date: Mon, 27 Mar 2023 05:54:17 GMT age: 50936 etag: "c5900fe2396e0ca371c4847af4e96149850c3577" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccb0254d-5c75-4e14-a0c6-04283194ce5b.jpeg	34.120.237.76	200 OK	11 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccb0254d-5c75-4e14-a0c6-04283194ce5b.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 11 kB (10591 bytes) Hash 668a8a17a1bb77ea7db7fa23c9df9690 242108539ff8694a3c557d07b2b000e764a77f24 100952573dc9eeba889a77f4d148b646accb99f277035f0607b1c6918f93a358 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccb0254d-5c75-4e14-a0c6-04283194ce5b.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 10591 x-amzn-requestid: 8359ddc1-a6c6-4caf-9de3-f2eb4dcb0c78 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CaIO-F0QIAMF5_A= x-content-type-options: nosniff x-amzn-trace-id: Root=1-6420ba5f-72ee066911fdddb62c4a201d;Sampled=0 x-amzn-remapped-date: Sun, 26 Mar 2023 21:34:23 GMT x-amz-cf-pop: HIO50-C1, SEA19-C1 x-cache: Miss from cloudfront x-amz-cf-id: hfm1xuKZ-Olu263DvYfbYlEnANaiIL9e7jEDUqDAf3ihT5N2HAdyIA== via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 60b744e5b364d04abea9fa6686121242.cloudfront.net (CloudFront), 1.1 google date: Sun, 26 Mar 2023 21:49:30 GMT age: 80023 etag: "242108539ff8694a3c557d07b2b000e764a77f24" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3fb4d16c-eef2-49cc-ac24-b125a7d6d9e0.jpeg	34.120.237.76	200 OK	3.6 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3fb4d16c-eef2-49cc-ac24-b125a7d6d9e0.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 3.6 kB (3589 bytes) Hash 1ec08d4bd079a92161fc80f41281b5a9 bf61369962342cce85de8f48942b4b150fd2721e 8a8ed12c31d89d71c3cb88f0813ded83939529206461e917dcb0b8bc11abdda4 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3fb4d16c-eef2-49cc-ac24-b125a7d6d9e0.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 3589 x-amzn-requestid: 9c09af43-79e8-4734-b28b-4194e0bb1e4e x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CW1uyE2joAMF50g= x-content-type-options: nosniff x-amzn-trace-id: Root=1-641f6991-7607d33f6301182b591c56e8;Sampled=0 x-amzn-remapped-date: Sat, 25 Mar 2023 21:37:21 GMT x-amz-cf-pop: SEA19-C1 x-cache: Miss from cloudfront x-amz-cf-id: pjRA439kqSg5daR_Zuvsf2l45R4oqv3AMWNiMCGQ_C5o2KA8kEd3TQ== via: 1.1 46673955829b59a6da0ab071e0b7fbea.cloudfront.net (CloudFront), 1.1 27a84054de24e45f952ea4056a821764.cloudfront.net (CloudFront), 1.1 google date: Sun, 26 Mar 2023 21:37:24 GMT age: 80749 etag: "bf61369962342cce85de8f48942b4b150fd2721e" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	silatas.pn-sangatta.go.id/wp-includes/slot88/	103.7.226.171	200 OK	18 kB
URL HTTP/2 silatas.pn-sangatta.go.id/wp-includes/slot88/ IP 103.7.226.171:0 ASN #59135 PT Suraloka Digital Kreatif File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (614), with CRLF line terminators Size 18 kB (18099 bytes) Hash b973dc4426dd51f84d16696ae2ce7116 81dd19459a04ea8f69ab6689ec3349f10f63dd62 6a0a7afa271bc572d03b00d4a52fd87b851d3d54166bb6158fa212866ec26983 HTTP Headers `GET /wp-includes/slot88/ HTTP/1.1 Host: silatas.pn-sangatta.go.id User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1` `HTTP/2 200 OK content-type: text/html; charset=UTF-8 content-encoding: br vary: Accept-Encoding,User-Agent date: Mon, 27 Mar 2023 20:03:13 GMT server: LiteSpeed alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000 X-Firefox-Spdy: h2`

