| k43rf74h9m.fcyz.my.id/img/tittle2.png | 188.114.97.1 | 200 OK | 24 kB |
URL GET HTTP/3k43rf74h9m.fcyz.my.id/img/tittle2.png IP188.114.97.1:443
Requested byhttps://k43rf74h9m.fcyz.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectfcyz.my.id Fingerprint4E:DD:47:65:E3:FA:D8:81:E3:A7:B4:86:FC:92:8F:24:8B:0E:73:25 ValidityTue, 26 Mar 2024 06:26:09 GMT - Mon, 24 Jun 2024 06:26:08 GMT
File typePNG image data, 151 x 45, 8-bit/color RGBA, non-interlaced Hash43b12100b99f0747a7d74c5eadd7f559 f2ee9778c4fc202120720817037040fc479825c8 10247b341cbfb00357771f67d54e8650b15a776829b91a1d8a6cd80418eee50c
Analyzer | Verdict | Alert | OpenPhish | phishing | Garena |
GET /img/tittle2.png HTTP/1.1
Host: k43rf74h9m.fcyz.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://k43rf74h9m.fcyz.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 04:48:21 GMT
content-type: image/png
content-length: 24103
cache-control: public, max-age=604800
expires: Wed, 24 Apr 2024 00:19:21 GMT
last-modified: Sat, 17 Feb 2024 06:14:04 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 102540
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mAe8BU7c081ued1upmKVA%2BsozlZRIYgTBmIv0sRFA8tXZgFxGN37Txd6IcIaCbJmg1HBkOx778Vo3zf3UWtSG%2FzrPIv%2BzeX3mjQYOX0hWcl%2BwP%2BKZZcjqt3iiz8ggadeO%2FAuJBsTM9Y%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876205a3eed056af-OSL
alt-svc: h3=":443"; ma=86400
|
|
| k43rf74h9m.fcyz.my.id/img/senjata/h1.jpeg | 188.114.97.1 | 200 OK | 49 kB |
URL GET HTTP/3k43rf74h9m.fcyz.my.id/img/senjata/h1.jpeg IP188.114.97.1:443
Requested byhttps://k43rf74h9m.fcyz.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectfcyz.my.id Fingerprint4E:DD:47:65:E3:FA:D8:81:E3:A7:B4:86:FC:92:8F:24:8B:0E:73:25 ValidityTue, 26 Mar 2024 06:26:09 GMT - Mon, 24 Jun 2024 06:26:08 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 519x361, components 3 Hasha6a1ae291b8991edac5e40faa81ea050 b20a09ff8c6440b26ec9bab11df366f3fa11f9dd 4d9f7f3da20bb0794c6354e101e1d33b3c5a25b924a41e9479f1e7b4ada764f1
Analyzer | Verdict | Alert | OpenPhish | phishing | Garena |
GET /img/senjata/h1.jpeg HTTP/1.1
Host: k43rf74h9m.fcyz.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://k43rf74h9m.fcyz.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 04:48:21 GMT
content-type: image/jpeg
content-length: 49433
cache-control: public, max-age=604800
expires: Wed, 24 Apr 2024 00:19:21 GMT
last-modified: Sat, 17 Feb 2024 07:46:44 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 102540
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Gy0vfcs5Wl4FLoiwqAlbCek6sF3G9S5sxTukj55e%2Binvjr%2F614WDHt7m3zyDsqO1DrF6LCTlIfnVQvD2%2Bw4tDmLHvgomk4GcnYRz11ghzZjWeS7lnvvY%2FH00vZrdvoYNkXLKiI7ZYvk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876205a3fed756af-OSL
alt-svc: h3=":443"; ma=86400
|
|
| k43rf74h9m.fcyz.my.id/img/senjata/t2.jpg | 188.114.97.1 | 200 OK | 120 kB |
URL GET HTTP/3k43rf74h9m.fcyz.my.id/img/senjata/t2.jpg IP188.114.97.1:443
Requested byhttps://k43rf74h9m.fcyz.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectfcyz.my.id Fingerprint4E:DD:47:65:E3:FA:D8:81:E3:A7:B4:86:FC:92:8F:24:8B:0E:73:25 ValidityTue, 26 Mar 2024 06:26:09 GMT - Mon, 24 Jun 2024 06:26:08 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1080x1080, components 3 Size120 kB (119615 bytes) Hash390c51eba9889a3f8602c0c8a0d1fade 6a0574718588d909e19270dc76251fcf02ad4645 eedf5cf21bc0196270343c98473488a81bdfd5280abe8415bde3fbd046ff1e52
Analyzer | Verdict | Alert | OpenPhish | phishing | Garena |
GET /img/senjata/t2.jpg HTTP/1.1
Host: k43rf74h9m.fcyz.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://k43rf74h9m.fcyz.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 04:48:21 GMT
content-type: image/jpeg
content-length: 119615
cache-control: public, max-age=604800
expires: Wed, 24 Apr 2024 00:19:21 GMT
last-modified: Mon, 22 May 2023 07:35:53 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 102540
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8jbrhmTorrBpW7R2quX9hICLLJM2xI9YPm9b0k9ySL%2F7Mox4kJ8XZP%2BtivwEAuhmDdpTCppGeT%2BfLXpxDWBU1QeqJclhZSEMwRxijJ09xmyKtGGFtFK85K9sQUfz6gjhfjYrTPR68TA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876205a40eda56af-OSL
alt-svc: h3=":443"; ma=86400
|
|
| k43rf74h9m.fcyz.my.id/img/senjata/t3.jpg | 188.114.97.1 | 200 OK | 186 kB |
URL GET HTTP/3k43rf74h9m.fcyz.my.id/img/senjata/t3.jpg IP188.114.97.1:443
Requested byhttps://k43rf74h9m.fcyz.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectfcyz.my.id Fingerprint4E:DD:47:65:E3:FA:D8:81:E3:A7:B4:86:FC:92:8F:24:8B:0E:73:25 ValidityTue, 26 Mar 2024 06:26:09 GMT - Mon, 24 Jun 2024 06:26:08 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1080x1080, components 3 Size186 kB (185559 bytes) Hash1dd0e73b90ad26acb8d339a91e074e9c 6cb645ec8c8456146c81583abd133d5a633b3b68 de7e078ab4de666a20400e6fd1fcd815a6fe893ca77042b133f38a57de2bf556
Analyzer | Verdict | Alert | OpenPhish | phishing | Garena |
GET /img/senjata/t3.jpg HTTP/1.1
Host: k43rf74h9m.fcyz.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://k43rf74h9m.fcyz.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 04:48:21 GMT
content-type: image/jpeg
content-length: 185559
cache-control: public, max-age=604800
expires: Wed, 24 Apr 2024 00:19:21 GMT
last-modified: Mon, 22 May 2023 11:57:10 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 102540
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p3jycUsZRTjlhbH9Lj585k1U0doAG9HYXGse3YKoDPmcBNXtYOp7qGEl8ILcsQUe5dpsNqZH0RK60br%2B1fFt6%2BNtOAVwI4HvKCtxd8QfdCA8VLSwIqIIHA2sa4INkxCiDLeKgCdXdiY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876205a40edb56af-OSL
alt-svc: h3=":443"; ma=86400
|
|
| k43rf74h9m.fcyz.my.id/img/senjata/2.jpg | 188.114.97.1 | 200 OK | 49 kB |
URL GET HTTP/3k43rf74h9m.fcyz.my.id/img/senjata/2.jpg IP188.114.97.1:443
Requested byhttps://k43rf74h9m.fcyz.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectfcyz.my.id Fingerprint4E:DD:47:65:E3:FA:D8:81:E3:A7:B4:86:FC:92:8F:24:8B:0E:73:25 ValidityTue, 26 Mar 2024 06:26:09 GMT - Mon, 24 Jun 2024 06:26:08 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 544x540, components 3 Hashb5a6d62277ce3509c4486c03278f5baa e0876453362058b662d85bc96b79d3e272f4b6e0 0e32e347f1375a0869711eb1589ecc0420c2e44ccaa19acaf2b625086a63e560
Analyzer | Verdict | Alert | OpenPhish | phishing | Garena |
GET /img/senjata/2.jpg HTTP/1.1
Host: k43rf74h9m.fcyz.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://k43rf74h9m.fcyz.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 04:48:21 GMT
content-type: image/jpeg
content-length: 48611
cache-control: public, max-age=604800
expires: Wed, 24 Apr 2024 00:19:21 GMT
last-modified: Mon, 17 Jan 2022 19:33:16 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 102540
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S7eCM9B9J1XfELZcD2BXgoQQiOKIWCqtqFgeYNhQYMqssn6yo%2B4ROj8saChGlq98%2Bnl7tGYaim5BXqCtGkBtnXiaqvlMbS08%2FlkXI9iW3sKbWopSswUyHoeyd8SJmkSoJ95ImGyrBZ8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876205a40ee456af-OSL
alt-svc: h3=":443"; ma=86400
|
|
| k43rf74h9m.fcyz.my.id/img/senjata/4.jpg | 188.114.97.1 | 200 OK | 73 kB |
URL GET HTTP/3k43rf74h9m.fcyz.my.id/img/senjata/4.jpg IP188.114.97.1:443
Requested byhttps://k43rf74h9m.fcyz.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectfcyz.my.id Fingerprint4E:DD:47:65:E3:FA:D8:81:E3:A7:B4:86:FC:92:8F:24:8B:0E:73:25 ValidityTue, 26 Mar 2024 06:26:09 GMT - Mon, 24 Jun 2024 06:26:08 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1029x1280, components 3 Hashd078a634bb85179223fad3b606aa4cef ea158abcf539ce182bad1da6595b89951dae57a6 2876317ed4d3b97531299a3282da4ef8119cc0a6e653560adb827430fc59991e
Analyzer | Verdict | Alert | OpenPhish | phishing | Garena |
GET /img/senjata/4.jpg HTTP/1.1
Host: k43rf74h9m.fcyz.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://k43rf74h9m.fcyz.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 04:48:21 GMT
content-type: image/jpeg
content-length: 72574
cache-control: public, max-age=604800
expires: Wed, 24 Apr 2024 00:19:21 GMT
last-modified: Mon, 17 Jan 2022 19:33:16 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 102540
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=o%2FoguvDkzMvSUzyxWKzoB1wwqI1jXGojeil7ooTtd1PxObqk7GlUfVFioqse2WtLqXhaJuIqf5Dgah2SRaNWIm%2Bl3u0R3rfMaRigM0A8esWAuW7GnODwhm2FtV7r3wi1Uiurv6DSXb0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876205a40ee856af-OSL
alt-svc: h3=":443"; ma=86400
|
|
| k43rf74h9m.fcyz.my.id/img/senjata/5.jpg | 188.114.97.1 | 200 OK | 83 kB |
URL GET HTTP/3k43rf74h9m.fcyz.my.id/img/senjata/5.jpg IP188.114.97.1:443
Requested byhttps://k43rf74h9m.fcyz.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectfcyz.my.id Fingerprint4E:DD:47:65:E3:FA:D8:81:E3:A7:B4:86:FC:92:8F:24:8B:0E:73:25 ValidityTue, 26 Mar 2024 06:26:09 GMT - Mon, 24 Jun 2024 06:26:08 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 796x1052, components 3 Hash3cccee9d57d94fdbf74c48a850f0f98e 98c88f308741de8229882af1cbd8f2a6baf4d4de 5711c16803d5ad559dfd341cf8366d2863d2e150cb54dd9c64a9a9a642967620
Analyzer | Verdict | Alert | OpenPhish | phishing | Garena |
GET /img/senjata/5.jpg HTTP/1.1
Host: k43rf74h9m.fcyz.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://k43rf74h9m.fcyz.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 04:48:21 GMT
content-type: image/jpeg
content-length: 83104
cache-control: public, max-age=604800
expires: Wed, 24 Apr 2024 00:19:21 GMT
last-modified: Mon, 17 Jan 2022 19:33:16 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 102540
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DGEpz7nvTlqikiEU2URJl7taFD7vMKS5YIoz2HUuJluehQ5HjicaLS7j9okfo3L86Cr2%2BIygrRTcNuHJAeIHWJTZ%2F1RmK%2BTQ0g2R6tVM0lGM0UMZsLERdwf7HxUQMD5dvh0IGJ4%2FRzU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876205a40eeb56af-OSL
alt-svc: h3=":443"; ma=86400
|
|
| k43rf74h9m.fcyz.my.id/img/senjata/1.jpg | 188.114.97.1 | 200 OK | 78 kB |
URL GET HTTP/3k43rf74h9m.fcyz.my.id/img/senjata/1.jpg IP188.114.97.1:443
Requested byhttps://k43rf74h9m.fcyz.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectfcyz.my.id Fingerprint4E:DD:47:65:E3:FA:D8:81:E3:A7:B4:86:FC:92:8F:24:8B:0E:73:25 ValidityTue, 26 Mar 2024 06:26:09 GMT - Mon, 24 Jun 2024 06:26:08 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 999x1024, components 3 Hash5b9bd06824081f3370d369a3bae652e7 d6e93b6128cede7828fbc922c6c55ca8a257b303 355c5fb2f6587040eb783d3348ff54ca3ee3939c0bdee1d508a7275cfd9c2ab4
Analyzer | Verdict | Alert | OpenPhish | phishing | Garena |
GET /img/senjata/1.jpg HTTP/1.1
Host: k43rf74h9m.fcyz.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://k43rf74h9m.fcyz.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 04:48:21 GMT
content-type: image/jpeg
content-length: 78490
cache-control: public, max-age=604800
expires: Wed, 24 Apr 2024 00:19:21 GMT
last-modified: Mon, 17 Jan 2022 19:33:16 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 102540
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lKoKRA3k4Exz0RnBUGILK5A%2FNvyGX%2F2Il8VgOd3vBV7UVmkyDvV5Ps9ClUc22Rm%2FPo1pfv4F4816kRiNtRLvLIWUFxhoKLLnsK5F%2FJ6Uu%2BrLBJe3t5GOOl0SExF54wDIIPRfK2eZQHA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876205a40ee256af-OSL
alt-svc: h3=":443"; ma=86400
|
|
| k43rf74h9m.fcyz.my.id/img/senjata/6.jpg | 188.114.97.1 | 200 OK | 84 kB |
URL GET HTTP/3k43rf74h9m.fcyz.my.id/img/senjata/6.jpg IP188.114.97.1:443
Requested byhttps://k43rf74h9m.fcyz.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectfcyz.my.id Fingerprint4E:DD:47:65:E3:FA:D8:81:E3:A7:B4:86:FC:92:8F:24:8B:0E:73:25 ValidityTue, 26 Mar 2024 06:26:09 GMT - Mon, 24 Jun 2024 06:26:08 GMT
File typeJPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7], baseline, precision 8, 560x740, components 3 Hash6eed7fb4cf035039f3bba04778cc5db3 a8e6952294e705c92a86db9394874062958f8f47 9e42ff7e13eeea40c241c5406255e8efd322128dba76cfffbfa71263b41b1b8a
Analyzer | Verdict | Alert | OpenPhish | phishing | Garena |
GET /img/senjata/6.jpg HTTP/1.1
Host: k43rf74h9m.fcyz.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://k43rf74h9m.fcyz.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 04:48:21 GMT
content-type: image/jpeg
content-length: 83638
cache-control: public, max-age=604800
expires: Wed, 24 Apr 2024 00:19:21 GMT
last-modified: Mon, 17 Jan 2022 19:33:16 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 102540
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KSD3xlceyRIsTAIy%2BBtGMQLFWgXzxP%2BIx%2FSag13qxLik1xmFFjM0DHDEAimZHFJrW2KFdKBgl2D7YF%2BZVcKbgtd9qfXE6nLvAHub1ueNF5ItJd57oxuSSp04V7L9uaxJQB9q%2FvzAh4Y%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876205a41eec56af-OSL
alt-svc: h3=":443"; ma=86400
|
|
| k43rf74h9m.fcyz.my.id/img/senjata/7.jpg | 188.114.97.1 | 200 OK | 44 kB |
URL GET HTTP/3k43rf74h9m.fcyz.my.id/img/senjata/7.jpg IP188.114.97.1:443
Requested byhttps://k43rf74h9m.fcyz.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectfcyz.my.id Fingerprint4E:DD:47:65:E3:FA:D8:81:E3:A7:B4:86:FC:92:8F:24:8B:0E:73:25 ValidityTue, 26 Mar 2024 06:26:09 GMT - Mon, 24 Jun 2024 06:26:08 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 233x290, components 3 Hash3a2c83793835b5368b13d958c26b8490 3602414a07ac93f56d0a069352f1096803feaa21 cb529b14d072c791be4cb6c352e3fe0efae788e759034ebfd547c71a3f0d9bfe
Analyzer | Verdict | Alert | OpenPhish | phishing | Garena |
GET /img/senjata/7.jpg HTTP/1.1
Host: k43rf74h9m.fcyz.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://k43rf74h9m.fcyz.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 04:48:21 GMT
content-type: image/jpeg
content-length: 43744
cache-control: public, max-age=604800
expires: Wed, 24 Apr 2024 00:19:21 GMT
last-modified: Mon, 17 Jan 2022 19:33:16 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 102540
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MZfeSajrgcsUXGlcR%2BLN%2BaESOBaKv0LIVFEAoEluPPCqNOsqz2vigl114cynGd6wsQeBS4F71UcEcmGpTs7iHbUDU76DPxtJGROi9eUtb%2BZo38PrsKgWN75FsOv0dhytEqH4sB8z4X8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876205a41eed56af-OSL
alt-svc: h3=":443"; ma=86400
|
|
| k43rf74h9m.fcyz.my.id/img/senjata/9.jpg | 188.114.97.1 | 200 OK | 119 kB |
URL GET HTTP/3k43rf74h9m.fcyz.my.id/img/senjata/9.jpg IP188.114.97.1:443
Requested byhttps://k43rf74h9m.fcyz.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectfcyz.my.id Fingerprint4E:DD:47:65:E3:FA:D8:81:E3:A7:B4:86:FC:92:8F:24:8B:0E:73:25 ValidityTue, 26 Mar 2024 06:26:09 GMT - Mon, 24 Jun 2024 06:26:08 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 962x961, components 3 Size119 kB (118900 bytes) Hash1daecd6000bc56f1faf1d9cdffb67dd7 a0b0f2fcbb75bbaa84ec7857101cf93d39f3cdeb 3a124f7c8781af398764ba316b3fa7bad44e83520f78a90521b0cbb3012a783b
Analyzer | Verdict | Alert | OpenPhish | phishing | Garena |
GET /img/senjata/9.jpg HTTP/1.1
Host: k43rf74h9m.fcyz.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://k43rf74h9m.fcyz.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 04:48:21 GMT
content-type: image/jpeg
content-length: 118900
cache-control: public, max-age=604800
expires: Wed, 24 Apr 2024 00:19:21 GMT
last-modified: Mon, 17 Jan 2022 19:33:16 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 102540
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JKSqs%2FVZlzrNnJfGrwdPQLLEaBUnZ6OcWBMOMqVlAtZmSKuP6PsKsmqknboimnDOoV4uATKOeplNsMccx2JldEBL1ObLNmcr66SlrvH8p5GfVZGYBq%2BykI1yHGCcGehtKMVHiEXjlb0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876205a41ef356af-OSL
alt-svc: h3=":443"; ma=86400
|
|
| k43rf74h9m.fcyz.my.id/img/senjata/11.jpg | 188.114.97.1 | 200 OK | 47 kB |
URL GET HTTP/3k43rf74h9m.fcyz.my.id/img/senjata/11.jpg IP188.114.97.1:443
Requested byhttps://k43rf74h9m.fcyz.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectfcyz.my.id Fingerprint4E:DD:47:65:E3:FA:D8:81:E3:A7:B4:86:FC:92:8F:24:8B:0E:73:25 ValidityTue, 26 Mar 2024 06:26:09 GMT - Mon, 24 Jun 2024 06:26:08 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 560x740, components 3 Hashdae76322741301f8aa1384636c9a0b15 d1a9b81837d1660dd92b0fe3cc3439c4ece67cd0 516ec8f5074cc7e52bfc102e42923b36d36729496cc69aa6a84a1ecbd4bc44fd
Analyzer | Verdict | Alert | OpenPhish | phishing | Garena |
GET /img/senjata/11.jpg HTTP/1.1
Host: k43rf74h9m.fcyz.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://k43rf74h9m.fcyz.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 04:48:21 GMT
content-type: image/jpeg
content-length: 47405
cache-control: public, max-age=604800
expires: Wed, 24 Apr 2024 00:19:21 GMT
last-modified: Mon, 17 Jan 2022 19:33:16 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 102540
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vmDX%2BYsXywkgAWXTWjGEG1WxoozAAlNPLMGdvttvN78BKsUP7LGHJsC7nm%2FSAOdUIp887NSup%2B%2FcRnZmtRc1ufwBs%2BUNKH%2BT%2F1DO%2Ft92qlZFU76v3D7JRFhHg0ASCUyQT91zlWtoyDc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876205a41ef756af-OSL
alt-svc: h3=":443"; ma=86400
|
|
| k43rf74h9m.fcyz.my.id/img/senjata/12.jpg | 188.114.97.1 | 200 OK | 47 kB |
URL GET HTTP/3k43rf74h9m.fcyz.my.id/img/senjata/12.jpg IP188.114.97.1:443
Requested byhttps://k43rf74h9m.fcyz.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectfcyz.my.id Fingerprint4E:DD:47:65:E3:FA:D8:81:E3:A7:B4:86:FC:92:8F:24:8B:0E:73:25 ValidityTue, 26 Mar 2024 06:26:09 GMT - Mon, 24 Jun 2024 06:26:08 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 233x290, components 3 Hashda8902b3f1e8f5dbce0873022fe55ae5 b1956d7420881884baecf03d9739f8c82f857d1a 480e24cce7e7d225ffb50dc58b21a81bc99006e0894f0ef52a01203774495050
Analyzer | Verdict | Alert | OpenPhish | phishing | Garena |
GET /img/senjata/12.jpg HTTP/1.1
Host: k43rf74h9m.fcyz.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://k43rf74h9m.fcyz.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 04:48:21 GMT
content-type: image/jpeg
content-length: 47259
cache-control: public, max-age=604800
expires: Wed, 24 Apr 2024 00:19:21 GMT
last-modified: Mon, 17 Jan 2022 19:33:16 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 102540
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y6dN0SjwUvyzzj48oR5utiwdcqVOUQMflDoCVEGp71ru3Se%2B2YefrWgWSqD4OQsQippcnZRrluMhEazvu28cEZwI0zW8Yxb4X7ApFIC9lC%2BdPhGrC3sJSEw43dq595y%2Fm%2B6F9iz%2BVGM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876205a42eff56af-OSL
alt-svc: h3=":443"; ma=86400
|
|
| k43rf74h9m.fcyz.my.id/img/old/3.jpg | 188.114.97.1 | 200 OK | 58 kB |
URL GET HTTP/3k43rf74h9m.fcyz.my.id/img/old/3.jpg IP188.114.97.1:443
Requested byhttps://k43rf74h9m.fcyz.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectfcyz.my.id Fingerprint4E:DD:47:65:E3:FA:D8:81:E3:A7:B4:86:FC:92:8F:24:8B:0E:73:25 ValidityTue, 26 Mar 2024 06:26:09 GMT - Mon, 24 Jun 2024 06:26:08 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1280x1280, components 3 Hash316dfba4d81ad853bef7088dbe9737ca 38c7bdbdb9b227c060d6f5474ba807a0cdaff4a7 258a47a929eb483613c81aae8432b705d949ac9facf5a5c02d7d8d4a3db823af
Analyzer | Verdict | Alert | OpenPhish | phishing | Garena |
GET /img/old/3.jpg HTTP/1.1
Host: k43rf74h9m.fcyz.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://k43rf74h9m.fcyz.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 04:48:21 GMT
content-type: image/jpeg
content-length: 58510
cache-control: public, max-age=604800
expires: Wed, 24 Apr 2024 00:19:21 GMT
last-modified: Wed, 05 Apr 2023 14:32:56 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 102540
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZNI2%2B2zQ2pN3D9yB30EkEXUkls7eOPVyA1xRutt5%2BhiMqtWFw7Vlo6f8UWtqUD4%2FENHX4LXYmK7oOTZFZqmGKBUngqaweAMfvMvy7fXszeYjuMnfIXQZca5FKjDBxUmOjxEpy8NzZV8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876205a43f1656af-OSL
alt-svc: h3=":443"; ma=86400
|
|
| k43rf74h9m.fcyz.my.id/img/senjata/t1.jpg | 188.114.97.1 | 200 OK | 108 kB |
URL GET HTTP/3k43rf74h9m.fcyz.my.id/img/senjata/t1.jpg IP188.114.97.1:443
Requested byhttps://k43rf74h9m.fcyz.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectfcyz.my.id Fingerprint4E:DD:47:65:E3:FA:D8:81:E3:A7:B4:86:FC:92:8F:24:8B:0E:73:25 ValidityTue, 26 Mar 2024 06:26:09 GMT - Mon, 24 Jun 2024 06:26:08 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1080x1080, components 3 Size108 kB (107539 bytes) Hash3aa21e6dc07731eee8b81185daab135c 64fe84d381e69c370b271a64c4d7ea11fc5415aa bdd298959f024ab47802ce7092bc9e295f9b1de0993190e4e6fbc377cefc6564
Analyzer | Verdict | Alert | OpenPhish | phishing | Garena |
GET /img/senjata/t1.jpg HTTP/1.1
Host: k43rf74h9m.fcyz.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://k43rf74h9m.fcyz.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 04:48:21 GMT
content-type: image/jpeg
content-length: 107539
cache-control: public, max-age=604800
expires: Thu, 25 Apr 2024 04:48:21 GMT
last-modified: Mon, 22 May 2023 07:35:55 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BCdS0ZBeqfR7aUm1Wgzx9jP26mOhisE7hqE4dUM86Fuf4sUtrFU8X4CS19q6GlSIoi80cE9xctg0XIHxrMZ4HdT0Zj0JasPYMAva45IcS0Cys8D9GOxqMBDywAeYPuwzsO8QolaFhBY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876205a3fed856af-OSL
alt-svc: h3=":443"; ma=86400
|
|
| k43rf74h9m.fcyz.my.id/img/senjata/3.jpg | 188.114.97.1 | 200 OK | 78 kB |
URL GET HTTP/3k43rf74h9m.fcyz.my.id/img/senjata/3.jpg IP188.114.97.1:443
Requested byhttps://k43rf74h9m.fcyz.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectfcyz.my.id Fingerprint4E:DD:47:65:E3:FA:D8:81:E3:A7:B4:86:FC:92:8F:24:8B:0E:73:25 ValidityTue, 26 Mar 2024 06:26:09 GMT - Mon, 24 Jun 2024 06:26:08 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 997x1024, components 3 Hash22481399131d102cfd8f0a54a7cc2477 6d3d8b0ee6b75e568dc105596cd65b788a2d62a9 a932647f3f142202bc341dd50cb0c949fb4cca3f2dc39b6cc3aa749902946893
Analyzer | Verdict | Alert | OpenPhish | phishing | Garena |
GET /img/senjata/3.jpg HTTP/1.1
Host: k43rf74h9m.fcyz.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://k43rf74h9m.fcyz.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 04:48:21 GMT
content-type: image/jpeg
content-length: 77540
cache-control: public, max-age=604800
expires: Thu, 25 Apr 2024 04:48:21 GMT
last-modified: Mon, 17 Jan 2022 19:33:16 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5vDYGtLdTKYRjxY13%2F%2BDpAXTqAEDrbeYCBK%2BISbX9SOSQ%2FELoaScoaD5YnPkz6qaVs6WicW8wbikKvsOWqQXYc1nvPL%2BoGuD6goaic6pN3cvAdjeH1bE3ppAr8DnMx5Y9HeEUwQcrPY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876205a40ee556af-OSL
alt-svc: h3=":443"; ma=86400
|
|
| k43rf74h9m.fcyz.my.id/img/senjata/8.jpg | 188.114.97.1 | 200 OK | 26 kB |
URL GET HTTP/3k43rf74h9m.fcyz.my.id/img/senjata/8.jpg IP188.114.97.1:443
Requested byhttps://k43rf74h9m.fcyz.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectfcyz.my.id Fingerprint4E:DD:47:65:E3:FA:D8:81:E3:A7:B4:86:FC:92:8F:24:8B:0E:73:25 ValidityTue, 26 Mar 2024 06:26:09 GMT - Mon, 24 Jun 2024 06:26:08 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 335x354, components 3 Hash042df6ae6e2a48458b94a41111fce6da 7785d4cd7f9ab767f3ab8495e94c1888e29f0542 7b8542123bfc06f37312a1756361916d7e3f7a1af974877a63da2b2ff8dd03ab
Analyzer | Verdict | Alert | OpenPhish | phishing | Garena |
GET /img/senjata/8.jpg HTTP/1.1
Host: k43rf74h9m.fcyz.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://k43rf74h9m.fcyz.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 04:48:21 GMT
