POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
 23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Server: nginx
Content-Length: 503
ETag: "373799B5749D2CB08B5721699A3E4C6B94B0D41604AC07D4EF7179E47DABC71F"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15994
Expires: Fri, 03 Feb 2023 13:29:19 GMT
Date: Fri, 03 Feb 2023 09:02:45 GMT
Connection: keep-alive
|
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Server: nginx
Content-Length: 503
ETag: "EB0CE9AE50D156FE5924B2D77346735E4E93B5240CFF301C9AA835BB0B385815"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10008
Expires: Fri, 03 Feb 2023 11:49:33 GMT
Date: Fri, 03 Feb 2023 09:02:45 GMT
Connection: keep-alive
|
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Server: nginx
Content-Length: 503
ETag: "DE0E45969A2AD95E52F7E2FBD0D021D9075DD7B14666C929346EFE111F648F7C"
Last-Modified: Thu, 02 Feb 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2484
Expires: Fri, 03 Feb 2023 09:44:09 GMT
Date: Fri, 03 Feb 2023 09:02:45 GMT
Connection: keep-alive
|
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
|
search
 35.241.9.150
HTTP/2 200 OK
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Alert, Retry-After, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 03 Feb 2023 08:36:10 GMT
age: 1595
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
|
search
34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
x-amz-id-2: YhtQB2VSEmuGCzr+h1l4QSL7YPLP13BCng8FyjI9mPimBZErpCojgE0jTdM2s12GW/qf15G/Gn8=
x-amz-request-id: JWNSYST5Z185266N
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 03 Feb 2023 08:52:20 GMT
age: 625
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
|
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
|
search
34.117.237.239
HTTP/2 200 OK
content-type: application/json
server: nginx
date: Fri, 03 Feb 2023 09:02:45 GMT
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
|
search
35.241.9.150
HTTP/2 200 OK
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Expires, Content-Type, ETag, Last-Modified, Alert, Retry-After, Content-Length, Cache-Control, Pragma, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 03 Feb 2023 08:07:19 GMT
age: 3326
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Server: nginx
Content-Length: 503
ETag: "6A9838D00256431807CA382FC205064B07C08D5054F2895C2AE3CC4E9094179A"
Last-Modified: Wed, 01 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9537
Expires: Fri, 03 Feb 2023 11:41:42 GMT
Date: Fri, 03 Feb 2023 09:02:45 GMT
Connection: keep-alive
|
GET /ajax/libs/jquery/1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://alamat-drive.blogspot.com/
|
search
142.250.74.138
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="hosted-libraries-pushers"
Report-To: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Timing-Allow-Origin: *
Content-Length: 33434
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Thu, 02 Feb 2023 04:03:06 GMT
Expires: Fri, 02 Feb 2024 04:03:06 GMT
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
Age: 104379
|
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 09:02:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
GET /static/v1/widgets/55013136-widget_css_bundle.css HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://alamat-drive.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
|
search
216.58.211.9
HTTP/2 200 OK
content-type: text/css
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 6620
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 Feb 2023 03:28:44 GMT
expires: Fri, 02 Feb 2024 03:28:44 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 01 Feb 2023 15:52:00 GMT
age: 106442
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 09:02:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
 93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Accept-Ranges: bytes
Age: 4466
Cache-Control: max-age=133578
Date: Fri, 03 Feb 2023 09:02:46 GMT
Etag: "63dc230e-116"
Expires: Sat, 04 Feb 2023 22:09:04 GMT
Last-Modified: Thu, 02 Feb 2023 20:54:38 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 278
|
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 09:02:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 09:02:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 09:02:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