	ocsp.pki.goog/gts1c3	216.58.211.3	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 216.58.211.3:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash e7572d56fc95ba9422671569beff1efc b6c91d5224666dbde966b4ccee4e1063243b4a40 0962d6314b81d47eedd54692f65a1aba9dbcff8f849c0281424a02ec31c39b54 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Mon, 27 Mar 2023 20:03:13 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.pki.goog/gts1c3	216.58.211.3	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 216.58.211.3:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 30c4a2d9b8af588bc31eaad26ec79cc8 dfeb64784d37544148f92dcd52a4033948215834 ad0b44a874fea60419f224b0a1cf91188f312b6738577d33ef1f9b0e523ec316 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Mon, 27 Mar 2023 20:03:13 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.pki.goog/gts1c3	216.58.211.3	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 216.58.211.3:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 30c4a2d9b8af588bc31eaad26ec79cc8 dfeb64784d37544148f92dcd52a4033948215834 ad0b44a874fea60419f224b0a1cf91188f312b6738577d33ef1f9b0e523ec316 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Mon, 27 Mar 2023 20:03:13 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.pki.goog/gts1c3	216.58.211.3	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 216.58.211.3:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 30c4a2d9b8af588bc31eaad26ec79cc8 dfeb64784d37544148f92dcd52a4033948215834 ad0b44a874fea60419f224b0a1cf91188f312b6738577d33ef1f9b0e523ec316 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Mon, 27 Mar 2023 20:03:13 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	cdn.ampproject.org/v0/amp-carousel-0.1.js	142.250.74.65	200 OK	12 kB
URL HTTP/2 cdn.ampproject.org/v0/amp-carousel-0.1.js IP 142.250.74.65:0 ASN #15169 GOOGLE File type Unicode text, UTF-8 text, with very long lines (38641) Size 12 kB (11504 bytes) Hash 1d9707d427ec80d0bd900ab6b443a7e9 2a3e9dfdce388491e1cb3a3229e260bcae273a77 cd1faefd3c3aa97cc140d391453e63db81ee5ca958732b13bb80380198d308a9 HTTP Headers `GET /v0/amp-carousel-0.1.js HTTP/1.1 Host: cdn.ampproject.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://silatas.pn-sangatta.go.id/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK accept-ranges: bytes vary: Accept-Encoding content-encoding: br content-type: text/javascript; charset=UTF-8 access-control-allow-origin: * content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp cross-origin-resource-policy: cross-origin cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available" report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} timing-allow-origin: * content-length: 11504 date: Mon, 27 Mar 2023 20:03:13 GMT expires: Mon, 27 Mar 2023 20:03:13 GMT cache-control: private, max-age=604800, stale-while-revalidate=604800 etag: "caf8d55f820848fa" strict-transport-security: max-age=31536000; includeSubDomains; preload x-content-type-options: nosniff server: sffe x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	cdn.ampproject.org/v0/amp-anim-0.1.js	142.250.74.65	200 OK	2.5 kB
URL HTTP/2 cdn.ampproject.org/v0/amp-anim-0.1.js IP 142.250.74.65:0 ASN #15169 GOOGLE File type ASCII text, with very long lines (6064) Size 2.5 kB (2482 bytes) Hash 1d3a8a800135725c68acf1a6d55dccb9 4ea8eaaa56333ef7a1ed9a68f812fdd62268182a ac6003828e4c2d872b1d956caa73da602e3eb806a84046a40d00198e89fffd6b HTTP Headers `GET /v0/amp-anim-0.1.js HTTP/1.1 Host: cdn.ampproject.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://silatas.pn-sangatta.go.id/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK accept-ranges: bytes vary: Accept-Encoding content-encoding: br content-type: text/javascript; charset=UTF-8 access-control-allow-origin: * content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp cross-origin-resource-policy: cross-origin cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available" report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} timing-allow-origin: * content-length: 2482 date: Mon, 27 Mar 2023 20:03:13 GMT expires: Mon, 27 Mar 2023 20:03:13 GMT cache-control: private, max-age=604800, stale-while-revalidate=604800 etag: "e501fec8fbebaa0b" strict-transport-security: max-age=31536000; includeSubDomains; preload x-content-type-options: nosniff server: sffe x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	cdn.ampproject.org/v0/amp-lightbox-0.1.js	142.250.74.65	200 OK	8.5 kB