content-type: image/jpeg
content-length: 25821
cache-control: public, max-age=604800
expires: Thu, 25 Apr 2024 04:48:21 GMT
last-modified: Mon, 17 Jan 2022 19:33:16 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6LJT7OWlix2trpp26S2fkf6z7GqXyplcqvcC2oMaxpfp6llpV16TgwqvZUcWvpq5QXUEd4zrgGGKBLPJyHSKeJ%2FpTdpfgA7TiZfpiHOs9QIEC3Ci%2BhXfmSwn8e61%2BasZO90D0b%2Fap%2BI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876205a41ef256af-OSL
alt-svc: h3=":443"; ma=86400
|
|
| k43rf74h9m.fcyz.my.id/img/senjata/10.jpg | 188.114.97.1 | 200 OK | 83 kB |
URL GET HTTP/3k43rf74h9m.fcyz.my.id/img/senjata/10.jpg IP188.114.97.1:443
Requested byhttps://k43rf74h9m.fcyz.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectfcyz.my.id Fingerprint4E:DD:47:65:E3:FA:D8:81:E3:A7:B4:86:FC:92:8F:24:8B:0E:73:25 ValidityTue, 26 Mar 2024 06:26:09 GMT - Mon, 24 Jun 2024 06:26:08 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 796x1052, components 3 Hash3cccee9d57d94fdbf74c48a850f0f98e 98c88f308741de8229882af1cbd8f2a6baf4d4de 5711c16803d5ad559dfd341cf8366d2863d2e150cb54dd9c64a9a9a642967620
Analyzer | Verdict | Alert | OpenPhish | phishing | Garena |
GET /img/senjata/10.jpg HTTP/1.1
Host: k43rf74h9m.fcyz.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://k43rf74h9m.fcyz.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 04:48:21 GMT
content-type: image/jpeg
content-length: 83104
cache-control: public, max-age=604800
expires: Thu, 25 Apr 2024 04:48:21 GMT
last-modified: Mon, 17 Jan 2022 19:33:16 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ADLIN%2B5vbSkI6pdZemy4KectAvqDrqZhsCuBfB8k5rTMDIyZ0J4qvrFh3OosSYfPT1x8km%2BGJW27TyfnrC8qIwq6q3tozuf9%2B%2BujvweB%2FaHaxR6foTprYSMcXGQ9cAcgRVw6M8YhqZI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876205a41ef656af-OSL
alt-svc: h3=":443"; ma=86400
|
|
| k43rf74h9m.fcyz.my.id/img/old/1.jpg | 188.114.97.1 | 200 OK | 59 kB |
URL GET HTTP/3k43rf74h9m.fcyz.my.id/img/old/1.jpg IP188.114.97.1:443
Requested byhttps://k43rf74h9m.fcyz.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectfcyz.my.id Fingerprint4E:DD:47:65:E3:FA:D8:81:E3:A7:B4:86:FC:92:8F:24:8B:0E:73:25 ValidityTue, 26 Mar 2024 06:26:09 GMT - Mon, 24 Jun 2024 06:26:08 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1280x1280, components 3 Hashd0c711d1ab95b03a1a1f733a60ba8984 eceaead218d602337bdd89ba90fdc31bd70f0156 8e50767bd0edcca88b3b611cd905e3d05b34b04447076fcf6a3567cf55f3bb20
Analyzer | Verdict | Alert | OpenPhish | phishing | Garena |
GET /img/old/1.jpg HTTP/1.1
Host: k43rf74h9m.fcyz.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://k43rf74h9m.fcyz.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 04:48:21 GMT
content-type: image/jpeg
content-length: 58745
cache-control: public, max-age=604800
expires: Thu, 25 Apr 2024 04:48:21 GMT
last-modified: Wed, 05 Apr 2023 14:32:58 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RA3SQELkOckOqOzxx3Cm6ixLrVsgI0ga29zBUZ5xYaIyHRBy5GWoNgq95hrE196VljKtgt%2B2ZbJKdp%2B%2BXaZm4KQUTOZyALW%2BqAoERx7foaCMHGaDL9bWArCemmJXv58gTMwAUod%2BZFM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876205a42f0056af-OSL
alt-svc: h3=":443"; ma=86400
|
|
| k43rf74h9m.fcyz.my.id/img/bingkai.gif | 188.114.97.1 | 200 OK | 121 kB |
URL GET HTTP/3k43rf74h9m.fcyz.my.id/img/bingkai.gif IP188.114.97.1:443
Requested byhttps://k43rf74h9m.fcyz.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectfcyz.my.id Fingerprint4E:DD:47:65:E3:FA:D8:81:E3:A7:B4:86:FC:92:8F:24:8B:0E:73:25 ValidityTue, 26 Mar 2024 06:26:09 GMT - Mon, 24 Jun 2024 06:26:08 GMT
File typeGIF image data, version 89a, 224 x 224 Size121 kB (120915 bytes) Hash127c4202ac37e7b0f72463cebc557b0c 84284b34dd377dbd4feb444aabeb959ac3e2b217 630f7fcbba5df4d44b11d2b9afb87d9ab75ba06f203485650f0fa26b2ca9db43
Analyzer | Verdict | Alert | OpenPhish | phishing | Garena |
GET /img/bingkai.gif HTTP/1.1
Host: k43rf74h9m.fcyz.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://k43rf74h9m.fcyz.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 04:48:21 GMT
content-type: image/gif
content-length: 120915
cache-control: public, max-age=604800
expires: Thu, 25 Apr 2024 04:48:21 GMT
last-modified: Mon, 19 Feb 2024 18:07:54 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AXsUDmLpeTlqw0%2FJhy8Ad%2Bv1SB1qdLGBtulsglQpEtqb3rl5OwAf5txBJdZthWcpLjjr6942GgRN%2Bm%2Fqdfu9dSYYszTJ1p9gll2jtEaUWUhEcJmkKRQyc0bmHz18FHAtbS%2FrPZDBXVc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876205a3fed656af-OSL
alt-svc: h3=":443"; ma=86400
|
|
| k43rf74h9m.fcyz.my.id/img/old/2.jpg | 188.114.97.1 | 200 OK | 43 kB |
URL GET HTTP/3k43rf74h9m.fcyz.my.id/img/old/2.jpg IP188.114.97.1:443
Requested byhttps://k43rf74h9m.fcyz.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectfcyz.my.id Fingerprint4E:DD:47:65:E3:FA:D8:81:E3:A7:B4:86:FC:92:8F:24:8B:0E:73:25 ValidityTue, 26 Mar 2024 06:26:09 GMT - Mon, 24 Jun 2024 06:26:08 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1280x1280, components 3 Hashd90e22f880ff0e9cc33ce41a6bb541b2 a4f08fe678a177545600ba36b25c83a8daf5fd16 10bc32127a5ceb3f33fc38029145931334f6f49bd7274b62697036fd59be2f65
Analyzer | Verdict | Alert | OpenPhish | phishing | Garena |
GET /img/old/2.jpg HTTP/1.1
Host: k43rf74h9m.fcyz.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://k43rf74h9m.fcyz.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 04:48:21 GMT
content-type: image/jpeg
content-length: 42687
cache-control: public, max-age=604800
expires: Thu, 25 Apr 2024 04:48:21 GMT
last-modified: Wed, 05 Apr 2023 14:32:56 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q2QtKRYyRqMPO4JzmZhTwMb2t3d7e1UZkLbdgGG4wu%2Bu4jjB%2F7nFBSxZJC22wzDm7fSJ1djHcVNfZBsmuHhsHa86BwLjH2FUjSLWWCpzFoV6rg1m66kZUXMtr3nflI9J6snCE6lZ2x0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876205a42f0656af-OSL
alt-svc: h3=":443"; ma=86400
|
|
| k43rf74h9m.fcyz.my.id/img/old/4.jpg | 188.114.97.1 | 200 OK | 78 kB |
URL GET HTTP/3k43rf74h9m.fcyz.my.id/img/old/4.jpg IP188.114.97.1:443
Requested byhttps://k43rf74h9m.fcyz.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectfcyz.my.id Fingerprint4E:DD:47:65:E3:FA:D8:81:E3:A7:B4:86:FC:92:8F:24:8B:0E:73:25 ValidityTue, 26 Mar 2024 06:26:09 GMT - Mon, 24 Jun 2024 06:26:08 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1280x1280, components 3 Hash47bacaf7d9e42c0551f43472624e0b33 f069dea9f1f7c86358e1a5529ccac2f7e3b7369d 1a91aa8dc8c721db22e66f1f0911319aed59816a8c7e709970fbe9ca6b0c9773
Analyzer | Verdict | Alert | OpenPhish | phishing | Garena |
GET /img/old/4.jpg HTTP/1.1
Host: k43rf74h9m.fcyz.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://k43rf74h9m.fcyz.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 04:48:21 GMT
content-type: image/jpeg
content-length: 77706
cache-control: public, max-age=604800
expires: Wed, 24 Apr 2024 00:19:21 GMT
last-modified: Wed, 05 Apr 2023 14:32:56 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 102540
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=syBnBLKoXs39pWZby1T%2FYTIiTLPHbDVT%2BbWholLE%2FiR7QxqFK%2FTicns6eFrIHvE7nBJBPbOXUKDhVwqRvvYRAzy47muggaUeAwfaK211b0oTKi6Rkq0ho8DvR1FqtRKqDoIagL%2BMEHw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876205a43f1756af-OSL
alt-svc: h3=":443"; ma=86400
|
|
| k43rf74h9m.fcyz.my.id/img/old/5.jpg | 188.114.97.1 | 200 OK | 87 kB |
URL GET HTTP/3k43rf74h9m.fcyz.my.id/img/old/5.jpg IP188.114.97.1:443
Requested byhttps://k43rf74h9m.fcyz.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectfcyz.my.id Fingerprint4E:DD:47:65:E3:FA:D8:81:E3:A7:B4:86:FC:92:8F:24:8B:0E:73:25 ValidityTue, 26 Mar 2024 06:26:09 GMT - Mon, 24 Jun 2024 06:26:08 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1280x1280, components 3 Hashbd612732360a5da1efb70d2f26b795bc 02d5ede707c6313e2335e7ff7a9164b5ee7ec877 9e5329360a8a2ef8a4ab0ce77f3230be443c093a3a3f02a007641e3f6fca5f5a
Analyzer | Verdict | Alert | OpenPhish | phishing | Garena |
GET /img/old/5.jpg HTTP/1.1
Host: k43rf74h9m.fcyz.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://k43rf74h9m.fcyz.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 04:48:21 GMT
content-type: image/jpeg
content-length: 87053
cache-control: public, max-age=604800
expires: Wed, 24 Apr 2024 00:19:21 GMT
last-modified: Wed, 05 Apr 2023 14:32:58 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 102540
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZgRZmc%2FMhs6Cwt8bqPClwHT5RUXONk%2FCBz%2BGsn5NsqeM3Cws%2FT9gLk6D439XiAYHYJRqjnf%2FiJ%2BOQLeZxQx43S%2Bwt9oQ5A7NTAfPcRsmaSODYXU%2B3X3Q6kwOTHdXysvyXZT%2FUrSS0C4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876205a43f1856af-OSL
alt-svc: h3=":443"; ma=86400
|
|
| k43rf74h9m.fcyz.my.id/img/old/6.jpg | 188.114.97.1 | 200 OK | 79 kB |
URL GET HTTP/3k43rf74h9m.fcyz.my.id/img/old/6.jpg IP188.114.97.1:443
Requested byhttps://k43rf74h9m.fcyz.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectfcyz.my.id Fingerprint4E:DD:47:65:E3:FA:D8:81:E3:A7:B4:86:FC:92:8F:24:8B:0E:73:25 ValidityTue, 26 Mar 2024 06:26:09 GMT - Mon, 24 Jun 2024 06:26:08 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1280x1280, components 3 Hashe53f2f3d3d1abe0ab8119b8a87dc27c4 d702efd2b2011beaa297d87b9a93ad7b48fc20eb 51646465be1a3b745191c5cb6dceda47fb9be8a1c859beb345660fca8291e824
Analyzer | Verdict | Alert | OpenPhish | phishing | Garena |
GET /img/old/6.jpg HTTP/1.1
Host: k43rf74h9m.fcyz.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://k43rf74h9m.fcyz.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 04:48:21 GMT
content-type: image/jpeg
content-length: 78581
cache-control: public, max-age=604800
expires: Wed, 24 Apr 2024 00:19:21 GMT
last-modified: Wed, 05 Apr 2023 14:32:58 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 102540
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uTQRz%2FOG3B3Bmpf7HmdO5yZMeloglm1YD%2BeDPzHi9cI5CYt7DpllmXA62pd2Qx9l359tTAXIhDbyTG1L4K7q1Q70MhM%2BjWl4W1sS90zTvBi%2B7%2Bz9cMaf0pUS4y1NFIoFGusp4JKWJUc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876205a43f1a56af-OSL
alt-svc: h3=":443"; ma=86400
|
|
| k43rf74h9m.fcyz.my.id/img/old/7.jpg | 188.114.97.1 | 200 OK | 75 kB |
URL GET HTTP/3k43rf74h9m.fcyz.my.id/img/old/7.jpg IP188.114.97.1:443
Requested byhttps://k43rf74h9m.fcyz.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectfcyz.my.id Fingerprint4E:DD:47:65:E3:FA:D8:81:E3:A7:B4:86:FC:92:8F:24:8B:0E:73:25 ValidityTue, 26 Mar 2024 06:26:09 GMT - Mon, 24 Jun 2024 06:26:08 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1280x1280, components 3 Hash473caf5f238322583e04e7aeee46c2a7 e56ebd24f2179527c21ab1262180ca834b6c5d24 622b5322352025505e01c71ff1d6520e62ce1f1211fc11efb3ede9d24a110c75
Analyzer | Verdict | Alert | OpenPhish | phishing | Garena |
GET /img/old/7.jpg HTTP/1.1
Host: k43rf74h9m.fcyz.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://k43rf74h9m.fcyz.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 04:48:21 GMT
content-type: image/jpeg
content-length: 75427
cache-control: public, max-age=604800
expires: Wed, 24 Apr 2024 00:19:21 GMT
last-modified: Wed, 05 Apr 2023 14:32:58 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 102540
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hgyOE8qAWp3Frw8Tb6kpEAudg2xciZHRddQsxqlUlM125mmbO%2BGyFJEq9ZBJCKxmocsj7Dk4rkKDkZ9IdiiB71ZobyBmZDxrORaJMg7vplK%2B6HE2Ga7zkzPgw9r%2FrCFL9mJqCFvXA2o%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876205a46f3556af-OSL
alt-svc: h3=":443"; ma=86400
|
|
| k43rf74h9m.fcyz.my.id/img/old/8.jpg | 188.114.97.1 | 200 OK | 85 kB |
URL GET HTTP/3k43rf74h9m.fcyz.my.id/img/old/8.jpg IP188.114.97.1:443
Requested byhttps://k43rf74h9m.fcyz.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectfcyz.my.id Fingerprint4E:DD:47:65:E3:FA:D8:81:E3:A7:B4:86:FC:92:8F:24:8B:0E:73:25 ValidityTue, 26 Mar 2024 06:26:09 GMT - Mon, 24 Jun 2024 06:26:08 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1000x1000, components 3 Hash5b988ca12f0928c882f7ff50a32ffe01 a44b37e7bb7ecbbe76d47b084cd94effd6e9f552 0eb6a14eeb1c27e7c3c471db0f10c25eea89a65df20b2dbeea6c9ee3ccc0c78f
Analyzer | Verdict | Alert | OpenPhish | phishing | Garena |
GET /img/old/8.jpg HTTP/1.1
Host: k43rf74h9m.fcyz.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://k43rf74h9m.fcyz.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 04:48:21 GMT
content-type: image/jpeg
content-length: 85199
cache-control: public, max-age=604800
expires: Wed, 24 Apr 2024 00:19:21 GMT
last-modified: Wed, 05 Apr 2023 14:32:58 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 102540
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xpz7qVjNroqhcirbg6BpoFlRbIC76kLOcWweXIiX2cmX0pKTPL1dJZ9fGcpnwMfT5HzTCflEmjpmhxAgd1vOC45DICXdlI8BxpE6rDolD%2FBXjMY%2FSg%2B2Myl7082jd95STtOZOkZfTc8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876205a46f3656af-OSL
alt-svc: h3=":443"; ma=86400
|
|
| k43rf74h9m.fcyz.my.id/img/old/9.jpg | 188.114.97.1 | 200 OK | 92 kB |
URL GET HTTP/3k43rf74h9m.fcyz.my.id/img/old/9.jpg IP188.114.97.1:443
Requested byhttps://k43rf74h9m.fcyz.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectfcyz.my.id Fingerprint4E:DD:47:65:E3:FA:D8:81:E3:A7:B4:86:FC:92:8F:24:8B:0E:73:25 ValidityTue, 26 Mar 2024 06:26:09 GMT - Mon, 24 Jun 2024 06:26:08 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1000x1000, components 3 Hashd3fa373bbd9a288f7162ffc76c179ebd 1add685f2def7f1c8d359fafe5f2ed3761e0188f 63fbe80d8ea4766ecc80faddd1387ef9681cb2ec2b4ad45164f4b36ffb4e2e43
Analyzer | Verdict | Alert | OpenPhish | phishing | Garena |
GET /img/old/9.jpg HTTP/1.1
Host: k43rf74h9m.fcyz.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://k43rf74h9m.fcyz.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 04:48:21 GMT
content-type: image/jpeg
content-length: 91553
cache-control: public, max-age=604800
expires: Wed, 24 Apr 2024 00:19:21 GMT
last-modified: Wed, 05 Apr 2023 14:32:58 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 102540
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S7qtxFaPTFfBycNjKYXCTInxCDDfeMz1v4lTc3CAuqLf2p8SqMLqJ4N2I5qvAGkL4DreYAmbZ1Aix50QCXFawR7fNRxhx2WKMiyBQm6eTZ0%2FnUwe%2B8X8k1nxHc82mBrhnu9uXOeqtZI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876205a46f3756af-OSL
alt-svc: h3=":443"; ma=86400
|
|
| cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css | 104.17.24.14 | 200 OK | 5.8 kB |
URL GET HTTP/2cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css IP104.17.24.14:443
Requested byhttps://k43rf74h9m.fcyz.my.id/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeASCII text, with very long lines (65536), with no line terminators Hashe9365fe85b7e4db79a87015e52c3db6c 2e2b5eb6e08f0f3d11fe0ada97c962a23ba6a0d9 dec3e9f0190a504ed0c8f4a5e957c107206ba106cac4a1bbb6cbac6369a16d56
GET /ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://k43rf74h9m.fcyz.my.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:48:21 GMT
content-type: text/css; charset=utf-8
content-length: 5845
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ed9-1149f"
last-modified: Mon, 04 May 2020 16:12:09 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 596854
expires: Tue, 08 Apr 2025 04:48:21 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5m55q13banus4Z9HXTe4YoFYYmnLDNipbJdTJbvSsH9GVHLJHnkYBCYcfpPIY2tUEhWLwuhK89o6cEKdP7vdFeB%2F1O0pGq32iYl%2BFNbeceEjruc2wb43OWjDtHbtsRa3kCiEC78v"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 876205a66c09568e-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.2/css/all.min.css | 104.17.24.14 | 200 OK | 10 kB |
URL GET HTTP/2cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.2/css/all.min.css IP104.17.24.14:443
Requested byhttps://k43rf74h9m.fcyz.my.id/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeASCII text, with very long lines (59158) Hashc4af24ce595437830af0a401897698b2 06b7f92dd894a9edb0aeb9d040b489460ecff593 d1fb8d8337cd22568295b0ed998c85c58f0b4cd083af0b0db21cb0af80002f2d
GET /ajax/libs/font-awesome/5.15.2/css/all.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://k43rf74h9m.fcyz.my.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:48:21 GMT
content-type: text/css; charset=utf-8
content-length: 10472
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5fff7431-e7d0"
last-modified: Wed, 13 Jan 2021 22:29:05 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 212432
expires: Tue, 08 Apr 2025 04:48:21 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gtrJ1pNVdBUse3cO%2BgT%2F0vKL7YVxQg%2BsDbQ0Gz5yadP2AaRbEVwXX1%2BUQrzontnByz3IeSf5Is9djQOCRst%2BbLFWDoUBN8vyIwN8S7BztlK2xavjFhweBQEPu4TVY6gl9KSKTB0M"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 876205a67c0e568e-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| k43rf74h9m.fcyz.my.id/img/old/10.jpg | 188.114.97.1 | 200 OK | 39 kB |
URL GET HTTP/3k43rf74h9m.fcyz.my.id/img/old/10.jpg IP188.114.97.1:443
Requested byhttps://k43rf74h9m.fcyz.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectfcyz.my.id Fingerprint4E:DD:47:65:E3:FA:D8:81:E3:A7:B4:86:FC:92:8F:24:8B:0E:73:25 ValidityTue, 26 Mar 2024 06:26:09 GMT - Mon, 24 Jun 2024 06:26:08 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 684x916, components 3 Hashbf58fb6f6463a1720fb1d0e0f58a3896 e0b9c0a61b1c60fe8748c7d007b981a3b7056489 de9e872524b79699ce8b0624de9bba409dd246d16dd48f171e4ed1072c00cfeb
Analyzer | Verdict | Alert | OpenPhish | phishing | Garena |
GET /img/old/10.jpg HTTP/1.1
Host: k43rf74h9m.fcyz.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://k43rf74h9m.fcyz.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 04:48:21 GMT
content-type: image/jpeg
content-length: 39371
cache-control: public, max-age=604800
expires: Wed, 24 Apr 2024 00:19:21 GMT
last-modified: Wed, 05 Apr 2023 14:32:58 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 102540
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WJHFZ4I6Fl4q1m1bWyxowHMaXw1VuoeUk1AlUbqjsW58kPogkYDn%2F6KFGE26xZDs7%2B6OowYuyez3xPTGpWaKcWawlIa5KrFGJH1xh3nhsAJXIYnHUwoyGPpgx0S39bunRw0IFgOW9qM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876205a46f3856af-OSL
alt-svc: h3=":443"; ma=86400
|
|
| k43rf74h9m.fcyz.my.id/img/old/11.jpg | 188.114.97.1 | 200 OK | 46 kB |
URL GET HTTP/3k43rf74h9m.fcyz.my.id/img/old/11.jpg IP188.114.97.1:443
Requested byhttps://k43rf74h9m.fcyz.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectfcyz.my.id Fingerprint4E:DD:47:65:E3:FA:D8:81:E3:A7:B4:86:FC:92:8F:24:8B:0E:73:25 ValidityTue, 26 Mar 2024 06:26:09 GMT - Mon, 24 Jun 2024 06:26:08 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 940x1052, components 3 Hash0a4bc07510a030baffb2ec9ef5870aea 453b316a4e3fa4d955e1395280d506761156a06c 908c3acad2bff2c347166113be45b73a35869eed538a900acca3fedd81ff5183
Analyzer | Verdict | Alert | OpenPhish | phishing | Garena |
GET /img/old/11.jpg HTTP/1.1
Host: k43rf74h9m.fcyz.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://k43rf74h9m.fcyz.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 04:48:21 GMT
content-type: image/jpeg
content-length: 46471
cache-control: public, max-age=604800
expires: Wed, 24 Apr 2024 00:19:21 GMT
last-modified: Wed, 05 Apr 2023 14:32:58 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 102540
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fDfOaqu2603v8ReD8nyiTGg1SXlWin%2F7fr2aljeiBA%2BglZp49%2FCgkjL%2FcyBrT%2FxaKiXrn7wc5LwGun0LPxwW7sQlwGegdyjD6WKwb5uXcwc8vCb%2B%2BrGdtp%2FWk8MsAIGbUXQO9fo5bek%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876205a46f3956af-OSL
alt-svc: h3=":443"; ma=86400
|
|
| k43rf74h9m.fcyz.my.id/img/old/12.jpg | 188.114.97.1 | 200 OK | 17 kB |
URL GET HTTP/3k43rf74h9m.fcyz.my.id/img/old/12.jpg IP188.114.97.1:443
Requested byhttps://k43rf74h9m.fcyz.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectfcyz.my.id Fingerprint4E:DD:47:65:E3:FA:D8:81:E3:A7:B4:86:FC:92:8F:24:8B:0E:73:25 ValidityTue, 26 Mar 2024 06:26:09 GMT - Mon, 24 Jun 2024 06:26:08 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 540x688, components 3 Hashf8351c5498cd1e97e3db1dc2e21f6cef 1b831a0dc34a8bf15ba6a10ee8b02bc010f59016 b9b545590950ff252a5b53bfc9b3d64ed373aee3ae94dec68033d0c857e8b3d8
Analyzer | Verdict | Alert | OpenPhish | phishing | Garena |
GET /img/old/12.jpg HTTP/1.1
Host: k43rf74h9m.fcyz.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://k43rf74h9m.fcyz.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 04:48:21 GMT
content-type: image/jpeg
content-length: 17081
cache-control: public, max-age=604800
expires: Wed, 24 Apr 2024 00:19:21 GMT
last-modified: Wed, 05 Apr 2023 14:32:58 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 102540
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iAC%2FumaC%2FKJ65CBoEDa1hBO%2BS3PeaxORSlPmfELIwTqOdR2Oqq3ekPjoHN8cfGw4ACYbKVq2CVtanvBr%2FQE529Qo4vmNVR9fl0RBmDbo4Ws7GjvqOrofTa0ym7f8QwOprurTMajZ2Co%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876205a46f3a56af-OSL
alt-svc: h3=":443"; ma=86400
|
|
| k43rf74h9m.fcyz.my.id/img/diamond/1.png | 188.114.97.1 | 200 OK | 2.8 kB |
URL GET HTTP/3k43rf74h9m.fcyz.my.id/img/diamond/1.png IP188.114.97.1:443
Requested byhttps://k43rf74h9m.fcyz.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectfcyz.my.id Fingerprint4E:DD:47:65:E3:FA:D8:81:E3:A7:B4:86:FC:92:8F:24:8B:0E:73:25 ValidityTue, 26 Mar 2024 06:26:09 GMT - Mon, 24 Jun 2024 06:26:08 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 130x162, components 3 Hashbd1e125844fffc6d3485bcf93c224f9d 2782371542228b448959c8610cf3790b662185cc b8f4fec91600d5be6d465792f7f7fab635d01019e148fe8b6f7bf59f717041de
Analyzer | Verdict | Alert | OpenPhish | phishing | Garena |
GET /img/diamond/1.png HTTP/1.1
Host: k43rf74h9m.fcyz.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://k43rf74h9m.fcyz.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 04:48:21 GMT
content-type: image/png
content-length: 2814
cache-control: public, max-age=604800
expires: Wed, 24 Apr 2024 00:19:21 GMT
last-modified: Wed, 05 Apr 2023 14:30:48 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 102540
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3XOTEzDRc4YK3XWCMke92hZYw2B9VwnYJfomFmmSUKDEPdtplnARqTbBauiJPIvD9kFnrGn5peYiy%2FbYxL9pknZSd3n5eGMO4tMfqCNs9NSi%2BMnC6WJmt48F%2FKOwk6AO3jX%2BRuKRle8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876205a4bf8e56af-OSL
alt-svc: h3=":443"; ma=86400
|
|
| k43rf74h9m.fcyz.my.id/img/diamond/2.png | 188.114.97.1 | 200 OK | 2.9 kB |
URL GET HTTP/3k43rf74h9m.fcyz.my.id/img/diamond/2.png IP188.114.97.1:443
Requested byhttps://k43rf74h9m.fcyz.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectfcyz.my.id Fingerprint4E:DD:47:65:E3:FA:D8:81:E3:A7:B4:86:FC:92:8F:24:8B:0E:73:25 ValidityTue, 26 Mar 2024 06:26:09 GMT - Mon, 24 Jun 2024 06:26:08 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 130x162, components 3 Hash63344bf9eaf1a509a9f8a749a06a36e1 0ff516d19ef2ff1b9a44ab20e3eb9579a8894654 788c47722a4dc77173ab620f196bfc24a2d8668bcf08f9fd296574545cf700f1
Analyzer | Verdict | Alert | OpenPhish | phishing | Garena |
GET /img/diamond/2.png HTTP/1.1
Host: k43rf74h9m.fcyz.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://k43rf74h9m.fcyz.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 04:48:21 GMT
content-type: image/png
content-length: 2878
cache-control: public, max-age=604800
expires: Thu, 25 Apr 2024 04:48:21 GMT