GET /js/platform.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://alamat-drive.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
|
search
172.217.21.174
HTTP/2 200 OK
content-type: text/javascript
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 20950
date: Fri, 03 Feb 2023 09:02:46 GMT
expires: Fri, 03 Feb 2023 09:02:46 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "03884666a30c671f"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 09:02:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
GET /-QxycppZyufI/V02pJ14NRYI/AAAAAAAACJM/BEifC23CiKQUi-zC_MNcwJoTaNUm0bczQCLcB/s72-c/three%2B3.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://alamat-drive.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
|
search
142.250.74.161
HTTP/2 200 OK
content-type: image/jpeg
access-control-expose-headers: Content-Length
etag: "v894"
expires: Sat, 04 Feb 2023 09:02:46 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="three 3.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Fri, 03 Feb 2023 09:02:46 GMT
server: fife
content-length: 2052
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
--- Additional Info ---
Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Size: 2052
Md5: cc9b9bb7e53d004e1208926436462bf8
Sha1: bd09e13834195a9036d56ebde837a8cdc8c65b75
Sha256: 1a49a120c27a2796fed536c65d4edc7be3b6004a205682c2af91bcdfc1a95b5f
|
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 09:02:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
GET /js/plusone.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://alamat-drive.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
|
search
172.217.21.174
HTTP/2 200 OK
content-type: text/javascript
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 20950
date: Fri, 03 Feb 2023 09:02:46 GMT
expires: Fri, 03 Feb 2023 09:02:46 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "9dea963ca1c75dde"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
GET /search/label/serum%20khusus%20kolibri%27%3Eserum?m=1 HTTP/1.1
Host: alamat-drive.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
|
search
216.58.207.193
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Expires: Fri, 03 Feb 2023 09:02:45 GMT
Date: Fri, 03 Feb 2023 09:02:45 GMT
Cache-Control: private, max-age=0
Last-Modified: Mon, 28 Nov 2022 10:16:23 GMT
ETag: W/"149b7e528fd6aa5f55d375df49e44dd5374d0acef3a48f2738a360fc8a56a4d1"
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 57837
Server: GSE
--- Additional Info ---
Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (11510)
Size: 57837
Md5: 9495b8e7e1f6660a0391b715ad20ad35
Sha1: 09cf218b4a8cdbfcf678e65087ccd5e6c755b462
Sha256: c213598aff63adb8967a8b008b68211cc3215cd99730e32818ad47365d112f1b
Alerts:
IDS:
- ET HUNTING [TW] Likely Javascript-Obfuscator Usage Observed M1
- ET HUNTING [TW] Likely Javascript-Obfuscator Usage Observed M2
- ET HUNTING [TW] Likely Javascript-Obfuscator Usage Observed M3
|
GET /-L1lJtH7jSKE/U3xLtPYDv8I/AAAAAAAAAnw/mpUb-8tQ0z8/s1600/Sprite.png HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://alamat-drive.blogspot.com/
|
search
142.250.74.161
HTTP/1.1 200 OK
Content-Type: image/png
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="Sprite.png"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 7684
X-XSS-Protection: 0
Date: Fri, 03 Feb 2023 05:52:59 GMT
Expires: Mon, 30 Jan 2023 10:39:33 GMT
Cache-Control: public, max-age=86400, no-transform
Age: 11387
ETag: "v27d"
|
GET /_/scs/abc-static/_/js/k=gapi.lb.en.AMZ27oQJoUI.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9dsXwz2g0gTMdQFEKa7ZoVvtQf4g/cb=gapi.loaded_0?le=scs HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://alamat-drive.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
|
search
172.217.21.174
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 60741
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 Feb 2023 02:19:07 GMT
expires: Fri, 02 Feb 2024 02:19:07 GMT
cache-control: public, max-age=31536000
age: 110619
last-modified: Sat, 07 Jan 2023 15:19:07 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Accept-Ranges: bytes
Age: 4466
Cache-Control: max-age=133578
Date: Fri, 03 Feb 2023 09:02:46 GMT
Etag: "63dc230e-116"
Expires: Sat, 04 Feb 2023 22:09:04 GMT