URL HTTP/2 cdn.ampproject.org/v0/amp-lightbox-0.1.js IP 142.250.74.65:0 ASN #15169 GOOGLE File type ASCII text, with very long lines (26576) Size 8.5 kB (8534 bytes) Hash 227bbd2898b10db3f5a6367992cda6e5 ed8a4bd1f8db90ef46fa3162f14cfae506961b09 61e61d60be14afe21d3c2e325fc53bebbd80d07cb27f22a41ad678ca233e3426 HTTP Headers `GET /v0/amp-lightbox-0.1.js HTTP/1.1 Host: cdn.ampproject.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://silatas.pn-sangatta.go.id/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK accept-ranges: bytes vary: Accept-Encoding content-encoding: br content-type: text/javascript; charset=UTF-8 access-control-allow-origin: * content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp cross-origin-resource-policy: cross-origin cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available" report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} timing-allow-origin: * content-length: 8534 date: Mon, 27 Mar 2023 20:03:13 GMT expires: Mon, 27 Mar 2023 20:03:13 GMT cache-control: private, max-age=604800, stale-while-revalidate=604800 etag: "22890de63eda835d" strict-transport-security: max-age=31536000; includeSubDomains; preload x-content-type-options: nosniff server: sffe x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	cdn.ampproject.org/v0/amp-sidebar-0.1.js	142.250.74.65	200 OK	9.7 kB
URL HTTP/2 cdn.ampproject.org/v0/amp-sidebar-0.1.js IP 142.250.74.65:0 ASN #15169 GOOGLE File type ASCII text, with very long lines (31286) Size 9.7 kB (9655 bytes) Hash e3fdebcc8b17ffb957eb2d36285ee1e8 ffb204fcc2b6d2aefe44ace97099a9c92d01d236 652132ff6b05da7c1eb79bf04b72b6e2ce7c3a06a289f8163571bc346e990931 HTTP Headers `GET /v0/amp-sidebar-0.1.js HTTP/1.1 Host: cdn.ampproject.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://silatas.pn-sangatta.go.id/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK accept-ranges: bytes vary: Accept-Encoding content-encoding: br content-type: text/javascript; charset=UTF-8 access-control-allow-origin: * content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp cross-origin-resource-policy: cross-origin cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available" report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} timing-allow-origin: * content-length: 9655 date: Mon, 27 Mar 2023 20:03:13 GMT expires: Mon, 27 Mar 2023 20:03:13 GMT cache-control: private, max-age=604800, stale-while-revalidate=604800 etag: "d091ee8410bc582a" strict-transport-security: max-age=31536000; includeSubDomains; preload x-content-type-options: nosniff server: sffe x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	thestorestarters.com/	172.67.181.12	301 Moved Permanently	9.0 kB
URL HTTP/2 thestorestarters.com/ IP 172.67.181.12:0 ASN #13335 CLOUDFLARENET File type data Size 9.0 kB (8958 bytes) Hash 6073e1a14c4cefa39f8c47778edcf568 d98a37e3623d0a66a678e7eee8f6452486aae58d db0ea1ab2b0a9f17d5b2d622908fe3f26ac6ccce10eede23f7a2625e66df2141 HTTP Headers `GET / HTTP/1.1 Host: thestorestarters.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1` HTTP/2 301 Moved Permanently date: Mon, 27 Mar 2023 20:03:11 GMT location: https://www.swachhsurvekshan2020.org/ cache-control: max-age=3600 expires: Mon, 27 Mar 2023 21:03:11 GMT report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d7S5yoLFD2mWcHrrvBZNd2%2BDI2foq%2BtcVtoFt5rjrnpHU9ejsgmq2boWlNPp0762cLfEw6r2Z4WewJjvHW648iRXwe5uTOqaku1JLfelKBI%2FTsekSc2vyED%2BlXpySDfjWEmp%2Fheikw%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 7aea3c3abca60b51-OSL alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