last-modified: Wed, 05 Apr 2023 14:30:48 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MqMmgGmWcpYqEMEDx08ysf7oU0Gf3VnSZ2KAmRIk8ciKWb65S1r7GmAgL8ac3cd2K1lj5WbCfy8Yw%2BlJ5QYer0wRlrRL%2BGitfYuMtbOWRWX6SExJcJ8nd2JWpakq8J9Y7DAVfrZPdGU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876205a4bf8f56af-OSL
alt-svc: h3=":443"; ma=86400
|
|
| k43rf74h9m.fcyz.my.id/img/diamond/3.png | 188.114.97.1 | 200 OK | 2.9 kB |
URL GET HTTP/3k43rf74h9m.fcyz.my.id/img/diamond/3.png IP188.114.97.1:443
Requested byhttps://k43rf74h9m.fcyz.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectfcyz.my.id Fingerprint4E:DD:47:65:E3:FA:D8:81:E3:A7:B4:86:FC:92:8F:24:8B:0E:73:25 ValidityTue, 26 Mar 2024 06:26:09 GMT - Mon, 24 Jun 2024 06:26:08 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 130x162, components 3 Hashdf5bfc626761a05e26222598f27cdf15 ed37075f86574bdeb39a5608384d722f8347df03 762fe8a43c859633d41642dd93c10478d3dacf62ff1310ddcefa17db5fa61f29
Analyzer | Verdict | Alert | OpenPhish | phishing | Garena |
GET /img/diamond/3.png HTTP/1.1
Host: k43rf74h9m.fcyz.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://k43rf74h9m.fcyz.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 04:48:21 GMT
content-type: image/png
content-length: 2875
cache-control: public, max-age=604800
expires: Wed, 24 Apr 2024 00:19:21 GMT
last-modified: Wed, 05 Apr 2023 14:30:48 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 102540
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DZ0dQZw%2BXfz8SH0a1v%2FJULFiSQwjwequMZY4x9cmOE6deI649Cf40qhk44PBBEkZAfOO9VSxvme70b2CHXO44c9nasHtI0CIiiWrohenjhYYmFhwSy12bhERcxdJT%2Bzjqy6dIUPNEWw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876205a4bf9056af-OSL
alt-svc: h3=":443"; ma=86400
|
|
| k43rf74h9m.fcyz.my.id/img/diamond/4.png | 188.114.97.1 | 200 OK | 2.8 kB |
URL GET HTTP/3k43rf74h9m.fcyz.my.id/img/diamond/4.png IP188.114.97.1:443
Requested byhttps://k43rf74h9m.fcyz.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectfcyz.my.id Fingerprint4E:DD:47:65:E3:FA:D8:81:E3:A7:B4:86:FC:92:8F:24:8B:0E:73:25 ValidityTue, 26 Mar 2024 06:26:09 GMT - Mon, 24 Jun 2024 06:26:08 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 130x162, components 3 Hash9322979ec6bc2f29f5f0215487d1be4b 17302260777757a2a811b76ad1d0e96a86781df7 6cc42f3ad3aa5606237a601793c1fb42458386d888adab6cf9077d23887eefed
Analyzer | Verdict | Alert | OpenPhish | phishing | Garena |
GET /img/diamond/4.png HTTP/1.1
Host: k43rf74h9m.fcyz.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://k43rf74h9m.fcyz.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 04:48:21 GMT
content-type: image/png
content-length: 2761
cache-control: public, max-age=604800
expires: Thu, 25 Apr 2024 04:48:21 GMT
last-modified: Wed, 05 Apr 2023 14:30:48 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JKU3BFKwVhT3uWZrzP2u3Pp62mb%2BrSqN70mXPDx2%2Fr61JHeJ%2FY41G6zHjH3%2BLWtMPt5bxkAQBiq00tfnBwH7rDekR9zOYJMxIh3dIlfgwQ8qSNkamWEXZxOjvkjeMRIE8MjOHw3m2aY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876205a4bf9156af-OSL
alt-svc: h3=":443"; ma=86400
|
|
| k43rf74h9m.fcyz.my.id/img/diamond/5.png | 188.114.97.1 | 200 OK | 2.8 kB |
URL GET HTTP/3k43rf74h9m.fcyz.my.id/img/diamond/5.png IP188.114.97.1:443
Requested byhttps://k43rf74h9m.fcyz.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectfcyz.my.id Fingerprint4E:DD:47:65:E3:FA:D8:81:E3:A7:B4:86:FC:92:8F:24:8B:0E:73:25 ValidityTue, 26 Mar 2024 06:26:09 GMT - Mon, 24 Jun 2024 06:26:08 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 130x162, components 3 Hashf7fe1bdb99bdc8d0685e5f4bb5bf4e4c 965db0214225f37399495346a972e83c83f3fcdd e436ac38500431763697f5bd387d494324f320b76b25c97e29938d90bd7b1557
Analyzer | Verdict | Alert | OpenPhish | phishing | Garena |
GET /img/diamond/5.png HTTP/1.1
Host: k43rf74h9m.fcyz.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://k43rf74h9m.fcyz.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 04:48:21 GMT
content-type: image/png
content-length: 2779
cache-control: public, max-age=604800
expires: Thu, 25 Apr 2024 04:48:21 GMT
last-modified: Wed, 05 Apr 2023 14:30:48 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KokWKtnHC5WxcIG8if%2FkQ4e2RWCOLZQ4ajh5rEcqKoj6iCJU6ynWC3VCQ6kA%2F7hRALb8wS3jsHkFhDDFtYW2mIZy80bXNAmvXC0WumUnJln6wzRH5kzU4cxND0KQbVWwYoGzcYtBhHU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876205a4bf9256af-OSL
alt-svc: h3=":443"; ma=86400
|
|
| k43rf74h9m.fcyz.my.id/img/diamond/6.png | 188.114.97.1 | 200 OK | 2.8 kB |
URL GET HTTP/3k43rf74h9m.fcyz.my.id/img/diamond/6.png IP188.114.97.1:443
Requested byhttps://k43rf74h9m.fcyz.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectfcyz.my.id Fingerprint4E:DD:47:65:E3:FA:D8:81:E3:A7:B4:86:FC:92:8F:24:8B:0E:73:25 ValidityTue, 26 Mar 2024 06:26:09 GMT - Mon, 24 Jun 2024 06:26:08 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 130x162, components 3 Hash2230594c80150378fe318c774eb216a4 918a13f5861c368c3b19c75cf8ca362b0b29a48c 43de460f27a0d3e43b13b5e75ac00da6ea6b54fb468afc4cffbd53709ee556b4
Analyzer | Verdict | Alert | OpenPhish | phishing | Garena |
GET /img/diamond/6.png HTTP/1.1
Host: k43rf74h9m.fcyz.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://k43rf74h9m.fcyz.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 04:48:21 GMT
content-type: image/png
content-length: 2781
cache-control: public, max-age=604800
expires: Wed, 24 Apr 2024 00:19:21 GMT
last-modified: Wed, 05 Apr 2023 14:30:48 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 102540
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kNvDmL%2F2h1xIW73Z%2F1QTGit%2BnSbP96h9QNH1TRguHxvYm0vBbDgLIZ3fsfTj5WuOnMJtfX2jlxyPQP7xVf1qsBNHFeOGX5qIZxQbnmEOvC1PEWq5N4uq%2BX29Ef1awVWXo4AVCeVkMgg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876205a4bf9356af-OSL
alt-svc: h3=":443"; ma=86400
|
|
| k43rf74h9m.fcyz.my.id/img/diamond/7.png | 188.114.97.1 | 200 OK | 12 kB |
URL GET HTTP/3k43rf74h9m.fcyz.my.id/img/diamond/7.png IP188.114.97.1:443
Requested byhttps://k43rf74h9m.fcyz.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectfcyz.my.id Fingerprint4E:DD:47:65:E3:FA:D8:81:E3:A7:B4:86:FC:92:8F:24:8B:0E:73:25 ValidityTue, 26 Mar 2024 06:26:09 GMT - Mon, 24 Jun 2024 06:26:08 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 233x290, components 3 Hash31c0214a044bb8cc98cab002fdf9bb94 c2b483949f3267aa679d364ce059d1babc3e8f93 585cf192d586d254d46a7a066980137a06e5a23592e66dfc4b54bd6c4b63e088
Analyzer | Verdict | Alert | OpenPhish | phishing | Garena |
GET /img/diamond/7.png HTTP/1.1
Host: k43rf74h9m.fcyz.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://k43rf74h9m.fcyz.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 04:48:21 GMT
content-type: image/png
content-length: 11823
cache-control: public, max-age=604800
expires: Wed, 24 Apr 2024 00:19:21 GMT
last-modified: Wed, 05 Apr 2023 14:30:48 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 102540
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MYdFZucjseYFkcc8b3or03DraCzXukM1Jz19lfc66VYKDBY5zesCGfIW4VeZ5ouWL6uLZNmQXy5MB0D7R1aTrlpmMl%2F%2F8V8yoWWeX1GQiCkmKWyboPhXpSxZE%2FirZf%2BLYQ0z1aT6ITA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876205a4bf9456af-OSL
alt-svc: h3=":443"; ma=86400
|
|
| k43rf74h9m.fcyz.my.id/img/diamond/8.png | 188.114.97.1 | 200 OK | 13 kB |
URL GET HTTP/3k43rf74h9m.fcyz.my.id/img/diamond/8.png IP188.114.97.1:443
Requested byhttps://k43rf74h9m.fcyz.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectfcyz.my.id Fingerprint4E:DD:47:65:E3:FA:D8:81:E3:A7:B4:86:FC:92:8F:24:8B:0E:73:25 ValidityTue, 26 Mar 2024 06:26:09 GMT - Mon, 24 Jun 2024 06:26:08 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 233x290, components 3 Hash18d7331b2312b85b1bfba110763c7574 9186a2527194478a524ffe4b7ceb5e61410bdd42 6afcc18ffa172755862f5c6dc3f20d9c3d6ee6f5f399df00e8568bf747e1cdb9
Analyzer | Verdict | Alert | OpenPhish | phishing | Garena |
GET /img/diamond/8.png HTTP/1.1
Host: k43rf74h9m.fcyz.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://k43rf74h9m.fcyz.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 04:48:21 GMT
content-type: image/png
content-length: 13341
cache-control: public, max-age=604800
expires: Wed, 24 Apr 2024 00:19:21 GMT
last-modified: Wed, 05 Apr 2023 14:30:48 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 102540
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fXyzyZ5C6%2FQHd5sDCYc1%2BMRzP41A3wkhJdNiXO%2B8xUxCB%2F8szbIrzJcbjuvtE86HZXoTk5VmwvTeE4d2TDgbESVG%2F948Q84IrhjH51nBcBDQorFuPqaptJN5twhfAAP5gD9xLOuAbZk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876205a4bf9556af-OSL
alt-svc: h3=":443"; ma=86400
|
|
| k43rf74h9m.fcyz.my.id/img/incubator/n1.jpeg | 188.114.97.1 | 200 OK | 100 kB |
URL GET HTTP/3k43rf74h9m.fcyz.my.id/img/incubator/n1.jpeg IP188.114.97.1:443
Requested byhttps://k43rf74h9m.fcyz.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectfcyz.my.id Fingerprint4E:DD:47:65:E3:FA:D8:81:E3:A7:B4:86:FC:92:8F:24:8B:0E:73:25 ValidityTue, 26 Mar 2024 06:26:09 GMT - Mon, 24 Jun 2024 06:26:08 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 582x773, components 3 Hashdb1fa213e1d17d31fe863149c067eb65 feb589647e77221e77477f577d3c1c8ba6a75477 d2973dde5839f76cfa57932df4f4813939a0061a89376edb063f6bde3b0047b5
Analyzer | Verdict | Alert | OpenPhish | phishing | Garena |
GET /img/incubator/n1.jpeg HTTP/1.1
Host: k43rf74h9m.fcyz.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://k43rf74h9m.fcyz.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 04:48:21 GMT
content-type: image/jpeg
content-length: 99696
cache-control: public, max-age=604800
expires: Wed, 24 Apr 2024 00:19:21 GMT
last-modified: Mon, 19 Feb 2024 01:49:40 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 102540
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x2RtKcA0V0jUWaT9KYzxAOJVI7FlpInziVePOyB3c6gwA7nVCgAoV07Qi55GS66YzAbIzN3Yv7GvB2xj%2FJUnDyPFcxlDEUUozwgQMVZtprrpdKVwhb%2FEuL9BPOZY7WELExUI7bYgJ%2Bk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876205a4bf9756af-OSL
alt-svc: h3=":443"; ma=86400
|
|
| k43rf74h9m.fcyz.my.id/img/incubator/n2.jpeg | 188.114.97.1 | 200 OK | 16 kB |
URL GET HTTP/3k43rf74h9m.fcyz.my.id/img/incubator/n2.jpeg IP188.114.97.1:443
Requested byhttps://k43rf74h9m.fcyz.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectfcyz.my.id Fingerprint4E:DD:47:65:E3:FA:D8:81:E3:A7:B4:86:FC:92:8F:24:8B:0E:73:25 ValidityTue, 26 Mar 2024 06:26:09 GMT - Mon, 24 Jun 2024 06:26:08 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 242x323, components 3 Hashf666661cf0db48fd27b6beeeac106697 f051aad9f454044593fde4caddff97f5ae1ec247 81b9c32b27f445fb1bbacbefd4bdeece209f23838d9e7e4f4e392faca2f82080
Analyzer | Verdict | Alert | OpenPhish | phishing | Garena |
GET /img/incubator/n2.jpeg HTTP/1.1
Host: k43rf74h9m.fcyz.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://k43rf74h9m.fcyz.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 04:48:21 GMT
content-type: image/jpeg
content-length: 15570
cache-control: public, max-age=604800
expires: Wed, 24 Apr 2024 00:19:21 GMT
last-modified: Mon, 19 Feb 2024 01:49:36 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 102540
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v7wL5YQRULaUWsQGuHXHWVSmQ3IctCaFQqqQDzIacuQcJrSTttfnEms0EVqvnQ%2BxRYohsmSt7ZSmf93CrsxglIaVxeSIrXfs5sS1hU%2FYQSmbpHbu2f52oILuJa%2BbtPzZF4VyxZUFqdg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876205a4bf9856af-OSL
alt-svc: h3=":443"; ma=86400
|
|
| k43rf74h9m.fcyz.my.id/img/incubator/n3.jpeg | 188.114.97.1 | 200 OK | 63 kB |
URL GET HTTP/3k43rf74h9m.fcyz.my.id/img/incubator/n3.jpeg IP188.114.97.1:443
Requested byhttps://k43rf74h9m.fcyz.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectfcyz.my.id Fingerprint4E:DD:47:65:E3:FA:D8:81:E3:A7:B4:86:FC:92:8F:24:8B:0E:73:25 ValidityTue, 26 Mar 2024 06:26:09 GMT - Mon, 24 Jun 2024 06:26:08 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 540x663, components 3 Hash3ba15ab32066f05ac8ae42e77a723e85 116021696ee50fb51cb0c44f683cde855c59a291 f83b1564472584afdac9157172bf634ef3ccd4bcfd947987c1a059395627a387
Analyzer | Verdict | Alert | OpenPhish | phishing | Garena |
GET /img/incubator/n3.jpeg HTTP/1.1
Host: k43rf74h9m.fcyz.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://k43rf74h9m.fcyz.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 04:48:21 GMT
content-type: image/jpeg
content-length: 63129
cache-control: public, max-age=604800
expires: Wed, 24 Apr 2024 00:19:21 GMT
last-modified: Mon, 19 Feb 2024 01:49:44 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 102540
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ql3UcvLFb6BwjGzMJdOiO0t9hjdPFKVgulCFWWtq8ucKwBT8DiUcRSOi2fwywVhvPi0VVwk8d85oWCpqZyTv2zGjhTn1%2B2krcy4wocD9A0hV5CKirJ9uVztKd4dPBuzOHMnvFX%2FeqiU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876205a4bf9956af-OSL
alt-svc: h3=":443"; ma=86400
|
|
| k43rf74h9m.fcyz.my.id/img/incubator/1.jpg | 188.114.97.1 | 200 OK | 64 kB |
URL GET HTTP/3k43rf74h9m.fcyz.my.id/img/incubator/1.jpg IP188.114.97.1:443
Requested byhttps://k43rf74h9m.fcyz.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectfcyz.my.id Fingerprint4E:DD:47:65:E3:FA:D8:81:E3:A7:B4:86:FC:92:8F:24:8B:0E:73:25 ValidityTue, 26 Mar 2024 06:26:09 GMT - Mon, 24 Jun 2024 06:26:08 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 559x559, components 3 Hash7c17b4a223a7baf1931ddf915972a1d7 49fa779105da34bc66ef240ed71719d837f1813e 7eb51057deb30db7c6c2900040a45178726b5a63c262f50ff58fdcf876cfa463
Analyzer | Verdict | Alert | OpenPhish | phishing | Garena |
GET /img/incubator/1.jpg HTTP/1.1
Host: k43rf74h9m.fcyz.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://k43rf74h9m.fcyz.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 04:48:21 GMT
content-type: image/jpeg
content-length: 63579
cache-control: public, max-age=604800
expires: Thu, 25 Apr 2024 04:48:21 GMT
last-modified: Wed, 05 Apr 2023 14:31:48 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TaGfcpiTNu3FN%2Fsi3ZQsVKNSft3SqmQp4JSbf2xgkPi7DtZhI7QmBpbppJl2PQN6TmliNvvBaLDSWykTmNhli6Wq%2BxlaUZsjtn5OzkZ7kh3vke0ZdPDGLr0P26eiy3zy%2Fn8nSAMwpDA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876205a4bf9a56af-OSL
alt-svc: h3=":443"; ma=86400
|
|
| cdn.jsdelivr.net/npm/bootstrap-icons@1.8.1/font/bootstrap-icons.css | 151.101.129.229 | 200 OK | 11 kB |
URL GET HTTP/2cdn.jsdelivr.net/npm/bootstrap-icons@1.8.1/font/bootstrap-icons.css IP151.101.129.229:443
Requested byhttps://k43rf74h9m.fcyz.my.id/ CertificateIssuerGlobalSign nv-sa Subjectjsdelivr.net Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09 ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT
Hash79877fb82de8ca50845081e3c9a201c5 4f6ea69c0e03431ffa1a097a45453b5b3b246d8b af35cc6aba34e5005de77099dfa72d4c1a7715d28ddcec343f48031dc8cb08bc
GET /npm/bootstrap-icons@1.8.1/font/bootstrap-icons.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://k43rf74h9m.fcyz.my.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 1.8.1
x-jsd-version-type: version
etag: W/"13a7e-T26mnA4DQx/6Ggl6RUU7WzskbYs"
content-encoding: br
accept-ranges: bytes
date: Thu, 18 Apr 2024 04:48:21 GMT
age: 303465
x-served-by: cache-fra-etou8220090-FRA, cache-hel1410023-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 10883
X-Firefox-Spdy: h2
|
|
| cdn.jsdelivr.net/gh/gowebid/assets@main/go_login/vk.webp | 151.101.129.229 | 200 OK | 1.6 kB |
URL GET HTTP/2cdn.jsdelivr.net/gh/gowebid/assets@main/go_login/vk.webp IP151.101.129.229:443
Requested byhttps://k43rf74h9m.fcyz.my.id/ CertificateIssuerGlobalSign nv-sa Subjectjsdelivr.net Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09 ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT
File typeRIFF (little-endian) data, Web/P image Hash8e2c62ec296ece5f6a69e2cfd1133310 a6ae37e62d2f201d0e783df0890df55bc11d52e0 ac250ff6fe61157727de9e17fedeb5c162452fc1aa031c4c1fe2f8eb3290ed98
GET /gh/gowebid/assets@main/go_login/vk.webp HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://k43rf74h9m.fcyz.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp
x-jsd-version: main
x-jsd-version-type: branch
etag: W/"63a-pq435i0vIB0OeD3wiQ31W8EdUuA"
accept-ranges: bytes
age: 14618
date: Thu, 18 Apr 2024 04:48:21 GMT
x-served-by: cache-fra-eddf8230049-FRA, cache-hel1410023-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1594
X-Firefox-Spdy: h2
|
|
| cdn.jsdelivr.net/gh/gowebid/assets@main/go_login/facebook_white.png | 151.101.129.229 | 200 OK | 29 kB |
URL GET HTTP/2cdn.jsdelivr.net/gh/gowebid/assets@main/go_login/facebook_white.png IP151.101.129.229:443
Requested byhttps://k43rf74h9m.fcyz.my.id/ CertificateIssuerGlobalSign nv-sa Subjectjsdelivr.net Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09 ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT
File typePNG image data, 604 x 158, 8-bit/color RGBA, non-interlaced Hash74190b93fc4f5d88f0c8e6411ba20bd8 89ce2ecb660a90b8e6ed1b335443d7767c59f28a 092a3cd5f86b3f039feefdeb86694cd16ae545af214cfda614bdbbe2d1bde401
GET /gh/gowebid/assets@main/go_login/facebook_white.png HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://k43rf74h9m.fcyz.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/png
x-jsd-version: main
x-jsd-version-type: branch
etag: W/"7075-ic4uy2YKkLjm7RszVEPXdnxZ8oo"
accept-ranges: bytes
age: 22026
date: Thu, 18 Apr 2024 04:48:21 GMT
x-served-by: cache-fra-etou8220127-FRA, cache-hel1410023-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 28789
X-Firefox-Spdy: h2
|
|
| k43rf74h9m.fcyz.my.id/img/incubator/2.jpg | 188.114.97.1 | 200 OK | 60 kB |
URL GET HTTP/3k43rf74h9m.fcyz.my.id/img/incubator/2.jpg IP188.114.97.1:443
Requested byhttps://k43rf74h9m.fcyz.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectfcyz.my.id Fingerprint4E:DD:47:65:E3:FA:D8:81:E3:A7:B4:86:FC:92:8F:24:8B:0E:73:25 ValidityTue, 26 Mar 2024 06:26:09 GMT - Mon, 24 Jun 2024 06:26:08 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 565x565, components 3 Hashcaa25bdeee31b9bf65b0558ee9ba03d8 7fda495e1ba5939dacaa87e1231a72e40111e600 35d68e25f22f6688e3a8f7cb2f354cd45b09c8523ba6d4ff53c7ca64d3c9e1bd
Analyzer | Verdict | Alert | OpenPhish | phishing | Garena |
GET /img/incubator/2.jpg HTTP/1.1
Host: k43rf74h9m.fcyz.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://k43rf74h9m.fcyz.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 04:48:21 GMT
content-type: image/jpeg
content-length: 59531
cache-control: public, max-age=604800
expires: Thu, 25 Apr 2024 04:48:21 GMT
last-modified: Wed, 05 Apr 2023 14:31:48 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EngTUKDUVgA399AnRbIZWT0o9uBMKqQ0odm95T4qyRz4mtq51oXQLUFdNzTZIwqNO%2FkxzzeF%2FdOIEChapxedio43kf39QBAwded25YLWHT4jjCiT7lRx%2F%2Fv0q3EDTLdEPXFSr8kHhRI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876205a4bf9b56af-OSL
alt-svc: h3=":443"; ma=86400
|
|
| k43rf74h9m.fcyz.my.id/img/incubator/3.jpg | 188.114.97.1 | 200 OK | 59 kB |
URL GET HTTP/3k43rf74h9m.fcyz.my.id/img/incubator/3.jpg IP188.114.97.1:443
Requested byhttps://k43rf74h9m.fcyz.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectfcyz.my.id Fingerprint4E:DD:47:65:E3:FA:D8:81:E3:A7:B4:86:FC:92:8F:24:8B:0E:73:25 ValidityTue, 26 Mar 2024 06:26:09 GMT - Mon, 24 Jun 2024 06:26:08 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 562x562, components 3 Hash979aa3e91bf0371884c91706db7a98c1 658497a52d5551d138d3401210ddf2ecacfb20fd f451a298d4843315ecb7bf2500d946295ecd6776aaf12cb69574bde1aa1f395c
Analyzer | Verdict | Alert | OpenPhish | phishing | Garena |
GET /img/incubator/3.jpg HTTP/1.1
Host: k43rf74h9m.fcyz.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://k43rf74h9m.fcyz.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 04:48:21 GMT
content-type: image/jpeg
content-length: 58631
cache-control: public, max-age=604800
expires: Wed, 24 Apr 2024 00:19:21 GMT
last-modified: Wed, 05 Apr 2023 14:31:48 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 102540
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LwvaGzSbyBZ5hxjihTjqLLBkDnApQDnUDjST%2B9jVQkACpgR0EqYR5lz50PKh0fyGzlQx1deLuOfNiWg0CryRpWLbXoMkDJkTZPO4q4YEss5JXiFHNDFJd1%2Bb3qDW85%2FRgndh5b3H2w0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876205a4bf9c56af-OSL
alt-svc: h3=":443"; ma=86400
|
|
| k43rf74h9m.fcyz.my.id/img/incubator/4.jpg | 188.114.97.1 | 200 OK | 64 kB |
URL GET HTTP/3k43rf74h9m.fcyz.my.id/img/incubator/4.jpg IP188.114.97.1:443
Requested byhttps://k43rf74h9m.fcyz.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectfcyz.my.id Fingerprint4E:DD:47:65:E3:FA:D8:81:E3:A7:B4:86:FC:92:8F:24:8B:0E:73:25 ValidityTue, 26 Mar 2024 06:26:09 GMT - Mon, 24 Jun 2024 06:26:08 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 575x575, components 3 Hashb5204e496f3122192acd17b2b186b45f 7150bc610c3e4104dd5b101654c9f37406aa04a4 f95ed204614a3599b0bb6ffdcceecb74cd5dc7a60e26ca4e235f1a2a82c5c518
Analyzer | Verdict | Alert | OpenPhish | phishing | Garena |
GET /img/incubator/4.jpg HTTP/1.1
Host: k43rf74h9m.fcyz.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://k43rf74h9m.fcyz.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 04:48:21 GMT
content-type: image/jpeg
content-length: 63944
cache-control: public, max-age=604800
expires: Wed, 24 Apr 2024 00:19:21 GMT
last-modified: Wed, 05 Apr 2023 14:31:48 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 102540
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=isVSewaEI09Yofnz45GKkt5RiJPIDsQzK5%2BiYd4a2OElxkDsF6dO1ZTy8%2FSb3gEhFaSZPjKdgqxH0%2FQp9ETa0vChE7bTn%2BsThe5VH2HJnTBuTRMQ7JniDlGZHgeLs5ZUn1HBmNpKX%2BM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876205a50fdb56af-OSL
alt-svc: h3=":443"; ma=86400
|
|
| cdn.jsdelivr.net/gh/gowebid/assets@main/go_login/google.svg | 151.101.129.229 | 200 OK | 959 B |
URL GET HTTP/2cdn.jsdelivr.net/gh/gowebid/assets@main/go_login/google.svg IP151.101.129.229:443
Requested byhttps://k43rf74h9m.fcyz.my.id/ CertificateIssuerGlobalSign nv-sa Subjectjsdelivr.net Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09 ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT
File typeSVG Scalable Vector Graphics image Hash848700651ce9c04987e04f292c598cba 976fc1619e149ed6161d834d5e3c3be7b7957669 f0562ef3624d99ef205211177586097eb7ebd8f5b31711d335a74d368c75ec27
GET /gh/gowebid/assets@main/go_login/google.svg HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://k43rf74h9m.fcyz.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/svg+xml
x-jsd-version: main
x-jsd-version-type: branch
etag: W/"7ea-l2/BYZ4UntYWHYNNXjw757eVdmk"
content-encoding: br
accept-ranges: bytes
age: 24065
date: Thu, 18 Apr 2024 04:48:21 GMT
x-served-by: cache-fra-eddf8230119-FRA, cache-hel1410023-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 959
X-Firefox-Spdy: h2
|
|
| cdn.jsdelivr.net/gh/AlexHostX/mlbb@main/old/logo.png | 151.101.129.229 | 404 Not Found | 53 B |
URL GET HTTP/2cdn.jsdelivr.net/gh/AlexHostX/mlbb@main/old/logo.png IP151.101.129.229:443
Requested byhttps://k43rf74h9m.fcyz.my.id/ CertificateIssuerGlobalSign nv-sa Subjectjsdelivr.net Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09 ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT
File typeASCII text, with no line terminators Hashcb71d2b197dd6af21b39e0261fb1497c 9ab080da6e72161e565846ba4fe9a3279f8f9acf a3abb1833e1a60b26006a99e3ca8c8aefff91c61003548a8f34fc6c92d62acd7
GET /gh/AlexHostX/mlbb@main/old/logo.png HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://k43rf74h9m.fcyz.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 404 Not Found
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=600, s-maxage=600
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/plain; charset=utf-8
etag: W/"30-mrCA2m5yFh5WWEa6T+mjJ5+Pms8"
content-encoding: br
accept-ranges: bytes
age: 517
date: Thu, 18 Apr 2024 04:48:21 GMT
x-served-by: cache-fra-eddf8230118-FRA, cache-hel1410023-HEL
x-cache: HIT, MISS
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 53
X-Firefox-Spdy: h2
|
|
| rawcdn.githack.com/AlexHostX/all.asset/1591ba04a57c11f4b18d2ebb39e03e4a81715c83/alex-google.css | 104.21.234.230 | 404 Not Found | 14 B |
URL GET HTTP/2rawcdn.githack.com/AlexHostX/all.asset/1591ba04a57c11f4b18d2ebb39e03e4a81715c83/alex-google.css IP104.21.234.230:443
Requested byhttps://k43rf74h9m.fcyz.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectgithack.com FingerprintA4:13:2F:80:0A:C6:7C:8B:08:12:12:22:60:76:15:7D:40:80:70:54 ValidityFri, 01 Mar 2024 13:12:36 GMT - Thu, 30 May 2024 13:12:35 GMT
File typeASCII text, with no line terminators Hash3be7b8b182ccd96e48989b4e57311193 78fb38f212fa49029aff24c669a39648d9b4e68b d5558cd419c8d46bdc958064cb97f963d1ea793866414c025906ec15033512ed
GET /AlexHostX/all.asset/1591ba04a57c11f4b18d2ebb39e03e4a81715c83/alex-google.css HTTP/1.1
Host: rawcdn.githack.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://k43rf74h9m.fcyz.my.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
date: Thu, 18 Apr 2024 04:48:21 GMT
content-length: 14
x-github-request-id: 1042:1C8C04:71170:7AB14:6620A5A9
via: 1.1 varnish
x-served-by: cache-hel1410033-HEL
x-cache: MISS
x-cache-hits: 0
x-timer: S1713415594.373045,VS0,VE160
vary: Authorization,Accept-Encoding,Origin
cross-origin-resource-policy: cross-origin
x-fastly-request-id: 631ed73e7fbda741a4d379a4df3fdfea4eb0dc0e
source-age: 0
cache-control: max-age=60, public
x-githack-cache-status: HIT
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y%2BFKUiLioxmuyRjwkzWBZsnM%2BrmiJLaQe%2FUfpMfXqJxOQpHsmBVg1FaUcbQoeS259h0hWLiHFwnwY%2Foca6ztUd9Tr8j9yJ%2BWTLq4srkfjLT2Eo5W0ogU34cZ%2B8vNzsb24gq8b24%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876205a75d3d23ad-LHR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| k43rf74h9m.fcyz.my.id/img/incubator/5.jpg | 188.114.97.1 | 200 OK | 56 kB |
URL GET HTTP/3k43rf74h9m.fcyz.my.id/img/incubator/5.jpg IP188.114.97.1:443
Requested byhttps://k43rf74h9m.fcyz.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectfcyz.my.id Fingerprint4E:DD:47:65:E3:FA:D8:81:E3:A7:B4:86:FC:92:8F:24:8B:0E:73:25 ValidityTue, 26 Mar 2024 06:26:09 GMT - Mon, 24 Jun 2024 06:26:08 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 568x568, components 3 Hash5e7b7e726f0f5182f4268a38b3a5ceab 6495856bce9af91b8e9d728e0e3625189e7e452b a04ed1b5cf22b5ae79a1bbca52ee14f9ca03a83a36c6ce16e7ecb870e95aab55
Analyzer | Verdict | Alert | OpenPhish | phishing | Garena |
GET /img/incubator/5.jpg HTTP/1.1
Host: k43rf74h9m.fcyz.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://k43rf74h9m.fcyz.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 04:48:21 GMT
content-type: image/jpeg
content-length: 55457
cache-control: public, max-age=604800
expires: Thu, 25 Apr 2024 04:48:21 GMT
last-modified: Wed, 05 Apr 2023 14:31:48 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LWXRdkTmNlT5NlzML2ld0Gl0LM4VKvF4G6iUJfFFj0mmXT%2FgYrTGmI1tpDITpBl%2F3D5cjlwI5Hu7n%2BZP3JjgoI2bMU0sapC7%2FyHFHsL1fMHBDp0pJgbH5YnPtCVTvVoeVPohB1I6Zgw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876205a50fdc56af-OSL
alt-svc: h3=":443"; ma=86400
|
|
| k43rf74h9m.fcyz.my.id/img/incubator/6.jpg | 188.114.97.1 | 200 OK | 58 kB |
URL GET HTTP/3k43rf74h9m.fcyz.my.id/img/incubator/6.jpg IP188.114.97.1:443
Requested byhttps://k43rf74h9m.fcyz.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectfcyz.my.id Fingerprint4E:DD:47:65:E3:FA:D8:81:E3:A7:B4:86:FC:92:8F:24:8B:0E:73:25 ValidityTue, 26 Mar 2024 06:26:09 GMT - Mon, 24 Jun 2024 06:26:08 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 568x568, components 3 Hash933113087a731f60a1b1612d67f969cd db40cd025a4738ef85cf2c514f00e69b5d817df3 54fad0de66506819441abb12f48b499596b374f441fe0aaa7a6e9d7ec0668a5e
Analyzer | Verdict | Alert | OpenPhish | phishing | Garena |
GET /img/incubator/6.jpg HTTP/1.1
Host: k43rf74h9m.fcyz.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://k43rf74h9m.fcyz.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 04:48:21 GMT
content-type: image/jpeg
content-length: 57623
cache-control: public, max-age=604800
expires: Wed, 24 Apr 2024 00:19:21 GMT
last-modified: Wed, 05 Apr 2023 14:31:48 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 102540
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8zKw3%2F8SWSHq8UaJMjlAuJImSc4UKze6yMsAYKApaA7FlB2%2BvNPMMFWEOti7nSj30blsGfb%2FW%2BRWmXTGjwi%2BPkARQY9%2BOQfYtULAS5IHyAG0jhEbnPGaKRJg1nDn59kv%2FrX3GyLUmaA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876205a50fdd56af-OSL
alt-svc: h3=":443"; ma=86400
|
|
| k43rf74h9m.fcyz.my.id/img/incubator/7.jpg | 188.114.97.1 | 200 OK | 18 kB |
URL GET HTTP/3k43rf74h9m.fcyz.my.id/img/incubator/7.jpg IP188.114.97.1:443
Requested byhttps://k43rf74h9m.fcyz.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectfcyz.my.id Fingerprint4E:DD:47:65:E3:FA:D8:81:E3:A7:B4:86:FC:92:8F:24:8B:0E:73:25 ValidityTue, 26 Mar 2024 06:26:09 GMT - Mon, 24 Jun 2024 06:26:08 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 203x273, components 3 Hash2e1e3735e5def5bccf44e87f9ae76a95 f3b503d9632acd9e0cb700f7f5d3712da6fc8eb6 f3c3093e4cc9c4988c843918b523d35b42ea7d5ebca79ea89c04c0e661def0cd
Analyzer | Verdict | Alert | OpenPhish | phishing | Garena |
GET /img/incubator/7.jpg HTTP/1.1
Host: k43rf74h9m.fcyz.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://k43rf74h9m.fcyz.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 04:48:21 GMT
content-type: image/jpeg
content-length: 17868
cache-control: public, max-age=604800
expires: Wed, 24 Apr 2024 00:19:21 GMT
last-modified: Wed, 05 Apr 2023 14:31:48 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 102540
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I%2BLMYuMAAG%2B0djQYMu9F%2FGbtlQ5rw%2FDHn%2FATJ7KRMENC0Y5NKl2eFMbCYe84QtHCrpRHf3cq8LRDYontZmp0aw8Bt86NwDbcZ7Wgvx7kWR2j%2FwqmSbTHRSt7KXwwHWMjSnWDZZi%2F%2B00%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876205a50fdf56af-OSL
alt-svc: h3=":443"; ma=86400
|
|
| k43rf74h9m.fcyz.my.id/img/incubator/8.jpg | 188.114.97.1 | 200 OK | 17 kB |
URL GET HTTP/3k43rf74h9m.fcyz.my.id/img/incubator/8.jpg IP188.114.97.1:443
Requested byhttps://k43rf74h9m.fcyz.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectfcyz.my.id Fingerprint4E:DD:47:65:E3:FA:D8:81:E3:A7:B4:86:FC:92:8F:24:8B:0E:73:25 ValidityTue, 26 Mar 2024 06:26:09 GMT - Mon, 24 Jun 2024 06:26:08 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 201x272, components 3 Hashbb4c22bbf88632acaf74735969c09661 06ec1ada0909e6a314640ea32195f77a6ea832b9 46a89f72eddd4c6b4447622c23bdde5e861bb7afd8a4d1edef030841d373093a
Analyzer | Verdict | Alert | OpenPhish | phishing | Garena |
GET /img/incubator/8.jpg HTTP/1.1
Host: k43rf74h9m.fcyz.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://k43rf74h9m.fcyz.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 04:48:21 GMT
content-type: image/jpeg
content-length: 16726
cache-control: public, max-age=604800
expires: Wed, 24 Apr 2024 00:19:21 GMT
last-modified: Wed, 05 Apr 2023 14:31:48 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 102540
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Gq%2B86L%2FlYnTyOK6fLjksNGQdJM0dZgK5W6a1F9wsVVOr6cgRbQYAxvUP6kxk%2BRRPZeEch2GLslb4onPD11oyX7dfH0UKjeksBHMBtgZDcfXHzEzJpMXD5JpapdC%2BOB95%2BgEQrynOCug%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876205a50fe056af-OSL
alt-svc: h3=":443"; ma=86400
|
|
| k43rf74h9m.fcyz.my.id/img/incubator/9.jpg | 188.114.97.1 | 200 OK | 18 kB |
URL GET HTTP/3k43rf74h9m.fcyz.my.id/img/incubator/9.jpg IP188.114.97.1:443
Requested byhttps://k43rf74h9m.fcyz.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectfcyz.my.id Fingerprint4E:DD:47:65:E3:FA:D8:81:E3:A7:B4:86:FC:92:8F:24:8B:0E:73:25 ValidityTue, 26 Mar 2024 06:26:09 GMT - Mon, 24 Jun 2024 06:26:08 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 202x273, components 3 Hash324fa71ceab25917b1b39275f0510c34 b15a87ed1e0d8915f9bbddcc634e5c19cb9c09c7 37e9b832341a9e17a95ef5f3d8d1175cc4d72cb67847b8a2eea9025ffe0570c9
Analyzer | Verdict | Alert | OpenPhish | phishing | Garena |
GET /img/incubator/9.jpg HTTP/1.1
Host: k43rf74h9m.fcyz.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://k43rf74h9m.fcyz.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 04:48:21 GMT
content-type: image/jpeg
content-length: 17945
cache-control: public, max-age=604800
expires: Wed, 24 Apr 2024 00:19:21 GMT
last-modified: Wed, 05 Apr 2023 14:31:48 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 102540
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wgqXXCNEsZL9eelA%2FBLwfALIxcKpyjXuJQ5fHce7PhSQxN%2FhS0JSb9Ax38y9gPgwYtvQPG9htZXlykYvHvSpkGtU%2FjgGutvbk1Sd19Di40arNcRQ1ZXAkKgjHrx9H62Jbhlv8LSBJUM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876205a50fe156af-OSL
alt-svc: h3=":443"; ma=86400
|
|
| k43rf74h9m.fcyz.my.id/img/incubator/10.jpg | 188.114.97.1 | 200 OK | 15 kB |
URL GET HTTP/3k43rf74h9m.fcyz.my.id/img/incubator/10.jpg IP188.114.97.1:443
Requested byhttps://k43rf74h9m.fcyz.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectfcyz.my.id Fingerprint4E:DD:47:65:E3:FA:D8:81:E3:A7:B4:86:FC:92:8F:24:8B:0E:73:25 ValidityTue, 26 Mar 2024 06:26:09 GMT - Mon, 24 Jun 2024 06:26:08 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 205x270, components 3 Hash6662119a701a284803239bd63e60a9f1 331dcad42c43585899aef4049ee759c48b47a464 7dad6721e95be42ff263df89e177b04725f23b7b37a2e7ab7f97e35e5fd02b16
Analyzer | Verdict | Alert | OpenPhish | phishing | Garena |
GET /img/incubator/10.jpg HTTP/1.1
Host: k43rf74h9m.fcyz.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://k43rf74h9m.fcyz.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 04:48:21 GMT
content-type: image/jpeg
content-length: 15353
cache-control: public, max-age=604800
expires: Wed, 24 Apr 2024 00:19:21 GMT
last-modified: Wed, 05 Apr 2023 14:31:48 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 102540
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DmEuhtB1q27yBLLD8lxIPzGV6U3AMqivcId21DrX3w300iwxfvaE%2FfJvmaUi%2BhxVWU0JWKM3qUij220grQwnAXVmq5QKX8Id6l2LuBdYGPXEAg0wdYZnUmtfmOybncTqkh6YFOcpSyY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876205a50fe256af-OSL
alt-svc: h3=":443"; ma=86400
|
|
| k43rf74h9m.fcyz.my.id/img/incubator/11.jpg | 188.114.97.1 | 200 OK | 17 kB |
URL GET HTTP/3k43rf74h9m.fcyz.my.id/img/incubator/11.jpg IP188.114.97.1:443
Requested byhttps://k43rf74h9m.fcyz.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectfcyz.my.id Fingerprint4E:DD:47:65:E3:FA:D8:81:E3:A7:B4:86:FC:92:8F:24:8B:0E:73:25 ValidityTue, 26 Mar 2024 06:26:09 GMT - Mon, 24 Jun 2024 06:26:08 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 201x269, components 3 Hashff130cc7c9b4f2b0b8da9df733b6e46c 7552f1af69a3fe64f388d89efc0c2afccbeba941 a738fedb10c230981aea2faeb99e56ba0f4b80d576559bbe99bc569abc28967f
Analyzer | Verdict | Alert | OpenPhish | phishing | Garena |
GET /img/incubator/11.jpg HTTP/1.1
Host: k43rf74h9m.fcyz.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://k43rf74h9m.fcyz.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 04:48:21 GMT
content-type: image/jpeg
content-length: 16631
cache-control: public, max-age=604800
expires: Wed, 24 Apr 2024 00:19:21 GMT
last-modified: Wed, 05 Apr 2023 14:31:48 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 102540
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xJxmcymex0F3evXAtNcvfTPVCd%2FP4%2FxgQbOiOPmM4E6j71lUDsnsvQP8C0jJHghK03lqDxb%2B%2FvqixHS7Lzfmcc0FvV9HFEVrHaiE%2Fv%2BZjLOjDydvTn8mJPL1KZXonHqrWGUpXtYd4tE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876205a50fe356af-OSL
alt-svc: h3=":443"; ma=86400
|
|
| k43rf74h9m.fcyz.my.id/img/incubator/12.jpg | 188.114.97.1 | 200 OK | 17 kB |
URL GET HTTP/3k43rf74h9m.fcyz.my.id/img/incubator/12.jpg IP188.114.97.1:443
Requested byhttps://k43rf74h9m.fcyz.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectfcyz.my.id Fingerprint4E:DD:47:65:E3:FA:D8:81:E3:A7:B4:86:FC:92:8F:24:8B:0E:73:25 ValidityTue, 26 Mar 2024 06:26:09 GMT - Mon, 24 Jun 2024 06:26:08 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 203x273, components 3 Hash89bf879f77e2c739090f65670e1d543e 10a037660ba66df86c1e1dfdc309425a5b81a691 da57aa220b2f676a0dfe336fa5410675c9801312cbd50ccb59f81028e6cb4213
Analyzer | Verdict | Alert | OpenPhish | phishing | Garena |
GET /img/incubator/12.jpg HTTP/1.1
Host: k43rf74h9m.fcyz.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://k43rf74h9m.fcyz.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 04:48:21 GMT
content-type: image/jpeg
content-length: 16838
cache-control: public, max-age=604800
expires: Thu, 25 Apr 2024 04:48:21 GMT
last-modified: Wed, 05 Apr 2023 14:31:48 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vTLTDYIqST3kGfI2I5WX2YXTeDS6AZ3auOIdjd2nwpIx5chGBNGqjfWS3PBTp4XxyKWaty6Cpp3WYufl5yFpwqo1A4fLpUtA9yNcNaNq%2Bwjb1RMWHu4d2dUtrXRwUD2Gbd9q2Segd5k%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876205a50fe456af-OSL
alt-svc: h3=":443"; ma=86400
|
|
| cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js | 104.17.24.14 | 200 OK | 28 kB |
URL GET HTTP/2cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js IP104.17.24.14:443
Requested byhttps://k43rf74h9m.fcyz.my.id/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (65447) Hash8fb8fee4fcc3cc86ff6c724154c49c42 b82d238d4e31fdf618bae8ac11a6c812c03dd0d4 ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
GET /ajax/libs/jquery/3.6.0/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://k43rf74h9m.fcyz.my.id
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:48:21 GMT
content-type: application/javascript; charset=utf-8
content-length: 27938
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "603e8adc-15d9d"
last-modified: Tue, 02 Mar 2021 18:58:36 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 2941208
expires: Tue, 08 Apr 2025 04:48:21 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oFMGDI4thMCGWcQnNX9noyorNw4erTajMBM8uWn6%2FZLnROcQ1PHeJablF6fU9md9%2FO%2B4YWtRqhY%2FBjr3rkJrBa688E3vqCX1DTS7xlv%2BoDTFWMPt2i397uBEpITwM%2BZPppi%2BWKAk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 876205a7bce956aa-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| rawcdn.githack.com/AlexHostX/all.asset/3ddd40ca064d997b6655739e7a0e8a65acc106e8/alex-vikontakte.css | 104.21.234.230 | 404 Not Found | 14 B |
URL GET HTTP/2rawcdn.githack.com/AlexHostX/all.asset/3ddd40ca064d997b6655739e7a0e8a65acc106e8/alex-vikontakte.css IP104.21.234.230:443
Requested byhttps://k43rf74h9m.fcyz.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectgithack.com FingerprintA4:13:2F:80:0A:C6:7C:8B:08:12:12:22:60:76:15:7D:40:80:70:54 ValidityFri, 01 Mar 2024 13:12:36 GMT - Thu, 30 May 2024 13:12:35 GMT
File typeASCII text, with no line terminators Hash3be7b8b182ccd96e48989b4e57311193 78fb38f212fa49029aff24c669a39648d9b4e68b d5558cd419c8d46bdc958064cb97f963d1ea793866414c025906ec15033512ed
GET /AlexHostX/all.asset/3ddd40ca064d997b6655739e7a0e8a65acc106e8/alex-vikontakte.css HTTP/1.1
Host: rawcdn.githack.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://k43rf74h9m.fcyz.my.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
date: Thu, 18 Apr 2024 04:48:21 GMT
content-length: 14
x-github-request-id: B038:1C8C04:701E1:79A37:6620A574
via: 1.1 varnish
x-served-by: cache-hel1410027-HEL
x-cache: MISS
x-cache-hits: 0
x-timer: S1713415541.655904,VS0,VE261
vary: Authorization,Accept-Encoding,Origin
cross-origin-resource-policy: cross-origin
x-fastly-request-id: 72c17b59a148138db795f907a632b565e9cc122f
source-age: 0
cache-control: max-age=60, public
x-githack-cache-status: HIT
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3GEh9JHJdSXhrY9oS3H2RuQI1sm9yfxmKUBvj%2FOVg2PDUoq9hT8fz3j80l0KWG29yeY1ZRhK5nAyhF1HABt4UGCPn54xRkBf2tRYD%2BFgnenqttlc8MIwHzbUarrkPPZlt02QT%2Fs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876205a76d4823ad-LHR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| rawcdn.githack.com/AlexHostX/all.asset/3fce8843edde49a48905ae1ed9cf237534e547dd/alex-moonton.css | 104.21.234.230 | 404 Not Found | 14 B |
URL GET HTTP/2rawcdn.githack.com/AlexHostX/all.asset/3fce8843edde49a48905ae1ed9cf237534e547dd/alex-moonton.css IP104.21.234.230:443
Requested byhttps://k43rf74h9m.fcyz.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectgithack.com FingerprintA4:13:2F:80:0A:C6:7C:8B:08:12:12:22:60:76:15:7D:40:80:70:54 ValidityFri, 01 Mar 2024 13:12:36 GMT - Thu, 30 May 2024 13:12:35 GMT
File typeASCII text, with no line terminators Hash3be7b8b182ccd96e48989b4e57311193 78fb38f212fa49029aff24c669a39648d9b4e68b d5558cd419c8d46bdc958064cb97f963d1ea793866414c025906ec15033512ed
GET /AlexHostX/all.asset/3fce8843edde49a48905ae1ed9cf237534e547dd/alex-moonton.css HTTP/1.1
Host: rawcdn.githack.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://k43rf74h9m.fcyz.my.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
date: Thu, 18 Apr 2024 04:48:21 GMT
content-length: 14
x-github-request-id: 2190:353C66:3F4844A:42DBB4F:6620A4CC
via: 1.1 varnish
x-served-by: cache-hel1410026-HEL
x-cache: MISS
x-cache-hits: 0
x-timer: S1713415373.331287,VS0,VE160
vary: Authorization,Accept-Encoding,Origin
cross-origin-resource-policy: cross-origin
x-fastly-request-id: bb7a6184cd60426cd3091af75fdd4b4ac4f1d59b
source-age: 0
cache-control: max-age=60, public
x-githack-cache-status: STALE
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EeHeRID09mo%2BSAKdfe3TD2CVwsnLhJ%2FnbexjnK7x2S2t6tb4gFYMTifr5oaosCssC3l6o2CF5IdGWhzUodzIA7Mecbj2r62wxgjba3GMbR2iZL95AkytsfqljvqtJDIuxvtZ1kk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876205a75d3c23ad-LHR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| filebagasarya.com/img/border/borderatasorange.png | 172.67.195.69 | 200 OK | 82 kB |
URL GET HTTP/2filebagasarya.com/img/border/borderatasorange.png IP172.67.195.69:443
Requested byhttps://k43rf74h9m.fcyz.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectfilebagasarya.com FingerprintF8:10:79:DD:D9:42:FF:FD:E3:35:9B:09:62:4F:9B:40:07:DD:BA:85 ValidityMon, 26 Feb 2024 19:06:41 GMT - Sun, 26 May 2024 19:06:40 GMT
File typePNG image data, 979 x 578, 8-bit/color RGBA, non-interlaced Hash06868c2454d9d8c0a17e49c915f6aca3 d4584aac766db94d6617cbc4494cd42b44b9a24a 4923c888864d76243b116d6ac21e4e24049b195098809f6e0540aabb38ef9a88
GET /img/border/borderatasorange.png HTTP/1.1
Host: filebagasarya.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://k43rf74h9m.fcyz.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:48:21 GMT
content-type: image/png
content-length: 82404
cache-control: public, max-age=604800
expires: Sun, 21 Apr 2024 10:30:58 GMT
last-modified: Thu, 04 May 2023 03:26:42 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 325043
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zoFdMUL2NonRBG78hmtqOP4kKNAiYrflw%2Bn%2BTZd0UWwceAkS9%2Fl3mYs12kShZm2Dy405IbQ1EsiRggMJGCJHVf8SenxetmC9vg2Ema5RPALPlJNovkHdV8yg7tmD8b%2BRjwqUeQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876205a87cd3b521-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| dl.dir.freefiremobile.com/common/web_event/official2/dist/client/img/full_logo.969f536.png | 152.195.133.221 | 200 OK | 8.3 kB |
URL GET HTTP/2dl.dir.freefiremobile.com/common/web_event/official2/dist/client/img/full_logo.969f536.png IP152.195.133.221:443
Requested byhttps://k43rf74h9m.fcyz.my.id/ CertificateIssuerDigiCert Inc Subjectgarenanow.com Fingerprint65:54:F1:4C:20:75:FB:11:D3:A9:95:B8:F9:AE:05:C7:77:EF:78:58 ValidityFri, 23 Feb 2024 00:00:00 GMT - Thu, 30 May 2024 23:59:59 GMT
File typePNG image data, 616 x 90, 8-bit/color RGBA, non-interlaced Hashc632e6bfd0076695e56477bdb3f7232c 5b4212f029814b5dfda946ac5e5a6ba97857feb9 86ccbc1dbeb58af3e6bce5ee52f86a47399da998ad34a0fd2ce9b0b539d92f6c
GET /common/web_event/official2/dist/client/img/full_logo.969f536.png HTTP/1.1
Host: dl.dir.freefiremobile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://k43rf74h9m.fcyz.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
age: 2299
cache-control: public, max-age=3600
content-md5: xjLmv9AHZpXlZHe9s/cjLA==
content-type: image/png
date: Thu, 18 Apr 2024 04:48:21 GMT
ec-version: v6.05
etag: "c632e6bfd0076695e56477bdb3f7232c"
expires: Thu, 18 Apr 2024 05:48:21 GMT
last-modified: Wed, 10 Apr 2024 03:54:58 GMT
server: ECAcc (ska/F692)
via: 1.1 9fde400234236c10982fe8b8a3ca9eb2.cloudfront.net (CloudFront)
x-amz-cf-id: uNrxbFWE489Kt3bJEhdI1Zk5azHWf0lF68IlhqPWvJUHhI2KpgJ3tA==
x-amz-cf-pop: ARN56-P1
x-cache: HIT
x-obs-id-2: 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCS9/dPEru0mAha5chJGkLwAtG0+xmb49
x-obs-replication-status: REPLICA
x-obs-request-id: 0000018EEF65AEE6980DBA4600066921
content-length: 8314
X-Firefox-Spdy: h2
|
|
| rawcdn.githack.com/AlexHostX/all.asset/c9f3ddecc56e688f8660a2d31a5beea4909fa5b9/alex-facebook.css | 104.21.234.230 | 404 Not Found | 14 B |
URL GET HTTP/2rawcdn.githack.com/AlexHostX/all.asset/c9f3ddecc56e688f8660a2d31a5beea4909fa5b9/alex-facebook.css IP104.21.234.230:443
Requested byhttps://k43rf74h9m.fcyz.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectgithack.com FingerprintA4:13:2F:80:0A:C6:7C:8B:08:12:12:22:60:76:15:7D:40:80:70:54 ValidityFri, 01 Mar 2024 13:12:36 GMT - Thu, 30 May 2024 13:12:35 GMT
File typeASCII text, with no line terminators Hash3be7b8b182ccd96e48989b4e57311193 78fb38f212fa49029aff24c669a39648d9b4e68b d5558cd419c8d46bdc958064cb97f963d1ea793866414c025906ec15033512ed
GET /AlexHostX/all.asset/c9f3ddecc56e688f8660a2d31a5beea4909fa5b9/alex-facebook.css HTTP/1.1
Host: rawcdn.githack.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://k43rf74h9m.fcyz.my.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
date: Thu, 18 Apr 2024 04:48:21 GMT
content-length: 14
x-github-request-id: 860C:28A883:1321A5F:141DE83:6620A4D6
via: 1.1 varnish
x-served-by: cache-hel1410027-HEL
x-cache: MISS
x-cache-hits: 0
x-timer: S1713415382.290429,VS0,VE173
vary: Authorization,Accept-Encoding,Origin
cross-origin-resource-policy: cross-origin
x-fastly-request-id: e476e0f858dee35f116a22d623d6d43150b963ea
source-age: 0
cache-control: max-age=60, public
x-githack-cache-status: STALE
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gjiiCp6ycF6mapY224AWdkVPOvcK7DpJr8ZpSX2jkRifmwfxLiFTLwKmG%2BeJ2PDPf1Xns2bXd750NCeKJmE61B99josltPdpFUZ1pGxO0027XeJ0h4nr39ak5L3pXs9LYsoEzEA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876205a7bd7523ad-LHR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| i.postimg.cc/nVkV8M0W/FfMaxx.jpg | 162.19.88.68 | 200 OK | 37 kB |
URL GET HTTP/2i.postimg.cc/nVkV8M0W/FfMaxx.jpg IP162.19.88.68:443
Requested byhttps://k43rf74h9m.fcyz.my.id/ CertificateIssuerLet's Encrypt Subjectpostimg.cc FingerprintF9:1B:A9:B2:AB:2D:30:75:4E:44:3F:7A:6F:40:77:77:39:CE:1B:13 ValidityWed, 21 Feb 2024 07:13:33 GMT - Tue, 21 May 2024 07:13:32 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 512x512, components 3 Hash61aa45bf291755caa8f0664e4e8b91e9 33f6c6304486ce8004d9d459f08aa6b95982f0ba 323b5ffc0bc7f906cf266b1622e4de3f8dfddcb3f38c460e58b468906d51ebf3
GET /nVkV8M0W/FfMaxx.jpg HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://k43rf74h9m.fcyz.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 04:48:21 GMT
content-type: image/jpeg
content-length: 37166
last-modified: Sat, 04 Mar 2023 14:21:43 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| k43rf74h9m.fcyz.my.id/img/back3.jpg | 188.114.97.1 | 200 OK | 37 kB |
URL GET HTTP/3k43rf74h9m.fcyz.my.id/img/back3.jpg IP188.114.97.1:443
Requested byhttps://k43rf74h9m.fcyz.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectfcyz.my.id Fingerprint4E:DD:47:65:E3:FA:D8:81:E3:A7:B4:86:FC:92:8F:24:8B:0E:73:25 ValidityTue, 26 Mar 2024 06:26:09 GMT - Mon, 24 Jun 2024 06:26:08 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 675x1280, components 3 Hashd49a9d65d02c88f1d08a2d529c3ce262 a48830b010894c7ff4f8b0755b45c0529258564b 6127febdf5ed95db07f069979e91266e2f68c9d4eb09e161e906052cb850023a
Analyzer | Verdict | Alert | OpenPhish | phishing | Garena |
GET /img/back3.jpg HTTP/1.1
Host: k43rf74h9m.fcyz.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://k43rf74h9m.fcyz.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 04:48:22 GMT
content-type: image/jpeg
content-length: 37092
cache-control: public, max-age=604800
expires: Wed, 24 Apr 2024 00:19:21 GMT
last-modified: Sat, 17 Feb 2024 01:07:56 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 102541
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w5I4AedAmaLWL9sxvwCD8VbjfIn26YmvfqrhP7%2BDjLXaGmn5%2B3tmNQcJZFt8oK%2FmAuP4maw4d3jCiRQlt2Lq6K5uwwV65kzlbhZoObrKMF59ubYhR7iKOvmrU78c6NaOPe9%2BFpXQJrY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876205ab1c1d56af-OSL
alt-svc: h3=":443"; ma=86400
|
|
| cdn.jsdelivr.net/gh/AlexHostX/mlbb@main/old/IMG-20220417-184327.jpg | 151.101.129.229 | 404 Not Found | 53 B |
URL GET HTTP/3cdn.jsdelivr.net/gh/AlexHostX/mlbb@main/old/IMG-20220417-184327.jpg IP151.101.129.229:443
Requested byhttps://k43rf74h9m.fcyz.my.id/ CertificateIssuerGlobalSign nv-sa Subjectjsdelivr.net Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09 ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT
File typeASCII text, with no line terminators Hashcb71d2b197dd6af21b39e0261fb1497c 9ab080da6e72161e565846ba4fe9a3279f8f9acf a3abb1833e1a60b26006a99e3ca8c8aefff91c61003548a8f34fc6c92d62acd7
GET /gh/AlexHostX/mlbb@main/old/IMG-20220417-184327.jpg HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://k43rf74h9m.fcyz.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 404 Not Found
content-length: 53
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=600, s-maxage=600
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/plain; charset=utf-8
etag: W/"30-mrCA2m5yFh5WWEa6T+mjJ5+Pms8"
content-encoding: br
accept-ranges: bytes
age: 511
date: Thu, 18 Apr 2024 04:48:22 GMT
x-served-by: cache-fra-eddf8230046-FRA, cache-hel1410025-HEL
x-cache: HIT, MISS
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
|
|
| www.youtube.com/s/player/f92087f2/www-player.css | 216.58.207.206 | 200 OK | 48 kB |
URL GET HTTP/3www.youtube.com/s/player/f92087f2/www-player.css IP216.58.207.206:443
Requested byhttps://www.youtube.com/embed/4hIMRUTqARM?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT
File typeASCII text, with very long lines (65536), with no line terminators Hasheff7afac8f7ac0ed881f37ffd3eebcbe 21acf841f4603dbfaed62decef15175b5d68f20f ff1235e0e6c896931d1f31f618b35e68a469befd8c90d7a0da22f1d988b0bbc2
GET /s/player/f92087f2/www-player.css HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/4hIMRUTqARM?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 48137
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 07:20:55 GMT
expires: Wed, 16 Apr 2025 07:20:55 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 16 Apr 2024 04:18:33 GMT
content-type: text/css
vary: Accept-Encoding, Origin
age: 163647
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| k43rf74h9m.fcyz.my.id/bagas/css/moonton.css | 188.114.97.1 | 200 OK | 99 kB |
URL GET HTTP/3k43rf74h9m.fcyz.my.id/bagas/css/moonton.css IP188.114.97.1:443
Requested byhttps://k43rf74h9m.fcyz.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectfcyz.my.id Fingerprint4E:DD:47:65:E3:FA:D8:81:E3:A7:B4:86:FC:92:8F:24:8B:0E:73:25 ValidityTue, 26 Mar 2024 06:26:09 GMT - Mon, 24 Jun 2024 06:26:08 GMT
File typeASCII text, with CRLF line terminators Hash99598fad1f5706054ad5d6cb3fc793de a6cf0678494edf9ece7918fc32f97a43c7724418 5e9973f789c6b11b44992b8f3232427c4b2c05099db3179f6bab1aee75faba2d
Analyzer | Verdict | Alert | OpenPhish | phishing | Garena |
GET /bagas/css/moonton.css HTTP/1.1
Host: k43rf74h9m.fcyz.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://k43rf74h9m.fcyz.my.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 04:48:21 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Wed, 24 Apr 2024 00:19:21 GMT
last-modified: Mon, 06 Nov 2023 17:15:52 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 102540
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IWWN2S3vx23FbTsqRdCdLdb58dJ51IZ6pG9hCWp1LJsSEVM3BAi3AFSSnyj6uZu9cinmsFWahFrc0VqSX1RtJnVV51iIyI700O1nBEgW2uuNIsx0IuX9dovfqTwIL3p7gpJEsqK%2FVrc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876205a3eec856af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| k43rf74h9m.fcyz.my.id/bagas/css/facebook.css | 188.114.97.1 | 200 OK | 9.2 kB |
URL GET HTTP/3k43rf74h9m.fcyz.my.id/bagas/css/facebook.css IP188.114.97.1:443
Requested byhttps://k43rf74h9m.fcyz.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectfcyz.my.id Fingerprint4E:DD:47:65:E3:FA:D8:81:E3:A7:B4:86:FC:92:8F:24:8B:0E:73:25 ValidityTue, 26 Mar 2024 06:26:09 GMT - Mon, 24 Jun 2024 06:26:08 GMT
File typeASCII text, with CRLF line terminators Hashae8f5eac80c514b6ccffce75de1d2d70 eff4b0347b7c8ea58833f35c07e177f80fd28ad2 a9510c5b947eedfa3d84fef078a623ebb72cd26a8acf9855a15521dffc430d62
Analyzer | Verdict | Alert | OpenPhish | phishing | Garena |
GET /bagas/css/facebook.css HTTP/1.1
Host: k43rf74h9m.fcyz.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://k43rf74h9m.fcyz.my.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 04:48:21 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Wed, 24 Apr 2024 00:19:21 GMT
last-modified: Mon, 06 Nov 2023 16:44:36 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 102540
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BflA2mjzV2AGRIKnDK4Y7uqbDMtYAgNkelHw6SvT5WGUH07syOD8jcb08qRrZjM%2Bw5%2BYNGoBESZaXNPN%2FxQ0RqrSEVuSkCyy1oKN5m2YxTyYVdzgK5vpArEf23hn0Nz6jxSm4lkIEGE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876205a3eeca56af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| fonts.gstatic.com/s/teko/v20/LYjNdG7kmE0gfaN9pQ.woff2 | 142.250.74.67 | 200 OK | 15 kB |
URL GET HTTP/2fonts.gstatic.com/s/teko/v20/LYjNdG7kmE0gfaN9pQ.woff2 IP142.250.74.67:443
Requested byhttps://k43rf74h9m.fcyz.my.id/ CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15044, version 1.0 Hash4806226b885b3b3d0ae52142f6bfb3af 2ea5cc6d5e4adb874989a2b74bda062296fb1ad3 714088bef569d6981bfae79530ef315f4d6505f302a944ce9063601919977e6f
GET /s/teko/v20/LYjNdG7kmE0gfaN9pQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://k43rf74h9m.fcyz.my.id
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15044
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 15 Apr 2024 20:39:40 GMT
expires: Tue, 15 Apr 2025 20:39:40 GMT
cache-control: public, max-age=31536000
age: 202122
last-modified: Thu, 24 Aug 2023 21:55:11 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| ka-f.fontawesome.com/releases/v6.0.0/css/free.min.css?token=869e25b803 | 172.67.139.119 | 200 OK | 29 kB |
URL GET HTTP/2ka-f.fontawesome.com/releases/v6.0.0/css/free.min.css?token=869e25b803 IP172.67.139.119:443
Requested byhttps://k43rf74h9m.fcyz.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectka-f.fontawesome.com Fingerprint8D:43:33:42:48:C0:F5:34:71:EC:49:69:9C:62:01:4A:6F:41:11:98 ValidityTue, 05 Mar 2024 09:23:28 GMT - Mon, 03 Jun 2024 09:23:27 GMT
File typeASCII text, with very long lines (65321) Hash345f5ecc270c94968998574a2d37e31a 4b1937ca073a8376a07161bc40549585493ffa3d efad9b46d0c00f2562eb53236717ff21ebd474f8d68f69b45f92c424bfd87e9c
GET /releases/v6.0.0/css/free.min.css?token=869e25b803 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://k43rf74h9m.fcyz.my.id/
Origin: https://k43rf74h9m.fcyz.my.id
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:48:22 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Mon, 07 Feb 2022 20:11:39 GMT
etag: W/"345f5ecc270c94968998574a2d37e31a"
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: SydZbaIB9aKAsoCd4XaPx2V7vp4m3uji8btICUmbBHs8c8iQrdFg9Q==
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wK2M1jD0qpdJ%2F4NmLjLUURmgEljsyg9zRAia%2BhMpYIvGr8z81oGeLuKX77e6J0lSviOQZ7ajzl08RFK56Q1ml9y%2BC5S8bFfEkfug1RjXLQ%2Btt0SyjpKlwCBOIKSji%2F9TEDSZBUzzyw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876205ab8eddb4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 | 142.250.74.67 | 200 OK | 15 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 IP142.250.74.67:443
Requested byhttps://www.youtube.com/embed/4hIMRUTqARM?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15344, version 1.0 Hash5d4aeb4e5f5ef754e307d7ffaef688bd 06db651cdf354c64a7383ea9c77024ef4fb4cef8 3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 02:43:03 GMT
expires: Fri, 18 Apr 2025 02:43:03 GMT
cache-control: public, max-age=31536000
age: 7519
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 | 142.250.74.67 | 200 OK | 16 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 IP142.250.74.67:443
Requested byhttps://www.youtube.com/embed/4hIMRUTqARM?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15552, version 1.0 Hash285467176f7fe6bb6a9c6873b3dad2cc ea04e4ff5142ddd69307c183def721a160e0a64e 5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 11 Apr 2024 17:25:07 GMT
expires: Fri, 11 Apr 2025 17:25:07 GMT
cache-control: public, max-age=31536000
age: 559395
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| filebagasarya.com/img/border/claimepepgold.jpg | 172.67.195.69 | 200 OK | 17 kB |
URL GET HTTP/3filebagasarya.com/img/border/claimepepgold.jpg IP172.67.195.69:443
Requested byhttps://k43rf74h9m.fcyz.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectfilebagasarya.com FingerprintF8:10:79:DD:D9:42:FF:FD:E3:35:9B:09:62:4F:9B:40:07:DD:BA:85 ValidityMon, 26 Feb 2024 19:06:41 GMT - Sun, 26 May 2024 19:06:40 GMT
File typePNG image data, 193 x 59, 8-bit/color RGBA, non-interlaced Hashc61321f52aeff74693795602cf069eae 835e9f7d87c963a4f443130277f6a8074b1abc71 ac8a111bd0d029a03e1301abdec8d372b71c7e021f62c34c9050455f07b76995
GET /img/border/claimepepgold.jpg HTTP/1.1
Host: filebagasarya.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://k43rf74h9m.fcyz.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 04:48:22 GMT
content-type: image/jpeg
content-length: 16891
cache-control: public, max-age=604800
expires: Thu, 25 Apr 2024 04:48:22 GMT
last-modified: Wed, 03 May 2023 01:21:06 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=klS%2FNgKOtVgqO%2FHgMVpA%2FeoJa4dpUdM3G0GCf%2FYegpcSHBQD%2BVsLrZ2tleNlDrmp3HIwDc9CXIpsBmXqUkoaB7gEsPSIQDF%2Fciy6Z3SR7Ul2U2hcJMA%2B8bmfbW3hVBrVanUGnw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876205ab2e5b1c06-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.youtube.com/s/player/f92087f2/player_ias.vflset/en_US/base.js | 216.58.207.206 | 200 OK | 809 kB |
URL GET HTTP/3www.youtube.com/s/player/f92087f2/player_ias.vflset/en_US/base.js IP216.58.207.206:443
Requested byhttps://www.youtube.com/embed/4hIMRUTqARM?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT
File typeJavaScript source, ASCII text, with very long lines (555) Size809 kB (809144 bytes) Hash0d2406f6a79bde4d11ad5f70b18ba433 699a5d887b0557a5f788fea125e4260cf41fdb55 001b4c1ed0ccce6c39372a81fc4e9464950f77c72fd53aea1f78f999c0dd9bd3
GET /s/player/f92087f2/player_ias.vflset/en_US/base.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/4hIMRUTqARM?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-encoding: gzip
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 809144
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 18:56:43 GMT
expires: Wed, 16 Apr 2025 18:56:43 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 16 Apr 2024 04:18:33 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 121899
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| i.postimg.cc/nVkV8M0W/FfMaxx.jpg | 162.19.88.68 | 200 OK | 37 kB |
URL GET HTTP/2i.postimg.cc/nVkV8M0W/FfMaxx.jpg IP162.19.88.68:443
Requested byhttps://k43rf74h9m.fcyz.my.id/ CertificateIssuerLet's Encrypt Subjectpostimg.cc FingerprintF9:1B:A9:B2:AB:2D:30:75:4E:44:3F:7A:6F:40:77:77:39:CE:1B:13 ValidityWed, 21 Feb 2024 07:13:33 GMT - Tue, 21 May 2024 07:13:32 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 512x512, components 3 Hash61aa45bf291755caa8f0664e4e8b91e9 33f6c6304486ce8004d9d459f08aa6b95982f0ba 323b5ffc0bc7f906cf266b1622e4de3f8dfddcb3f38c460e58b468906d51ebf3
GET /nVkV8M0W/FfMaxx.jpg HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://k43rf74h9m.fcyz.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 04:48:22 GMT
content-type: image/jpeg
content-length: 37166
last-modified: Sat, 04 Mar 2023 14:21:43 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.youtube.com/s/player/f92087f2/player_ias.vflset/en_US/embed.js | 216.58.207.206 | 200 OK | 18 kB |
URL GET HTTP/3www.youtube.com/s/player/f92087f2/player_ias.vflset/en_US/embed.js IP216.58.207.206:443
Requested byhttps://www.youtube.com/embed/4hIMRUTqARM?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT
File typeJavaScript source, ASCII text, with very long lines (3391) Hash1acbd20b4a303a41bba4c1af0636abbe 21497b44dca32bad04a2abbba7dd517e8cc16055 760bcaf29c194cd5c63b59b29fef5bc7fa164c844152ff5eee8f7b97e84a38ac
GET /s/player/f92087f2/player_ias.vflset/en_US/embed.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/4hIMRUTqARM?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 18187
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 07:28:07 GMT
expires: Wed, 16 Apr 2025 07:28:07 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 16 Apr 2024 04:18:33 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 163216
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.google.com/js/th/3qr7gha742YnmAUpItQqIAu3HrTIDIaDXS3XkPEq5AU.js | 142.250.74.164 | 200 OK | 20 kB |
URL GET HTTP/2www.google.com/js/th/3qr7gha742YnmAUpItQqIAu3HrTIDIaDXS3XkPEq5AU.js IP142.250.74.164:443
Requested byhttps://www.youtube.com/embed/4hIMRUTqARM?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com CertificateIssuerGoogle Trust Services LLC Subjectwww.google.com FingerprintCC:CC:99:46:65:6C:77:0B:C8:AA:AD:5E:58:B6:2D:19:B2:C7:0B:06 ValidityMon, 04 Mar 2024 07:19:07 GMT - Mon, 27 May 2024 07:19:06 GMT
File typeJavaScript source, ASCII text, with very long lines (52156) Hashe72bebc20c294cb7e62bbccd15c94b1b a83fff70fe780fcbb8738f3d1cf4a7e309879dc6 deaafb8216bbe3662798052922d42a200bb71eb4c80c86835d2dd790f12ae405
GET /js/th/3qr7gha742YnmAUpItQqIAu3HrTIDIaDXS3XkPEq5AU.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 20514
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 17 Apr 2024 05:04:22 GMT
expires: Thu, 17 Apr 2025 05:04:22 GMT
cache-control: public, max-age=31536000
age: 85441
last-modified: Thu, 04 Apr 2024 18:30:00 GMT
content-type: text/javascript
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create | 142.250.74.74 | 200 OK | 0 B |
URL OPTIONS HTTP/2jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create IP142.250.74.74:443
Requested byhttps://www.youtube.com/embed/4hIMRUTqARM?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Thu, 18 Apr 2024 04:48:23 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.youtube.com/youtubei/v1/player?prettyPrint=false | 216.58.207.206 | 200 OK | 30 kB |
URL POST HTTP/3www.youtube.com/youtubei/v1/player?prettyPrint=false IP216.58.207.206:443
Requested byhttps://www.youtube.com/embed/4hIMRUTqARM?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT
Hashf4279ad7383a5845efe9209e510f3c64 3c74ba5ade1845f79ade44a750398b47aa16d194 6526986884147c376a10894014266b68db2803ab38563901a040bbfa10098c28
POST /youtubei/v1/player?prettyPrint=false HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Goog-Visitor-Id: CgttQkN3Z3hvYnB4ayiVzIKxBjIOCgJOTxIIEgQSAgsMIGs%3D
X-Youtube-Bootstrap-Logged-In: false
X-Youtube-Client-Name: 56
X-Youtube-Client-Version: 1.20240415.01.00
Content-Length: 3040
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/4hIMRUTqARM?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/json; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: br
date: Thu, 18 Apr 2024 04:48:23 GMT
server: scaffolding on HTTPServer2
content-length: 30132
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create | 142.250.74.74 | 200 OK | 42 kB |
URL OPTIONS HTTP/2jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create IP142.250.74.74:443
Requested byhttps://www.youtube.com/embed/4hIMRUTqARM?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT
Hashe67b1456be23d03c76809be4ef669f14 c5bd6a495ce2785265c929cb2b6f95ec79623136 575381c346ec0c5131d8ff744eda5db55cd72a687052f65b0640fc707381bff8
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Thu, 18 Apr 2024 04:48:23 GMT
server: ESF
cache-control: private
content-length: 42073
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.youtube.com/generate_204?UWhsLw | 216.58.207.206 | 204 No Content | 0 B |
URL GET HTTP/3www.youtube.com/generate_204?UWhsLw IP216.58.207.206:443
Requested byhttps://www.youtube.com/embed/4hIMRUTqARM?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /generate_204?UWhsLw HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/4hIMRUTqARM?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
content-length: 0
cross-origin-resource-policy: cross-origin
date: Thu, 18 Apr 2024 04:48:23 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.youtube.com/api/stats/qoe?fmt=396&cpn=X0a5POUGk_ax9Y6n&el=embedded&ns=yt&fexp=v1%2C23983296%2C21348%2C76094%2C54572%2C304051%2C84737%2C36318%2C6271%2C26443548%2C7111%2C36343%2C9954%2C1192%2C26496%2C6966%2C2%2C6689%2C2007%2C9072%2C12518%2C7556%2C644%2C8433%2C531%2C819%2C9986%2C856%2C1103%2C1887%2C5219&cl=625055724&seq=1&docid=4hIMRUTqARM&ei=F6YgZuTjGvTL0u8PkeeL-Ag&event=streamingstats&plid=AAYWV65buuNrdsUv&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2F4hIMRUTqARM%3Fcontrols%3D0%26loop%3D1%26autoplay%3D1%26fs%3D1%26iv_load_policy%3D3%26showinfo%3D0%26rel%3D0%26cc_load_policy%3D0%26start%3D0%26end%3D0%26origin%3Dhttps%3A%2F%2Fyoutubeembedcode.com&qclc=ChBYMGE1UE9VR2tfYXg5WTZuEAE&embargoed=0&cbr=Firefox&cbrver=96.0&c=WEB_EMBEDDED_PLAYER&cver=1.20240415.01.00&cplayer=UNIPLAYER&cos=X11&cplatform=DESKTOP&vps=0.000:N,0.025:B,0.357:B,0.357:B&cat=streaming&cmt=0.025:0.000,0.357:0.000&vfs=0.357:396:396::r&view=0.357:390:190&bwe=0.357:130000&vis=0.357:0&bh=0.357:0.000 | 216.58.207.206 | 204 No Content | 0 B |
URL POST HTTP/3www.youtube.com/api/stats/qoe?fmt=396&cpn=X0a5POUGk_ax9Y6n&el=embedded&ns=yt&fexp=v1%2C23983296%2C21348%2C76094%2C54572%2C304051%2C84737%2C36318%2C6271%2C26443548%2C7111%2C36343%2C9954%2C1192%2C26496%2C6966%2C2%2C6689%2C2007%2C9072%2C12518%2C7556%2C644%2C8433%2C531%2C819%2C9986%2C856%2C1103%2C1887%2C5219&cl=625055724&seq=1&docid=4hIMRUTqARM&ei=F6YgZuTjGvTL0u8PkeeL-Ag&event=streamingstats&plid=AAYWV65buuNrdsUv&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2F4hIMRUTqARM%3Fcontrols%3D0%26loop%3D1%26autoplay%3D1%26fs%3D1%26iv_load_policy%3D3%26showinfo%3D0%26rel%3D0%26cc_load_policy%3D0%26start%3D0%26end%3D0%26origin%3Dhttps%3A%2F%2Fyoutubeembedcode.com&qclc=ChBYMGE1UE9VR2tfYXg5WTZuEAE&embargoed=0&cbr=Firefox&cbrver=96.0&c=WEB_EMBEDDED_PLAYER&cver=1.20240415.01.00&cplayer=UNIPLAYER&cos=X11&cplatform=DESKTOP&vps=0.000:N,0.025:B,0.357:B,0.357:B&cat=streaming&cmt=0.025:0.000,0.357:0.000&vfs=0.357:396:396::r&view=0.357:390:190&bwe=0.357:130000&vis=0.357:0&bh=0.357:0.000 IP216.58.207.206:443
Requested byhttps://www.youtube.com/embed/4hIMRUTqARM?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /api/stats/qoe?fmt=396&cpn=X0a5POUGk_ax9Y6n&el=embedded&ns=yt&fexp=v1%2C23983296%2C21348%2C76094%2C54572%2C304051%2C84737%2C36318%2C6271%2C26443548%2C7111%2C36343%2C9954%2C1192%2C26496%2C6966%2C2%2C6689%2C2007%2C9072%2C12518%2C7556%2C644%2C8433%2C531%2C819%2C9986%2C856%2C1103%2C1887%2C5219&cl=625055724&seq=1&docid=4hIMRUTqARM&ei=F6YgZuTjGvTL0u8PkeeL-Ag&event=streamingstats&plid=AAYWV65buuNrdsUv&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2F4hIMRUTqARM%3Fcontrols%3D0%26loop%3D1%26autoplay%3D1%26fs%3D1%26iv_load_policy%3D3%26showinfo%3D0%26rel%3D0%26cc_load_policy%3D0%26start%3D0%26end%3D0%26origin%3Dhttps%3A%2F%2Fyoutubeembedcode.com&qclc=ChBYMGE1UE9VR2tfYXg5WTZuEAE&embargoed=0&cbr=Firefox&cbrver=96.0&c=WEB_EMBEDDED_PLAYER&cver=1.20240415.01.00&cplayer=UNIPLAYER&cos=X11&cplatform=DESKTOP&vps=0.000:N,0.025:B,0.357:B,0.357:B&cat=streaming&cmt=0.025:0.000,0.357:0.000&vfs=0.357:396:396::r&view=0.357:390:190&bwe=0.357:130000&vis=0.357:0&bh=0.357:0.000 HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Visitor-Id: CgttQkN3Z3hvYnB4ayiVzIKxBjIOCgJOTxIIEgQSAgsMIGs%3D
X-YouTube-Client-Name: 56
X-YouTube-Client-Version: 1.20240415.01.00
X-YouTube-Utc-Offset: 0
X-YouTube-Time-Zone: UTC
X-YouTube-Ad-Signals: dt=1713415703192&flash=0&frm=2&u_tz&u_his=3&u_h=1024&u_w=1280&u_ah=1024&u_aw=1280&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C390%2C190&vis=1&wgl=true&ca_type=image
Content-Type: application/x-www-form-urlencoded
Content-Length: 226
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/4hIMRUTqARM?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
content-type: text/html; charset=UTF-8
date: Thu, 18 Apr 2024 04:48:23 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
x-content-type-options: nosniff
server: Video Stats Server
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.youtube.com/s/player/f92087f2/player_ias.vflset/en_US/annotations_module.js | 216.58.207.206 | 200 OK | 19 kB |
URL GET HTTP/3www.youtube.com/s/player/f92087f2/player_ias.vflset/en_US/annotations_module.js IP216.58.207.206:443
Requested byhttps://www.youtube.com/embed/4hIMRUTqARM?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT
File typeJavaScript source, ASCII text, with very long lines (1115) Hasha2728a094e024866fabfd1d7c1f98897 01323ef7e8f80a71ba85f02b875ac0b15bdeda5f 5d510af5b4c0a2ffba73c3a4d5836b576727a8999e8c9b0dd2987cbaa2eea362
GET /s/player/f92087f2/player_ias.vflset/en_US/annotations_module.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/4hIMRUTqARM?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 18905
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 07:28:40 GMT
expires: Wed, 16 Apr 2025 07:28:40 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 16 Apr 2024 04:18:33 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 163183
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.youtube.com/s/player/f92087f2/player_ias.vflset/en_US/endscreen.js | 216.58.207.206 | 200 OK | 8.4 kB |
URL GET HTTP/3www.youtube.com/s/player/f92087f2/player_ias.vflset/en_US/endscreen.js IP216.58.207.206:443
Requested byhttps://www.youtube.com/embed/4hIMRUTqARM?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT
File typeJavaScript source, ASCII text, with very long lines (607) Hash7f4f31ce51bda637a9dc9b058930def6 52fbca9b51476a96edcae77fccced9d48ee7ebc2 c67dbff7ffba0e89102ad64926eddc09df0da3088a53087f2207c5101edb7707
GET /s/player/f92087f2/player_ias.vflset/en_US/endscreen.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/4hIMRUTqARM?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 8384
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 07:28:09 GMT
expires: Wed, 16 Apr 2025 07:28:09 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 16 Apr 2024 04:18:33 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 163214
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| rr2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1713437303&ei=F6YgZuTjGvTL0u8PkeeL-Ag&ip=91.90.42.154&id=o-AMCSY16azhN9ACOvvp-T4qUWuRPmyuvMoysT-S_wIIGp&itag=396&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278%2C394%2C395%2C396%2C397%2C398%2C399&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&mh=fM&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynl6&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=1126250&bui=AaUN6a3xorchO0Qx3E9I9rY3jrUA-8xNqqvnF_E6rAG_9wbK4TsmY_nzgynDy0kcJ2dqzx9e1bRNBdpD&spc=UWF9fzU88A14cJREeGxCn3_3kU-m8HaWr6KLnCd1qhqrLL2j7VNnZHNj_A&vprv=1&svpuc=1&mime=video%2Fmp4&ns=g8CLdgHySpVE0MFmOVQeZq4Q&gir=yes&clen=2160384&dur=59.791&lmt=1712142908082106&mt=1713415240&fvip=3&keepalive=yes&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=553C434&n=Q45qG9CgUUt9HQ&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AJfQdSswRQIhAPQSNVx2dBkFNvDP2-thPytW9trJzn4y3nrJD-HY4uWuAiAcGY_ap0GvYgayKhbYoCgB0NxuA7yRH1aJlPPs-Fi9Iw%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=ALClDIEwRQIgaTzHT2cquWPBaZjqXrsMxUuGpG1qRXIY-eOi2ivRTQgCIQC3TTNA84wd-EjSQCThFdaa1QvOtw5RCKjUNrPaVe7M4w%3D%3D&alr=yes&cpn=X0a5POUGk_ax9Y6n&cver=1.20240415.01.00&range=0-84349&rn=1&rbuf=0&pot=IjrWqtapsIpwvZXNot6HwZiZjJm-3I_ElJ6307_8rOOd0pTAn-WVzZzlgtKf45PNh_mXzaXnn-2lj-Xu&ump=1&srfvp=1 | 91.90.45.173 | 200 OK | 84 kB |
URL POST HTTP/1.1rr2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1713437303&ei=F6YgZuTjGvTL0u8PkeeL-Ag&ip=91.90.42.154&id=o-AMCSY16azhN9ACOvvp-T4qUWuRPmyuvMoysT-S_wIIGp&itag=396&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278%2C394%2C395%2C396%2C397%2C398%2C399&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&mh=fM&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynl6&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=1126250&bui=AaUN6a3xorchO0Qx3E9I9rY3jrUA-8xNqqvnF_E6rAG_9wbK4TsmY_nzgynDy0kcJ2dqzx9e1bRNBdpD&spc=UWF9fzU88A14cJREeGxCn3_3kU-m8HaWr6KLnCd1qhqrLL2j7VNnZHNj_A&vprv=1&svpuc=1&mime=video%2Fmp4&ns=g8CLdgHySpVE0MFmOVQeZq4Q&gir=yes&clen=2160384&dur=59.791&lmt=1712142908082106&mt=1713415240&fvip=3&keepalive=yes&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=553C434&n=Q45qG9CgUUt9HQ&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AJfQdSswRQIhAPQSNVx2dBkFNvDP2-thPytW9trJzn4y3nrJD-HY4uWuAiAcGY_ap0GvYgayKhbYoCgB0NxuA7yRH1aJlPPs-Fi9Iw%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=ALClDIEwRQIgaTzHT2cquWPBaZjqXrsMxUuGpG1qRXIY-eOi2ivRTQgCIQC3TTNA84wd-EjSQCThFdaa1QvOtw5RCKjUNrPaVe7M4w%3D%3D&alr=yes&cpn=X0a5POUGk_ax9Y6n&cver=1.20240415.01.00&range=0-84349&rn=1&rbuf=0&pot=IjrWqtapsIpwvZXNot6HwZiZjJm-3I_ElJ6307_8rOOd0pTAn-WVzZzlgtKf45PNh_mXzaXnn-2lj-Xu&ump=1&srfvp=1 IP91.90.45.173:443 ASN#50304 Blix Solutions AS
Requested byhttps://www.youtube.com/embed/4hIMRUTqARM?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com CertificateIssuerGoogle Trust Services LLC Subject*.googlevideo.com Fingerprint05:65:DE:5B:B7:CF:9A:4A:22:AF:57:DB:9B:EC:B9:BD:E5:B0:57:E2 ValidityTue, 09 Apr 2024 14:31:07 GMT - Tue, 18 Jun 2024 14:31:06 GMT
Hash1ea2dd3b8f07095e25a8c982aa0c8135 40d2f2af49e3e592b846c445af0e43f4fae2405e 96e42ea45e9100833cc1513a0b630f6d752d7783f29e0c760c914f04a9c724c5
POST /videoplayback?expire=1713437303&ei=F6YgZuTjGvTL0u8PkeeL-Ag&ip=91.90.42.154&id=o-AMCSY16azhN9ACOvvp-T4qUWuRPmyuvMoysT-S_wIIGp&itag=396&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278%2C394%2C395%2C396%2C397%2C398%2C399&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&mh=fM&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynl6&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=1126250&bui=AaUN6a3xorchO0Qx3E9I9rY3jrUA-8xNqqvnF_E6rAG_9wbK4TsmY_nzgynDy0kcJ2dqzx9e1bRNBdpD&spc=UWF9fzU88A14cJREeGxCn3_3kU-m8HaWr6KLnCd1qhqrLL2j7VNnZHNj_A&vprv=1&svpuc=1&mime=video%2Fmp4&ns=g8CLdgHySpVE0MFmOVQeZq4Q&gir=yes&clen=2160384&dur=59.791&lmt=1712142908082106&mt=1713415240&fvip=3&keepalive=yes&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=553C434&n=Q45qG9CgUUt9HQ&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AJfQdSswRQIhAPQSNVx2dBkFNvDP2-thPytW9trJzn4y3nrJD-HY4uWuAiAcGY_ap0GvYgayKhbYoCgB0NxuA7yRH1aJlPPs-Fi9Iw%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=ALClDIEwRQIgaTzHT2cquWPBaZjqXrsMxUuGpG1qRXIY-eOi2ivRTQgCIQC3TTNA84wd-EjSQCThFdaa1QvOtw5RCKjUNrPaVe7M4w%3D%3D&alr=yes&cpn=X0a5POUGk_ax9Y6n&cver=1.20240415.01.00&range=0-84349&rn=1&rbuf=0&pot=IjrWqtapsIpwvZXNot6HwZiZjJm-3I_ElJ6307_8rOOd0pTAn-WVzZzlgtKf45PNh_mXzaXnn-2lj-Xu&ump=1&srfvp=1 HTTP/1.1
Host: rr2---sn-capm-vnae.googlevideo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.youtube.com/
Content-Length: 2
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Last-Modified: Wed, 03 Apr 2024 11:15:08 GMT
Content-Type: application/vnd.yt-ump
Date: Thu, 18 Apr 2024 04:48:23 GMT
Expires: Thu, 18 Apr 2024 04:48:23 GMT
Cache-Control: private, max-age=21300
Transfer-Encoding: chunked
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Server: gvs 1.0
|
|
| www.youtube.com/s/player/f92087f2/player_ias.vflset/en_US/captions.js | 216.58.207.206 | 200 OK | 0 B |
URL GET HTTP/3www.youtube.com/s/player/f92087f2/player_ias.vflset/en_US/captions.js IP216.58.207.206:443
Requested byhttps://www.youtube.com/embed/4hIMRUTqARM?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s/player/f92087f2/player_ias.vflset/en_US/captions.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/4hIMRUTqARM?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 24389
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 07:28:17 GMT
expires: Wed, 16 Apr 2025 07:28:17 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 16 Apr 2024 04:18:33 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 163206
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT | 142.250.74.74 | 200 OK | 114 B |
URL OPTIONS HTTP/2jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT IP142.250.74.74:443
Requested byhttps://www.youtube.com/embed/4hIMRUTqARM?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT
Hashd464cdfe05175e5c48186a97045167f3 a1c7e65af2898001209b84f9c8b11b8a40641dbf 9edadfb3b8c15abdd7b117141b9532f22846855908f98dbd8027584889f55191
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 1036
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Thu, 18 Apr 2024 04:48:23 GMT
server: ESF
cache-control: private
content-length: 114
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| i.ytimg.com/vi/4hIMRUTqARM/sddefault.jpg?sqp=-oaymwEmCIAFEOAD8quKqQMa8AEB-AH-DoACuAiKAgwIABABGHIgRCg0MA8=&rs=AOn4CLDmkIQtr7VBGEWd49tclJs4Rocw9Q | 142.250.74.118 | 200 OK | 26 kB |
URL GET HTTP/2i.ytimg.com/vi/4hIMRUTqARM/sddefault.jpg?sqp=-oaymwEmCIAFEOAD8quKqQMa8AEB-AH-DoACuAiKAgwIABABGHIgRCg0MA8=&rs=AOn4CLDmkIQtr7VBGEWd49tclJs4Rocw9Q IP142.250.74.118:443
Requested byhttps://www.youtube.com/embed/4hIMRUTqARM?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com CertificateIssuerGoogle Trust Services LLC Subjectedgestatic.com Fingerprint78:1A:D9:37:F2:33:3C:A9:0F:4C:4A:E8:40:9E:55:8E:02:75:1E:15 ValidityMon, 04 Mar 2024 06:35:07 GMT - Mon, 27 May 2024 06:35:06 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 640x480, components 3 Hashcc85d6cc54c5003dee041117e5aed1d9 bd70735bd30376af98a8abc455633928bd5defbf 0c66f7ec0695b90aacd63bde4b84f7c97392cd92189ee42fb810d6a214c177a3
GET /vi/4hIMRUTqARM/sddefault.jpg?sqp=-oaymwEmCIAFEOAD8quKqQMa8AEB-AH-DoACuAiKAgwIABABGHIgRCg0MA8=&rs=AOn4CLDmkIQtr7VBGEWd49tclJs4Rocw9Q HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 26512
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 03:30:42 GMT
expires: Thu, 18 Apr 2024 05:30:42 GMT
cache-control: public, max-age=7200
age: 4662
etag: "1705996351"
content-type: image/jpeg
vary: Origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8 | 216.58.207.206 | 200 OK | 31 B |
URL POST HTTP/3www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8 IP216.58.207.206:443
Requested byhttps://www.youtube.com/embed/4hIMRUTqARM?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT
Hash5e1fa6fd9abd549a576f3f24b1d3c8d4 d5335d7f7d33be6a0b663f03b2df4df2521c4a87 d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
POST /youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8 HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Request-Time: 1713415704038
Content-Type: application/json
X-Goog-Visitor-Id: CgttQkN3Z3hvYnB4ayiVzIKxBjIOCgJOTxIIEgQSAgsMIGs%3D
X-YouTube-Client-Name: 56
X-YouTube-Client-Version: 1.20240415.01.00
X-YouTube-Utc-Offset: 0
X-YouTube-Time-Zone: UTC
X-YouTube-Ad-Signals: dt=1713415703192&flash=0&frm=2&u_tz&u_his=2&u_h=1024&u_w=1280&u_ah=1024&u_aw=1280&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C390%2C190&vis=1&wgl=true&ca_type=image
Content-Length: 16713
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/4hIMRUTqARM?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/json; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: br
date: Thu, 18 Apr 2024 04:48:24 GMT
server: scaffolding on HTTPServer2
content-length: 31
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.youtube.com/youtubei/v1/next?prettyPrint=false | 216.58.207.206 | 200 OK | 1.8 kB |
URL POST HTTP/3www.youtube.com/youtubei/v1/next?prettyPrint=false IP216.58.207.206:443
Requested byhttps://www.youtube.com/embed/4hIMRUTqARM?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT
Hashfb7381d8218a78b1665bc122a10540dd fc1ea0144ccc35a622c3ead1861b89a359154c16 d5f6158caeb385bbc8eb4d3e22e9538a4be636e86c31e0a6fae75ba9845a7a01
POST /youtubei/v1/next?prettyPrint=false HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Goog-Visitor-Id: CgttQkN3Z3hvYnB4ayiVzIKxBjIOCgJOTxIIEgQSAgsMIGs%3D
X-Youtube-Bootstrap-Logged-In: false
X-Youtube-Client-Name: 56
X-Youtube-Client-Version: 1.20240415.01.00
Content-Length: 2651
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/4hIMRUTqARM?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/json; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: br
date: Thu, 18 Apr 2024 04:48:24 GMT
server: scaffolding on HTTPServer2
content-length: 1841
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| yt3.ggpht.com/Pwnw9qWQuKgdKS72XPcRYHnZ4yIIyryaBkn_6IF9yR7jugDpwcGNqOCbAa5paa3ddEY31MHuOCM=s88-c-k-c0x00ffffff-no-rj | 142.250.74.161 | 200 OK | 6.2 kB |
URL GET HTTP/3yt3.ggpht.com/Pwnw9qWQuKgdKS72XPcRYHnZ4yIIyryaBkn_6IF9yR7jugDpwcGNqOCbAa5paa3ddEY31MHuOCM=s88-c-k-c0x00ffffff-no-rj IP142.250.74.161:443
Requested byhttps://www.youtube.com/embed/4hIMRUTqARM?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com CertificateIssuerGoogle Trust Services LLC Subject*.googleusercontent.com FingerprintE0:0C:38:A4:4D:4F:CB:42:05:30:9A:C4:60:B3:64:3F:EF:43:D1:2F ValidityMon, 04 Mar 2024 07:14:32 GMT - Mon, 27 May 2024 07:14:31 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 88x88, components 3 Hash9f092f0c78bcebf9e84d404501b93b8c 4f05c7e0d4c5d9ebd11eb86124a49fe89f82c26a 4d981d6f52640ccfa70a557943339d5daaf64d139d925304309472eb037319bd
GET /Pwnw9qWQuKgdKS72XPcRYHnZ4yIIyryaBkn_6IF9yR7jugDpwcGNqOCbAa5paa3ddEY31MHuOCM=s88-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
content-disposition: inline;filename="channels4_profile.jpg"
x-content-type-options: nosniff
server: fife
content-length: 6244
x-xss-protection: 0
date: Thu, 18 Apr 2024 01:23:18 GMT
expires: Fri, 19 Apr 2024 01:23:18 GMT
cache-control: public, max-age=86400, no-transform
age: 12306
etag: "v1"
content-type: image/jpeg
vary: Origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| rr2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1713437303&ei=F6YgZuTjGvTL0u8PkeeL-Ag&ip=91.90.42.154&id=o-AMCSY16azhN9ACOvvp-T4qUWuRPmyuvMoysT-S_wIIGp&itag=251&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&mh=fM&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynl6&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=1126250&bui=AaUN6a3xorchO0Qx3E9I9rY3jrUA-8xNqqvnF_E6rAG_9wbK4TsmY_nzgynDy0kcJ2dqzx9e1bRNBdpD&spc=UWF9fzU88A14cJREeGxCn3_3kU-m8HaWr6KLnCd1qhqrLL2j7VNnZHNj_A&vprv=1&svpuc=1&mime=audio%2Fwebm&ns=g8CLdgHySpVE0MFmOVQeZq4Q&gir=yes&clen=946205&dur=59.821&lmt=1712095373244492&mt=1713415240&fvip=3&keepalive=yes&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=5532434&n=Q45qG9CgUUt9HQ&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AJfQdSswRAIgVAlKixHMt9l4uOcEPR0T82yjIvc2VGKIDOI8hV5WwWQCIGyh57ROMNS3NFCjgZ96x7xet76A6lRPMqf40tmBG1S8&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=ALClDIEwRQIgaTzHT2cquWPBaZjqXrsMxUuGpG1qRXIY-eOi2ivRTQgCIQC3TTNA84wd-EjSQCThFdaa1QvOtw5RCKjUNrPaVe7M4w%3D%3D&alr=yes&cpn=X0a5POUGk_ax9Y6n&cver=1.20240415.01.00&range=65901-131436&rn=3&rbuf=3943&pot=Ijq-_b772N0Y5f2ayonvlvDO5M7Wi-eT_MnfhNerxLT1hfyX97L9mvSy6oX3tPua767_ms2w97rN2I25&ump=1&srfvp=1 | 91.90.45.173 | 200 OK | 260 kB |
URL POST HTTP/3rr2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1713437303&ei=F6YgZuTjGvTL0u8PkeeL-Ag&ip=91.90.42.154&id=o-AMCSY16azhN9ACOvvp-T4qUWuRPmyuvMoysT-S_wIIGp&itag=251&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&mh=fM&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynl6&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=1126250&bui=AaUN6a3xorchO0Qx3E9I9rY3jrUA-8xNqqvnF_E6rAG_9wbK4TsmY_nzgynDy0kcJ2dqzx9e1bRNBdpD&spc=UWF9fzU88A14cJREeGxCn3_3kU-m8HaWr6KLnCd1qhqrLL2j7VNnZHNj_A&vprv=1&svpuc=1&mime=audio%2Fwebm&ns=g8CLdgHySpVE0MFmOVQeZq4Q&gir=yes&clen=946205&dur=59.821&lmt=1712095373244492&mt=1713415240&fvip=3&keepalive=yes&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=5532434&n=Q45qG9CgUUt9HQ&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AJfQdSswRAIgVAlKixHMt9l4uOcEPR0T82yjIvc2VGKIDOI8hV5WwWQCIGyh57ROMNS3NFCjgZ96x7xet76A6lRPMqf40tmBG1S8&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=ALClDIEwRQIgaTzHT2cquWPBaZjqXrsMxUuGpG1qRXIY-eOi2ivRTQgCIQC3TTNA84wd-EjSQCThFdaa1QvOtw5RCKjUNrPaVe7M4w%3D%3D&alr=yes&cpn=X0a5POUGk_ax9Y6n&cver=1.20240415.01.00&range=65901-131436&rn=3&rbuf=3943&pot=Ijq-_b772N0Y5f2ayonvlvDO5M7Wi-eT_MnfhNerxLT1hfyX97L9mvSy6oX3tPua767_ms2w97rN2I25&ump=1&srfvp=1 IP91.90.45.173:443 ASN#50304 Blix Solutions AS
Requested byhttps://www.youtube.com/embed/4hIMRUTqARM?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com CertificateIssuerGoogle Trust Services LLC Subject*.googlevideo.com Fingerprint05:65:DE:5B:B7:CF:9A:4A:22:AF:57:DB:9B:EC:B9:BD:E5:B0:57:E2 ValidityTue, 09 Apr 2024 14:31:07 GMT - Tue, 18 Jun 2024 14:31:06 GMT
Size260 kB (259477 bytes) Hashca096a3d3dda253fdabc35505c877a88 75dd10a92883371e643624366b8384ceaf495191 cdc7893b1e87b43b74dafea9c98e6c387ae35fcac2cb200df4b43ed7e7184797
POST /videoplayback?expire=1713437303&ei=F6YgZuTjGvTL0u8PkeeL-Ag&ip=91.90.42.154&id=o-AMCSY16azhN9ACOvvp-T4qUWuRPmyuvMoysT-S_wIIGp&itag=251&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&mh=fM&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynl6&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=1126250&bui=AaUN6a3xorchO0Qx3E9I9rY3jrUA-8xNqqvnF_E6rAG_9wbK4TsmY_nzgynDy0kcJ2dqzx9e1bRNBdpD&spc=UWF9fzU88A14cJREeGxCn3_3kU-m8HaWr6KLnCd1qhqrLL2j7VNnZHNj_A&vprv=1&svpuc=1&mime=audio%2Fwebm&ns=g8CLdgHySpVE0MFmOVQeZq4Q&gir=yes&clen=946205&dur=59.821&lmt=1712095373244492&mt=1713415240&fvip=3&keepalive=yes&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=5532434&n=Q45qG9CgUUt9HQ&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AJfQdSswRAIgVAlKixHMt9l4uOcEPR0T82yjIvc2VGKIDOI8hV5WwWQCIGyh57ROMNS3NFCjgZ96x7xet76A6lRPMqf40tmBG1S8&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=ALClDIEwRQIgaTzHT2cquWPBaZjqXrsMxUuGpG1qRXIY-eOi2ivRTQgCIQC3TTNA84wd-EjSQCThFdaa1QvOtw5RCKjUNrPaVe7M4w%3D%3D&alr=yes&cpn=X0a5POUGk_ax9Y6n&cver=1.20240415.01.00&range=65901-131436&rn=3&rbuf=3943&pot=Ijq-_b772N0Y5f2ayonvlvDO5M7Wi-eT_MnfhNerxLT1hfyX97L9mvSy6oX3tPua767_ms2w97rN2I25&ump=1&srfvp=1 HTTP/1.1
Host: rr2---sn-capm-vnae.googlevideo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.youtube.com/
Content-Length: 2
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
last-modified: Tue, 02 Apr 2024 22:02:53 GMT
content-type: application/vnd.yt-ump
date: Thu, 18 Apr 2024 04:48:24 GMT
expires: Thu, 18 Apr 2024 04:48:24 GMT
cache-control: private, max-age=21299
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
client-protocol: quic
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
timing-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
vary: Origin
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
server: gvs 1.0
|
|
| ka-f.fontawesome.com/releases/v6.0.0/css/free-v5-font-face.min.css?token=869e25b803 | 172.67.139.119 | 200 OK | 142 kB |
URL GET HTTP/2ka-f.fontawesome.com/releases/v6.0.0/css/free-v5-font-face.min.css?token=869e25b803 IP172.67.139.119:443
Requested byhttps://k43rf74h9m.fcyz.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectka-f.fontawesome.com Fingerprint8D:43:33:42:48:C0:F5:34:71:EC:49:69:9C:62:01:4A:6F:41:11:98 ValidityTue, 05 Mar 2024 09:23:28 GMT - Mon, 03 Jun 2024 09:23:27 GMT
File typeASCII text, with very long lines (608) Size142 kB (141611 bytes) Hashe8ee688b3310772b65f39c69b76f4720 d57c6b7957aabb07762d473ea0b4bd3462f1175e 0e751f751587617116614deaf11f087ea82f7644196c1d0571f71fd549b556b5
GET /releases/v6.0.0/css/free-v5-font-face.min.css?token=869e25b803 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://k43rf74h9m.fcyz.my.id/
Origin: https://k43rf74h9m.fcyz.my.id
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:48:22 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Mon, 07 Feb 2022 20:11:39 GMT
etag: W/"e8ee688b3310772b65f39c69b76f4720"
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
x-cache: Hit from cloudfront
via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: RkiP5YWvbaY4FEYs1q3-oHpgajuPaJAaGtKupd0EL885I95BjhUtxQ==
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ymb1guq8SdgCAowouRQh3wP2iXKpINOaEWH8dl%2BAVBxKRIB2KNTMMqyeICC8Yn88otkFt6SgyVrsjDY8kejWpKs9cGH7y%2Fdekamf2wl%2BQjldEFY%2B0R613UAHqYEyRwO9Qr864djMDg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876205ab9ee4b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.youtube.com/api/stats/qoe?fmt=396&afmt=251&cpn=X0a5POUGk_ax9Y6n&el=embedded&ns=yt&fexp=v1%2C23983296%2C21348%2C76094%2C54572%2C304051%2C84737%2C36318%2C6271%2C26443548%2C7111%2C36343%2C9954%2C1192%2C26496%2C6966%2C2%2C6689%2C2007%2C9072%2C12518%2C7556%2C644%2C8433%2C531%2C819%2C9986%2C856%2C1103%2C1887%2C5219&cl=625055724&seq=2&docid=4hIMRUTqARM&ei=F6YgZuTjGvTL0u8PkeeL-Ag&event=streamingstats&plid=AAYWV65buuNrdsUv&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2F4hIMRUTqARM%3Fcontrols%3D0%26loop%3D1%26autoplay%3D1%26fs%3D1%26iv_load_policy%3D3%26showinfo%3D0%26rel%3D0%26cc_load_policy%3D0%26start%3D0%26end%3D0%26origin%3Dhttps%3A%2F%2Fyoutubeembedcode.com&qclc=ChBYMGE1UE9VR2tfYXg5WTZuEAI&embargoed=0&cbr=Firefox&cbrver=96.0&c=WEB_EMBEDDED_PLAYER&cver=1.20240415.01.00&cplayer=UNIPLAYER&cos=X11&cplatform=DESKTOP&afs=0.362:251::i&cmt=0.575:0.000,10.000:0.000&vps=0.575:N&ctmp=dompaused:t.581;r.promise;m.NotAllowedError,itr:t.646;&bwm=10.000:541251:0.686&bwe=10.000:1739292&bh=10.000:12.583 | 216.58.207.206 | 204 No Content | 0 B |
URL POST HTTP/3www.youtube.com/api/stats/qoe?fmt=396&afmt=251&cpn=X0a5POUGk_ax9Y6n&el=embedded&ns=yt&fexp=v1%2C23983296%2C21348%2C76094%2C54572%2C304051%2C84737%2C36318%2C6271%2C26443548%2C7111%2C36343%2C9954%2C1192%2C26496%2C6966%2C2%2C6689%2C2007%2C9072%2C12518%2C7556%2C644%2C8433%2C531%2C819%2C9986%2C856%2C1103%2C1887%2C5219&cl=625055724&seq=2&docid=4hIMRUTqARM&ei=F6YgZuTjGvTL0u8PkeeL-Ag&event=streamingstats&plid=AAYWV65buuNrdsUv&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2F4hIMRUTqARM%3Fcontrols%3D0%26loop%3D1%26autoplay%3D1%26fs%3D1%26iv_load_policy%3D3%26showinfo%3D0%26rel%3D0%26cc_load_policy%3D0%26start%3D0%26end%3D0%26origin%3Dhttps%3A%2F%2Fyoutubeembedcode.com&qclc=ChBYMGE1UE9VR2tfYXg5WTZuEAI&embargoed=0&cbr=Firefox&cbrver=96.0&c=WEB_EMBEDDED_PLAYER&cver=1.20240415.01.00&cplayer=UNIPLAYER&cos=X11&cplatform=DESKTOP&afs=0.362:251::i&cmt=0.575:0.000,10.000:0.000&vps=0.575:N&ctmp=dompaused:t.581;r.promise;m.NotAllowedError,itr:t.646;&bwm=10.000:541251:0.686&bwe=10.000:1739292&bh=10.000:12.583 IP216.58.207.206:443
Requested byhttps://www.youtube.com/embed/4hIMRUTqARM?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /api/stats/qoe?fmt=396&afmt=251&cpn=X0a5POUGk_ax9Y6n&el=embedded&ns=yt&fexp=v1%2C23983296%2C21348%2C76094%2C54572%2C304051%2C84737%2C36318%2C6271%2C26443548%2C7111%2C36343%2C9954%2C1192%2C26496%2C6966%2C2%2C6689%2C2007%2C9072%2C12518%2C7556%2C644%2C8433%2C531%2C819%2C9986%2C856%2C1103%2C1887%2C5219&cl=625055724&seq=2&docid=4hIMRUTqARM&ei=F6YgZuTjGvTL0u8PkeeL-Ag&event=streamingstats&plid=AAYWV65buuNrdsUv&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2F4hIMRUTqARM%3Fcontrols%3D0%26loop%3D1%26autoplay%3D1%26fs%3D1%26iv_load_policy%3D3%26showinfo%3D0%26rel%3D0%26cc_load_policy%3D0%26start%3D0%26end%3D0%26origin%3Dhttps%3A%2F%2Fyoutubeembedcode.com&qclc=ChBYMGE1UE9VR2tfYXg5WTZuEAI&embargoed=0&cbr=Firefox&cbrver=96.0&c=WEB_EMBEDDED_PLAYER&cver=1.20240415.01.00&cplayer=UNIPLAYER&cos=X11&cplatform=DESKTOP&afs=0.362:251::i&cmt=0.575:0.000,10.000:0.000&vps=0.575:N&ctmp=dompaused:t.581;r.promise;m.NotAllowedError,itr:t.646;&bwm=10.000:541251:0.686&bwe=10.000:1739292&bh=10.000:12.583 HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Visitor-Id: CgttQkN3Z3hvYnB4ayiVzIKxBjIOCgJOTxIIEgQSAgsMIGs%3D
X-YouTube-Client-Name: 56
X-YouTube-Client-Version: 1.20240415.01.00
X-YouTube-Utc-Offset: 0
X-YouTube-Time-Zone: UTC
X-YouTube-Ad-Signals: dt=1713415703192&flash=0&frm=2&u_tz&u_his=2&u_h=1024&u_w=1280&u_ah=1024&u_aw=1280&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C390%2C190&vis=1&wgl=true&ca_type=image
Content-Type: application/x-www-form-urlencoded
Content-Length: 226
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/4hIMRUTqARM?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
content-type: text/html; charset=UTF-8
date: Thu, 18 Apr 2024 04:48:33 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
x-content-type-options: nosniff
server: Video Stats Server
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| rr2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1713437303&ei=F6YgZuTjGvTL0u8PkeeL-Ag&ip=91.90.42.154&id=o-AMCSY16azhN9ACOvvp-T4qUWuRPmyuvMoysT-S_wIIGp&itag=251&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&mh=fM&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynl6&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=1126250&bui=AaUN6a3xorchO0Qx3E9I9rY3jrUA-8xNqqvnF_E6rAG_9wbK4TsmY_nzgynDy0kcJ2dqzx9e1bRNBdpD&spc=UWF9fzU88A14cJREeGxCn3_3kU-m8HaWr6KLnCd1qhqrLL2j7VNnZHNj_A&vprv=1&svpuc=1&mime=audio%2Fwebm&ns=g8CLdgHySpVE0MFmOVQeZq4Q&gir=yes&clen=946205&dur=59.821&lmt=1712095373244492&mt=1713415240&fvip=3&keepalive=yes&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=5532434&n=Q45qG9CgUUt9HQ&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AJfQdSswRAIgVAlKixHMt9l4uOcEPR0T82yjIvc2VGKIDOI8hV5WwWQCIGyh57ROMNS3NFCjgZ96x7xet76A6lRPMqf40tmBG1S8&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=ALClDIEwRQIgaTzHT2cquWPBaZjqXrsMxUuGpG1qRXIY-eOi2ivRTQgCIQC3TTNA84wd-EjSQCThFdaa1QvOtw5RCKjUNrPaVe7M4w%3D%3D&alr=yes&cpn=X0a5POUGk_ax9Y6n&cver=1.20240415.01.00&range=481396-946204&rn=9&rbuf=30001&pot=Mnnh5X28KxN6KOHe5t6w-xmpmZuqmQ5peiockTpBjU2oIPeOtHjscqF23cH6hrCeeeCrab3nC7gf-54amR5ohOCy38yNcnZUDloX394DOO3PhU8StZc-a2VhKECReE1nxhw39NsdSx4C7Q7qi_Yz-jPU6LYGFQkC2fEy&ump=1&srfvp=1 | 91.90.45.173 | | 465 kB |
URL POST rr2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1713437303&ei=F6YgZuTjGvTL0u8PkeeL-Ag&ip=91.90.42.154&id=o-AMCSY16azhN9ACOvvp-T4qUWuRPmyuvMoysT-S_wIIGp&itag=251&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&mh=fM&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynl6&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=1126250&bui=AaUN6a3xorchO0Qx3E9I9rY3jrUA-8xNqqvnF_E6rAG_9wbK4TsmY_nzgynDy0kcJ2dqzx9e1bRNBdpD&spc=UWF9fzU88A14cJREeGxCn3_3kU-m8HaWr6KLnCd1qhqrLL2j7VNnZHNj_A&vprv=1&svpuc=1&mime=audio%2Fwebm&ns=g8CLdgHySpVE0MFmOVQeZq4Q&gir=yes&clen=946205&dur=59.821&lmt=1712095373244492&mt=1713415240&fvip=3&keepalive=yes&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=5532434&n=Q45qG9CgUUt9HQ&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AJfQdSswRAIgVAlKixHMt9l4uOcEPR0T82yjIvc2VGKIDOI8hV5WwWQCIGyh57ROMNS3NFCjgZ96x7xet76A6lRPMqf40tmBG1S8&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=ALClDIEwRQIgaTzHT2cquWPBaZjqXrsMxUuGpG1qRXIY-eOi2ivRTQgCIQC3TTNA84wd-EjSQCThFdaa1QvOtw5RCKjUNrPaVe7M4w%3D%3D&alr=yes&cpn=X0a5POUGk_ax9Y6n&cver=1.20240415.01.00&range=481396-946204&rn=9&rbuf=30001&pot=Mnnh5X28KxN6KOHe5t6w-xmpmZuqmQ5peiockTpBjU2oIPeOtHjscqF23cH6hrCeeeCrab3nC7gf-54amR5ohOCy38yNcnZUDloX394DOO3PhU8StZc-a2VhKECReE1nxhw39NsdSx4C7Q7qi_Yz-jPU6LYGFQkC2fEy&ump=1&srfvp=1 IP91.90.45.173:0 ASN#50304 Blix Solutions AS
Requested byhttps://www.youtube.com/embed/4hIMRUTqARM?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com CertificateIssuerGoogle Trust Services LLC Subject*.googlevideo.com Fingerprint05:65:DE:5B:B7:CF:9A:4A:22:AF:57:DB:9B:EC:B9:BD:E5:B0:57:E2 ValidityTue, 09 Apr 2024 14:31:07 GMT - Tue, 18 Jun 2024 14:31:06 GMT
Size465 kB (464954 bytes) Hasha0a7ef8cc944edfd9d26c8e5652e998b 39bc2424292af6f9ab92a7f6629bc50fee877ce8 e12704d4caaf3a3944096673cbb4848c81b114e9918214a77ed92dab7b1731a6
POST /videoplayback?expire=1713437303&ei=F6YgZuTjGvTL0u8PkeeL-Ag&ip=91.90.42.154&id=o-AMCSY16azhN9ACOvvp-T4qUWuRPmyuvMoysT-S_wIIGp&itag=251&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&mh=fM&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynl6&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=1126250&bui=AaUN6a3xorchO0Qx3E9I9rY3jrUA-8xNqqvnF_E6rAG_9wbK4TsmY_nzgynDy0kcJ2dqzx9e1bRNBdpD&spc=UWF9fzU88A14cJREeGxCn3_3kU-m8HaWr6KLnCd1qhqrLL2j7VNnZHNj_A&vprv=1&svpuc=1&mime=audio%2Fwebm&ns=g8CLdgHySpVE0MFmOVQeZq4Q&gir=yes&clen=946205&dur=59.821&lmt=1712095373244492&mt=1713415240&fvip=3&keepalive=yes&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=5532434&n=Q45qG9CgUUt9HQ&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AJfQdSswRAIgVAlKixHMt9l4uOcEPR0T82yjIvc2VGKIDOI8hV5WwWQCIGyh57ROMNS3NFCjgZ96x7xet76A6lRPMqf40tmBG1S8&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=ALClDIEwRQIgaTzHT2cquWPBaZjqXrsMxUuGpG1qRXIY-eOi2ivRTQgCIQC3TTNA84wd-EjSQCThFdaa1QvOtw5RCKjUNrPaVe7M4w%3D%3D&alr=yes&cpn=X0a5POUGk_ax9Y6n&cver=1.20240415.01.00&range=481396-946204&rn=9&rbuf=30001&pot=Mnnh5X28KxN6KOHe5t6w-xmpmZuqmQ5peiockTpBjU2oIPeOtHjscqF23cH6hrCeeeCrab3nC7gf-54amR5ohOCy38yNcnZUDloX394DOO3PhU8StZc-a2VhKECReE1nxhw39NsdSx4C7Q7qi_Yz-jPU6LYGFQkC2fEy&ump=1&srfvp=1 HTTP/1.1
Host: rr2---sn-capm-vnae.googlevideo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.youtube.com/
Content-Length: 2
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
last-modified: Tue, 02 Apr 2024 22:02:53 GMT
content-type: application/vnd.yt-ump
date: Thu, 18 Apr 2024 04:48:44 GMT
expires: Thu, 18 Apr 2024 04:48:44 GMT
cache-control: private, max-age=21279
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
client-protocol: quic
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
timing-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
vary: Origin
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
server: gvs 1.0
|
|
| aus5.mozilla.org/update/3/SystemAddons/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-101-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml | 35.244.181.201 | | 42 B |
URL aus5.mozilla.org/update/3/SystemAddons/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-101-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml IP35.244.181.201:0 ASN#396982 GOOGLE-CLOUD-PLATFORM
File typeXML 1.0 document, ASCII text Hashf8f24fa0c857d8f2ee493e131b85ab62 cb6049f830a54d14a19d4104fc0bb5ab5fdedbe6 e0dadbc9cd1f1bd8ce3118cc3383e0d0f6d147f055265d498d99deea956ba00f
GET /update/3/SystemAddons/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-101-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml HTTP/1.1
Host: aus5.mozilla.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: no-cache
Pragma: no-cache
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 04:48:49 GMT
content-type: text/xml; charset=utf-8
content-length: 42
rule-id: unknown
rule-data-version: unknown
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
content-security-policy: default-src 'none'; frame-ancestors 'none'
x-proxy-cache-status: MISS
via: 1.1 google
cache-control: public,max-age=90
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8 | 216.58.207.206 | 200 OK | 31 B |
URL POST HTTP/3www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8 IP216.58.207.206:443
Requested byhttps://www.youtube.com/embed/4hIMRUTqARM?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT
Hash5e1fa6fd9abd549a576f3f24b1d3c8d4 d5335d7f7d33be6a0b663f03b2df4df2521c4a87 d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
POST /youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8 HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Request-Time: 1713415729662
Content-Type: application/json
X-Goog-Visitor-Id: CgttQkN3Z3hvYnB4ayiVzIKxBjIOCgJOTxIIEgQSAgsMIGs%3D
X-YouTube-Client-Name: 56
X-YouTube-Client-Version: 1.20240415.01.00
X-YouTube-Utc-Offset: 0
X-YouTube-Time-Zone: UTC
X-YouTube-Ad-Signals: dt=1713415702586&flash=0&frm=2&u_tz&u_his=2&u_h=1024&u_w=1280&u_ah=1024&u_aw=1280&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C390%2C190&vis=1&wgl=true&ca_type=image
Content-Length: 914
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/4hIMRUTqARM?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/json; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: br
date: Thu, 18 Apr 2024 04:48:49 GMT
server: scaffolding on HTTPServer2
content-length: 31
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| rr2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1713437303&ei=F6YgZuTjGvTL0u8PkeeL-Ag&ip=91.90.42.154&id=o-AMCSY16azhN9ACOvvp-T4qUWuRPmyuvMoysT-S_wIIGp&itag=251&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&mh=fM&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynl6&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=1126250&bui=AaUN6a3xorchO0Qx3E9I9rY3jrUA-8xNqqvnF_E6rAG_9wbK4TsmY_nzgynDy0kcJ2dqzx9e1bRNBdpD&spc=UWF9fzU88A14cJREeGxCn3_3kU-m8HaWr6KLnCd1qhqrLL2j7VNnZHNj_A&vprv=1&svpuc=1&mime=audio%2Fwebm&ns=g8CLdgHySpVE0MFmOVQeZq4Q&gir=yes&clen=946205&dur=59.821&lmt=1712095373244492&mt=1713415240&fvip=3&keepalive=yes&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=5532434&n=Q45qG9CgUUt9HQ&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AJfQdSswRAIgVAlKixHMt9l4uOcEPR0T82yjIvc2VGKIDOI8hV5WwWQCIGyh57ROMNS3NFCjgZ96x7xet76A6lRPMqf40tmBG1S8&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=ALClDIEwRQIgaTzHT2cquWPBaZjqXrsMxUuGpG1qRXIY-eOi2ivRTQgCIQC3TTNA84wd-EjSQCThFdaa1QvOtw5RCKjUNrPaVe7M4w%3D%3D&alr=yes&cpn=X0a5POUGk_ax9Y6n&cver=1.20240415.01.00&range=0-65900&rn=2&rbuf=0&pot=IjqUdJR38lQyY9cT4ADFH9pHzkf8As0a1kD1Df0i7j3fDNYe3TvXE947wAzdPdETxSfVE-c53TPnUacw&ump=1&srfvp=1 | 91.90.45.173 | 200 OK | 66 kB |
URL POST HTTP/1.1rr2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1713437303&ei=F6YgZuTjGvTL0u8PkeeL-Ag&ip=91.90.42.154&id=o-AMCSY16azhN9ACOvvp-T4qUWuRPmyuvMoysT-S_wIIGp&itag=251&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&mh=fM&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynl6&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=1126250&bui=AaUN6a3xorchO0Qx3E9I9rY3jrUA-8xNqqvnF_E6rAG_9wbK4TsmY_nzgynDy0kcJ2dqzx9e1bRNBdpD&spc=UWF9fzU88A14cJREeGxCn3_3kU-m8HaWr6KLnCd1qhqrLL2j7VNnZHNj_A&vprv=1&svpuc=1&mime=audio%2Fwebm&ns=g8CLdgHySpVE0MFmOVQeZq4Q&gir=yes&clen=946205&dur=59.821&lmt=1712095373244492&mt=1713415240&fvip=3&keepalive=yes&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=5532434&n=Q45qG9CgUUt9HQ&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AJfQdSswRAIgVAlKixHMt9l4uOcEPR0T82yjIvc2VGKIDOI8hV5WwWQCIGyh57ROMNS3NFCjgZ96x7xet76A6lRPMqf40tmBG1S8&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=ALClDIEwRQIgaTzHT2cquWPBaZjqXrsMxUuGpG1qRXIY-eOi2ivRTQgCIQC3TTNA84wd-EjSQCThFdaa1QvOtw5RCKjUNrPaVe7M4w%3D%3D&alr=yes&cpn=X0a5POUGk_ax9Y6n&cver=1.20240415.01.00&range=0-65900&rn=2&rbuf=0&pot=IjqUdJR38lQyY9cT4ADFH9pHzkf8As0a1kD1Df0i7j3fDNYe3TvXE947wAzdPdETxSfVE-c53TPnUacw&ump=1&srfvp=1 IP91.90.45.173:443 ASN#50304 Blix Solutions AS
Requested byhttps://www.youtube.com/embed/4hIMRUTqARM?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com CertificateIssuerGoogle Trust Services LLC Subject*.googlevideo.com Fingerprint05:65:DE:5B:B7:CF:9A:4A:22:AF:57:DB:9B:EC:B9:BD:E5:B0:57:E2 ValidityTue, 09 Apr 2024 14:31:07 GMT - Tue, 18 Jun 2024 14:31:06 GMT
Hashdac83346d5e4ca70acae3011d38d8af3 e5f87026794fb727f7f5288d20260bf89af07416 dad55f18417e4d0370fc4f0c1197efad15938ba5f001bf437468d30fddd866c4
POST /videoplayback?expire=1713437303&ei=F6YgZuTjGvTL0u8PkeeL-Ag&ip=91.90.42.154&id=o-AMCSY16azhN9ACOvvp-T4qUWuRPmyuvMoysT-S_wIIGp&itag=251&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&mh=fM&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynl6&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=1126250&bui=AaUN6a3xorchO0Qx3E9I9rY3jrUA-8xNqqvnF_E6rAG_9wbK4TsmY_nzgynDy0kcJ2dqzx9e1bRNBdpD&spc=UWF9fzU88A14cJREeGxCn3_3kU-m8HaWr6KLnCd1qhqrLL2j7VNnZHNj_A&vprv=1&svpuc=1&mime=audio%2Fwebm&ns=g8CLdgHySpVE0MFmOVQeZq4Q&gir=yes&clen=946205&dur=59.821&lmt=1712095373244492&mt=1713415240&fvip=3&keepalive=yes&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=5532434&n=Q45qG9CgUUt9HQ&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AJfQdSswRAIgVAlKixHMt9l4uOcEPR0T82yjIvc2VGKIDOI8hV5WwWQCIGyh57ROMNS3NFCjgZ96x7xet76A6lRPMqf40tmBG1S8&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=ALClDIEwRQIgaTzHT2cquWPBaZjqXrsMxUuGpG1qRXIY-eOi2ivRTQgCIQC3TTNA84wd-EjSQCThFdaa1QvOtw5RCKjUNrPaVe7M4w%3D%3D&alr=yes&cpn=X0a5POUGk_ax9Y6n&cver=1.20240415.01.00&range=0-65900&rn=2&rbuf=0&pot=IjqUdJR38lQyY9cT4ADFH9pHzkf8As0a1kD1Df0i7j3fDNYe3TvXE947wAzdPdETxSfVE-c53TPnUacw&ump=1&srfvp=1 HTTP/1.1
Host: rr2---sn-capm-vnae.googlevideo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.youtube.com/
Content-Length: 2
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Last-Modified: Tue, 02 Apr 2024 22:02:53 GMT
Content-Type: application/vnd.yt-ump
Date: Thu, 18 Apr 2024 04:48:23 GMT
Expires: Thu, 18 Apr 2024 04:48:23 GMT
Cache-Control: private, max-age=21300
Transfer-Encoding: chunked
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Content-Type-Options: nosniff
Server: gvs 1.0
|
|
| rr2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1713437303&ei=F6YgZuTjGvTL0u8PkeeL-Ag&ip=91.90.42.154&id=o-AMCSY16azhN9ACOvvp-T4qUWuRPmyuvMoysT-S_wIIGp&itag=396&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278%2C394%2C395%2C396%2C397%2C398%2C399&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&mh=fM&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynl6&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=1126250&bui=AaUN6a3xorchO0Qx3E9I9rY3jrUA-8xNqqvnF_E6rAG_9wbK4TsmY_nzgynDy0kcJ2dqzx9e1bRNBdpD&spc=UWF9fzU88A14cJREeGxCn3_3kU-m8HaWr6KLnCd1qhqrLL2j7VNnZHNj_A&vprv=1&svpuc=1&mime=video%2Fmp4&ns=g8CLdgHySpVE0MFmOVQeZq4Q&gir=yes&clen=2160384&dur=59.791&lmt=1712142908082106&mt=1713415240&fvip=3&keepalive=yes&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=553C434&n=Q45qG9CgUUt9HQ&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AJfQdSswRQIhAPQSNVx2dBkFNvDP2-thPytW9trJzn4y3nrJD-HY4uWuAiAcGY_ap0GvYgayKhbYoCgB0NxuA7yRH1aJlPPs-Fi9Iw%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=ALClDIEwRQIgaTzHT2cquWPBaZjqXrsMxUuGpG1qRXIY-eOi2ivRTQgCIQC3TTNA84wd-EjSQCThFdaa1QvOtw5RCKjUNrPaVe7M4w%3D%3D&alr=yes&cpn=X0a5POUGk_ax9Y6n&cver=1.20240415.01.00&range=278134-670584&rn=6&rbuf=12583&pot=Mnnh5X28KxN6KOHe5t6w-xmpmZuqmQ5peiockTpBjU2oIPeOtHjscqF23cH6hrCeeeCrab3nC7gf-54amR5ohOCy38yNcnZUDloX394DOO3PhU8StZc-a2VhKECReE1nxhw39NsdSx4C7Q7qi_Yz-jPU6LYGFQkC2fEy&ump=1&srfvp=1 | 91.90.45.173 | 200 OK | 392 kB |
URL POST HTTP/3rr2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1713437303&ei=F6YgZuTjGvTL0u8PkeeL-Ag&ip=91.90.42.154&id=o-AMCSY16azhN9ACOvvp-T4qUWuRPmyuvMoysT-S_wIIGp&itag=396&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278%2C394%2C395%2C396%2C397%2C398%2C399&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&mh=fM&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynl6&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=1126250&bui=AaUN6a3xorchO0Qx3E9I9rY3jrUA-8xNqqvnF_E6rAG_9wbK4TsmY_nzgynDy0kcJ2dqzx9e1bRNBdpD&spc=UWF9fzU88A14cJREeGxCn3_3kU-m8HaWr6KLnCd1qhqrLL2j7VNnZHNj_A&vprv=1&svpuc=1&mime=video%2Fmp4&ns=g8CLdgHySpVE0MFmOVQeZq4Q&gir=yes&clen=2160384&dur=59.791&lmt=1712142908082106&mt=1713415240&fvip=3&keepalive=yes&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=553C434&n=Q45qG9CgUUt9HQ&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AJfQdSswRQIhAPQSNVx2dBkFNvDP2-thPytW9trJzn4y3nrJD-HY4uWuAiAcGY_ap0GvYgayKhbYoCgB0NxuA7yRH1aJlPPs-Fi9Iw%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=ALClDIEwRQIgaTzHT2cquWPBaZjqXrsMxUuGpG1qRXIY-eOi2ivRTQgCIQC3TTNA84wd-EjSQCThFdaa1QvOtw5RCKjUNrPaVe7M4w%3D%3D&alr=yes&cpn=X0a5POUGk_ax9Y6n&cver=1.20240415.01.00&range=278134-670584&rn=6&rbuf=12583&pot=Mnnh5X28KxN6KOHe5t6w-xmpmZuqmQ5peiockTpBjU2oIPeOtHjscqF23cH6hrCeeeCrab3nC7gf-54amR5ohOCy38yNcnZUDloX394DOO3PhU8StZc-a2VhKECReE1nxhw39NsdSx4C7Q7qi_Yz-jPU6LYGFQkC2fEy&ump=1&srfvp=1 IP91.90.45.173:443 ASN#50304 Blix Solutions AS
Requested byhttps://www.youtube.com/embed/4hIMRUTqARM?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com CertificateIssuerGoogle Trust Services LLC Subject*.googlevideo.com Fingerprint05:65:DE:5B:B7:CF:9A:4A:22:AF:57:DB:9B:EC:B9:BD:E5:B0:57:E2 ValidityTue, 09 Apr 2024 14:31:07 GMT - Tue, 18 Jun 2024 14:31:06 GMT
Size392 kB (392514 bytes) Hash485c2d37a34548003914e9ef423c099c c0fc3150c7ac5b820207e6c96f590233f63a275d bbee47da50e003961c229c3b0e9ee9ac31ac68dc4482b09c65ca88d6ad52f70e
POST /videoplayback?expire=1713437303&ei=F6YgZuTjGvTL0u8PkeeL-Ag&ip=91.90.42.154&id=o-AMCSY16azhN9ACOvvp-T4qUWuRPmyuvMoysT-S_wIIGp&itag=396&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278%2C394%2C395%2C396%2C397%2C398%2C399&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&mh=fM&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynl6&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=1126250&bui=AaUN6a3xorchO0Qx3E9I9rY3jrUA-8xNqqvnF_E6rAG_9wbK4TsmY_nzgynDy0kcJ2dqzx9e1bRNBdpD&spc=UWF9fzU88A14cJREeGxCn3_3kU-m8HaWr6KLnCd1qhqrLL2j7VNnZHNj_A&vprv=1&svpuc=1&mime=video%2Fmp4&ns=g8CLdgHySpVE0MFmOVQeZq4Q&gir=yes&clen=2160384&dur=59.791&lmt=1712142908082106&mt=1713415240&fvip=3&keepalive=yes&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=553C434&n=Q45qG9CgUUt9HQ&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AJfQdSswRQIhAPQSNVx2dBkFNvDP2-thPytW9trJzn4y3nrJD-HY4uWuAiAcGY_ap0GvYgayKhbYoCgB0NxuA7yRH1aJlPPs-Fi9Iw%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=ALClDIEwRQIgaTzHT2cquWPBaZjqXrsMxUuGpG1qRXIY-eOi2ivRTQgCIQC3TTNA84wd-EjSQCThFdaa1QvOtw5RCKjUNrPaVe7M4w%3D%3D&alr=yes&cpn=X0a5POUGk_ax9Y6n&cver=1.20240415.01.00&range=278134-670584&rn=6&rbuf=12583&pot=Mnnh5X28KxN6KOHe5t6w-xmpmZuqmQ5peiockTpBjU2oIPeOtHjscqF23cH6hrCeeeCrab3nC7gf-54amR5ohOCy38yNcnZUDloX394DOO3PhU8StZc-a2VhKECReE1nxhw39NsdSx4C7Q7qi_Yz-jPU6LYGFQkC2fEy&ump=1&srfvp=1 HTTP/1.1
Host: rr2---sn-capm-vnae.googlevideo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.youtube.com/
Content-Length: 2
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
last-modified: Wed, 03 Apr 2024 11:15:08 GMT
content-type: application/vnd.yt-ump
date: Thu, 18 Apr 2024 04:48:33 GMT
expires: Thu, 18 Apr 2024 04:48:33 GMT
cache-control: private, max-age=21290
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
client-protocol: quic
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
timing-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
vary: Origin
cross-origin-resource-policy: cross-origin
x-restrict-formats-hint: None
x-content-type-options: nosniff
server: gvs 1.0
|
|
| rr2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1713437303&ei=F6YgZuTjGvTL0u8PkeeL-Ag&ip=91.90.42.154&id=o-AMCSY16azhN9ACOvvp-T4qUWuRPmyuvMoysT-S_wIIGp&itag=251&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&mh=fM&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynl6&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=1126250&bui=AaUN6a3xorchO0Qx3E9I9rY3jrUA-8xNqqvnF_E6rAG_9wbK4TsmY_nzgynDy0kcJ2dqzx9e1bRNBdpD&spc=UWF9fzU88A14cJREeGxCn3_3kU-m8HaWr6KLnCd1qhqrLL2j7VNnZHNj_A&vprv=1&svpuc=1&mime=audio%2Fwebm&ns=g8CLdgHySpVE0MFmOVQeZq4Q&gir=yes&clen=946205&dur=59.821&lmt=1712095373244492&mt=1713415240&fvip=3&keepalive=yes&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=5532434&n=Q45qG9CgUUt9HQ&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AJfQdSswRAIgVAlKixHMt9l4uOcEPR0T82yjIvc2VGKIDOI8hV5WwWQCIGyh57ROMNS3NFCjgZ96x7xet76A6lRPMqf40tmBG1S8&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=ALClDIEwRQIgaTzHT2cquWPBaZjqXrsMxUuGpG1qRXIY-eOi2ivRTQgCIQC3TTNA84wd-EjSQCThFdaa1QvOtw5RCKjUNrPaVe7M4w%3D%3D&alr=yes&cpn=X0a5POUGk_ax9Y6n&cver=1.20240415.01.00&range=262797-481395&rn=7&rbuf=16140&pot=Mnnh5X28KxN6KOHe5t6w-xmpmZuqmQ5peiockTpBjU2oIPeOtHjscqF23cH6hrCeeeCrab3nC7gf-54amR5ohOCy38yNcnZUDloX394DOO3PhU8StZc-a2VhKECReE1nxhw39NsdSx4C7Q7qi_Yz-jPU6LYGFQkC2fEy&ump=1&srfvp=1 | 91.90.45.173 | 200 OK | 219 kB |
URL POST HTTP/3rr2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1713437303&ei=F6YgZuTjGvTL0u8PkeeL-Ag&ip=91.90.42.154&id=o-AMCSY16azhN9ACOvvp-T4qUWuRPmyuvMoysT-S_wIIGp&itag=251&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&mh=fM&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynl6&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=1126250&bui=AaUN6a3xorchO0Qx3E9I9rY3jrUA-8xNqqvnF_E6rAG_9wbK4TsmY_nzgynDy0kcJ2dqzx9e1bRNBdpD&spc=UWF9fzU88A14cJREeGxCn3_3kU-m8HaWr6KLnCd1qhqrLL2j7VNnZHNj_A&vprv=1&svpuc=1&mime=audio%2Fwebm&ns=g8CLdgHySpVE0MFmOVQeZq4Q&gir=yes&clen=946205&dur=59.821&lmt=1712095373244492&mt=1713415240&fvip=3&keepalive=yes&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=5532434&n=Q45qG9CgUUt9HQ&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AJfQdSswRAIgVAlKixHMt9l4uOcEPR0T82yjIvc2VGKIDOI8hV5WwWQCIGyh57ROMNS3NFCjgZ96x7xet76A6lRPMqf40tmBG1S8&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=ALClDIEwRQIgaTzHT2cquWPBaZjqXrsMxUuGpG1qRXIY-eOi2ivRTQgCIQC3TTNA84wd-EjSQCThFdaa1QvOtw5RCKjUNrPaVe7M4w%3D%3D&alr=yes&cpn=X0a5POUGk_ax9Y6n&cver=1.20240415.01.00&range=262797-481395&rn=7&rbuf=16140&pot=Mnnh5X28KxN6KOHe5t6w-xmpmZuqmQ5peiockTpBjU2oIPeOtHjscqF23cH6hrCeeeCrab3nC7gf-54amR5ohOCy38yNcnZUDloX394DOO3PhU8StZc-a2VhKECReE1nxhw39NsdSx4C7Q7qi_Yz-jPU6LYGFQkC2fEy&ump=1&srfvp=1 IP91.90.45.173:443 ASN#50304 Blix Solutions AS
Requested byhttps://www.youtube.com/embed/4hIMRUTqARM?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com CertificateIssuerGoogle Trust Services LLC Subject*.googlevideo.com Fingerprint05:65:DE:5B:B7:CF:9A:4A:22:AF:57:DB:9B:EC:B9:BD:E5:B0:57:E2 ValidityTue, 09 Apr 2024 14:31:07 GMT - Tue, 18 Jun 2024 14:31:06 GMT
Size219 kB (218662 bytes) Hash094fec439651ad362f30416dcd813555 52fea50ab4c01cd06fb2fc7896d5ba21ea786347 550b169aab08d85046c6b337ab8d84cbd2d1c31872085e5f18ba587b5438609b
POST /videoplayback?expire=1713437303&ei=F6YgZuTjGvTL0u8PkeeL-Ag&ip=91.90.42.154&id=o-AMCSY16azhN9ACOvvp-T4qUWuRPmyuvMoysT-S_wIIGp&itag=251&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&mh=fM&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynl6&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=1126250&bui=AaUN6a3xorchO0Qx3E9I9rY3jrUA-8xNqqvnF_E6rAG_9wbK4TsmY_nzgynDy0kcJ2dqzx9e1bRNBdpD&spc=UWF9fzU88A14cJREeGxCn3_3kU-m8HaWr6KLnCd1qhqrLL2j7VNnZHNj_A&vprv=1&svpuc=1&mime=audio%2Fwebm&ns=g8CLdgHySpVE0MFmOVQeZq4Q&gir=yes&clen=946205&dur=59.821&lmt=1712095373244492&mt=1713415240&fvip=3&keepalive=yes&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=5532434&n=Q45qG9CgUUt9HQ&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AJfQdSswRAIgVAlKixHMt9l4uOcEPR0T82yjIvc2VGKIDOI8hV5WwWQCIGyh57ROMNS3NFCjgZ96x7xet76A6lRPMqf40tmBG1S8&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=ALClDIEwRQIgaTzHT2cquWPBaZjqXrsMxUuGpG1qRXIY-eOi2ivRTQgCIQC3TTNA84wd-EjSQCThFdaa1QvOtw5RCKjUNrPaVe7M4w%3D%3D&alr=yes&cpn=X0a5POUGk_ax9Y6n&cver=1.20240415.01.00&range=262797-481395&rn=7&rbuf=16140&pot=Mnnh5X28KxN6KOHe5t6w-xmpmZuqmQ5peiockTpBjU2oIPeOtHjscqF23cH6hrCeeeCrab3nC7gf-54amR5ohOCy38yNcnZUDloX394DOO3PhU8StZc-a2VhKECReE1nxhw39NsdSx4C7Q7qi_Yz-jPU6LYGFQkC2fEy&ump=1&srfvp=1 HTTP/1.1
Host: rr2---sn-capm-vnae.googlevideo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.youtube.com/
Content-Length: 2
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
last-modified: Tue, 02 Apr 2024 22:02:53 GMT
content-type: application/vnd.yt-ump
date: Thu, 18 Apr 2024 04:48:34 GMT
expires: Thu, 18 Apr 2024 04:48:34 GMT
cache-control: private, max-age=21289
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
client-protocol: quic
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
timing-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
vary: Origin
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
server: gvs 1.0
|
|
| fonts.googleapis.com/css2?family=Teko:wght@300;400;500;600;700&display=swap | 142.250.74.74 | 200 OK | 5.5 kB |
URL GET HTTP/2fonts.googleapis.com/css2?family=Teko:wght@300;400;500;600;700&display=swap IP142.250.74.74:443
Requested byhttps://k43rf74h9m.fcyz.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT
File typeASCII text, with very long lines (5645), with no line terminators Hash7e8ccf34cfbd7681f3b6a7b967e632c9 8550d37535c577c1f2454fe033691a280d1a473a 984f7fcf1514b4faf8b84587104475a20d12627f7b3ec5f8fcd6b72d6ccf2d4f
GET /css2?family=Teko:wght@300;400;500;600;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://k43rf74h9m.fcyz.my.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 18 Apr 2024 04:48:21 GMT