Last-Modified: Thu, 02 Feb 2023 20:54:38 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 278
|
GET /static/fonts/oswald/v8/-g5pDUSRgvxvOl5u-a_WHw.woff HTTP/1.1
Host: themes.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://alamat-drive.blogspot.com
Connection: keep-alive
Referer: http://alamat-drive.blogspot.com/
|
search
142.250.74.97
HTTP/1.1 200 OK
Content-Type: font/woff
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="static-on-bigtable"
Report-To: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
Timing-Allow-Origin: *
Content-Length: 21520
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Fri, 03 Feb 2023 03:56:38 GMT
Expires: Sat, 03 Feb 2024 03:56:38 GMT
Cache-Control: public, max-age=31536000
Age: 18368
Last-Modified: Tue, 22 Oct 2019 18:15:00 GMT
|
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 09:02:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
GET /-ifgZkuwnPnE/U33PmO8aLpI/AAAAAAAAAoY/CXnILaXEP88/s1600/btp.png HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://alamat-drive.blogspot.com/
|
search
142.250.74.161
HTTP/1.1 200 OK
Content-Type: image/png
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="btp.png"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 304
X-XSS-Protection: 0
Date: Fri, 03 Feb 2023 05:53:00 GMT
Expires: Tue, 31 Jan 2023 08:10:45 GMT
Cache-Control: public, max-age=86400, no-transform
Age: 11386
ETag: "v287"
|
GET /i/3808?c=609722 HTTP/1.1
Host: ads.pipaffiliates.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://alamat-drive.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
|
search
104.110.30.116
HTTP/2 307 Temporary Redirect
cache-control: no-cache, no-store, must-revalidate
location: https://ads.pipaffiliates.com/m/3808
content-security-policy: default-src 'self' *.xm.com data: 'unsafe-inline' 'unsafe-eval' *.akamaihd.net *.hotjar.com *.google-analytics.com *.hotjar.io wss://*.hotjar.com bam.nr-data.net bam.eu01.nr-data.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.akamaihd.net *.googletagmanager.com *.google-analytics.com *.hotjar.com *.newrelic.com bam.nr-data.net bam.eu01.nr-data.net; img-src * data:; media-src * data:; frame-src youtube.com www.youtube.com videos.sproutvideo.com;
x-content-type-options: nosniff
content-length: 0
date: Fri, 03 Feb 2023 09:02:46 GMT
set-cookie: JSESSIONID=YDEkfC5-Qh_vbZZVoS1q1mXNrD1px6_uvisv_NRf.823502-affsrv2; path=/Tracking
server-timing: cdn-cache; desc=MISS, edge; dur=47, origin; dur=12
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
|
GET /js/cookienotice.js HTTP/1.1
Host: alamat-drive.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://alamat-drive.blogspot.com/search/label/serum%20khusus%20kolibri%27%3Eserum?m=1
|
search
216.58.207.193
HTTP/1.1 200 OK
Content-Type: text/javascript
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 2026
Date: Fri, 03 Feb 2023 09:02:46 GMT
Expires: Fri, 10 Feb 2023 09:02:46 GMT
Cache-Control: public, max-age=604800
Last-Modified: Fri, 03 Feb 2023 07:50:20 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
|
GET /pagead/js/google_top_exp.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://alamat-drive.blogspot.com/
|
search
142.250.74.162
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: cafe
Content-Length: 67
X-XSS-Protection: 0
Date: Thu, 02 Feb 2023 09:56:41 GMT
Expires: Thu, 16 Feb 2023 09:56:41 GMT
Cache-Control: public, max-age=1209600
Age: 83165
ETag: 13036835877489095579
|
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 09:02:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: V1Uv+7akpxhngL9H1VxV8g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
|
search
52.88.113.219
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: laht81nwy8qoqNepeA+zYKUPVT8=
|
GET /-7dpkXK0jZCU/VwZxLaxT5aI/AAAAAAAAB9E/YIUghE3BfbwRSDonSi7TH0s63SkHEyw5w/s72-c/bluebird.jpg HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://alamat-drive.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
|
search
142.250.74.161
HTTP/2 200 OK
content-type: image/jpeg
access-control-expose-headers: Content-Length
etag: "v7d3"
expires: Sat, 04 Feb 2023 09:02:46 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="bluebird.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Fri, 03 Feb 2023 09:02:46 GMT
server: fife
content-length: 3868
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
--- Additional Info ---
Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Size: 3868
Md5: 864a73baa57867bc678ddace6824da75
Sha1: f05b0608552d459983cbaa8781d71b5690e1728f
Sha256: 7d75d93b02df728be0a921ce1cb49244f69e3c0af6041c9300190a83d0e42a56
|
GET /-Q5FzNMMy58s/V1BQ0O1PsZI/AAAAAAAACJs/v4t2ic1fBG4l85ngLyj6u1v-1XlFExF3gCLcB/s72-c/air%2Basia.png HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://alamat-drive.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
|
search
142.250.74.161
HTTP/2 200 OK
content-type: image/png
access-control-expose-headers: Content-Length
etag: "v89c"
expires: Sat, 04 Feb 2023 09:02:46 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="air asia.png"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Fri, 03 Feb 2023 09:02:46 GMT
server: fife
content-length: 4699
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
GET /-F6_WjPRYq8I/V1mM30uVp5I/AAAAAAAACMI/mLmCvI-Ob6YWCdpbMbkvkQg-MeAEKg9PwCLcB/s72-c/smartfreen.jpg HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://alamat-drive.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
|
search
142.250.74.161
HTTP/2 200 OK
content-type: image/jpeg
access-control-expose-headers: Content-Length
etag: "v8c4"
expires: Sat, 04 Feb 2023 09:02:46 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="smartfreen.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Fri, 03 Feb 2023 09:02:46 GMT
server: fife
content-length: 2788
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
--- Additional Info ---
Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Size: 2788
Md5: 711b3ed1d3e47632bfd8240f0c2d021f
Sha1: b1b3d319e0ef467865dfe6dba55171e15bf2c053
Sha256: b6206be7982d82a8bb0831cdb752e702f4d73ea81adaa35c0f41bec2ae1c24a7
|
GET /-7aIzInw3O4I/V0cJQGVnWtI/AAAAAAAACIM/1WljRrxHy-QqalvSZli-CS4lfbGbY2Z0ACLcB/s72-c/samsung.jpg HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://alamat-drive.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
|
search
142.250.74.161
HTTP/2 200 OK
content-type: image/jpeg
access-control-expose-headers: Content-Length
etag: "v884"
expires: Sat, 04 Feb 2023 09:02:46 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="samsung.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Fri, 03 Feb 2023 09:02:46 GMT
server: fife
content-length: 2880
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
--- Additional Info ---
Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Size: 2880
Md5: 8eb22cff8d224eac532ec849f1f14865
Sha1: cc18265cbd8909390ffb9973b0564a2d4cd84ba0
Sha256: 6c54405f50fc297338d0b807fe7679a5aaa306f0cbde4391164a7460843388d4
|
GET /-NZVLPB6OkTI/V0hvASehr3I/AAAAAAAACIo/cXdhGHWou5Ubdbrz83cXIVRrgOEgrdjfwCLcB/s72-c/lazada%2Bindonesia.png HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://alamat-drive.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
|
search
142.250.74.161
HTTP/2 200 OK
content-type: image/png
access-control-expose-headers: Content-Length
etag: "v88b"
expires: Sat, 04 Feb 2023 09:02:46 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="lazada indonesia.png"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Fri, 03 Feb 2023 09:02:46 GMT
server: fife
content-length: 3735
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
GET /-m8Pf65D_0dE/VxgKgoLmJBI/AAAAAAAAB-Y/nj4L5Oy9udM0i6dRtxsPobpsenc_zoEhwCLcB/s72-c/jetexpress.jpg HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://alamat-drive.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
|
search
142.250.74.161
HTTP/2 200 OK
content-type: image/jpeg
access-control-expose-headers: Content-Length
etag: "v7e7"
expires: Sat, 04 Feb 2023 09:02:46 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="jetexpress.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Fri, 03 Feb 2023 09:02:46 GMT
server: fife
content-length: 3298
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
--- Additional Info ---
Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Size: 3298
Md5: d3698aec3adc63959fd5e04586626d9b
Sha1: 3e28ee84e9576a847bf33b83b723d75b91306f69
Sha256: 569f895c4a758a5d113ff49f99d9889f25e8cde5f34e4109249b5ac3c8b63931
|