	cdn.ampproject.org/v0/amp-analytics-0.1.js	142.250.74.65	200 OK	32 kB
URL HTTP/2 cdn.ampproject.org/v0/amp-analytics-0.1.js IP 142.250.74.65:0 ASN #15169 GOOGLE File type ASCII text, with very long lines (65534) Size 32 kB (32057 bytes) Hash 50a510f45a9a810ada25947a25aec261 0f62c209ff311da354bace01a17a5d242256cd00 eb54025e22ff5879a63980f15d41d59ecb95499bd880044251ac8c2f8583a1d3 HTTP Headers `GET /v0/amp-analytics-0.1.js HTTP/1.1 Host: cdn.ampproject.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://silatas.pn-sangatta.go.id/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` HTTP/2 200 OK accept-ranges: bytes vary: Accept-Encoding content-encoding: br content-type: text/javascript; charset=UTF-8 access-control-allow-origin: * content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp cross-origin-resource-policy: cross-origin cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available" report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} timing-allow-origin: * content-length: 32057 date: Mon, 27 Mar 2023 20:03:13 GMT expires: Mon, 27 Mar 2023 20:03:13 GMT cache-control: private, max-age=604800, stale-while-revalidate=604800 etag: "972da368acb7d622" strict-transport-security: max-age=31536000; includeSubDomains; preload x-content-type-options: nosniff server: sffe x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	cdn.ampproject.org/v0.js	142.250.74.65	200 OK	73 kB
URL HTTP/2 cdn.ampproject.org/v0.js IP 142.250.74.65:0 ASN #15169 GOOGLE File type Unicode text, UTF-8 text, with very long lines (64684) Size 73 kB (72700 bytes) Hash 6b1070567ae747db01dd7666bda2f4fc f3913e39dca9e0016da9b7a70c0b0817e62cec58 3fcc19a28b6a11bd7faeb910dbe11c7af64c03748bd23d557018a456c2aabdd2 HTTP Headers `GET /v0.js HTTP/1.1 Host: cdn.ampproject.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://silatas.pn-sangatta.go.id/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK accept-ranges: bytes vary: Accept-Encoding content-encoding: br content-type: text/javascript; charset=UTF-8 access-control-allow-origin: * content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp cross-origin-resource-policy: cross-origin cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available" report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} timing-allow-origin: * content-length: 72700 date: Mon, 27 Mar 2023 20:03:13 GMT expires: Mon, 27 Mar 2023 20:03:13 GMT cache-control: private, max-age=3000, stale-while-revalidate=1206600 etag: "629cb52c72f9013c" strict-transport-security: max-age=31536000; includeSubDomains; preload x-content-type-options: nosniff server: sffe x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	216.58.211.3	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 216.58.211.3:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash e7572d56fc95ba9422671569beff1efc b6c91d5224666dbde966b4ccee4e1063243b4a40 0962d6314b81d47eedd54692f65a1aba9dbcff8f849c0281424a02ec31c39b54 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Mon, 27 Mar 2023 20:03:13 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	i.postimg.cc/xCMmVSJz/favicon-slot88.png	162.19.61.80	200 OK	6.5 kB