date: Thu, 18 Apr 2024 04:48:21 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| rr2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1713437303&ei=F6YgZuTjGvTL0u8PkeeL-Ag&ip=91.90.42.154&id=o-AMCSY16azhN9ACOvvp-T4qUWuRPmyuvMoysT-S_wIIGp&itag=251&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&mh=fM&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynl6&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=1126250&bui=AaUN6a3xorchO0Qx3E9I9rY3jrUA-8xNqqvnF_E6rAG_9wbK4TsmY_nzgynDy0kcJ2dqzx9e1bRNBdpD&spc=UWF9fzU88A14cJREeGxCn3_3kU-m8HaWr6KLnCd1qhqrLL2j7VNnZHNj_A&vprv=1&svpuc=1&mime=audio%2Fwebm&ns=g8CLdgHySpVE0MFmOVQeZq4Q&gir=yes&clen=946205&dur=59.821&lmt=1712095373244492&mt=1713415240&fvip=3&keepalive=yes&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=5532434&n=Q45qG9CgUUt9HQ&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AJfQdSswRAIgVAlKixHMt9l4uOcEPR0T82yjIvc2VGKIDOI8hV5WwWQCIGyh57ROMNS3NFCjgZ96x7xet76A6lRPMqf40tmBG1S8&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=ALClDIEwRQIgaTzHT2cquWPBaZjqXrsMxUuGpG1qRXIY-eOi2ivRTQgCIQC3TTNA84wd-EjSQCThFdaa1QvOtw5RCKjUNrPaVe7M4w%3D%3D&alr=yes&cpn=X0a5POUGk_ax9Y6n&cver=1.20240415.01.00&range=131437-262796&rn=5&rbuf=7886&pot=Mnnh5X28KxN6KOHe5t6w-xmpmZuqmQ5peiockTpBjU2oIPeOtHjscqF23cH6hrCeeeCrab3nC7gf-54amR5ohOCy38yNcnZUDloX394DOO3PhU8StZc-a2VhKECReE1nxhw39NsdSx4C7Q7qi_Yz-jPU6LYGFQkC2fEy&ump=1&srfvp=1 | 91.90.45.173 | 200 OK | 131 kB |
URL POST HTTP/3rr2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1713437303&ei=F6YgZuTjGvTL0u8PkeeL-Ag&ip=91.90.42.154&id=o-AMCSY16azhN9ACOvvp-T4qUWuRPmyuvMoysT-S_wIIGp&itag=251&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&mh=fM&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynl6&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=1126250&bui=AaUN6a3xorchO0Qx3E9I9rY3jrUA-8xNqqvnF_E6rAG_9wbK4TsmY_nzgynDy0kcJ2dqzx9e1bRNBdpD&spc=UWF9fzU88A14cJREeGxCn3_3kU-m8HaWr6KLnCd1qhqrLL2j7VNnZHNj_A&vprv=1&svpuc=1&mime=audio%2Fwebm&ns=g8CLdgHySpVE0MFmOVQeZq4Q&gir=yes&clen=946205&dur=59.821&lmt=1712095373244492&mt=1713415240&fvip=3&keepalive=yes&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=5532434&n=Q45qG9CgUUt9HQ&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AJfQdSswRAIgVAlKixHMt9l4uOcEPR0T82yjIvc2VGKIDOI8hV5WwWQCIGyh57ROMNS3NFCjgZ96x7xet76A6lRPMqf40tmBG1S8&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=ALClDIEwRQIgaTzHT2cquWPBaZjqXrsMxUuGpG1qRXIY-eOi2ivRTQgCIQC3TTNA84wd-EjSQCThFdaa1QvOtw5RCKjUNrPaVe7M4w%3D%3D&alr=yes&cpn=X0a5POUGk_ax9Y6n&cver=1.20240415.01.00&range=131437-262796&rn=5&rbuf=7886&pot=Mnnh5X28KxN6KOHe5t6w-xmpmZuqmQ5peiockTpBjU2oIPeOtHjscqF23cH6hrCeeeCrab3nC7gf-54amR5ohOCy38yNcnZUDloX394DOO3PhU8StZc-a2VhKECReE1nxhw39NsdSx4C7Q7qi_Yz-jPU6LYGFQkC2fEy&ump=1&srfvp=1 IP91.90.45.173:443 ASN#50304 Blix Solutions AS
Requested byhttps://www.youtube.com/embed/4hIMRUTqARM?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com CertificateIssuerGoogle Trust Services LLC Subject*.googlevideo.com Fingerprint05:65:DE:5B:B7:CF:9A:4A:22:AF:57:DB:9B:EC:B9:BD:E5:B0:57:E2 ValidityTue, 09 Apr 2024 14:31:07 GMT - Tue, 18 Jun 2024 14:31:06 GMT
Size131 kB (131423 bytes) Hasha1bc851bf2d6a33f65c23abe6eeef0f5 ef42dd8bf40383129b0885743b1376512d6064e0 e8573e9637643e79891bcfab171a85d1b62d00857de35630be5255ecb57a6479
POST /videoplayback?expire=1713437303&ei=F6YgZuTjGvTL0u8PkeeL-Ag&ip=91.90.42.154&id=o-AMCSY16azhN9ACOvvp-T4qUWuRPmyuvMoysT-S_wIIGp&itag=251&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&mh=fM&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynl6&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=1126250&bui=AaUN6a3xorchO0Qx3E9I9rY3jrUA-8xNqqvnF_E6rAG_9wbK4TsmY_nzgynDy0kcJ2dqzx9e1bRNBdpD&spc=UWF9fzU88A14cJREeGxCn3_3kU-m8HaWr6KLnCd1qhqrLL2j7VNnZHNj_A&vprv=1&svpuc=1&mime=audio%2Fwebm&ns=g8CLdgHySpVE0MFmOVQeZq4Q&gir=yes&clen=946205&dur=59.821&lmt=1712095373244492&mt=1713415240&fvip=3&keepalive=yes&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=5532434&n=Q45qG9CgUUt9HQ&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AJfQdSswRAIgVAlKixHMt9l4uOcEPR0T82yjIvc2VGKIDOI8hV5WwWQCIGyh57ROMNS3NFCjgZ96x7xet76A6lRPMqf40tmBG1S8&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=ALClDIEwRQIgaTzHT2cquWPBaZjqXrsMxUuGpG1qRXIY-eOi2ivRTQgCIQC3TTNA84wd-EjSQCThFdaa1QvOtw5RCKjUNrPaVe7M4w%3D%3D&alr=yes&cpn=X0a5POUGk_ax9Y6n&cver=1.20240415.01.00&range=131437-262796&rn=5&rbuf=7886&pot=Mnnh5X28KxN6KOHe5t6w-xmpmZuqmQ5peiockTpBjU2oIPeOtHjscqF23cH6hrCeeeCrab3nC7gf-54amR5ohOCy38yNcnZUDloX394DOO3PhU8StZc-a2VhKECReE1nxhw39NsdSx4C7Q7qi_Yz-jPU6LYGFQkC2fEy&ump=1&srfvp=1 HTTP/1.1
Host: rr2---sn-capm-vnae.googlevideo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.youtube.com/
Content-Length: 2
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
last-modified: Tue, 02 Apr 2024 22:02:53 GMT
content-type: application/vnd.yt-ump
date: Thu, 18 Apr 2024 04:48:24 GMT
expires: Thu, 18 Apr 2024 04:48:24 GMT
cache-control: private, max-age=21299
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
client-protocol: quic
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
timing-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
vary: Origin
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
server: gvs 1.0
|
|
| yt3.ggpht.com/Pwnw9qWQuKgdKS72XPcRYHnZ4yIIyryaBkn_6IF9yR7jugDpwcGNqOCbAa5paa3ddEY31MHuOCM=s68-c-k-c0x00ffffff-no-rj | 142.250.74.161 | 200 OK | 4.6 kB |
URL GET HTTP/2yt3.ggpht.com/Pwnw9qWQuKgdKS72XPcRYHnZ4yIIyryaBkn_6IF9yR7jugDpwcGNqOCbAa5paa3ddEY31MHuOCM=s68-c-k-c0x00ffffff-no-rj IP142.250.74.161:443
Requested byhttps://www.youtube.com/embed/4hIMRUTqARM?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com CertificateIssuerGoogle Trust Services LLC Subject*.googleusercontent.com FingerprintE0:0C:38:A4:4D:4F:CB:42:05:30:9A:C4:60:B3:64:3F:EF:43:D1:2F ValidityMon, 04 Mar 2024 07:14:32 GMT - Mon, 27 May 2024 07:14:31 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 68x68, components 3 Hashbc57ab4f932a6079d620bddcedebfb98 64a2dd45f35a54ada4e2cd3d2fecce7742847e08 aa83c68bd76b28466287ab4f1d12527fa8f305192e89060106f509768188a304
GET /Pwnw9qWQuKgdKS72XPcRYHnZ4yIIyryaBkn_6IF9yR7jugDpwcGNqOCbAa5paa3ddEY31MHuOCM=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
content-disposition: inline;filename="channels4_profile.jpg"
x-content-type-options: nosniff
server: fife
content-length: 4564
x-xss-protection: 0
date: Thu, 18 Apr 2024 04:05:04 GMT
expires: Fri, 19 Apr 2024 04:05:04 GMT
cache-control: public, max-age=86400, no-transform
age: 2599
etag: "v1"
content-type: image/jpeg
vary: Origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| k43rf74h9m.fcyz.my.id/alexFrontEnd/tiktok.png | 188.114.97.1 | 404 Not Found | 1.3 kB |
URL GET HTTP/3k43rf74h9m.fcyz.my.id/alexFrontEnd/tiktok.png IP188.114.97.1:443
Requested byhttps://k43rf74h9m.fcyz.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectfcyz.my.id Fingerprint4E:DD:47:65:E3:FA:D8:81:E3:A7:B4:86:FC:92:8F:24:8B:0E:73:25 ValidityTue, 26 Mar 2024 06:26:09 GMT - Mon, 24 Jun 2024 06:26:08 GMT
File typeHTML document, ASCII text, with very long lines (1285), with no line terminators Hash94f08a3a6562f7f079c4f5a67b7260e2 cc5d03e17c41ee6bb2ebf0d26d4354a486ca1823 44ea069d9a3f7dcea953ac173384578b6185f4b2ece05a6f4513b9fda29c4c29
Analyzer | Verdict | Alert | OpenPhish | phishing | Garena |
GET /alexFrontEnd/tiktok.png HTTP/1.1
Host: k43rf74h9m.fcyz.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://k43rf74h9m.fcyz.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Thu, 18 Apr 2024 04:48:21 GMT
content-type: text/html
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
x-turbo-charged-by: LiteSpeed
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JvpH7oU1vxLh7n5NFDPLUOKKzO5WScx8g3FvbTPgVwJfXcr9ifckTWH0msp1OJXy0LO9RjtevWIP3eoTef8Ti%2F6e6cqCyeFhr6eUW9%2FihZiQ58qB%2F%2F5GGSaCSqdnCitSQk3O8Mgq0D4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876205a50fe556af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ka-f.fontawesome.com/releases/v6.0.0/css/free-v4-shims.min.css?token=869e25b803 | 172.67.139.119 | 200 OK | 26 kB |
URL GET HTTP/2ka-f.fontawesome.com/releases/v6.0.0/css/free-v4-shims.min.css?token=869e25b803 IP172.67.139.119:443
Requested byhttps://k43rf74h9m.fcyz.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectka-f.fontawesome.com Fingerprint8D:43:33:42:48:C0:F5:34:71:EC:49:69:9C:62:01:4A:6F:41:11:98 ValidityTue, 05 Mar 2024 09:23:28 GMT - Mon, 03 Jun 2024 09:23:27 GMT
File typeASCII text, with very long lines (26019) Hashc32e971c7d11c2407f847b61c515f1e2 85ac47a05e49f01cd62301ee121a2ca0dfdc0f83 a7fb3a26d569bec0139baaae950e43c1e10b0afbcf6e9d7654aa1181a8319759
GET /releases/v6.0.0/css/free-v4-shims.min.css?token=869e25b803 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://k43rf74h9m.fcyz.my.id/
Origin: https://k43rf74h9m.fcyz.my.id
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:48:22 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Mon, 07 Feb 2022 20:11:39 GMT
etag: W/"c32e971c7d11c2407f847b61c515f1e2"
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: bmJ55r9yxYLsCJ20oH019TCh2-okQPhNIAwS6xkUAQqL8jPdnH8sSQ==
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JKaMU0pTD8BwekDUgkuzAvl3D5XHoMSPEn2IN8Pv68LojvSPHZpcYzawq2hQJ9POuGvM6Fkh1aAq0b3ZD8KLcAG3uHk2Qe9VZW3S3WzWGcYgV8lhublZv8tErgnMGt8WdS9Rl4f2eQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876205abaee7b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.youtube.com/s/player/f92087f2/www-embed-player.vflset/www-embed-player.js | 216.58.207.206 | 200 OK | 328 kB |
URL GET HTTP/3www.youtube.com/s/player/f92087f2/www-embed-player.vflset/www-embed-player.js IP216.58.207.206:443
Requested byhttps://www.youtube.com/embed/4hIMRUTqARM?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT
File typeJavaScript source, ASCII text, with very long lines (682) Size328 kB (327827 bytes) Hashb1882b5e3edaca0885f674750fe7bd88 b1c29c838ece05563e2ef1eb10cf7a986c588301 5a1b22f96bab9384df7827c7710b6477229500a6d2c0f6d8f9cff3d33d428894
GET /s/player/f92087f2/www-embed-player.vflset/www-embed-player.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/4hIMRUTqARM?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 97847
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 07:20:55 GMT
expires: Wed, 16 Apr 2025 07:20:55 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 16 Apr 2024 04:18:33 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 163647
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| rr2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1713437303&ei=F6YgZuTjGvTL0u8PkeeL-Ag&ip=91.90.42.154&id=o-AMCSY16azhN9ACOvvp-T4qUWuRPmyuvMoysT-S_wIIGp&itag=396&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278%2C394%2C395%2C396%2C397%2C398%2C399&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&mh=fM&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynl6&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=1126250&bui=AaUN6a3xorchO0Qx3E9I9rY3jrUA-8xNqqvnF_E6rAG_9wbK4TsmY_nzgynDy0kcJ2dqzx9e1bRNBdpD&spc=UWF9fzU88A14cJREeGxCn3_3kU-m8HaWr6KLnCd1qhqrLL2j7VNnZHNj_A&vprv=1&svpuc=1&mime=video%2Fmp4&ns=g8CLdgHySpVE0MFmOVQeZq4Q&gir=yes&clen=2160384&dur=59.791&lmt=1712142908082106&mt=1713415240&fvip=3&keepalive=yes&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=553C434&n=Q45qG9CgUUt9HQ&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AJfQdSswRQIhAPQSNVx2dBkFNvDP2-thPytW9trJzn4y3nrJD-HY4uWuAiAcGY_ap0GvYgayKhbYoCgB0NxuA7yRH1aJlPPs-Fi9Iw%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=ALClDIEwRQIgaTzHT2cquWPBaZjqXrsMxUuGpG1qRXIY-eOi2ivRTQgCIQC3TTNA84wd-EjSQCThFdaa1QvOtw5RCKjUNrPaVe7M4w%3D%3D&alr=yes&cpn=X0a5POUGk_ax9Y6n&cver=1.20240415.01.00&range=84350-278133&rn=4&rbuf=6110&pot=Mnnh5X28KxN6KOHe5t6w-xmpmZuqmQ5peiockTpBjU2oIPeOtHjscqF23cH6hrCeeeCrab3nC7gf-54amR5ohOCy38yNcnZUDloX394DOO3PhU8StZc-a2VhKECReE1nxhw39NsdSx4C7Q7qi_Yz-jPU6LYGFQkC2fEy&ump=1&srfvp=1 | 91.90.45.173 | 200 OK | 194 kB |
URL POST HTTP/3rr2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1713437303&ei=F6YgZuTjGvTL0u8PkeeL-Ag&ip=91.90.42.154&id=o-AMCSY16azhN9ACOvvp-T4qUWuRPmyuvMoysT-S_wIIGp&itag=396&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278%2C394%2C395%2C396%2C397%2C398%2C399&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&mh=fM&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynl6&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=1126250&bui=AaUN6a3xorchO0Qx3E9I9rY3jrUA-8xNqqvnF_E6rAG_9wbK4TsmY_nzgynDy0kcJ2dqzx9e1bRNBdpD&spc=UWF9fzU88A14cJREeGxCn3_3kU-m8HaWr6KLnCd1qhqrLL2j7VNnZHNj_A&vprv=1&svpuc=1&mime=video%2Fmp4&ns=g8CLdgHySpVE0MFmOVQeZq4Q&gir=yes&clen=2160384&dur=59.791&lmt=1712142908082106&mt=1713415240&fvip=3&keepalive=yes&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=553C434&n=Q45qG9CgUUt9HQ&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AJfQdSswRQIhAPQSNVx2dBkFNvDP2-thPytW9trJzn4y3nrJD-HY4uWuAiAcGY_ap0GvYgayKhbYoCgB0NxuA7yRH1aJlPPs-Fi9Iw%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=ALClDIEwRQIgaTzHT2cquWPBaZjqXrsMxUuGpG1qRXIY-eOi2ivRTQgCIQC3TTNA84wd-EjSQCThFdaa1QvOtw5RCKjUNrPaVe7M4w%3D%3D&alr=yes&cpn=X0a5POUGk_ax9Y6n&cver=1.20240415.01.00&range=84350-278133&rn=4&rbuf=6110&pot=Mnnh5X28KxN6KOHe5t6w-xmpmZuqmQ5peiockTpBjU2oIPeOtHjscqF23cH6hrCeeeCrab3nC7gf-54amR5ohOCy38yNcnZUDloX394DOO3PhU8StZc-a2VhKECReE1nxhw39NsdSx4C7Q7qi_Yz-jPU6LYGFQkC2fEy&ump=1&srfvp=1 IP91.90.45.173:443 ASN#50304 Blix Solutions AS
Requested byhttps://www.youtube.com/embed/4hIMRUTqARM?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com CertificateIssuerGoogle Trust Services LLC Subject*.googlevideo.com Fingerprint05:65:DE:5B:B7:CF:9A:4A:22:AF:57:DB:9B:EC:B9:BD:E5:B0:57:E2 ValidityTue, 09 Apr 2024 14:31:07 GMT - Tue, 18 Jun 2024 14:31:06 GMT
Size194 kB (193847 bytes) Hashd8c948c3856d001ea106063459e96b97 33cdedd8418c38e71a4cf965f78ada05d1f17641 aadd4547caef5c293ac0412d94a34ebb9ace828481acaa54cc65f4392b72bcd9
POST /videoplayback?expire=1713437303&ei=F6YgZuTjGvTL0u8PkeeL-Ag&ip=91.90.42.154&id=o-AMCSY16azhN9ACOvvp-T4qUWuRPmyuvMoysT-S_wIIGp&itag=396&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278%2C394%2C395%2C396%2C397%2C398%2C399&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&mh=fM&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynl6&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=1126250&bui=AaUN6a3xorchO0Qx3E9I9rY3jrUA-8xNqqvnF_E6rAG_9wbK4TsmY_nzgynDy0kcJ2dqzx9e1bRNBdpD&spc=UWF9fzU88A14cJREeGxCn3_3kU-m8HaWr6KLnCd1qhqrLL2j7VNnZHNj_A&vprv=1&svpuc=1&mime=video%2Fmp4&ns=g8CLdgHySpVE0MFmOVQeZq4Q&gir=yes&clen=2160384&dur=59.791&lmt=1712142908082106&mt=1713415240&fvip=3&keepalive=yes&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=553C434&n=Q45qG9CgUUt9HQ&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AJfQdSswRQIhAPQSNVx2dBkFNvDP2-thPytW9trJzn4y3nrJD-HY4uWuAiAcGY_ap0GvYgayKhbYoCgB0NxuA7yRH1aJlPPs-Fi9Iw%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=ALClDIEwRQIgaTzHT2cquWPBaZjqXrsMxUuGpG1qRXIY-eOi2ivRTQgCIQC3TTNA84wd-EjSQCThFdaa1QvOtw5RCKjUNrPaVe7M4w%3D%3D&alr=yes&cpn=X0a5POUGk_ax9Y6n&cver=1.20240415.01.00&range=84350-278133&rn=4&rbuf=6110&pot=Mnnh5X28KxN6KOHe5t6w-xmpmZuqmQ5peiockTpBjU2oIPeOtHjscqF23cH6hrCeeeCrab3nC7gf-54amR5ohOCy38yNcnZUDloX394DOO3PhU8StZc-a2VhKECReE1nxhw39NsdSx4C7Q7qi_Yz-jPU6LYGFQkC2fEy&ump=1&srfvp=1 HTTP/1.1
Host: rr2---sn-capm-vnae.googlevideo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.youtube.com/
Content-Length: 2
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
last-modified: Wed, 03 Apr 2024 11:15:08 GMT
content-type: application/vnd.yt-ump
date: Thu, 18 Apr 2024 04:48:24 GMT
expires: Thu, 18 Apr 2024 04:48:24 GMT
cache-control: private, max-age=21299
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
client-protocol: quic
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
timing-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
vary: Origin
cross-origin-resource-policy: cross-origin
x-restrict-formats-hint: None
x-content-type-options: nosniff
server: gvs 1.0
|
|
| www.youtube.com/embed/4hIMRUTqARM?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com | 216.58.207.206 | 200 OK | 92 kB |
URL GET HTTP/2www.youtube.com/embed/4hIMRUTqARM?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com IP216.58.207.206:443
Requested byhttps://k43rf74h9m.fcyz.my.id/ CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /embed/4hIMRUTqARM?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://k43rf74h9m.fcyz.my.id/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 18 Apr 2024 04:48:21 GMT
strict-transport-security: max-age=31536000
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cross-origin-resource-policy: cross-origin
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=zbN4So7qAso; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=mBCwgxobpxk; Domain=.youtube.com; Expires=Tue, 15-Oct-2024 04:48:21 GMT; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_PRIVACY_METADATA=CgJOTxIIEgQSAgsMIGs%3D; Domain=.youtube.com; Expires=Tue, 15-Oct-2024 04:48:21 GMT; Path=/; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| file.gifan.id/fontawesome.js | 104.21.234.35 | 200 OK | 11 kB |
URL GET HTTP/2file.gifan.id/fontawesome.js IP104.21.234.35:443
Requested byhttps://k43rf74h9m.fcyz.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectgifan.id Fingerprint65:21:CF:78:C6:F3:9C:82:42:72:2D:29:CC:E1:28:F9:68:C7:DA:50 ValidityTue, 26 Mar 2024 02:33:24 GMT - Mon, 24 Jun 2024 02:33:23 GMT
File typeJavaScript source, ASCII text, with very long lines (10594), with CRLF line terminators Hash7653d4719abf98a98d6e9412e33976e6 0b4414adc9da488b97830ce789a79994ba55aa23 051afcaea280590a5c6a5c472ad0852783d794a8923c4d26e388656fc9dcd791
GET /fontawesome.js HTTP/1.1
Host: file.gifan.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://k43rf74h9m.fcyz.my.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:48:21 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Fri, 19 Apr 2024 22:26:59 GMT
last-modified: Tue, 03 Jan 2023 12:39:32 GMT
vary: Accept-Encoding,User-Agent
x-powered-by: Niagahoster
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 454882
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GhbLa8vVZiLXGy%2F1rAdsrfaytybvIlx8KRiR2v7CzO%2BzBHkVI2GJA3VzC5L758P4oYYJl%2FWoL8hTRAib9Fo4q%2FmSzT9utB38BK7fOHjteFz7M2BP38m8anZutUysIY2a"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876205a87f647327-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| site-assets.fontawesome.com/releases/v6.1.1/css/all.css | 172.64.147.188 | 200 OK | 498 kB |
URL GET HTTP/2site-assets.fontawesome.com/releases/v6.1.1/css/all.css IP172.64.147.188:443
Requested byhttps://k43rf74h9m.fcyz.my.id/ CertificateIssuerDigiCert Inc Subject*.fontawesome.com Fingerprint93:F9:69:8C:73:B0:08:60:65:F3:39:41:39:66:D3:2B:78:3A:6E:3D ValidityMon, 04 Dec 2023 00:00:00 GMT - Fri, 03 Jan 2025 23:59:59 GMT
File typeASCII text, with very long lines (65360) Size498 kB (498160 bytes) Hash325672b036bab9b57f6873aed5eccc43 264f5db348311950380ad1bca79754ff593d87e2 a35f901d01118e5649091bd03ac5784a7db52e111fb3806524c412f3d1dcfc5d
GET /releases/v6.1.1/css/all.css HTTP/1.1
Host: site-assets.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://k43rf74h9m.fcyz.my.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:48:21 GMT
content-type: text/css
x-amz-id-2: Y1TmNuBPJ2aktX68kJThHqHYS+UBzLzvigLuxqSKGropAjQHJXqctJ8cMj8EZaj3hWZqBw7vjseo/ptPWK0rIs/nC5bnGezhyLprTTXGcJA=
x-amz-request-id: 9ZNBHYHZ9G1WY9FS
last-modified: Tue, 22 Mar 2022 15:39:41 GMT
etag: W/"325672b036bab9b57f6873aed5eccc43"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 12709983
vary: Accept-Encoding
server: cloudflare
cf-ray: 876205a3ef6d5688-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css | 104.18.10.207 | 200 OK | 31 kB |
URL GET HTTP/2stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css IP104.18.10.207:443
Requested byhttps://k43rf74h9m.fcyz.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectbootstrapcdn.com Fingerprint57:B4:25:B9:9C:88:A1:A3:3D:F7:31:74:02:E4:D1:E0:0A:F5:11:63 ValidityWed, 27 Mar 2024 00:22:09 GMT - Tue, 25 Jun 2024 00:22:08 GMT
File typeASCII text, with very long lines (30837) Hash269550530cc127b6aa5a35925a7de6ce 512c7d79033e3028a9be61b540cf1a6870c896f8 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
GET /font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://k43rf74h9m.fcyz.my.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:48:21 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"269550530cc127b6aa5a35925a7de6ce"
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 10/31/2023 18:48:06
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 722
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: dd809c84048d5afa8e77adc8acacd559
cdn-cache: HIT
cf-cache-status: HIT
age: 12789876
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 876205a6fafb56b7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ka-f.fontawesome.com/releases/v6.0.0/css/free-v4-font-face.min.css?token=869e25b803 | 172.67.139.119 | 200 OK | 1.8 kB |
URL GET HTTP/2ka-f.fontawesome.com/releases/v6.0.0/css/free-v4-font-face.min.css?token=869e25b803 IP172.67.139.119:443
Requested byhttps://k43rf74h9m.fcyz.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectka-f.fontawesome.com Fingerprint8D:43:33:42:48:C0:F5:34:71:EC:49:69:9C:62:01:4A:6F:41:11:98 ValidityTue, 05 Mar 2024 09:23:28 GMT - Mon, 03 Jun 2024 09:23:27 GMT
File typeASCII text, with very long lines (1817), with no line terminators Hash3dedc00973400e03c5ede855beb3e8b5 c72d245eb6fa18840821a7d53634a4f8ac5119d0 a45344d4b89aadfcddc80ff5e6de83bcbb2799a2af99a046e1cea1dd6fe0f28c
GET /releases/v6.0.0/css/free-v4-font-face.min.css?token=869e25b803 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://k43rf74h9m.fcyz.my.id/
Origin: https://k43rf74h9m.fcyz.my.id
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:48:22 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Mon, 07 Feb 2022 20:11:39 GMT
etag: W/"369cbeaee8e26da69cc5b0a0700cd62c"
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 3zHjJHIbvNvCpDw-Z4-nzVFRxK3bQ1Q_ZQnzGtagAYeJkSJcs1KwTQ==
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2K%2FWsoIaP6APEhCtkW%2B0TRTVLT4l%2B%2B6r0uf%2B8Qio6KMv8jWvqgn6MJcXPxtxjQ48n82848ZQcHg8XmwuMJS7nEBfxU2bINAa0A6HikH7gDvN7Wx%2ByeAQXfn%2FypQNnGuszAxBE5YLvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876205abaeecb4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| | 188.114.97.1 | 200 OK | 68 kB |
URL User Request GET HTTP/2IP188.114.97.1:443
CertificateIssuerGoogle Trust Services LLC Subjectfcyz.my.id Fingerprint4E:DD:47:65:E3:FA:D8:81:E3:A7:B4:86:FC:92:8F:24:8B:0E:73:25 ValidityTue, 26 Mar 2024 06:26:09 GMT - Mon, 24 Jun 2024 06:26:08 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | OpenPhish | phishing | Garena |
GET / HTTP/1.1
Host: k43rf74h9m.fcyz.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:48:20 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q9vmuFGHtEKk4IXpgipcX2lzQhfl0qYJLQoKKX4kTxMYsW4PuS7%2Fef8AAMUmInQqe9oGUt%2BqqNaISypU%2Fp4Z%2FCPBf%2F8Dcjrqq%2FsTu0MW7cF755SsmHsexyH7a1cXXHMaUXW3cvidnMQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876205a13e6256ab-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|