GET /-wip5StI7YcY/V1pbHwMtREI/AAAAAAAACMY/WYdjBoV6WvU14rm9Ke8wMeShMSvXD49fgCLcB/s72-c/pln.png HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://alamat-drive.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
|
search
142.250.74.161
HTTP/2 200 OK
content-type: image/png
access-control-expose-headers: Content-Length
etag: "v8c8"
expires: Sat, 04 Feb 2023 09:02:46 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="pln.png"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Fri, 03 Feb 2023 09:02:46 GMT
server: fife
content-length: 3712
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
GET /-IDmCZW1yzF4/V1rHCocWHYI/AAAAAAAACMo/ANpnjwiF5YYc--PsS7yiadI7ms8bg-RPgCLcB/s72-c/olx%2Bindonesia.png HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://alamat-drive.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
|
search
142.250.74.161
HTTP/2 200 OK
content-type: image/png
access-control-expose-headers: Content-Length
etag: "v8cc"
expires: Sat, 04 Feb 2023 09:02:46 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="olx indonesia.png"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Fri, 03 Feb 2023 09:02:46 GMT
server: fife
content-length: 4642
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
GET /dyn-css/authorization.css?targetBlogID=6050903848516147385&zx=bcbe7828-fbed-46a8-8ff5-0f54a90ccb91 HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://alamat-drive.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
|
search
216.58.211.9
HTTP/2 200 OK
content-type: text/css; charset=UTF-8
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 03 Feb 2023 09:02:46 GMT
last-modified: Fri, 03 Feb 2023 09:02:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-length: 21
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
GET /feeds/posts/summary/-/serum%20khusus%20kolibri%27%3Eserum?alt=json-in-script&callback=pageNavi&max-results=99999 HTTP/1.1
Host: alamat-drive.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://alamat-drive.blogspot.com/search/label/serum%20khusus%20kolibri%27%3Eserum?m=1
|
search
216.58.207.193
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
Cross-Origin-Resource-Policy: cross-origin
ETag: W/"4945bd09f0e723398a5c2715f13bf4aa2f2753d5e6c5d9c1c8e1bcf578a8f401"
Date: Fri, 03 Feb 2023 09:02:46 GMT
Server: blogger-renderd
Expires: Fri, 03 Feb 2023 09:02:47 GMT
Cache-Control: public, must-revalidate, proxy-revalidate, max-age=1
X-Content-Type-Options: nosniff
X-XSS-Protection: 0
Last-Modified: Mon, 28 Nov 2022 10:16:23 GMT
Content-Encoding: gzip
Content-Length: 17867
X-Frame-Options: SAMEORIGIN
|
GET /widgets.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://alamat-drive.blogspot.com/
|
search
93.184.220.66
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 3000
Age: 905
Cache-Control: public, max-age=1800
Date: Fri, 03 Feb 2023 09:02:46 GMT
Etag: "9e99725b7a4cd730a934afba2a438bb5+gzip"
Last-Modified: Tue, 24 Jan 2023 21:41:51 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F705)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
x-amzn-internal-status: 304
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 27630
|
GET /en_US/all.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://alamat-drive.blogspot.com/
|
search
 157.240.205.11
HTTP/1.1 301 Moved Permanently
Content-Type: text/plain
Location: https://connect.facebook.net/en_US/all.js
Server: proxygen-bolt
Date: Fri, 03 Feb 2023 09:02:46 GMT
Connection: keep-alive
Content-Length: 0
|
GET /id_ID/all.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://alamat-drive.blogspot.com/
|
search
157.240.205.11
HTTP/1.1 301 Moved Permanently
Content-Type: text/plain
Location: https://connect.facebook.net/id_ID/all.js
Server: proxygen-bolt
Date: Fri, 03 Feb 2023 09:02:46 GMT
Connection: keep-alive
Content-Length: 0
|
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Accept-Ranges: bytes
Age: 6429
Cache-Control: max-age=117194
Date: Fri, 03 Feb 2023 09:02:47 GMT
Etag: "63dbdb64-1d7"
Expires: Sat, 04 Feb 2023 17:36:01 GMT
Last-Modified: Thu, 02 Feb 2023 15:48:52 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471
|
GET /img/logo-16.png HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://alamat-drive.blogspot.com/
|
search
216.58.211.9
HTTP/1.1 200 OK
Content-Type: image/png
Accept-Ranges: bytes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 279
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 01 Feb 2023 23:18:51 GMT
Expires: Wed, 08 Feb 2023 23:18:51 GMT
Cache-Control: public, max-age=604800
Last-Modified: Wed, 01 Feb 2023 18:53:01 GMT
Age: 121436
|
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Accept-Ranges: bytes
Age: 3573
Cache-Control: max-age=114338
Date: Fri, 03 Feb 2023 09:02:47 GMT
Etag: "63dbdb64-1d7"
Expires: Sat, 04 Feb 2023 16:48:25 GMT
Last-Modified: Thu, 02 Feb 2023 15:48:52 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
|
GET /en_US/all.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://alamat-drive.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
|
search
157.240.205.11
HTTP/2 200 OK
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: f61624efcaf466750f15c7f7a3e2666d
etag: "a89672fffd2e52917701ae3bff87c7c7"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Fri, 03 Feb 2023 09:03:22 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
x-frame-options: DENY
origin-agent-cluster: ?0
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: FHfETP2xy/ayhFiEWJvu/Q==
x-fb-debug: QKfySafi2qvwbMX/rbJ5FwDv9iApulKzTIZObox3WIavRIUjPfS3wKvs0lhaXjqWIaRUl19gzt2iAtz1WN8BTw==
content-length: 1686
x-fb-trip-id: 1679558926
date: Fri, 03 Feb 2023 09:02:47 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
GET /id_ID/all.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://alamat-drive.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
|
search
157.240.205.11
HTTP/2 200 OK
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: a35440e2e5952ad145d25ccacb73faaf
etag: "1e8f2518b2b8d79bcfcd9fed8f4ac425"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Fri, 03 Feb 2023 09:06:17 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: riSBoq5AYLEwNWxYpXCciA==
x-fb-debug: 0lg6Su9s4qntKe5riGSQAJJaJlbqTmKvPrNLnLLDVEXqJd6+lV5D8T1ahzr5Csrjlc1lsNfxTlMoH32tRfFm6g==
priority: u=3,i
content-length: 1686
x-fb-trip-id: 1679558926
date: Fri, 03 Feb 2023 09:02:47 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
GET /a/l/alamat-drive.blogspot.com.812082.es6.js HTTP/1.1
Host: jsc.mgid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://alamat-drive.blogspot.com/
Cookie: __cf_bm=hBbtuKi4MsuJh.FlZGJHafp1Qco7sOhA6q2npI69zVM-1675414966-0-AQKr2TnK6f3Vx+T5YazUyBqvS1mbduULIOtWQQosp/FQ33pF48a6L5MB+2Z0itN5PS0o890XZJmLVHBeUkCIf+U=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
|
search
 104.19.134.78
HTTP/2 200 OK
content-type: text/javascript
date: Fri, 03 Feb 2023 09:02:46 GMT
cf-bgj: minify
cf-polished: origSize=273319
etag: W/"5393e5c6625e3412c0355c30403f83db"
last-modified: Wed, 18 Jan 2023 10:09:19 GMT
x-amz-id-2: YFnRaDsFcSkUwYfuS+Nf2sJFYDUHYsA5Eo7wJceL+GAd2AHy0v9syv6yuq2THBrQQ44LuAo0XGY=
x-amz-request-id: WH7AB5140GSZW0CF
x-amz-version-id: _8wAPCYrHyo9b.CKYE7HOj3yiiDLS73b
cf-cache-status: HIT
expires: Fri, 03 Feb 2023 12:02:46 GMT
cache-control: public, max-age=10800
vary: Accept-Encoding
server: cloudflare
cf-ray: 7939fd525ca3b4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Accept-Ranges: bytes
Age: 6429
Cache-Control: max-age=117194
Date: Fri, 03 Feb 2023 09:02:47 GMT
Etag: "63dbdb64-1d7"
Expires: Sat, 04 Feb 2023 17:36:01 GMT
Last-Modified: Thu, 02 Feb 2023 15:48:52 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471
|
GET /favicon.ico HTTP/1.1
Host: alamat-drive.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://alamat-drive.blogspot.com/search/label/serum%20khusus%20kolibri%27%3Eserum?m=1
Cookie: MgidStorage=%7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A1%7D%2C%22C812082%22%3A%7B%22page%22%3A1%7D%7D
|
search
216.58.207.193
HTTP/1.1 200 OK
Content-Type: image/x-icon; charset=UTF-8
Expires: Fri, 03 Feb 2023 09:02:47 GMT
Date: Fri, 03 Feb 2023 09:02:47 GMT
Cache-Control: private, max-age=86400
Last-Modified: Mon, 28 Nov 2022 10:16:23 GMT
ETag: W/"149b7e528fd6aa5f55d375df49e44dd5374d0acef3a48f2738a360fc8a56a4d1"
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 412
Server: GSE
|
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Accept-Ranges: bytes
Age: 4138
Cache-Control: 'max-age=158059'
Date: Fri, 03 Feb 2023 09:02:47 GMT
Last-Modified: Fri, 03 Feb 2023 07:53:49 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 314
|
GET /settings?session_id=c7497eae244897f8a60680ad0c2002c0fd667e39 HTTP/1.1
Host: syndication.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://platform.twitter.com/
Origin: https://platform.twitter.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
|
search
104.244.42.136
HTTP/2 200 OK
content-type: application/json; charset=utf-8
date: Fri, 03 Feb 2023 09:02:47 GMT
perf: 7626143928
vary: Origin
server: tsa_o
cache-control: must-revalidate, max-age=600
last-modified: Fri, 03 Feb 2023 09:02:47 GMT
content-length: 326
content-encoding: gzip
x-transaction-id: 6b825626b0cd1eee
strict-transport-security: max-age=631138519
access-control-allow-origin: https://platform.twitter.com
access-control-allow-credentials: true
x-response-time: 105
x-connection-hash: 05c9693fe5520d3ee24d45d7cfec8ef67543e443d94b94adbf1ac0c6c902993f
X-Firefox-Spdy: h2
|
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Server: nginx
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10293
Expires: Fri, 03 Feb 2023 11:54:20 GMT
Date: Fri, 03 Feb 2023 09:02:47 GMT
Connection: keep-alive
|
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Server: nginx
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10293
Expires: Fri, 03 Feb 2023 11:54:20 GMT
Date: Fri, 03 Feb 2023 09:02:47 GMT
Connection: keep-alive
|
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Server: nginx
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10293
Expires: Fri, 03 Feb 2023 11:54:20 GMT
Date: Fri, 03 Feb 2023 09:02:47 GMT
Connection: keep-alive
|
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Server: nginx
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10293
Expires: Fri, 03 Feb 2023 11:54:20 GMT
Date: Fri, 03 Feb 2023 09:02:47 GMT
Connection: keep-alive
|
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Server: nginx
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10293
Expires: Fri, 03 Feb 2023 11:54:20 GMT
Date: Fri, 03 Feb 2023 09:02:47 GMT
Connection: keep-alive
|
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d1adf44-5bff-4d36-99c4-8dd0dc2e5ac2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
|
search
34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
server: nginx
content-length: 9779
x-amzn-requestid: 101b984b-9c04-4d07-b1fe-3d888f4bcd49
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ftcNRFV_oAMF2_w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dba721-72679ba0378015034e17b8ca;Sampled=0
x-amzn-remapped-date: Thu, 02 Feb 2023 12:05:53 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: p74tt3doRE9DKoD5cpPKriYPFEQhq7f3Xf8vhgNNz7QhZNIvdc6NQQ==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 22:05:18 GMT
age: 39449
etag: "866b76c34076cf2e18c6a071336fcf4f581f3c4d"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15f2ebc9-82b4-4f1b-b0b8-978571cb123b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
|
search
34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
server: nginx
content-length: 9130
x-amzn-requestid: 09ad3fbb-1e71-4455-82df-6e59f65239a1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fuxiYEkqIAMFVZg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dc2fa8-1dca116e4317f9bd14f6d45a;Sampled=0
x-amzn-remapped-date: Thu, 02 Feb 2023 21:48:24 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: _Bc2svrG-wX63DK9RPUyjh-n6AHVHaQe3QRmEL27L-amwCH2I_f_9g==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 22:05:17 GMT
age: 39450
etag: "decf26282993d7f0b14cf4112d14fa39c97fa89f"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
|
search
34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
server: nginx
content-length: 11565
x-amzn-requestid: 1350cdd1-10c2-44e0-993d-2335a082fb91
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fstgNH0moAMF3OA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63db5c67-02211c3d5ca147c718348860;Sampled=0
x-amzn-remapped-date: Thu, 02 Feb 2023 06:47:03 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: t7OYoLCzzQakW2lqiAUaeKA00Beq4J5elQ5qF7yGUb2L7JSNUJCPNA==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 05:40:54 GMT
age: 12113
etag: "a52c2883bad98fa20333aa639a5dd3a5bf544c8e"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6fde7081-1c8d-41df-98c8-c063731c6202.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
|
search
34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
server: nginx
content-length: 3385
x-amzn-requestid: 30717e1a-7a08-4b11-90e7-cd175aa667d9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fuvzrEo4oAMF1qg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dc2ce4-3bc1302b4cf47fa2520e3033;Sampled=0
x-amzn-remapped-date: Thu, 02 Feb 2023 21:36:36 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: AnMRlC-rgJLk6OwzHDFeaGBuDfEuRj_n0S2o1o7QSTZqMwCIr-20-A==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 21:46:35 GMT
age: 40572
etag: "4bdaa7e9e8d6408b73ea457e7aabb26fa2a5c81c"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49d52576-44b1-4baf-92c0-88f267415a19.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
|
search
34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
server: nginx
content-length: 5641
x-amzn-requestid: b53b54b1-3b00-47cf-a25c-e93910c2ebfb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fuvzpHsXoAMFsuw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dc2ce3-0c4fc8154763febb44460ac2;Sampled=0
x-amzn-remapped-date: Thu, 02 Feb 2023 21:36:36 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: x4-BZdG4JGRKCSdKynnuweZfo9l0XZtDB-MiANy7C2Yz1URYMHP4sQ==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 22:28:50 GMT
age: 38037
etag: "4978a4a20836b6f5d863d331bcedad782b7b4ac6"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F524a46fd-88eb-4539-9d8b-1ac679ae5990.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
|
search
34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
server: nginx
content-length: 8211
x-amzn-requestid: 2df5779a-a808-46ec-9246-1a9b9bddd9e9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fmKLVHwroAMF72Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d8bd7b-3cfe97e07d17958836425784;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 07:04:27 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: _VFg0FMYa1Dg55fLpJTwdX2uZXkYjZSFdbdAKqGQu7GF2dPiawKh1g==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 05:59:16 GMT
age: 11011
etag: "541e878afee68c8802bb52b0cbbe5a5a0a185392"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
GET /plugins/like_box.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df172dc380e41e3c%26domain%3Dalamat-drive.blogspot.com%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Falamat-drive.blogspot.com%252Ff2fb103e60ee0a6%26relation%3Dparent.parent&container_width=728&header=false&href=https%3A%2F%2Fwww.facebook.com%2Fstslucu&locale=en_US&sdk=joey&show_border=true&show_faces=true&stream=false&width=292 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://alamat-drive.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
|
search
 31.13.72.36
HTTP/2 200 OK
content-type: text/html; charset="utf-8"
vary: Accept-Encoding
content-encoding: br
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-opener-policy: unsafe-none
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
strict-transport-security: max-age=15552000; preload
x-fb-debug: sQcWZUTNke242VNKos9Rgj1WKJUw/7VeXXL/qxwSPVuoHHmzACinB0vLC1MK0motSyWqY/2DOjS7f7mY73c/Wg==
date: Fri, 03 Feb 2023 09:02:47 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
--- Additional Info ---
|
GET /a/l/alamat-drive.blogspot.com.812082.js HTTP/1.1
Host: jsc.mgid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://alamat-drive.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
|
search
104.19.134.78
HTTP/2 200 OK
content-type: text/javascript
date: Fri, 03 Feb 2023 09:02:46 GMT
cf-bgj: minify
cf-polished: origSize=2679
etag: W/"39cd8e094707c4c8cf5982066ea26b72"
last-modified: Wed, 18 Jan 2023 10:09:19 GMT
x-amz-id-2: PVRMvg5uDOTbPiQS/KdXnP08++oz+LCjETRXpJDq9eUbvmc7DXF15c4k48awPDhL9Rgbu/HzGMY=
x-amz-request-id: 2JYBRT07EVJ3G9QM
x-amz-version-id: 6N_2coo7vpPuFpkloj_nNr_ORhi4PZP7
cf-cache-status: HIT
expires: Fri, 03 Feb 2023 12:02:46 GMT
cache-control: public, max-age=10800
set-cookie: __cf_bm=hBbtuKi4MsuJh.FlZGJHafp1Qco7sOhA6q2npI69zVM-1675414966-0-AQKr2TnK6f3Vx+T5YazUyBqvS1mbduULIOtWQQosp/FQ33pF48a6L5MB+2Z0itN5PS0o890XZJmLVHBeUkCIf+U=; path=/; expires=Fri, 03-Feb-23 09:32:46 GMT; domain=.mgid.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 7939fd51cbccb4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
--- Additional Info ---
|