URL HTTP/2 i.postimg.cc/xCMmVSJz/favicon-slot88.png IP 162.19.61.80:0 ASN #16276 OVH SAS File type PNG image data, 60 x 60, 8-bit/color RGBA, non-interlaced\012- data Size 6.5 kB (6489 bytes) Hash aad5fd5d62eea39f4272eea550d5d44f 6af7c8a0e5396dc3c8e10fdf22381efa15322eea 52cd1627055cc1286dce8c434c609bcd71b29f3a47fd85b949dd99eaad1f3f2e HTTP Headers `GET /xCMmVSJz/favicon-slot88.png HTTP/1.1 Host: i.postimg.cc User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://silatas.pn-sangatta.go.id/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK server: nginx date: Mon, 27 Mar 2023 20:03:13 GMT content-type: image/png content-length: 6489 last-modified: Fri, 04 Nov 2022 10:40:01 GMT expires: Thu, 31 Dec 2037 23:55:55 GMT cache-control: max-age=315360000, public access-control-allow-origin: * access-control-allow-methods: GET, OPTIONS accept-ranges: bytes X-Firefox-Spdy: h2`

	i.postimg.cc/WzNSs0vj/images.jpg	162.19.61.80	200 OK	16 kB
URL HTTP/2 i.postimg.cc/WzNSs0vj/images.jpg IP 162.19.61.80:0 ASN #16276 OVH SAS File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 310x163, components 3\012- data Size 16 kB (15641 bytes) Hash ed18b776f3ddbe7ee59bf1d9d0305ac4 c02fd316c5d9fe63e21db452426bacea67ffe9e8 3a2e624819d7c40e07295ecc5f95829b5f87bfe19efdc534b0f7404888e9c308 HTTP Headers `GET /WzNSs0vj/images.jpg HTTP/1.1 Host: i.postimg.cc User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://silatas.pn-sangatta.go.id/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` `HTTP/2 200 OK server: nginx date: Mon, 27 Mar 2023 20:03:13 GMT content-type: image/jpeg content-length: 15641 last-modified: Sat, 18 Feb 2023 13:02:29 GMT expires: Thu, 31 Dec 2037 23:55:55 GMT cache-control: max-age=315360000, public access-control-allow-origin: * access-control-allow-methods: GET, OPTIONS accept-ranges: bytes X-Firefox-Spdy: h2`

	i.ibb.co/r0q6W1F/whatsapp.png	162.19.58.157	200 OK	708 B
URL HTTP/2 i.ibb.co/r0q6W1F/whatsapp.png IP 162.19.58.157:0 ASN #16276 OVH SAS File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data Size 708 B (708 bytes) Hash b1f02d6c2aaaecce195af1d0d29de25e a097a02f5e3f9e91246ef38f7f12aff91c11a7bd 2f63bdc7a7cf3d7860ae2f1df75c6624bc5666c9f7830b64eac4ca45a95c32f1 HTTP Headers `GET /r0q6W1F/whatsapp.png HTTP/1.1 Host: i.ibb.co User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://silatas.pn-sangatta.go.id/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK server: nginx date: Mon, 27 Mar 2023 20:03:14 GMT content-type: image/png content-length: 708 last-modified: Tue, 27 Dec 2022 11:59:05 GMT expires: Thu, 31 Dec 2037 23:55:55 GMT cache-control: max-age=315360000, public access-control-allow-origin: * access-control-allow-methods: GET, OPTIONS accept-ranges: bytes X-Firefox-Spdy: h2`

	i.ibb.co/bHV20jk/home.png	162.19.58.157	200 OK	660 B
URL HTTP/2 i.ibb.co/bHV20jk/home.png IP 162.19.58.157:0 ASN #16276 OVH SAS File type PNG image data, 18 x 18, 8-bit/color RGBA, non-interlaced\012- data Size 660 B (660 bytes) Hash 1376f1914975f9a07b08c111f3f7b9ba 02442bf2b36f107e78e5b4f37143c8863f9c3ff3 65da66d6aa4a272502d1815af29827e802c05673df99dc9688e07ada6edd8da6 HTTP Headers `GET /bHV20jk/home.png HTTP/1.1 Host: i.ibb.co User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://silatas.pn-sangatta.go.id/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK server: nginx date: Mon, 27 Mar 2023 20:03:14 GMT content-type: image/png content-length: 660 last-modified: Tue, 27 Dec 2022 11:58:08 GMT expires: Thu, 31 Dec 2037 23:55:55 GMT cache-control: max-age=315360000, public access-control-allow-origin: * access-control-allow-methods: GET, OPTIONS accept-ranges: bytes X-Firefox-Spdy: h2`

	i.ibb.co/bLSW0B2/login.png	162.19.58.157	200 OK	677 B
URL HTTP/2 i.ibb.co/bLSW0B2/login.png IP 162.19.58.157:0 ASN #16276 OVH SAS File type PNG image data, 18 x 18, 8-bit/color RGBA, non-interlaced\012- data Size 677 B (677 bytes) Hash 198591d84be9893d9facf87e613cc7bd 35c33a2ccf597684cc4dfeef5e55f1ec8e4757a3 29aa01cf10475e439c526c2d70d453ceb1ab847c5b8d10e547db215e95ed0f2a HTTP Headers `GET /bLSW0B2/login.png HTTP/1.1 Host: i.ibb.co User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://silatas.pn-sangatta.go.id/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK server: nginx date: Mon, 27 Mar 2023 20:03:14 GMT content-type: image/png content-length: 677 last-modified: Tue, 27 Dec 2022 12:06:13 GMT expires: Thu, 31 Dec 2037 23:55:55 GMT cache-control: max-age=315360000, public access-control-allow-origin: * access-control-allow-methods: GET, OPTIONS accept-ranges: bytes X-Firefox-Spdy: h2`

	i.ibb.co/M9Sm2xp/telegram.png	162.19.58.157	200 OK	435 B
URL HTTP/2 i.ibb.co/M9Sm2xp/telegram.png IP 162.19.58.157:0 ASN #16276 OVH SAS File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data Size 435 B (435 bytes) Hash 33cd0ac7dce1a9aca94886532efc02e3 e330e29b8dfeb78c9f974b580a80fa63d84714c8 50adff0be335d59ff2a82c0b2627e06585ba01afc565e8ea6f8d19ead8f21525 HTTP Headers `GET /M9Sm2xp/telegram.png HTTP/1.1 Host: i.ibb.co User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://silatas.pn-sangatta.go.id/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK server: nginx date: Mon, 27 Mar 2023 20:03:14 GMT content-type: image/png content-length: 435 last-modified: Tue, 27 Dec 2022 11:58:44 GMT expires: Thu, 31 Dec 2037 23:55:55 GMT cache-control: max-age=315360000, public access-control-allow-origin: * access-control-allow-methods: GET, OPTIONS accept-ranges: bytes X-Firefox-Spdy: h2`

	i.ibb.co/hd3QP5h/live-chat.png	162.19.58.157	200 OK	1.3 kB
URL HTTP/2 i.ibb.co/hd3QP5h/live-chat.png IP 162.19.58.157:0 ASN #16276 OVH SAS File type PNG image data, 42 x 42, 8-bit/color RGBA, non-interlaced\012- data Size 1.3 kB (1271 bytes) Hash fdeeb709d92a951ed3af7d8c1841e381 fe5d01404cd823ea46b718699fb5ba1713a35954 caf2b46df6a2ab12c80b6f382f52d72ccc87ba363fadaf41fa5de48f7f167e24 HTTP Headers `GET /hd3QP5h/live-chat.png HTTP/1.1 Host: i.ibb.co User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://silatas.pn-sangatta.go.id/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK server: nginx date: Mon, 27 Mar 2023 20:03:14 GMT content-type: image/png content-length: 1271 last-modified: Tue, 27 Dec 2022 11:58:20 GMT expires: Thu, 31 Dec 2037 23:55:55 GMT cache-control: max-age=315360000, public access-control-allow-origin: * access-control-allow-methods: GET, OPTIONS accept-ranges: bytes X-Firefox-Spdy: h2`

	i.postimg.cc/pT90kvCX/favicon.gif	162.19.61.80	200 OK	992 kB
URL HTTP/2 i.postimg.cc/pT90kvCX/favicon.gif IP 162.19.61.80:0 ASN #16276 OVH SAS File type GIF image data, version 89a, 423 x 223\012- data Size 992 kB (991671 bytes) Hash ba54b6ad8e4ce3ab708aaeff21fb96c3 0b67104f2432dcd87290c789c4513fc7275ac983 1efe875f2925e6c2e674e466a7ac02f9ab940bb53b222fe2ebfd5ab22b28db27 HTTP Headers `GET /pT90kvCX/favicon.gif HTTP/1.1 Host: i.postimg.cc User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://silatas.pn-sangatta.go.id/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` `HTTP/2 200 OK server: nginx date: Mon, 27 Mar 2023 20:03:13 GMT content-type: image/gif content-length: 991671 last-modified: Sat, 04 Feb 2023 03:32:41 GMT expires: Thu, 31 Dec 2037 23:55:55 GMT cache-control: max-age=315360000, public access-control-allow-origin: * access-control-allow-methods: GET, OPTIONS accept-ranges: bytes X-Firefox-Spdy: h2`

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (9)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML