r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash cdbad2434b7d127a4fc769807a9dc3e7
fa98cd9fc2309ab4423f33f683d17bdb17d76713
560cbbb751ab2884024da3b93fba6bc45c6434797dba72a98c05e7fc2bb94bc1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "560CBBB751AB2884024DA3B93FBA6BC45C6434797DBA72A98C05E7FC2BB94BC1"
Last-Modified: Sat, 26 Nov 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12598
Expires: Sun, 27 Nov 2022 14:27:56 GMT
Date: Sun, 27 Nov 2022 10:57:58 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 15b59d5e62caedb4bec3ba6724906c1e
960f801e608a56fdd11449f4face29f62cad2b21
8c72a45737c2eeddf328b0ed3236f3243551d904e94ec9dd7254972ebfb9229e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4042
Cache-Control: max-age=88832
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 10:57:58 GMT
Etag: "6381eaec-1d7"
Expires: Mon, 28 Nov 2022 11:38:30 GMT
Last-Modified: Sat, 26 Nov 2022 10:31:08 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 71f9c681a82440fd55e76c780a20e55d
3147768cfbcdd06e0c6e69684292e68e99917a80
5ea71ce6dd9e927f9bb3f97f59cc1ac7dc25a949024815965b29bc5835614786
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5EA71CE6DD9E927F9BB3F97F59CC1AC7DC25A949024815965B29BC5835614786"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12425
Expires: Sun, 27 Nov 2022 14:25:03 GMT
Date: Sun, 27 Nov 2022 10:57:58 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 567df7db606cf5d0871aa5bc9311b6da
4263faac7cbab2fcaf6661911dcad5091c06be17
e9650e1fdc46fc8678708ddcc37ab369c7a6d50489a004be896f20c7a3a644b0
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 27 Nov 2022 10:19:21 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2317
alt-svc: clear
X-Firefox-Spdy: h2
www.seputarbansos.my.id/2022/01/surat-edaran-dirjen-gtk.html
142.250.74.179301 Moved Permanently 205 B URL HTTP/1.1 www.seputarbansos.my.id/2022/01/surat-edaran-dirjen-gtk.html
IP 142.250.74.179:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 701444ee914ed388af3a2cc75758fa81
8e2889e18afdf98e15824a19e9fadacf38ccee2c
14629bfc1045b052b697de7ef1541ba76033bc1d1f13c59e5bd7ef2a99d278b7
GET /2022/01/surat-edaran-dirjen-gtk.html HTTP/1.1
Host: www.seputarbansos.my.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Location: https://www.seputarbansos.my.id/2022/01/surat-edaran-dirjen-gtk.html
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Sun, 27 Nov 2022 10:57:58 GMT
Expires: Sun, 27 Nov 2022 10:57:58 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 205
Server: GSE
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: pW5ZsdQFj/1TthcO7tJD2cVK7L+Cg1woCQnUW+h3tzSuNL5sAlN55weUJWTQoKly7hofPEFu2yY=
x-amz-request-id: ZK8MYM4VG51MF55E
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 27 Nov 2022 10:41:36 GMT
age: 982
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 27 Nov 2022 10:57:58 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/r4qmZkxodXM
142.250.74.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/r4qmZkxodXM
IP 142.250.74.3:0
Hash dac8a601fc9a38a650187d386cc4d674
84a3b957a97efcc4cc32fd40ca1358d76f21513c
a4b16e173260f839b2bba2f069440125166517cf0b90b67d4091ffa1b77033d7
POST /s/gts1d4/r4qmZkxodXM HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 10:57:59 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Alert, Content-Type, ETag, Retry-After, Last-Modified, Content-Length, Cache-Control, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 27 Nov 2022 10:08:54 GMT
cache-control: public,max-age=3600
age: 2945
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a6fee11dfe1b88cd768a0ca3e2bd0c89
59cec9a44a4a92467678afe65f347f68641a2174
50870c499aae4d5dfd6df25a36cd04b6d185b66ef0590e46933984bf52e2483f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3543
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 10:57:59 GMT
Last-Modified: Sun, 27 Nov 2022 09:58:56 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 092abbce301f988f8d54d343658c8373
2bb68673250c48763e86bf547d4bc26c4ae7ee87
d76db1d142bf8afa955a2e83d8f9b26769c59d0493a7061144bd31e39837aaae
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6182
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 10:57:59 GMT
Last-Modified: Sun, 27 Nov 2022 09:14:57 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 092abbce301f988f8d54d343658c8373
2bb68673250c48763e86bf547d4bc26c4ae7ee87
d76db1d142bf8afa955a2e83d8f9b26769c59d0493a7061144bd31e39837aaae
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6182
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 10:57:59 GMT
Last-Modified: Sun, 27 Nov 2022 09:14:57 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 278
www.seputarbansos.my.id/2022/01/surat-edaran-dirjen-gtk.html
142.250.74.179200 OK 67 kB URL HTTP/2 www.seputarbansos.my.id/2022/01/surat-edaran-dirjen-gtk.html
IP 142.250.74.179:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (5408)
Hash 4d7f47b4d0b7a52ea6b9abe3444e37de
22f52e9332dbaae5814cb5fcd9fd33e57d8244e1
b608d9b780ed8327ef2eaff97bf58bbef047cb1e6bb7971bc48e737ab0e9d648
GET /2022/01/surat-edaran-dirjen-gtk.html HTTP/1.1
Host: www.seputarbansos.my.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
expires: Sun, 27 Nov 2022 10:57:59 GMT
date: Sun, 27 Nov 2022 10:57:59 GMT
cache-control: private, max-age=0
last-modified: Tue, 22 Nov 2022 15:16:20 GMT
etag: W/"29e904ae26b6f633fd34af371d4cc3d9ec9b9f008a2692c1228903a20e291186"
x-robots-tag: all
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 66726
server: GSE
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 3777052dd051aadd51d7ed0abe02aeb8
ef84205bb29e91e9b0bc1dec2bb1d087937dd74f
5f2c213da2f9b19ecd1a1b8b2eef8c431dad7a587bdb24338741b0848b2228c9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 10:57:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.blogger.com/static/v1/jsbin/3469866930-comment_from_post_iframe.js
142.250.74.105200 OK 6.6 kB URL HTTP/2 www.blogger.com/static/v1/jsbin/3469866930-comment_from_post_iframe.js
IP 142.250.74.105:0
File type ASCII text, with very long lines (1441)
Hash f60e5037324bf7fd2256c16929886f09
aae4b1aea3737e0268e3578dd1d0e7cfe6c6d66b
71846da8d45274b77549b110389ab3dbcb8ce042051b5c39547909c1c343dfde
GET /static/v1/jsbin/3469866930-comment_from_post_iframe.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seputarbansos.my.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 6573
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 22 Nov 2022 18:59:43 GMT
expires: Wed, 22 Nov 2023 18:59:43 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Nov 2022 19:52:12 GMT
content-type: text/javascript
age: 403096
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e9895464b828d538dc654c678c82b181
af5791cd48761cb3f3f979b481c23e1508692823
c93a71d276aa3f386bef66ed2b4d69e041cccc9a4df5024b14d54ce2569948f0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 10:57:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e9895464b828d538dc654c678c82b181
af5791cd48761cb3f3f979b481c23e1508692823
c93a71d276aa3f386bef66ed2b4d69e041cccc9a4df5024b14d54ce2569948f0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 10:57:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.seputarbansos.my.id/js/cookienotice.js
142.250.74.179200 OK 2.0 kB URL HTTP/2 www.seputarbansos.my.id/js/cookienotice.js
IP 142.250.74.179:0
Hash c4e1ed83d89245089b8a1203be20a377
f3940e1215b89300ef97d57a25993f25243b8688
afa801a129ff6fc98533118275db8a7d4a38fc91f8ab55ed4c19b864255e68d2
GET /js/cookienotice.js HTTP/1.1
Host: www.seputarbansos.my.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seputarbansos.my.id/2022/01/surat-edaran-dirjen-gtk.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 2026
date: Sun, 27 Nov 2022 10:57:59 GMT
expires: Sun, 04 Dec 2022 10:57:59 GMT
cache-control: public, max-age=604800
last-modified: Sun, 27 Nov 2022 07:50:56 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
X-Firefox-Spdy: h2
www.blogger.com/static/v1/widgets/2342155703-widgets.js
142.250.74.105200 OK 57 kB URL HTTP/2 www.blogger.com/static/v1/widgets/2342155703-widgets.js
IP 142.250.74.105:0
File type ASCII text, with very long lines (2221)
Hash 1217c8e34acb09c7cea97bae4d386ea1
55ee17703d0a7710943e93913bacb49220d98b4b
c2f23437ab938096bf8b40de8b08c4f27bb880b7ef8588481ec5ccc08b58870b
GET /static/v1/widgets/2342155703-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seputarbansos.my.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 56726
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 21 Nov 2022 16:02:03 GMT
expires: Tue, 21 Nov 2023 16:02:03 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Nov 2022 00:52:59 GMT
content-type: text/javascript
age: 500156
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
push.services.mozilla.com/
54.200.107.47101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.200.107.47:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 8ynoffylqSWVTn1OoL132A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: K/OmChqFZiaFlF1dt78OLWMyRug=
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 88e42375d2172305f819b892225cf877
674324641f82700172e72fe259ee2241361e2ea1
6dce3754a67df878b536c368657a492a1f908d408fe7fe5ba43c5d24c44434b3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 10:57:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15736, version 1.0\012- data
Hash 479970ffb74f2117317f9d24d9e317fe
81c796737cbe44d4a719777f0aff14b73a3efb1e
48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3
GET /s/roboto/v20/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.seputarbansos.my.id
Connection: keep-alive
Referer: https://www.seputarbansos.my.id/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15736
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 18:22:19 GMT
expires: Thu, 23 Nov 2023 18:22:19 GMT
cache-control: public, max-age=31536000
age: 318940
last-modified: Wed, 24 Jul 2019 01:18:36 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 3777052dd051aadd51d7ed0abe02aeb8
ef84205bb29e91e9b0bc1dec2bb1d087937dd74f
5f2c213da2f9b19ecd1a1b8b2eef8c431dad7a587bdb24338741b0848b2228c9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 10:57:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e9895464b828d538dc654c678c82b181
af5791cd48761cb3f3f979b481c23e1508692823
c93a71d276aa3f386bef66ed2b4d69e041cccc9a4df5024b14d54ce2569948f0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 10:57:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 092abbce301f988f8d54d343658c8373
2bb68673250c48763e86bf547d4bc26c4ae7ee87
d76db1d142bf8afa955a2e83d8f9b26769c59d0493a7061144bd31e39837aaae
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6183
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 10:58:00 GMT
Last-Modified: Sun, 27 Nov 2022 09:14:57 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 278
www.seputarbansos.my.id/feeds/posts/summary/-/INFO%20GURU?alt=json-in-script&callback=bacaJuga&max-results=5
142.250.74.179200 OK 11 kB URL HTTP/2 www.seputarbansos.my.id/feeds/posts/summary/-/INFO%20GURU?alt=json-in-script&callback=bacaJuga&max-results=5
IP 142.250.74.179:0
File type Unicode text, UTF-8 text, with very long lines (42242)
Hash ff4329b923edb2750178b7a602fd2dfc
7ca8fd80a215741699b3a8f48e12327e5ce42ed8
1f5f01e78330953ecdb261237673855ca7fdf7ca05d66aa87d6b4579459024db
GET /feeds/posts/summary/-/INFO%20GURU?alt=json-in-script&callback=bacaJuga&max-results=5 HTTP/1.1
Host: www.seputarbansos.my.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seputarbansos.my.id/2022/01/surat-edaran-dirjen-gtk.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
etag: W/"920ec00e24598fbddb74a640a64da8f11b866810e2cf78b8fe9dc9210068f70f"
date: Sun, 27 Nov 2022 10:57:59 GMT
content-type: text/javascript; charset=UTF-8
server: blogger-renderd
expires: Sun, 27 Nov 2022 10:58:00 GMT
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
x-content-type-options: nosniff
x-xss-protection: 0
last-modified: Tue, 22 Nov 2022 15:16:20 GMT
content-encoding: gzip
content-length: 10730
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 359b3c840e45aca7bc335661d3e4774c
fcb4f114ed595a783f7a011caeba6511b9fde8fa
c139fb6925b39d9cededc8ace77d1e74f67b09021bd1ab9071eb3e304090520b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C139FB6925B39D9CEDEDC8ACE77D1E74F67B09021BD1AB9071EB3E304090520B"
Last-Modified: Sun, 27 Nov 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19745
Expires: Sun, 27 Nov 2022 16:27:05 GMT
Date: Sun, 27 Nov 2022 10:58:00 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 88e42375d2172305f819b892225cf877
674324641f82700172e72fe259ee2241361e2ea1
6dce3754a67df878b536c368657a492a1f908d408fe7fe5ba43c5d24c44434b3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 10:58:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 5af61422c4eaa1b995ec63e463abda26
db75634681ed688840773ce828c169ac9da7d131
506791493bb08d458008ad072ac34a26c2170c1e775b83f55f20cd8af97aa895
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 10:58:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/_/apps-fileview/_/ss/k=apps-fileview.v.iO39gPG2z9w.L.F4.O/am=AAg/d=0/rs=AO0039t4qYR9Z3MDrYM6aNh15nWIBW73dA
142.250.74.163200 OK 188 kB URL HTTP/2 www.gstatic.com/_/apps-fileview/_/ss/k=apps-fileview.v.iO39gPG2z9w.L.F4.O/am=AAg/d=0/rs=AO0039t4qYR9Z3MDrYM6aNh15nWIBW73dA
IP 142.250.74.163:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 188 kB (188053 bytes)
Hash f61db8fadb9a7e64b7a1ae40ee82ae05
08b75c1c72e6cbf25a9f63c1ff48a41057d5403b
ee2a7176268520ae2ff070f6fbdb9d42cdf8e82d91314270682e23320f93e44d
GET /_/apps-fileview/_/ss/k=apps-fileview.v.iO39gPG2z9w.L.F4.O/am=AAg/d=0/rs=AO0039t4qYR9Z3MDrYM6aNh15nWIBW73dA HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://drive.google.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-fileview
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-fileview"
report-to: {"group":"apps-fileview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-fileview"}]}
content-length: 188053
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 22 Nov 2022 16:16:30 GMT
expires: Wed, 22 Nov 2023 16:16:30 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 10 Nov 2022 00:16:33 GMT
content-type: text/css; charset=UTF-8
age: 412890
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 5af61422c4eaa1b995ec63e463abda26
db75634681ed688840773ce828c169ac9da7d131
506791493bb08d458008ad072ac34a26c2170c1e775b83f55f20cd8af97aa895
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 10:58:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pl17167731.profitablegatetocontent.com/8d/69/83/8d6983bd520bd6562358368619db233e.js
192.243.59.12200 OK 13 kB URL HTTP/1.1 pl17167731.profitablegatetocontent.com/8d/69/83/8d6983bd520bd6562358368619db233e.js
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with very long lines (37131), with no line terminators
Hash a8d596f7ae537778e6f7146ee542a134
3c8183a159d6dee8e140aa6756b17ba0564cb7d8
c26ed875e681729dbf24e73b94ac03b8b395ae7c90ee7e38b0e0f9a33482e9cf
Analyzer Verdict Alert quad9 Sinkholed
GET /8d/69/83/8d6983bd520bd6562358368619db233e.js HTTP/1.1
Host: pl17167731.profitablegatetocontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seputarbansos.my.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sun, 27 Nov 2022 10:58:00 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: c8e4fcf783d07d6b02e8c470ba8d41d2
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
drive.google.com/file/d/1f___OerPctDOFLEQRUb0-LmSKMjsoYiS/preview
142.250.74.46200 OK 24 kB URL HTTP/2 drive.google.com/file/d/1f___OerPctDOFLEQRUb0-LmSKMjsoYiS/preview
IP 142.250.74.46:0
Hash d84f6cb5d84a827102087528a23bf929
83f771759c2b2013f182c5693f95eab7966e1f6d
f3f79edd99dde278f5cdf5c34a3573595609a489d0ff07a761e7cae2334eba58
GET /file/d/1f___OerPctDOFLEQRUb0-LmSKMjsoYiS/preview HTTP/1.1
Host: drive.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seputarbansos.my.id/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-robots-tag: noindex, nofollow, nosnippet
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 27 Nov 2022 10:58:00 GMT
content-encoding: gzip
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-security-policy: script-src 'report-sample' 'nonce-wCTevzwTgteObV30ya11OA' 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https: http:;object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/viewer/
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: GSE
set-cookie: NID=511=G2XOrhriwtXKzIezoC30TwCehdHXkMHceK8W4QzruWR5gcSNcb9L-OoYJR_2l0GqiRsAeN-UQjGMuBVBuOk9LFmQdUB3gCsakjtHhEkq1z4mx0JhG5ftfimEfF1qZ6GtkLxiVBoUqI2jVBh6OxmQZH50Z2q92_cYZ_0j9Yt1fkk; expires=Mon, 29-May-2023 10:58:00 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 9f6cc8d3fe9092a6d3901e873a87fd87
2e0aac117a4cc57596efb3d6f6624c269f94b031
e73982e62b92abac3d15b161f4525448cc2bc8b9bacefdcbfc6f87b74ec372e4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 10:58:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu
142.250.74.164200 OK 665 B URL HTTP/2 www.google.com/recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu
IP 142.250.74.164:0
File type ASCII text, with very long lines (1034), with no line terminators
Hash 34e37af4d526255a20a2056cd5f4addf
bcac186d6a49539e69a3f67aa08d0188966f5623
51a2c479b272414cb9d7e1ec62edffbad01217068b73d516d33cb8f26a4fc634
GET /recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Sun, 27 Nov 2022 10:58:00 GMT
date: Sun, 27 Nov 2022 10:58:00 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 665
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 4af47334194a0d10c2bfd52f16eb91ac
8ea04d240499dea43f26c738c8428df118dd622d
6741505308b8f473e68a567b74e6cd099b7a624b3711cc0acab45b2add675f74
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=99110
Date: Sun, 27 Nov 2022 10:58:00 GMT
Etag: "63821517-1d7"
Expires: Mon, 28 Nov 2022 14:29:50 GMT
Last-Modified: Sat, 26 Nov 2022 13:31:03 GMT
Server: ECS (dcb/7F5C)
X-Cache: Miss from cloudfront
Via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: U-K_p2wta8je-rDZ-yOfYV27nxqRELJL-GYfzEdWn5-c5avXoaHdtw==
Age: 3527
simplewebanalysis.com/stats
18.185.190.54200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 18.185.190.54:0
File type ASCII text, with no line terminators
Hash 1b5bfa125d925bdb1faf1987e4f827e7
3a6e88d45902fc20ef79cb3f37d19cd8083a2544
58ce6ff4b580b6f547873afd86127ca7206ebaa8d31c054fcfb393923c614067
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.seputarbansos.my.id
Connection: keep-alive
Referer: https://www.seputarbansos.my.id/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 27 Nov 2022 10:58:00 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.seputarbansos.my.id
access-control-allow-credentials: true
set-cookie: uid_id2=fab480c8-dc8f-4b0c-ad12-9a4da37d633e:1:1; expires=Wed, 24 Nov 2032 10:58:00 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16426
Expires: Sun, 27 Nov 2022 15:31:46 GMT
Date: Sun, 27 Nov 2022 10:58:00 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16426
Expires: Sun, 27 Nov 2022 15:31:46 GMT
Date: Sun, 27 Nov 2022 10:58:00 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16426
Expires: Sun, 27 Nov 2022 15:31:46 GMT
Date: Sun, 27 Nov 2022 10:58:00 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16426
Expires: Sun, 27 Nov 2022 15:31:46 GMT
Date: Sun, 27 Nov 2022 10:58:00 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cc0a257323f882caff067adb86d906e4
cedf2f21be7cd366bd46055b62b5513db3011dfc
c16a9296d5e840a468fef7fb2764b9f7d4b3131d7ade2ce4999de1eead5469e0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4803
x-amzn-requestid: 80f7f1c8-0316-4181-83ac-2787b1ae825f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4iFHoIAMF2-g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-2c0a081b07e0785b4350c10c;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: AVwDLlKoy5pc9NNuR_OakMB0ONGAoO-k2AKwV--b2sjiaqYSKAWlZg==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 21:51:37 GMT
age: 47183
etag: "cedf2f21be7cd366bd46055b62b5513db3011dfc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.195200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://drive.google.com/
Origin: https://drive.google.com
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 26 Nov 2022 12:31:58 GMT
expires: Sun, 26 Nov 2023 12:31:58 GMT
cache-control: public, max-age=31536000
age: 80762
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba57ea10-c30b-4188-bb72-b589f3564094.jpeg
34.120.237.76200 OK 8.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba57ea10-c30b-4188-bb72-b589f3564094.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 741ddfb19764ac9a77509e7e87cfbfb2
308c08784ce4a0757cbd112807555b83e17a1d56
e9271a76da94d8b655860c3b00d111396c5d3a227fd2f19e0ef400fd5e84d87e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba57ea10-c30b-4188-bb72-b589f3564094.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8817
x-amzn-requestid: 31bd21c7-1d75-4159-af51-52035da16da4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b-krGE6AIAMF2Kg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637c1b13-32a7b9c6642592c70783a0cf;Sampled=0
x-amzn-remapped-date: Tue, 22 Nov 2022 00:42:59 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 6v42KU65wdKKPvjE7TRA3Li3o2dvrdPH7oGVDZGPPsAepqFFjQJkkA==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 16:15:20 GMT
age: 67360
etag: "308c08784ce4a0757cbd112807555b83e17a1d56"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6188ef1b-7a47-4903-9867-0e57b53def62.jpeg
34.120.237.76200 OK 5.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6188ef1b-7a47-4903-9867-0e57b53def62.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 116eb5028a206e55f758f3e34887c87e
10577d9fc19028a0e0303634ec16ad8b2d41fa7a
d5d0f5518f8346e78f00a57632efe36f3363cabfa9abb30b7bea60261b29910b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6188ef1b-7a47-4903-9867-0e57b53def62.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5103
x-amzn-requestid: 203eadee-9375-4290-ae0a-dd48e83df697
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cFGzTE90oAMFTyA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637eb814-2c32253b155d5dd0283fdd07;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 00:17:24 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: NQEJS9-L2M6WJ5nqH7C7MqIv96GDNUexqw60hbX_3z8wxv8bp0ARwQ==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 17:52:17 GMT
age: 61543
etag: "10577d9fc19028a0e0303634ec16ad8b2d41fa7a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdee4f5d4-5a5e-4a39-9681-50795cecc0f4.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdee4f5d4-5a5e-4a39-9681-50795cecc0f4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2cd887044e91d7ed0f1a8d7119ff7dd0
ae8aa4ce6ddaccba771fe65446926b60fc5628da
bad283c15531000b7a8c126d442154b64a880cc26196a46cbd2e6266a526db67
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdee4f5d4-5a5e-4a39-9681-50795cecc0f4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10199
x-amzn-requestid: baee3bbe-7ded-425a-ae39-fccfc8169217
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4iF1VIAMF09g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-5522727b2f09b27e63b23270;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: CXOqm7bjsSV0aJBTkTI7LsMovjgPeISPt3sZotEc7CjZnUL_y4_OoQ==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 21:51:41 GMT
age: 47179
etag: "ae8aa4ce6ddaccba771fe65446926b60fc5628da"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F297e7532-86f8-4631-9062-cdd6a291b40b.jpeg
34.120.237.76200 OK 5.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F297e7532-86f8-4631-9062-cdd6a291b40b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 433875a1b1fef34e45f2d8ac344c07e3
f2129466436cbbdd58abe42a47fb7af19eba58e6
ab1e7b46f3804640c7dd94d70c8c31ec2dfc3e2f0f015a8556d04d9d9089c450
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F297e7532-86f8-4631-9062-cdd6a291b40b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5099
x-amzn-requestid: 57648043-7820-453d-9549-0f743b6c2557
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4jFBvoAMFl1w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-53b59d607b82c264180f469d;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: VsdLWuh4rCawI5V0YYGaHxEMl2YEVNgsbjfCwzDsrnCZhRK2FkCkVw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 21:51:41 GMT
age: 47179
etag: "f2129466436cbbdd58abe42a47fb7af19eba58e6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fde03fed4-26de-4471-bc0e-a0c0483636ce.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fde03fed4-26de-4471-bc0e-a0c0483636ce.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6ee5071a31d351c552aa651e40b16189
6fca9136030ea6f67be44e428ea39c34ff3e28e7
8d52f14267b8bd47119954796ff6c5d54eb6aa5d23c6e8bbd246108a5b89c1d9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fde03fed4-26de-4471-bc0e-a0c0483636ce.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8254
x-amzn-requestid: e12624ea-58c6-4f39-826c-8a1d87ebc5ba
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cFySQGegIAMF-HA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637efda7-2c5e216a0d8a1502615186a8;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 05:14:15 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 0Ylris3tg94-66p8L5kYl2zgnVZ4mCc04ju96DslaB97Dfr-6nTyfA==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 21:52:26 GMT
age: 47134
etag: "6fca9136030ea6f67be44e428ea39c34ff3e28e7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
s-img.mgid.com/g/3948447/492x277/12x0x689x387/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzFhMWZkNjRlODJhMDRhOGY0NzQ5MjQ3ZjZjMjI5NGE2LmpwZw.webp?v=1669546680-tsVxkPbvuOlOTBZfDiqsBmSlV3Qr4B5C7qHZfuHsyVc
104.19.135.78200 OK 15 kB URL HTTP/2 s-img.mgid.com/g/3948447/492x277/12x0x689x387/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzFhMWZkNjRlODJhMDRhOGY0NzQ5MjQ3ZjZjMjI5NGE2LmpwZw.webp?v=1669546680-tsVxkPbvuOlOTBZfDiqsBmSlV3Qr4B5C7qHZfuHsyVc
IP 104.19.135.78:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 492x277, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 1c51988dcf18de1e2c14be556882325a
0d9128c25f094119b9882f45dc916463c94d9e99
8435935aeed0198312d1731605f4eab99a44a04ac1bac98c20e3a3ba95492a3e
GET /g/3948447/492x277/12x0x689x387/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzFhMWZkNjRlODJhMDRhOGY0NzQ5MjQ3ZjZjMjI5NGE2LmpwZw.webp?v=1669546680-tsVxkPbvuOlOTBZfDiqsBmSlV3Qr4B5C7qHZfuHsyVc HTTP/1.1
Host: s-img.mgid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.seputarbansos.my.id
Connection: keep-alive
Referer: https://www.seputarbansos.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 10:58:01 GMT
content-type: image/webp
content-length: 14572
x-mg-request-uuid: 8d60549f-d62f-4f39-9c77-f9238a3406b9
access-control-allow-origin: *
last-modified: Tue, 09 Aug 2022 23:59:02 GMT
cache-control: immutable, max-age=31536000
cf-cache-status: HIT
age: 2810915
accept-ranges: bytes
set-cookie: __cf_bm=PIMR9UGs3E0LBUI3pynKACshkT5K2cG43vdx1KyQRWg-1669546681-0-AUjX/oRxsCJv6VO85Wr+OOWxJMW/8yR6W0lUtJb2A6kK7hstdH1Vh923gWdTAbkOw7U3YMFQ3yVgH3fSdSEIORY=; path=/; expires=Sun, 27-Nov-22 11:28:01 GMT; domain=.mgid.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 770a58a46c440afe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d08d079d04458028065ddfa315e8ca41
146b9eb370f649d3a230226ab373e05f39fd80af
c108c7e6ef9d790abca48344401f4b5a2204fe16287908f48a865181f711f000
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "C108C7E6EF9D790ABCA48344401F4B5A2204FE16287908F48A865181F711F000"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2402
Expires: Sun, 27 Nov 2022 11:38:03 GMT
Date: Sun, 27 Nov 2022 10:58:01 GMT
Connection: keep-alive
s-img.mgid.com/g/13268950/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wNi8xMDE5MjQvZTYyNjFlYTQyMDA2ZjQ4N2IzMWZmMjIxNjE5ZTA1MTguanBlZw.webp?v=1669546680-vdqINsZNILWg__-us35UyPsv9T--fS-pU91_pG23fMI
104.19.135.78200 OK 8.8 kB URL HTTP/2 s-img.mgid.com/g/13268950/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wNi8xMDE5MjQvZTYyNjFlYTQyMDA2ZjQ4N2IzMWZmMjIxNjE5ZTA1MTguanBlZw.webp?v=1669546680-vdqINsZNILWg__-us35UyPsv9T--fS-pU91_pG23fMI
IP 104.19.135.78:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 492x277, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash d5e5b3cdbcca12f063886be9269bbd09
882a11cea9b46eda2cc284ce7c557ac347b1fecf
c9f45b9ee7ff2305afd615920ca15d8ce020b20b827037a9952a67218674085f
GET /g/13268950/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wNi8xMDE5MjQvZTYyNjFlYTQyMDA2ZjQ4N2IzMWZmMjIxNjE5ZTA1MTguanBlZw.webp?v=1669546680-vdqINsZNILWg__-us35UyPsv9T--fS-pU91_pG23fMI HTTP/1.1
Host: s-img.mgid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.seputarbansos.my.id
Connection: keep-alive
Referer: https://www.seputarbansos.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 27 Nov 2022 10:58:01 GMT
content-type: image/webp
content-length: 8842
x-mg-request-uuid: 3ed569a9-a292-44c5-b436-fdebb4796149
access-control-allow-origin: *
last-modified: Thu, 16 Jun 2022 11:45:49 GMT
cache-control: immutable, max-age=31536000
cf-cache-status: HIT
age: 2810919
accept-ranges: bytes
set-cookie: __cf_bm=Qs4kRb9dCghfJePBni0GK5Z8nvpb3oUE60bkSD9Mov0-1669546681-0-ATm89vgYytHZVPXiGNs1sf06C5gXfRHPcsnj+V3hSTeZaa9g+C1WB6V07vPLotIPTVTB44Dt09yJURJML46vLPg=; path=/; expires=Sun, 27-Nov-22 11:28:01 GMT; domain=.mgid.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 770a58a46c430afe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.seputarbansos.my.id/feeds/posts/summary/-/INFO%20GURU?alt=json-in-script&orderby=updated&max-results=0&callback=msRandomIndex
142.250.74.179200 OK 8.0 kB URL HTTP/2 www.seputarbansos.my.id/feeds/posts/summary/-/INFO%20GURU?alt=json-in-script&orderby=updated&max-results=0&callback=msRandomIndex
IP 142.250.74.179:0
File type Unicode text, UTF-8 text, with very long lines (30541)
Hash 131be15b08edd3545967ae92e0aac7de
a6e5a97a908f3aff5ce80f042463fa5cc9f51530
edf5dfb3e2dba8a588e27d8e74e769b4c4e3e7754dd07f3f82872ad03e38c764
GET /feeds/posts/summary/-/INFO%20GURU?alt=json-in-script&orderby=updated&max-results=0&callback=msRandomIndex HTTP/1.1
Host: www.seputarbansos.my.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seputarbansos.my.id/2022/01/surat-edaran-dirjen-gtk.html
Cookie: MgidStorage=%7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A2%7D%2C%22C1241665%22%3A%7B%22page%22%3A1%7D%2C%22C1246508%22%3A%7B%22page%22%3A1%7D%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
etag: W/"384e9b6626a2932030ddf3dfcc573aca6c85804dc5fa28f06be943d358c716c5"
date: Sun, 27 Nov 2022 10:58:00 GMT
content-type: text/javascript; charset=UTF-8
server: blogger-renderd
expires: Sun, 27 Nov 2022 10:58:01 GMT
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
x-content-type-options: nosniff
x-xss-protection: 0
last-modified: Tue, 22 Nov 2022 15:16:20 GMT
content-encoding: gzip
content-length: 8049
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
play.google.com/log?format=json&hasfast=true&authuser=0
142.250.74.110200 OK 0 B URL HTTP/2 play.google.com/log?format=json&hasfast=true&authuser=0
IP 142.250.74.110:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Referer: https://www.blogger.com/
Origin: https://www.blogger.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.blogger.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Sun, 27 Nov 2022 10:58:01 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: CONSENT=PENDING+947; expires=Tue, 26-Nov-2024 10:58:01 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 27 Nov 2022 10:58:01 GMT
cache-control: private
X-Firefox-Spdy: h2
play.google.com/log?format=json&hasfast=true&authuser=0
142.250.74.110200 OK 131 B URL HTTP/2 play.google.com/log?format=json&hasfast=true&authuser=0
IP 142.250.74.110:0
File type JSON data\012- , ASCII text, with no line terminators
Hash babb6f090aeebc6f421624475b4aefff
06079b7547949822c118224e51604f4c5ebf80c8
b2fe8b91f31edc7284cc9690e90dd4a38d985598374df68967d917590beb55dd
POST /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
X-Goog-AuthUser: 0
Content-Type: application/x-www-form-urlencoded;charset=utf-8
Content-Length: 2975
Origin: https://www.blogger.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.blogger.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web
content-type: text/plain; charset=UTF-8
content-encoding: gzip
date: Sun, 27 Nov 2022 10:58:01 GMT
server: Playlog
cache-control: private
content-length: 131
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: CONSENT=PENDING+231; expires=Tue, 26-Nov-2024 10:58:01 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 27 Nov 2022 10:58:01 GMT
X-Firefox-Spdy: h2
s-img.mgid.com/g/3805541/492x277/0x0x492x277/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDUtMjQvMTAxOTI0LzVjOTFlMDQ1NWNmOGEzMDJjOTA2N2Q2Y2ZmODJkNTg2LmpwZw.webp?v=1669546680-c-B-YFP3Av-rsP_Ul9u8p1iLO-D3dBRAM0RdMYDjNM0
104.19.135.78200 OK 15 kB URL HTTP/2 s-img.mgid.com/g/3805541/492x277/0x0x492x277/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDUtMjQvMTAxOTI0LzVjOTFlMDQ1NWNmOGEzMDJjOTA2N2Q2Y2ZmODJkNTg2LmpwZw.webp?v=1669546680-c-B-YFP3Av-rsP_Ul9u8p1iLO-D3dBRAM0RdMYDjNM0
IP 104.19.135.78:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 492x277, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash b326faa3fecb33e1bcc4866cd1251287
3490833b823ab1f2bb977c16dd166fb4edb76cf2
17b9557fc9c30b42b3501beabe2262844786cbb90bf4dbbe73bc59dca17b153f
GET /g/3805541/492x277/0x0x492x277/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDUtMjQvMTAxOTI0LzVjOTFlMDQ1NWNmOGEzMDJjOTA2N2Q2Y2ZmODJkNTg2LmpwZw.webp?v=1669546680-c-B-YFP3Av-rsP_Ul9u8p1iLO-D3dBRAM0RdMYDjNM0 HTTP/1.1
Host: s-img.mgid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.seputarbansos.my.id
Connection: keep-alive
Referer: https://www.seputarbansos.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 10:58:01 GMT
content-type: image/webp
content-length: 15326
x-mg-request-uuid: 07144748-6acf-4496-af14-1298d11f24a8
access-control-allow-origin: *
last-modified: Wed, 10 Aug 2022 05:13:12 GMT
cache-control: immutable, max-age=31536000
cf-cache-status: HIT
age: 2810897
accept-ranges: bytes
set-cookie: __cf_bm=iwv0.uxfnwd4roh0n4736UoUj2l_wRm1.9D3AQuDYYg-1669546681-0-AayHGPgJ/mFJR4T7Mgiq8ET8OvNEEM+VDP2eTAhoq0LwYeUhOMgj8FqCR1bly8E8TpsHJ6iTFry2nY9qxr/ZuK0=; path=/; expires=Sun, 27-Nov-22 11:28:01 GMT; domain=.mgid.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 770a58a4cc9a0afe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
s-img.mgid.com/g/14649817/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wOS8xMDE5MjQvYWM1NWVjZDU0NDlhM2I2ZWNlNTI5Zjc2NDdiZjk5M2QuanBlZw.webp?v=1669546680-Y37cZc41vSwm6g6Cqp7rFdrPgyOrKtaoWTvsuj3UzI4
104.19.135.78200 OK 22 kB URL HTTP/2 s-img.mgid.com/g/14649817/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wOS8xMDE5MjQvYWM1NWVjZDU0NDlhM2I2ZWNlNTI5Zjc2NDdiZjk5M2QuanBlZw.webp?v=1669546680-Y37cZc41vSwm6g6Cqp7rFdrPgyOrKtaoWTvsuj3UzI4
IP 104.19.135.78:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 492x277, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 7b8a3c965391afb81a0f8a575d701ad5
e88c95dd38a32def3f45d64e63887e02ac39837a
c549403b5eaf8ff63d07e0ef22be88346816c7b49310efff2e09158b49b266ce
GET /g/14649817/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wOS8xMDE5MjQvYWM1NWVjZDU0NDlhM2I2ZWNlNTI5Zjc2NDdiZjk5M2QuanBlZw.webp?v=1669546680-Y37cZc41vSwm6g6Cqp7rFdrPgyOrKtaoWTvsuj3UzI4 HTTP/1.1
Host: s-img.mgid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.seputarbansos.my.id
Connection: keep-alive
Referer: https://www.seputarbansos.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 10:58:01 GMT
content-type: image/webp
content-length: 22056
x-mg-request-uuid: 1744d1e5-f0ca-42e7-b44c-e37ad4af95aa
access-control-allow-origin: *
last-modified: Wed, 16 Nov 2022 15:36:20 GMT
cache-control: immutable, max-age=31536000
cf-cache-status: HIT
age: 933636
accept-ranges: bytes
set-cookie: __cf_bm=PwVKD0KVSy7zZYC7fXVHk1A6bmQZvLGrO5tb1n4UG4c-1669546681-0-ARibsKwoR7Bi3hPYjKwI0nBzBrCmpKyD7gCmQ2UfKxSdjmfIXF5mHRwcVGhe/loYLs/PPIeR33pP12cndpAga9o=; path=/; expires=Sun, 27-Nov-22 11:28:01 GMT; domain=.mgid.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 770a58a4dc9e0afe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
friendshipmale.com/sfp.js
104.21.234.93200 OK 53 kB URL HTTP/2 friendshipmale.com/sfp.js
IP 104.21.234.93:0
File type Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Hash 72cdc96369aebe5ae4a435c7272ab451
f7031535185ad40d0e0eb854debe3cce76e7fed9
c152bdb58bbcedd5e78db7900b17961d1ad7931190ae1e1ffc08f85505f3c5b5
GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seputarbansos.my.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 27 Nov 2022 10:58:00 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: fa902fc0094290f700a40013d6aec7ec
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Sun, 27 Nov 2022 10:58:00 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r4W2YHAEnC2hAc8F8MHZJt%2BNGZt1n0SBuZsp9bSk8w3yYl4uFvN7mWHqOebIcN4lqAJ8LSBy4JS%2FDK7eUWN5YEipczmGZNzfByEaKHagGAxL%2BTSnAkZkr7RGOcXpOM1LQBuM30A%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 770a58a2fdd57720-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
s-img.mgid.com/g/12578202/492x277/0x0x619x348/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0LzkxYmVlYmFiNjI4MjRhZmYyNWM0Mjg4MTM4YmM2YjQxLmpwZWc.webp?v=1669546680-4Bx2Le7ydoSFNDDtWIgs1Mqb6tJzCOZs_q59VsDxY3A
104.19.135.78200 OK 24 kB URL HTTP/2 s-img.mgid.com/g/12578202/492x277/0x0x619x348/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0LzkxYmVlYmFiNjI4MjRhZmYyNWM0Mjg4MTM4YmM2YjQxLmpwZWc.webp?v=1669546680-4Bx2Le7ydoSFNDDtWIgs1Mqb6tJzCOZs_q59VsDxY3A
IP 104.19.135.78:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 492x277, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 51c3935eefd3221eb52e8e51173073e8
7652e874ee8ae20cf6d8f318091b0ffa91b0aa92
4cc7e9a53a0aa5479c32a04ca7343e89dc261c9eb9e560e8b748040e5eb8e901
GET /g/12578202/492x277/0x0x619x348/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0LzkxYmVlYmFiNjI4MjRhZmYyNWM0Mjg4MTM4YmM2YjQxLmpwZWc.webp?v=1669546680-4Bx2Le7ydoSFNDDtWIgs1Mqb6tJzCOZs_q59VsDxY3A HTTP/1.1
Host: s-img.mgid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.seputarbansos.my.id
Connection: keep-alive
Referer: https://www.seputarbansos.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 10:58:01 GMT
content-type: image/webp
content-length: 24526
x-mg-request-uuid: 53f27135-fe4f-4eff-9aec-64199571f865
access-control-allow-origin: *
last-modified: Wed, 10 Aug 2022 15:47:16 GMT
cache-control: immutable, max-age=31536000
cf-cache-status: HIT
age: 2810915
accept-ranges: bytes
set-cookie: __cf_bm=4Xb1Rjy8md0P5IENn2ULOMLupPb8Rs3tZFuca3I7uxE-1669546681-0-ARYBBZv2xhsU39HfCfvfuVjgCUKpCvW5cgbMMFOju5OuO+Htrq/NFnrwNBvC6XotcCwcq2PKTdQ2zqkcgER5lMQ=; path=/; expires=Sun, 27-Nov-22 11:28:01 GMT; domain=.mgid.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 770a58a4dca10afe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
s-img.mgid.com/g/12068028/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMi8xMDE5MjQvYjZiZTg0OTUxYjczOWQwYmE3Y2I5NjIxODdiMDAxMWMuanBlZw.webp?v=1669546680-oFNVHkpPH6k4npr2JFlY1EFptyeEUsPiINrwMveDMGw
104.19.135.78200 OK 12 kB URL HTTP/2 s-img.mgid.com/g/12068028/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMi8xMDE5MjQvYjZiZTg0OTUxYjczOWQwYmE3Y2I5NjIxODdiMDAxMWMuanBlZw.webp?v=1669546680-oFNVHkpPH6k4npr2JFlY1EFptyeEUsPiINrwMveDMGw
IP 104.19.135.78:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 492x277, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash ce03c663e41e270775a69e7c9793d155
c377baa95674593d26ebd53749e3445e06203f46
794db768c144a461fe24335291e66e3254a79d43b3c7146a4daa85b43b3b0d23
GET /g/12068028/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMi8xMDE5MjQvYjZiZTg0OTUxYjczOWQwYmE3Y2I5NjIxODdiMDAxMWMuanBlZw.webp?v=1669546680-oFNVHkpPH6k4npr2JFlY1EFptyeEUsPiINrwMveDMGw HTTP/1.1
Host: s-img.mgid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.seputarbansos.my.id
Connection: keep-alive
Referer: https://www.seputarbansos.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 10:58:01 GMT
content-type: image/webp
content-length: 12072
x-mg-request-uuid: f9e05745-7dab-494a-b9c1-c6e61533657f
access-control-allow-origin: *
last-modified: Wed, 26 Jan 2022 14:13:06 GMT
cache-control: immutable, max-age=31536000
cf-cache-status: HIT
age: 2810915
accept-ranges: bytes
set-cookie: __cf_bm=D218SR8916G2LoEuHdyOS82ws3JdGlxjUd_3S8kpGGI-1669546681-0-AWJ5o9B7shfEvS4pKFU1m6j1oMS6mHOKTyxdHGU2VA+IJNsN80QA86kejgfqYEQizZ7XZKmfziYzeys3hlm3KnA=; path=/; expires=Sun, 27-Nov-22 11:28:01 GMT; domain=.mgid.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 770a58a4cc9b0afe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
s-img.mgid.com/g/13404719/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIscV9hdXRvOmdvb2Qsd18xMDIwLHhfMzU3LHlfMjM5L2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTA2LzEwMTkyNC9mZDE0ZmE1OTk3ZGEyMGZlMmNjMmIyM2E5MjE1MTQ3OC5qcGVn.webp?v=1669546680-4IDD3-Tx9fn9bVTwblX0MV_MwVLM4mtXpbKpOTOU6AA
104.19.135.78200 OK 19 kB URL HTTP/2 s-img.mgid.com/g/13404719/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIscV9hdXRvOmdvb2Qsd18xMDIwLHhfMzU3LHlfMjM5L2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTA2LzEwMTkyNC9mZDE0ZmE1OTk3ZGEyMGZlMmNjMmIyM2E5MjE1MTQ3OC5qcGVn.webp?v=1669546680-4IDD3-Tx9fn9bVTwblX0MV_MwVLM4mtXpbKpOTOU6AA
IP 104.19.135.78:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 492x277, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 11feb49f5c830809429c7807abf3108b
f17b6a9610ba1121523c1b7e618455c42769e6e9
de4147dd625ed0459b440e2d4fa244c80605f13ed023fbf11455213e809601fe
GET /g/13404719/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIscV9hdXRvOmdvb2Qsd18xMDIwLHhfMzU3LHlfMjM5L2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTA2LzEwMTkyNC9mZDE0ZmE1OTk3ZGEyMGZlMmNjMmIyM2E5MjE1MTQ3OC5qcGVn.webp?v=1669546680-4IDD3-Tx9fn9bVTwblX0MV_MwVLM4mtXpbKpOTOU6AA HTTP/1.1
Host: s-img.mgid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.seputarbansos.my.id
Connection: keep-alive
Referer: https://www.seputarbansos.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 10:58:01 GMT
content-type: image/webp
content-length: 18576
x-mg-request-uuid: 4a9c0aad-d4d8-4afa-93ec-5c43cc73255e
access-control-allow-origin: *
last-modified: Fri, 01 Jul 2022 07:17:36 GMT
cache-control: immutable, max-age=31536000
cf-cache-status: HIT
age: 2810858
accept-ranges: bytes
set-cookie: __cf_bm=ZCBJP66N8s_2paQ.aGnBT_6XNNuT2ICOA73WBVx6vIE-1669546681-0-AUySXPQHPRvJldukbEAGdnJMY6/sc1ULbDkJTg+b77alNUxMaU6t3m/+VbBmFi/1yhSXUrJJOxFQdgmyZRFwvhw=; path=/; expires=Sun, 27-Nov-22 11:28:01 GMT; domain=.mgid.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 770a58a4dcac0afe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
s-img.mgid.com/g/13275078/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIscV9hdXRvOmdvb2Qsd18xMDIwLHhfNjI0LHlfMzQ5L2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTA2LzE3NTY4NS80YmJkYTU0ODE3ZWRmNTU4ZTYwMWM3YzkyMzNlOTBkZi5wbmc.webp?v=1669546680-Q1ZT-Gf15DPxoaTqjvD8VnLP-b9aFZe6BmHcF0aTv7A
104.19.135.78200 OK 28 kB URL HTTP/2 s-img.mgid.com/g/13275078/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIscV9hdXRvOmdvb2Qsd18xMDIwLHhfNjI0LHlfMzQ5L2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTA2LzE3NTY4NS80YmJkYTU0ODE3ZWRmNTU4ZTYwMWM3YzkyMzNlOTBkZi5wbmc.webp?v=1669546680-Q1ZT-Gf15DPxoaTqjvD8VnLP-b9aFZe6BmHcF0aTv7A
IP 104.19.135.78:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 492x277, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash ff7bf7cf81d937e5641c49e9b1f3772e
e8c0b562d490fbb710b13703f4a5dc2a59b3fd5e
a1215d478eaed0d5fc53535acf3d8164605785a5fbc8eb285f48c66f5b29f081
GET /g/13275078/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIscV9hdXRvOmdvb2Qsd18xMDIwLHhfNjI0LHlfMzQ5L2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTA2LzE3NTY4NS80YmJkYTU0ODE3ZWRmNTU4ZTYwMWM3YzkyMzNlOTBkZi5wbmc.webp?v=1669546680-Q1ZT-Gf15DPxoaTqjvD8VnLP-b9aFZe6BmHcF0aTv7A HTTP/1.1
Host: s-img.mgid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.seputarbansos.my.id
Connection: keep-alive
Referer: https://www.seputarbansos.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 10:58:01 GMT
content-type: image/webp
content-length: 27830
x-mg-request-uuid: defb5d1b-26b7-49a5-8b2a-04b6d5c05dea
access-control-allow-origin: *
last-modified: Fri, 17 Jun 2022 00:28:16 GMT
cache-control: immutable, max-age=31536000
cf-cache-status: HIT
age: 2810916
accept-ranges: bytes
set-cookie: __cf_bm=kr4qJUBaN5ksXEPpGMzLrjOei.Q6ajyL_J8H6QZwWyE-1669546681-0-AfbEU4fQOFsDUPWLSSs5ZDabAzzoUJd/Nd33aTtGE+PL3Jc5RZl7o1KZhPPjvaL8ofCLpHMuPJMPMkECkix+VjE=; path=/; expires=Sun, 27-Nov-22 11:28:01 GMT; domain=.mgid.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 770a58a4dca50afe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash ca9a5a187a9301acd15cc891755a13c8
1522515a371821fe1c94ce773898f2e913e03012
469bcc07c9e15d43d093697277d75eaa3199cb3f455b6fd32daaa0153f4e0f98
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 10:58:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
s-img.mgid.com/g/3805543/492x277/0x0x492x277/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDItMjgvMTAxOTI0LzcyNDY5ZmQ0MjYwZGU2NmViZTI2YTFlOGU5M2EwY2YxLmpwZw.webp?v=1669546680-NaEsWaziWIpUbHgBckR6HGRzptTJqt1F7IuBP2N5g3U
104.19.135.78200 OK 25 kB URL HTTP/2 s-img.mgid.com/g/3805543/492x277/0x0x492x277/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDItMjgvMTAxOTI0LzcyNDY5ZmQ0MjYwZGU2NmViZTI2YTFlOGU5M2EwY2YxLmpwZw.webp?v=1669546680-NaEsWaziWIpUbHgBckR6HGRzptTJqt1F7IuBP2N5g3U
IP 104.19.135.78:0
Hash f5b03763822d2c5bb874f722f6ccec4b
6aba235b7c8359f0dd58da94e828ab6f9d2e5d56
a7e2949fa4094f9c7879b79ce4c5ae6a9c1585d7d8150a473f512833ae0459aa
GET /g/3805543/492x277/0x0x492x277/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDItMjgvMTAxOTI0LzcyNDY5ZmQ0MjYwZGU2NmViZTI2YTFlOGU5M2EwY2YxLmpwZw.webp?v=1669546680-NaEsWaziWIpUbHgBckR6HGRzptTJqt1F7IuBP2N5g3U HTTP/1.1
Host: s-img.mgid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.seputarbansos.my.id
Connection: keep-alive
Referer: https://www.seputarbansos.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 10:58:01 GMT
content-type: image/webp
content-length: 21434
x-mg-request-uuid: 51e9e1ff-a785-47fd-bcd2-44ff4aa0a237
access-control-allow-origin: *
last-modified: Wed, 10 Aug 2022 12:10:39 GMT
cache-control: immutable, max-age=31536000
cf-cache-status: HIT
age: 2810881
accept-ranges: bytes
set-cookie: __cf_bm=gNS4J6ZcfagyDnito2Xhp8_revxtipzpsbp2OXWTX7U-1669546681-0-AeINYxPe8JbC7UnHiyAdrxQvveyoisCYkANdNbeDHs7O+hWqNcajfrxBCj51wa3O0jRNk+XPOnO+nPH5SsZBU2A=; path=/; expires=Sun, 27-Nov-22 11:28:01 GMT; domain=.mgid.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 770a58a4dca90afe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
s-img.mgid.com/g/14649812/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIscV9hdXRvOmdvb2Qsd18xMDIwLHhfMzU4LHlfMjQ1L2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTEwLzEwMTkyNC9lMjA2MjZmYjllMGRiOWRjNjkwNTQyNjNjMjk4MGI4ZC5qcGVn.webp?v=1669546680-GDl4ahLZNGQ2CfNSM9tWNDhQok3q1yAcYHxXThsMqZQ
104.19.135.78200 OK 111 kB URL HTTP/2 s-img.mgid.com/g/14649812/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIscV9hdXRvOmdvb2Qsd18xMDIwLHhfMzU4LHlfMjQ1L2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTEwLzEwMTkyNC9lMjA2MjZmYjllMGRiOWRjNjkwNTQyNjNjMjk4MGI4ZC5qcGVn.webp?v=1669546680-GDl4ahLZNGQ2CfNSM9tWNDhQok3q1yAcYHxXThsMqZQ
IP 104.19.135.78:0
Size 111 kB (111291 bytes)
Hash 71c227054509ccda15eba02f02ec3f11
2442a77ccf0f1d4b290b020b9c2a07389c286341
d4fa5d9e9076495bddebb3daefcc55f3b06ba1920cf4bdf4e56cb944864a0557
GET /g/14649812/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIscV9hdXRvOmdvb2Qsd18xMDIwLHhfMzU4LHlfMjQ1L2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTEwLzEwMTkyNC9lMjA2MjZmYjllMGRiOWRjNjkwNTQyNjNjMjk4MGI4ZC5qcGVn.webp?v=1669546680-GDl4ahLZNGQ2CfNSM9tWNDhQok3q1yAcYHxXThsMqZQ HTTP/1.1
Host: s-img.mgid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.seputarbansos.my.id
Connection: keep-alive
Referer: https://www.seputarbansos.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 10:58:01 GMT
content-type: image/webp
content-length: 33624
x-mg-request-uuid: 8fd7fcc5-b688-409a-b3b6-995664b881d2
access-control-allow-origin: *
last-modified: Wed, 16 Nov 2022 15:36:16 GMT
cache-control: immutable, max-age=31536000
cf-cache-status: HIT
age: 933705
accept-ranges: bytes
set-cookie: __cf_bm=jXMthsfzgFMIEkPHVljbIBOQV0p1rvttYUAenN7doaQ-1669546681-0-AcQibAvpUIVozHyeUGqtUt2TN0buRAsc8TPI90NCMdnQyimA+Ydz7iGre5GcyQ1NqklYy7eSWEWSpsqUCsCBTdc=; path=/; expires=Sun, 27-Nov-22 11:28:01 GMT; domain=.mgid.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 770a58a4ecaf0afe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
s-img.mgid.com/g/10839612/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wOC8xMDE5MjQvMTk1MTBiNDNlMGEzODU2ZTZhYTRhMjNhMTRlMjVhNDUuanBlZw.webp?v=1669546680-pnygPKQPXiiF2UK19s-3HDFrFPucP0CtNmhI-rpt180
104.19.135.78200 OK 26 kB URL HTTP/2 s-img.mgid.com/g/10839612/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wOC8xMDE5MjQvMTk1MTBiNDNlMGEzODU2ZTZhYTRhMjNhMTRlMjVhNDUuanBlZw.webp?v=1669546680-pnygPKQPXiiF2UK19s-3HDFrFPucP0CtNmhI-rpt180
IP 104.19.135.78:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 492x277, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 28aa9dea57a5d0c80ef1cf2d8c19705e
cfecf50d230a3212d6a6a11826dcdfda022ac45f
e5311b5a4a570dd861c07747ae6c027969492616902c5c15803688b5fa4fdef9
GET /g/10839612/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wOC8xMDE5MjQvMTk1MTBiNDNlMGEzODU2ZTZhYTRhMjNhMTRlMjVhNDUuanBlZw.webp?v=1669546680-pnygPKQPXiiF2UK19s-3HDFrFPucP0CtNmhI-rpt180 HTTP/1.1
Host: s-img.mgid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.seputarbansos.my.id
Connection: keep-alive
Referer: https://www.seputarbansos.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 10:58:01 GMT
content-type: image/webp
content-length: 26082
x-mg-request-uuid: c3d485ec-9f6c-41a7-83a4-f5fadf3214f8
access-control-allow-origin: *
last-modified: Thu, 11 Nov 2021 15:56:28 GMT
cache-control: immutable, max-age=31536000
cf-cache-status: HIT
age: 2810909
accept-ranges: bytes
set-cookie: __cf_bm=TTCiZIukWPw08ZiVYobH2AyiCiy9vlFz0svpWzsSHAE-1669546681-0-AfpKiPtbyTAa7DyL1tkbrHbsICZF5To8tmXul47XamDbu3YXT4uEJsZcnh6kqO9gZ11Rfc+GdD87Kq4TPfYlGAk=; path=/; expires=Sun, 27-Nov-22 11:28:01 GMT; domain=.mgid.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 770a58a4ecb00afe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
s-img.mgid.com/g/12068021/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMC8xMDE5MjQvZGQxOTJmYmMzM2QxOGI1YzA2MDc4NDMzYTBjN2IzYTYuanBlZw.webp?v=1669546680-vuWNCpklB_lZYVk-JTQQ_0Acc5uY1ULWuR8Ac1eH4PM
104.19.135.78200 OK 23 kB URL HTTP/2 s-img.mgid.com/g/12068021/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMC8xMDE5MjQvZGQxOTJmYmMzM2QxOGI1YzA2MDc4NDMzYTBjN2IzYTYuanBlZw.webp?v=1669546680-vuWNCpklB_lZYVk-JTQQ_0Acc5uY1ULWuR8Ac1eH4PM
IP 104.19.135.78:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 492x277, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash aa1a13cf41991591f97e0cf47e59e4c5
bea506bdd2db7e55349efcdfbbff1433bb739af0
2b7b08df59ef8bf3dac35d902712b14ad16a76068cb3e5949bb066e09adddc6b
GET /g/12068021/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMC8xMDE5MjQvZGQxOTJmYmMzM2QxOGI1YzA2MDc4NDMzYTBjN2IzYTYuanBlZw.webp?v=1669546680-vuWNCpklB_lZYVk-JTQQ_0Acc5uY1ULWuR8Ac1eH4PM HTTP/1.1
Host: s-img.mgid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.seputarbansos.my.id
Connection: keep-alive
Referer: https://www.seputarbansos.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 10:58:01 GMT
content-type: image/webp
content-length: 22980
x-mg-request-uuid: e6196220-3bef-417b-80d3-7c6336c7fdb6
access-control-allow-origin: *
last-modified: Wed, 26 Jan 2022 14:13:01 GMT
cache-control: immutable, max-age=31536000
cf-cache-status: HIT
age: 2810873
accept-ranges: bytes
set-cookie: __cf_bm=gam8gkdtkXhfP__7I0LQkSWD6YKzB6vLJbBis4SqsBg-1669546681-0-AQR7dsxctazYV/nIlqmtsdFZ0OvEd1y2InIq4nK2wIDCh42xmRBd1pJxUGiwo7bS352w3zcVqK4AGiCIWwejEAo=; path=/; expires=Sun, 27-Nov-22 11:28:01 GMT; domain=.mgid.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 770a58a4ecb10afe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
s-img.mgid.com/g/8193529/492x277/0x12x597x336/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0Lzk0NzczNWVkNjBlN2Q1M2UyN2U2NTk4ODdjYTFkMzk3LnBuZw.webp?v=1669546680--C533B58rAHnwvxcdW_z89G9lqYUqhvFmph76yrQIiU
104.19.135.78200 OK 8.0 kB URL HTTP/2 s-img.mgid.com/g/8193529/492x277/0x12x597x336/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0Lzk0NzczNWVkNjBlN2Q1M2UyN2U2NTk4ODdjYTFkMzk3LnBuZw.webp?v=1669546680--C533B58rAHnwvxcdW_z89G9lqYUqhvFmph76yrQIiU
IP 104.19.135.78:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 492x277, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash dea790e49de707a5b2c77dd6647c360f
1f5dcd114882d2633621ab0e103ea4e1cb2424d9
390b1a38b66d2710fca9e45bae48bdc48af796291b9bbd445061344db9874181
GET /g/8193529/492x277/0x12x597x336/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0Lzk0NzczNWVkNjBlN2Q1M2UyN2U2NTk4ODdjYTFkMzk3LnBuZw.webp?v=1669546680--C533B58rAHnwvxcdW_z89G9lqYUqhvFmph76yrQIiU HTTP/1.1
Host: s-img.mgid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.seputarbansos.my.id
Connection: keep-alive
Referer: https://www.seputarbansos.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 10:58:01 GMT
content-type: image/webp
content-length: 7994
x-mg-request-uuid: 79182ffc-9f2c-463c-a106-a7bfeedb9cbd
access-control-allow-origin: *
last-modified: Wed, 10 Aug 2022 16:31:40 GMT
cache-control: immutable, max-age=31536000
cf-cache-status: HIT
age: 2810879
accept-ranges: bytes
set-cookie: __cf_bm=ZJvgBOMiYsJi.KFJwhEJ3UfCUvz9Zk5Hg32qY4hE4TU-1669546681-0-AcJjUb0NjluBrw7rpNVkptqxKPIO4Tj17T7WRqq7RunMeczis4wmbHh5RK4VAF9T6wXmLoMC84vvS86l3pzEbNM=; path=/; expires=Sun, 27-Nov-22 11:28:01 GMT; domain=.mgid.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 770a58a4ecbf0afe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
s-img.mgid.com/g/4039678/492x277/0x83x640x360/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0LzZkMTExMmMxNDU2YzNlMTJjNmNmOThkNTBiOTkzYWU0LmpwZWc.webp?v=1669546680-ZxRrP4QNG7yu7GmprqaHOzl9haVwu-uz1FBJVicMgR8
104.19.135.78200 OK 30 kB URL HTTP/2 s-img.mgid.com/g/4039678/492x277/0x83x640x360/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0LzZkMTExMmMxNDU2YzNlMTJjNmNmOThkNTBiOTkzYWU0LmpwZWc.webp?v=1669546680-ZxRrP4QNG7yu7GmprqaHOzl9haVwu-uz1FBJVicMgR8
IP 104.19.135.78:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 492x277, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 70b63f87b99da685c95fe31b03db22c9
1462272be9653418917f7d06d9b2bf1bc2012c0a
ebf43a472bb31c0c12fa8d41e17245238b2db3a6d4c38c0f33e22b45192724a9
GET /g/4039678/492x277/0x83x640x360/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0LzZkMTExMmMxNDU2YzNlMTJjNmNmOThkNTBiOTkzYWU0LmpwZWc.webp?v=1669546680-ZxRrP4QNG7yu7GmprqaHOzl9haVwu-uz1FBJVicMgR8 HTTP/1.1
Host: s-img.mgid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.seputarbansos.my.id
Connection: keep-alive
Referer: https://www.seputarbansos.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 10:58:01 GMT
content-type: image/webp
content-length: 30080
x-mg-request-uuid: fbd134a4-7171-4a16-817a-fd3203f3d2c3
access-control-allow-origin: *
last-modified: Wed, 10 Aug 2022 19:11:36 GMT
cache-control: immutable, max-age=31536000
cf-cache-status: HIT
age: 2810916
accept-ranges: bytes
set-cookie: __cf_bm=MUcLRCJaVbx2McFBsbRFhuR_bvAOb9wwEjnxd6unPGM-1669546681-0-AVryWGPJPeUz19gJNvYB0KhkBdOnkZye8AW7/BCH5A28HD12BpFldibVoDheYvs58yH4ArtsvHQmT3E1a+8Foak=; path=/; expires=Sun, 27-Nov-22 11:28:01 GMT; domain=.mgid.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 770a58a4fcd10afe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
s-img.mgid.com/g/13140388/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wNi8xNzU2ODUvMjk3YzdlYTY3NmVhYTAzNmZkYjgxYjVlODg3ZmNmODUuanBlZw.webp?v=1669546680-Djre3xQI7-skJ6jbWfA7hZtmQauxoNCSf85lQCV1W6g
104.19.135.78200 OK 7.4 kB URL HTTP/2 s-img.mgid.com/g/13140388/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wNi8xNzU2ODUvMjk3YzdlYTY3NmVhYTAzNmZkYjgxYjVlODg3ZmNmODUuanBlZw.webp?v=1669546680-Djre3xQI7-skJ6jbWfA7hZtmQauxoNCSf85lQCV1W6g
IP 104.19.135.78:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 492x277, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 094d8bf9e4ad77eb7f6fe5799ecbeb0a
811ddf9a1a1144c180d2ca74372d4a05bb390635
78c32847a7feda5191f674b206586fe04631075d42bc5746262a89ae4ac7e2da
GET /g/13140388/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wNi8xNzU2ODUvMjk3YzdlYTY3NmVhYTAzNmZkYjgxYjVlODg3ZmNmODUuanBlZw.webp?v=1669546680-Djre3xQI7-skJ6jbWfA7hZtmQauxoNCSf85lQCV1W6g HTTP/1.1
Host: s-img.mgid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.seputarbansos.my.id
Connection: keep-alive
Referer: https://www.seputarbansos.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 10:58:01 GMT
content-type: image/webp
content-length: 7394
x-mg-request-uuid: dc91d07d-5c00-4375-a8ac-6b038cb5e3e0
access-control-allow-origin: *
last-modified: Tue, 07 Jun 2022 08:39:49 GMT
cache-control: immutable, max-age=31536000
cf-cache-status: HIT
age: 2810264
accept-ranges: bytes
set-cookie: __cf_bm=QUIW6SAZRmohE.SL12J6jWkXYneg.kQPC8CT2BpmGco-1669546681-0-Aan/qt23tWvX6BUJzPBpXtAP7NrcykmwkAfuF4+OS5qDsbWao9+eZ50VtIS7+ZLQhsQsrfLSOpmZKPwUgZfDSHQ=; path=/; expires=Sun, 27-Nov-22 11:28:01 GMT; domain=.mgid.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 770a58a50cd70afe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
s-img.mgid.com/g/14145495/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wOS8xNzU2ODUvZjRkOWNiMjIyMGJiYzZjNmJkOGQ3MGQwNDQ1NDgyNTYucG5n.webp?v=1669546680-9OHs9v3lO9fc9QFWKpmnc4sgZKYU01DVqgL1ux_cmpw
104.19.135.78200 OK 14 kB URL HTTP/2 s-img.mgid.com/g/14145495/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wOS8xNzU2ODUvZjRkOWNiMjIyMGJiYzZjNmJkOGQ3MGQwNDQ1NDgyNTYucG5n.webp?v=1669546680-9OHs9v3lO9fc9QFWKpmnc4sgZKYU01DVqgL1ux_cmpw
IP 104.19.135.78:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 492x277, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash ae56f13b1cc7906a07966a32f4ebb0d3
6845c2e27f28df0ad7cd3ec484ff05d4d9fc85ec
f45b4a716cd3ec159c82599196cf075367b8f654490536a4f8cb31cef9e9aa4e
GET /g/14145495/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wOS8xNzU2ODUvZjRkOWNiMjIyMGJiYzZjNmJkOGQ3MGQwNDQ1NDgyNTYucG5n.webp?v=1669546680-9OHs9v3lO9fc9QFWKpmnc4sgZKYU01DVqgL1ux_cmpw HTTP/1.1
Host: s-img.mgid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.seputarbansos.my.id
Connection: keep-alive
Referer: https://www.seputarbansos.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 10:58:01 GMT
content-type: image/webp
content-length: 13594
x-mg-request-uuid: 5f734850-d82e-4f90-9bee-f307768e0084
access-control-allow-origin: *
last-modified: Fri, 23 Sep 2022 00:26:51 GMT
cache-control: immutable, max-age=31536000
cf-cache-status: HIT
age: 2810911
accept-ranges: bytes
set-cookie: __cf_bm=NBASSpb9lj3L9C.eLL.rLUcKc55fQ5piAEOyRvwP4PE-1669546681-0-AeEs8lYd0Ft9HtNXvL8fXp5wkCrfJzUTg4tQo5ctecPUiFjOosy6HfAKkQ7AIfSr8Or6JJ/whpiz+YBdmSg1euE=; path=/; expires=Sun, 27-Nov-22 11:28:01 GMT; domain=.mgid.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 770a58a50cd80afe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.PlpnwD4HYro.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-D4573md5GmdJHX15d0lc3SoObhA/cb=gapi.loaded_0
142.250.74.174200 OK 36 kB URL HTTP/2 apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.PlpnwD4HYro.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-D4573md5GmdJHX15d0lc3SoObhA/cb=gapi.loaded_0
IP 142.250.74.174:0
File type ASCII text, with very long lines (580)
Hash 541e015e67cae09a328b90cc5c0f3d0c
dad2d0b3184ad57f3b22213c8fed6e590120f6ae
afc09d5674a374bfbbad3f9ae4ed69b6e91a36002f33ba6edfa48499ad24135c
GET /_/scs/abc-static/_/js/k=gapi.gapi.en.PlpnwD4HYro.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-D4573md5GmdJHX15d0lc3SoObhA/cb=gapi.loaded_0 HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://drive.google.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 36478
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 25 Nov 2022 11:39:33 GMT
expires: Sat, 25 Nov 2023 11:39:33 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 01 Nov 2022 15:23:57 GMT
content-type: text/javascript; charset=UTF-8
age: 170308
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
s-img.mgid.com/g/13780670/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIscV9hdXRvOmdvb2Qsd18xMDIwLHhfMzAwLHlfMTkwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTA3LzEwMTkyNC9hMGRhNDUwNmE0NGE5YjllNTcxZGIyN2Q0YzU0YmY5Zi5qcGc.webp?v=1669546680-4zPgjET3wKOvXXqhfhSsgW2fhd8BxHi1UGf93P--zq4
104.19.135.78200 OK 18 kB URL HTTP/2 s-img.mgid.com/g/13780670/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIscV9hdXRvOmdvb2Qsd18xMDIwLHhfMzAwLHlfMTkwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTA3LzEwMTkyNC9hMGRhNDUwNmE0NGE5YjllNTcxZGIyN2Q0YzU0YmY5Zi5qcGc.webp?v=1669546680-4zPgjET3wKOvXXqhfhSsgW2fhd8BxHi1UGf93P--zq4
IP 104.19.135.78:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 492x277, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 680eaefd9d678e41f82a489a86ba2ef4
38f9d8142723427e953a14d7794b21505a78f0b3
e1d40d172319a5465a7e1af096c202105ad8dd7c3377d10872bd4c4db2dec44c
GET /g/13780670/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIscV9hdXRvOmdvb2Qsd18xMDIwLHhfMzAwLHlfMTkwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTA3LzEwMTkyNC9hMGRhNDUwNmE0NGE5YjllNTcxZGIyN2Q0YzU0YmY5Zi5qcGc.webp?v=1669546680-4zPgjET3wKOvXXqhfhSsgW2fhd8BxHi1UGf93P--zq4 HTTP/1.1
Host: s-img.mgid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.seputarbansos.my.id
Connection: keep-alive
Referer: https://www.seputarbansos.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 10:58:01 GMT
content-type: image/webp
content-length: 17492
x-mg-request-uuid: 8020b8b6-cf61-4ee3-a502-f8890ac82b3f
access-control-allow-origin: *
last-modified: Thu, 11 Aug 2022 08:52:09 GMT
cache-control: immutable, max-age=31536000
cf-cache-status: HIT
age: 2810915
accept-ranges: bytes
set-cookie: __cf_bm=T8ZI_htpfLbA7mX5i_v_SPFlbGDY8kHm2BIzqThLD9A-1669546681-0-AefNVMdc9dMBbH1qHJp73E8rEC7JPbauwc8F1NCR9uwAqjXkbcaY/2ddQED5b0EcujWQayxX+OkgpyKAgFutrAg=; path=/; expires=Sun, 27-Nov-22 11:28:01 GMT; domain=.mgid.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 770a58a52cfa0afe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
s-img.mgid.com/g/3805441/492x277/0x0x492x277/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDUtMjQvMTAxOTI0LzVjOTFlMDQ1NWNmOGEzMDJjOTA2N2Q2Y2ZmODJkNTg2LmpwZw.webp?v=1669546680-lL4_MZ5mEBb1m6XqL8RcesohBNe66pOlCIs0LlSSOVM
104.19.135.78200 OK 15 kB URL HTTP/2 s-img.mgid.com/g/3805441/492x277/0x0x492x277/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDUtMjQvMTAxOTI0LzVjOTFlMDQ1NWNmOGEzMDJjOTA2N2Q2Y2ZmODJkNTg2LmpwZw.webp?v=1669546680-lL4_MZ5mEBb1m6XqL8RcesohBNe66pOlCIs0LlSSOVM
IP 104.19.135.78:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 492x277, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash b326faa3fecb33e1bcc4866cd1251287
3490833b823ab1f2bb977c16dd166fb4edb76cf2
17b9557fc9c30b42b3501beabe2262844786cbb90bf4dbbe73bc59dca17b153f
GET /g/3805441/492x277/0x0x492x277/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDUtMjQvMTAxOTI0LzVjOTFlMDQ1NWNmOGEzMDJjOTA2N2Q2Y2ZmODJkNTg2LmpwZw.webp?v=1669546680-lL4_MZ5mEBb1m6XqL8RcesohBNe66pOlCIs0LlSSOVM HTTP/1.1
Host: s-img.mgid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.seputarbansos.my.id
Connection: keep-alive
Referer: https://www.seputarbansos.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 10:58:01 GMT
content-type: image/webp
content-length: 15326
x-mg-request-uuid: e53510dc-6819-412f-96c0-1414f6143a70
access-control-allow-origin: *
last-modified: Mon, 08 Aug 2022 17:04:58 GMT
cache-control: immutable, max-age=31536000
cf-cache-status: HIT
age: 2810899
accept-ranges: bytes
set-cookie: __cf_bm=GdtXN6EBxKeh2To2haje1Q.BtfrRFmRZi2Wiop7gtuQ-1669546681-0-AXBa5C5kEsfdGWcG1IVn++koLsaIVdUGB+UnqDC09rvdJReyv8SnbnuKr3L4X5eaxX0macjLoUfBSvoLqgYM3dY=; path=/; expires=Sun, 27-Nov-22 11:28:01 GMT; domain=.mgid.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 770a58a52cfc0afe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
s-img.mgid.com/g/14137468/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wOS8xMDE5MjQvMjIzZjNmNDU4NTM0NzFkOGI4YzRlYjk4MzczZmEwNTkucG5n.webp?v=1669546680-J2PQ1h5G1HUBvhr5ak_UWYoHXr1cNwn_8KbnYfwSB5E
104.19.135.78200 OK 12 kB URL HTTP/2 s-img.mgid.com/g/14137468/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wOS8xMDE5MjQvMjIzZjNmNDU4NTM0NzFkOGI4YzRlYjk4MzczZmEwNTkucG5n.webp?v=1669546680-J2PQ1h5G1HUBvhr5ak_UWYoHXr1cNwn_8KbnYfwSB5E
IP 104.19.135.78:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 492x277, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 80f126f0c329e0a345f23584c14ce942
50af2b1e81e957ba67d5b1cee1859919d1f34561
3abe81ef4ad86192dff6e22ef88f25840adce7a310d412cfec7b36646a285bd4
GET /g/14137468/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wOS8xMDE5MjQvMjIzZjNmNDU4NTM0NzFkOGI4YzRlYjk4MzczZmEwNTkucG5n.webp?v=1669546680-J2PQ1h5G1HUBvhr5ak_UWYoHXr1cNwn_8KbnYfwSB5E HTTP/1.1
Host: s-img.mgid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.seputarbansos.my.id
Connection: keep-alive
Referer: https://www.seputarbansos.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 10:58:01 GMT
content-type: image/webp
content-length: 11734
x-mg-request-uuid: 64dd338c-4b95-4a7a-9143-6842df7cd3a8
access-control-allow-origin: *
last-modified: Thu, 22 Sep 2022 09:57:14 GMT
cache-control: immutable, max-age=31536000
cf-cache-status: HIT
age: 2810916
accept-ranges: bytes
set-cookie: __cf_bm=wXUWkRGBzBsnoay1lFdxW8dRslWG57EduWHqDFEUU48-1669546681-0-ARm3aPttGI123as7Q7iz3zARkm0w4Rn/V4QJoRvOYFL2BOlmYTk1hy+hSPiOyWB+lMaTDncFbGGJFc3uJVFVlMY=; path=/; expires=Sun, 27-Nov-22 11:28:01 GMT; domain=.mgid.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 770a58a52d020afe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
s-img.mgid.com/g/14137491/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wOC8xMDE5MjQvMDYwYzFmZmJmNTU4N2E1YzZlOWYyZTFjZWJkZjAxN2MuanBlZw.webp?v=1669546680-SraunjQmB_IoKVk0titlvhTa7lumBTtMyNZhwhn5ECA
104.19.135.78200 OK 13 kB URL HTTP/2 s-img.mgid.com/g/14137491/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wOC8xMDE5MjQvMDYwYzFmZmJmNTU4N2E1YzZlOWYyZTFjZWJkZjAxN2MuanBlZw.webp?v=1669546680-SraunjQmB_IoKVk0titlvhTa7lumBTtMyNZhwhn5ECA
IP 104.19.135.78:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 492x277, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 3cf5f821da40336bdd91c0b9e0596db2
a173af5336b920243a435efedb58df640ed1a0a7
39b8b45caeff1ce12ee8042dcc0fa210b84e375dc127435500768759eab92434
GET /g/14137491/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wOC8xMDE5MjQvMDYwYzFmZmJmNTU4N2E1YzZlOWYyZTFjZWJkZjAxN2MuanBlZw.webp?v=1669546680-SraunjQmB_IoKVk0titlvhTa7lumBTtMyNZhwhn5ECA HTTP/1.1
Host: s-img.mgid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.seputarbansos.my.id
Connection: keep-alive
Referer: https://www.seputarbansos.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 10:58:01 GMT
content-type: image/webp
content-length: 12992
x-mg-request-uuid: 69637beb-8fad-4d23-b7d3-6c6b859a80ec
access-control-allow-origin: *
last-modified: Thu, 22 Sep 2022 09:55:55 GMT
cache-control: immutable, max-age=31536000
cf-cache-status: HIT
age: 2810901
accept-ranges: bytes
set-cookie: __cf_bm=FPQTbWBaCJO9eNsKG_5bpfPSK_RgpHowsQjAcec3mSk-1669546681-0-AWOkBHM67QR8h0B9QDAVzu9I7jr94eCaYu1stFyg3nlKHLR1tAGurtHSajZcO3THavsUkmi9hC5yBn2RO6S/ueQ=; path=/; expires=Sun, 27-Nov-22 11:28:01 GMT; domain=.mgid.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 770a58a52d010afe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
s-img.mgid.com/g/3805436/492x277/24x0x659x371/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDUtMTIvMTAxOTI0L2E4NDk5MzUwZDVkMzE2YmU0ZDBkNTMwMDdjNzJjYjY1LmpwZw.webp?v=1669546680-hdrGKKNxZcb_8QFXIETwg_fjkmYY9jUmKk3Ka-_-Fvk
104.19.135.78200 OK 18 kB URL HTTP/2 s-img.mgid.com/g/3805436/492x277/24x0x659x371/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDUtMTIvMTAxOTI0L2E4NDk5MzUwZDVkMzE2YmU0ZDBkNTMwMDdjNzJjYjY1LmpwZw.webp?v=1669546680-hdrGKKNxZcb_8QFXIETwg_fjkmYY9jUmKk3Ka-_-Fvk
IP 104.19.135.78:0
Hash 6a60d752c56ca27d23e0c455e15239c0
1dd7637fd9aa7db5723e10f95329549f0424bf79
277b1d3401549899f9a199913f9b43f2494704ec7de5e567237e7a567d3ca739
GET /g/3805436/492x277/24x0x659x371/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDUtMTIvMTAxOTI0L2E4NDk5MzUwZDVkMzE2YmU0ZDBkNTMwMDdjNzJjYjY1LmpwZw.webp?v=1669546680-hdrGKKNxZcb_8QFXIETwg_fjkmYY9jUmKk3Ka-_-Fvk HTTP/1.1
Host: s-img.mgid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.seputarbansos.my.id
Connection: keep-alive
Referer: https://www.seputarbansos.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 10:58:01 GMT
content-type: image/webp
content-length: 16386
x-mg-request-uuid: 0a00d9d2-292a-4eec-8ebd-9aec51e3c0f7
access-control-allow-origin: *
last-modified: Wed, 10 Aug 2022 05:39:24 GMT
cache-control: immutable, max-age=31536000
cf-cache-status: HIT
age: 2810905
accept-ranges: bytes
set-cookie: __cf_bm=Hhnxj3O_XASRYguKFtfqvu9PeLZR.SmGf_Ku6kx0Ujk-1669546681-0-AQZZ8BUezyQslyEKaPtb2tSMQDfcWEOcjMG0x1dS+C1w6q1cVlrXQl5VEh7b0pQW5VxDnwzcBgV0Q9cD4Teksho=; path=/; expires=Sun, 27-Nov-22 11:28:01 GMT; domain=.mgid.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 770a58a52cff0afe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
s-img.mgid.com/g/14649810/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0xMC8xMDE5MjQvMjAzM2NhYjIyODE3YWY3ZjI2ODQyMWQ1NjJkMjYxNzIuanBlZw.webp?v=1669546680-c5S8jiTgd0XWh-rKfXndd132LUZSCFpP3wPpB2UnvTA
104.19.135.78200 OK 15 kB URL HTTP/2 s-img.mgid.com/g/14649810/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0xMC8xMDE5MjQvMjAzM2NhYjIyODE3YWY3ZjI2ODQyMWQ1NjJkMjYxNzIuanBlZw.webp?v=1669546680-c5S8jiTgd0XWh-rKfXndd132LUZSCFpP3wPpB2UnvTA
IP 104.19.135.78:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 492x277, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 6241e1ea6acc21dc807053c16fb54cef
b5f3c9b87021f13c6d42d6c487af979a4d9a5d80
ad038b14f3f6c561dc8ba6f56a55ab41d5907d977648e411cb20f3e276775017
GET /g/14649810/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0xMC8xMDE5MjQvMjAzM2NhYjIyODE3YWY3ZjI2ODQyMWQ1NjJkMjYxNzIuanBlZw.webp?v=1669546680-c5S8jiTgd0XWh-rKfXndd132LUZSCFpP3wPpB2UnvTA HTTP/1.1
Host: s-img.mgid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.seputarbansos.my.id
Connection: keep-alive
Referer: https://www.seputarbansos.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 10:58:01 GMT
content-type: image/webp
content-length: 15324
x-mg-request-uuid: cfe7fde5-b499-40e2-9cbf-8ea1ad6b1d7a
access-control-allow-origin: *
last-modified: Wed, 16 Nov 2022 15:36:15 GMT
cache-control: immutable, max-age=31536000
cf-cache-status: HIT
age: 933706
accept-ranges: bytes
set-cookie: __cf_bm=riUik5U18s5ASNW29K_JDBKkMyTBM_fPUuklrvD7Qo8-1669546681-0-Aag3H2aCaJj6RmC6cQA9F7K/x4UMTWjRJoi0i6e6FOowOHTyjPcRwWVFKERjgus7Ze3WuYsZ3uPgId9Q+/FJiQs=; path=/; expires=Sun, 27-Nov-22 11:28:01 GMT; domain=.mgid.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 770a58a53d070afe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
s-img.mgid.com/g/14137460/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wOS8xMDE5MjQvNGFjMTVkZWU2YjliYjUwOGRkODdhMzc3MTc2MDYyNzAuanBlZw.webp?v=1669546680-_c77Urdp5wREoMStBn6w9NFf6H4dRXhltVkOtI9GMcM
104.19.135.78200 OK 19 kB URL HTTP/2 s-img.mgid.com/g/14137460/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wOS8xMDE5MjQvNGFjMTVkZWU2YjliYjUwOGRkODdhMzc3MTc2MDYyNzAuanBlZw.webp?v=1669546680-_c77Urdp5wREoMStBn6w9NFf6H4dRXhltVkOtI9GMcM
IP 104.19.135.78:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 492x277, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 4c77e692ed28906af033436227c01a61
240ea9264ab94cd808c7a911226df6d2c63e069b
0c792928456eec6fae4ffe0d453d95c7ff4773e0b49f4820a95ea62249efdf39
GET /g/14137460/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wOS8xMDE5MjQvNGFjMTVkZWU2YjliYjUwOGRkODdhMzc3MTc2MDYyNzAuanBlZw.webp?v=1669546680-_c77Urdp5wREoMStBn6w9NFf6H4dRXhltVkOtI9GMcM HTTP/1.1
Host: s-img.mgid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.seputarbansos.my.id
Connection: keep-alive
Referer: https://www.seputarbansos.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 10:58:01 GMT
content-type: image/webp
content-length: 18886
x-mg-request-uuid: 76444c1e-cee7-469a-920a-3c6e59ac1f7c
access-control-allow-origin: *
last-modified: Thu, 22 Sep 2022 09:56:26 GMT
cache-control: immutable, max-age=31536000
cf-cache-status: HIT
age: 2810899
accept-ranges: bytes
set-cookie: __cf_bm=W90w3oaAZWz03YXvk480.mUTcEhKNQaiwz_7JeaqblY-1669546681-0-ATXOtMuzPjP4j8FOsldgoBQs0jyISG8JR1gwhkzJCGL6RyLkMK6HDQBvbQbn2qxAOWn0na4TeoNRQxtN1TKe99A=; path=/; expires=Sun, 27-Nov-22 11:28:01 GMT; domain=.mgid.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 770a58a53d090afe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
s-img.mgid.com/g/13785574/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wOC8xNzU2ODUvNzkxMWU4YWFjNjRmZmJhOWUyZTA2OWI4OTJmYTI5OTIuanBn.webp?v=1669546680-RBEKqfATs8QOVxDEiEoN1qcsxDq7LADqc2iI4-lt7kE
104.19.135.78200 OK 5.7 kB URL HTTP/2 s-img.mgid.com/g/13785574/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wOC8xNzU2ODUvNzkxMWU4YWFjNjRmZmJhOWUyZTA2OWI4OTJmYTI5OTIuanBn.webp?v=1669546680-RBEKqfATs8QOVxDEiEoN1qcsxDq7LADqc2iI4-lt7kE
IP 104.19.135.78:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 492x277, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 7c35ab5c0cb300b1ef65bb02666934f2
991f7338f76d354c4a06174f0aebd6037b76c8f0
45329d4b39c6613088c60b685b88bec0872bd6f0941ff4f72e3244f9aebe7aa7
GET /g/13785574/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wOC8xNzU2ODUvNzkxMWU4YWFjNjRmZmJhOWUyZTA2OWI4OTJmYTI5OTIuanBn.webp?v=1669546680-RBEKqfATs8QOVxDEiEoN1qcsxDq7LADqc2iI4-lt7kE HTTP/1.1
Host: s-img.mgid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.seputarbansos.my.id
Connection: keep-alive
Referer: https://www.seputarbansos.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 10:58:01 GMT
content-type: image/webp
content-length: 5706
x-mg-request-uuid: c61ae072-4533-48e0-98bb-f371c00adb24
access-control-allow-origin: *
last-modified: Fri, 12 Aug 2022 17:42:05 GMT
cache-control: immutable, max-age=31536000
cf-cache-status: HIT
age: 2810915
accept-ranges: bytes
set-cookie: __cf_bm=DeeY7zvuujOBsYVCgAV.7w2NTF.mlquNvgtG2O.VOgc-1669546681-0-AZMcCK3hndv7zMNHxX4M3jc2eykMm+hpUxkHsTtZi8ZpMYUGdMhV4fhHIOPUAr4ofrxHWDhLxkvgn5z1HoDQ2eI=; path=/; expires=Sun, 27-Nov-22 11:28:01 GMT; domain=.mgid.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 770a58a53d0b0afe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
s-img.mgid.com/g/13404706/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wNi8xMDE5MjQvZTlmMzM2NmQ5MmM2YzAwMGUzZGQzNzFlOGIzNjJhNDEuanBlZw.webp?v=1669546680-X4_5vbYSWVJPcYY5bVOevawuGhhuNB4Q7s5sn-9G0qk
104.19.135.78200 OK 31 kB URL HTTP/2 s-img.mgid.com/g/13404706/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wNi8xMDE5MjQvZTlmMzM2NmQ5MmM2YzAwMGUzZGQzNzFlOGIzNjJhNDEuanBlZw.webp?v=1669546680-X4_5vbYSWVJPcYY5bVOevawuGhhuNB4Q7s5sn-9G0qk
IP 104.19.135.78:0
Hash e8800e1736cc1f14fdd8ca9de8d97ef1
4a97933f3d795e11dbc5a015c5d8af18533cedf0
5f7ac4f221e171b17b884b4a4ffdc632fb3d63e11f2b6fb695303e54bec2d762
GET /g/13404706/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wNi8xMDE5MjQvZTlmMzM2NmQ5MmM2YzAwMGUzZGQzNzFlOGIzNjJhNDEuanBlZw.webp?v=1669546680-X4_5vbYSWVJPcYY5bVOevawuGhhuNB4Q7s5sn-9G0qk HTTP/1.1
Host: s-img.mgid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.seputarbansos.my.id
Connection: keep-alive
Referer: https://www.seputarbansos.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 10:58:01 GMT
content-type: image/webp
content-length: 29608
x-mg-request-uuid: 9548e78e-9505-442d-881b-9b642992d186
access-control-allow-origin: *
last-modified: Fri, 01 Jul 2022 07:18:53 GMT
cache-control: immutable, max-age=31536000
cf-cache-status: HIT
age: 2810915
accept-ranges: bytes
set-cookie: __cf_bm=3z9yZ2_PDOV9vIL2a7YtmjAwblqc_o4sNAA9QBEpa8k-1669546681-0-AS3H7LJ9zkzchjTptVhfjLQ+c4u/PDKFkVcowyMedhlrEtksILgkoKUKcduu0uPrRAZrSJqjbvBBhopHUeK+n98=; path=/; expires=Sun, 27-Nov-22 11:28:01 GMT; domain=.mgid.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 770a58a53d0c0afe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
s-img.mgid.com/g/13268974/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIscV9hdXRvOmdvb2Qsd18xMDIwLHhfNjk3LHlfNDEzL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTA2LzEwMTkyNC83MDgwMmRkN2YwZWE0ZTBjNzBkMGU3ZjlmNDI4ZWI0Ny5qcGc.webp?v=1669546680-kEDfS0IKcmXd9tDmG1AGY-EKbOifxGP7G4iCqG5TsTM
104.19.135.78200 OK 11 kB URL HTTP/2 s-img.mgid.com/g/13268974/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIscV9hdXRvOmdvb2Qsd18xMDIwLHhfNjk3LHlfNDEzL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTA2LzEwMTkyNC83MDgwMmRkN2YwZWE0ZTBjNzBkMGU3ZjlmNDI4ZWI0Ny5qcGc.webp?v=1669546680-kEDfS0IKcmXd9tDmG1AGY-EKbOifxGP7G4iCqG5TsTM
IP 104.19.135.78:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 492x277, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 8b3c242c1cb7725f8bb42b75d3b3dd3b
009af731ca8e429a1b9d546b1b286dd122afae41
d44ada5e89adaee78799dd4137d3706fa87a5f904c4a45c1fd508ab02ceb4f96
GET /g/13268974/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIscV9hdXRvOmdvb2Qsd18xMDIwLHhfNjk3LHlfNDEzL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTA2LzEwMTkyNC83MDgwMmRkN2YwZWE0ZTBjNzBkMGU3ZjlmNDI4ZWI0Ny5qcGc.webp?v=1669546680-kEDfS0IKcmXd9tDmG1AGY-EKbOifxGP7G4iCqG5TsTM HTTP/1.1
Host: s-img.mgid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.seputarbansos.my.id
Connection: keep-alive
Referer: https://www.seputarbansos.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 10:58:01 GMT
content-type: image/webp
content-length: 10990
x-mg-request-uuid: 9756a268-9366-449e-ad76-9a94e0208591
access-control-allow-origin: *
last-modified: Thu, 16 Jun 2022 11:46:10 GMT
cache-control: immutable, max-age=31536000
cf-cache-status: HIT
age: 2810915
accept-ranges: bytes
set-cookie: __cf_bm=aDNF3bxpt9lIq8GK4y9w9yGlaO1D1WRbpluLOoD2tMo-1669546681-0-ARnfdH1r7Qf7Dws98/XYhsyHE5Uelwbx51/Y+yUd3KF5L9fj6YoR4uGLRcC1cVASdQX+XagoDgewjV7bMFh+pa0=; path=/; expires=Sun, 27-Nov-22 11:28:01 GMT; domain=.mgid.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 770a58a54d150afe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
s-img.mgid.com/g/10881033/492x277/0x0x551x310/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMTEvMTAxOTI0L2I1ZTQ2YWM3ZDMzNzlhNjlhZDY5MGZlYmVjZTQ1YWNkLmpwZw.webp?v=1669546680-mX2XCSgAtfP3HnJa2unqh6-juFtYbNY8UmTRubQHDiw
104.19.135.78200 OK 12 kB URL HTTP/2 s-img.mgid.com/g/10881033/492x277/0x0x551x310/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMTEvMTAxOTI0L2I1ZTQ2YWM3ZDMzNzlhNjlhZDY5MGZlYmVjZTQ1YWNkLmpwZw.webp?v=1669546680-mX2XCSgAtfP3HnJa2unqh6-juFtYbNY8UmTRubQHDiw
IP 104.19.135.78:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 492x277, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 8a4be6185fae3e5cdc90939f22af4512
a511d213ac34987726c8d4fa3359e1aeaa408daf
1b56d2555e7ce735e84acda3135b8b9940b065c815123220bb14b7ad4b0e2213
GET /g/10881033/492x277/0x0x551x310/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMTEvMTAxOTI0L2I1ZTQ2YWM3ZDMzNzlhNjlhZDY5MGZlYmVjZTQ1YWNkLmpwZw.webp?v=1669546680-mX2XCSgAtfP3HnJa2unqh6-juFtYbNY8UmTRubQHDiw HTTP/1.1
Host: s-img.mgid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.seputarbansos.my.id
Connection: keep-alive
Referer: https://www.seputarbansos.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 10:58:01 GMT
content-type: image/webp
content-length: 11882
x-mg-request-uuid: aff58899-4539-4cd0-9f8b-a218b4786b8e
access-control-allow-origin: *
last-modified: Sun, 11 Sep 2022 07:55:31 GMT
cache-control: immutable, max-age=31536000
cf-cache-status: HIT
age: 2810909
accept-ranges: bytes
set-cookie: __cf_bm=RQR37maCkpXzenAs.rCpBLnoE17Ql5qFqjRQsAzN_GI-1669546681-0-AUJV0kMVpGwd0vJWT0EA9Hk1ADWowGIaz+Kg1xBtt+HJMbHrNBdSEkPYYX16Sa53NXyJJsePZOucAz93MvYHgKo=; path=/; expires=Sun, 27-Nov-22 11:28:01 GMT; domain=.mgid.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 770a58a54d170afe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
s-img.mgid.com/g/13404761/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wNi8xMDE5MjQvMGZmMmMwMmRjZmE5ZDA4Nzk4MzAyNjVhYjhiZGE1MWUuanBlZw.webp?v=1669546680-nkRM-c4AqvGV1cD-HZU2clM-7vBQ7NLqM5dbfFN3Ic4
104.19.135.78200 OK 32 kB URL HTTP/2 s-img.mgid.com/g/13404761/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wNi8xMDE5MjQvMGZmMmMwMmRjZmE5ZDA4Nzk4MzAyNjVhYjhiZGE1MWUuanBlZw.webp?v=1669546680-nkRM-c4AqvGV1cD-HZU2clM-7vBQ7NLqM5dbfFN3Ic4
IP 104.19.135.78:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 492x277, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 74077eeb3065e84fa6f0f7753d2bcb02
9591ffd6cf9ba1842eda62c1e6d09dab24d6653d
9d54f151faf46dc2a260048e82ef24f722f11cee0d165987b09ca43633206fa4
GET /g/13404761/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wNi8xMDE5MjQvMGZmMmMwMmRjZmE5ZDA4Nzk4MzAyNjVhYjhiZGE1MWUuanBlZw.webp?v=1669546680-nkRM-c4AqvGV1cD-HZU2clM-7vBQ7NLqM5dbfFN3Ic4 HTTP/1.1
Host: s-img.mgid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.seputarbansos.my.id
Connection: keep-alive
Referer: https://www.seputarbansos.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 10:58:01 GMT
content-type: image/webp
content-length: 32516
x-mg-request-uuid: 21d32e66-1e2b-4b73-968a-e8c2b7c2f5e8
access-control-allow-origin: *
last-modified: Fri, 01 Jul 2022 07:22:30 GMT
cache-control: immutable, max-age=31536000
cf-cache-status: HIT
age: 2810915
accept-ranges: bytes
set-cookie: __cf_bm=iXMQUN25z_w3SC90j.BXLSWtCpeJohusIBNJA1E65Rs-1669546681-0-Ae9w+NkmxI/6ystuhbYOQito4N7UqzfyXyESJxDxgG4g3DQlOK7rG8G7Apsw9hJQBhnt2vdRBOQoeMeeWGMuYWw=; path=/; expires=Sun, 27-Nov-22 11:28:01 GMT; domain=.mgid.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 770a58a54d140afe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
s-img.mgid.com/g/11533331/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvYjg5ZWY5MjczNjQ3ZGFjMTAyNmM4YjFiMWI3OTQ4NGUuanBlZw.webp?v=1669546680-sIpIHKfwGsls2RY37S6e_JLsSojLHfepV853hCiCDnA
104.19.135.78200 OK 8.2 kB URL HTTP/2 s-img.mgid.com/g/11533331/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvYjg5ZWY5MjczNjQ3ZGFjMTAyNmM4YjFiMWI3OTQ4NGUuanBlZw.webp?v=1669546680-sIpIHKfwGsls2RY37S6e_JLsSojLHfepV853hCiCDnA
IP 104.19.135.78:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 492x277, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 2b55fc7c08c603bc73c6c55c35a4d363
a2553e093895cf104c65480bf6055e7f689d91e6
c8e703da99eff70ee901628fc4c461ccb880e9c9a1d990ecde106b3f27c55267
GET /g/11533331/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvYjg5ZWY5MjczNjQ3ZGFjMTAyNmM4YjFiMWI3OTQ4NGUuanBlZw.webp?v=1669546680-sIpIHKfwGsls2RY37S6e_JLsSojLHfepV853hCiCDnA HTTP/1.1
Host: s-img.mgid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.seputarbansos.my.id
Connection: keep-alive
Referer: https://www.seputarbansos.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 10:58:01 GMT
content-type: image/webp
content-length: 8234
x-mg-request-uuid: b3309cf2-094b-4701-b11a-a2dd293dbfb4
access-control-allow-origin: *
last-modified: Wed, 01 Dec 2021 12:23:55 GMT
cache-control: immutable, max-age=31536000
cf-cache-status: HIT
age: 2810911
accept-ranges: bytes
set-cookie: __cf_bm=3pujXHDO1jLnudWJcO1q_j_Zx1v7bkwFOmiaoBWHWN8-1669546681-0-AWB2BJ1s4QtghHcgNei1AQiREYAgbN6kYjdhPeTIaW5Ik3HxIjjmghgJr5R3VE7GtDNDlKlctFJefZshS7uRdf8=; path=/; expires=Sun, 27-Nov-22 11:28:01 GMT; domain=.mgid.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 770a58a54d1d0afe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 12d65c9cd1c4bd988fd440a45c9ba9a8
0ed83c646ff9247e02a02f87eb712fb3a2d60e96
8eb40663864e6ac396e2269a524f335708b42e7c2f084c0f14ca49a6e0fa7aef
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2471
Cache-Control: max-age=94823
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 10:58:01 GMT
Etag: "63820879-117"
Expires: Mon, 28 Nov 2022 13:18:24 GMT
Last-Modified: Sat, 26 Nov 2022 12:37:13 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 12d65c9cd1c4bd988fd440a45c9ba9a8
0ed83c646ff9247e02a02f87eb712fb3a2d60e96
8eb40663864e6ac396e2269a524f335708b42e7c2f084c0f14ca49a6e0fa7aef
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4263
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 10:58:01 GMT
Last-Modified: Sun, 27 Nov 2022 09:46:58 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 12d65c9cd1c4bd988fd440a45c9ba9a8
0ed83c646ff9247e02a02f87eb712fb3a2d60e96
8eb40663864e6ac396e2269a524f335708b42e7c2f084c0f14ca49a6e0fa7aef
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2471
Cache-Control: max-age=94823
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 10:58:01 GMT
Etag: "63820879-117"
Expires: Mon, 28 Nov 2022 13:18:24 GMT
Last-Modified: Sat, 26 Nov 2022 12:37:13 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 8835f987270c3a6655732a8b9f79019d
b526a02966f50407fd20c881616a505ca6693ce3
349663442998cf63d2ff77fdfee46ac572703750f977b4f60e9082307309f7c2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 10:58:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
216.58.207.195200 OK 28 kB URL HTTP/2 fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 28288, version 1.0\012- data
Hash 53b5e785dfdca21fa7adf7119fa1f8cc
a3a86dfd216ad29183ba5493ae39d45b62f9d8b8
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
GET /s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://drive.google.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 28288
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 15:21:36 GMT
expires: Thu, 23 Nov 2023 15:21:36 GMT
cache-control: public, max-age=31536000
age: 329785
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.seputarbansos.my.id/favicon.ico
142.250.74.179200 OK 412 B URL HTTP/2 www.seputarbansos.my.id/favicon.ico
IP 142.250.74.179:0
File type MS Windows icon resource - 2 icons, 32x32, 8 bits/pixel, 16x16, 8 bits/pixel\012- data
Hash 501c61a70f5c41181aa050d9110909ca
5b985d5671a7caf686fdfb1df13488c4407f6c9f
c4aaf001607ee331f6871b4dbbf45942b1e197726714fd106e46d70cc10ee97e
GET /favicon.ico HTTP/1.1
Host: www.seputarbansos.my.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seputarbansos.my.id/2022/01/surat-edaran-dirjen-gtk.html
Cookie: MgidStorage=%7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A2%7D%2C%22C1241665%22%3A%7B%22page%22%3A1%2C%22time%22%3A1669546680738%7D%2C%22C1246508%22%3A%7B%22page%22%3A1%2C%22time%22%3A1669546680888%7D%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/x-icon; charset=UTF-8
expires: Sun, 27 Nov 2022 10:58:01 GMT
date: Sun, 27 Nov 2022 10:58:01 GMT
cache-control: private, max-age=86400
last-modified: Tue, 22 Nov 2022 15:16:20 GMT
etag: W/"29e904ae26b6f633fd34af371d4cc3d9ec9b9f008a2692c1228903a20e291186"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 412
server: GSE
X-Firefox-Spdy: h2
ssl.gstatic.com/docs/common/viewer/v3/v-sprite48.svg
142.250.74.99200 OK 51 kB URL HTTP/2 ssl.gstatic.com/docs/common/viewer/v3/v-sprite48.svg
IP 142.250.74.99:0
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document, ASCII text, with very long lines (42426)
Hash d1c92b5dde0697d4fd14646e172bb0a4
1ab221b0ed01385d1e0ceb4070bf359a00129f74
de7da932f2ff6381d2eb2341269f8126b4fce28a601581acffb415c2e6f9cdd0
GET /docs/common/viewer/v3/v-sprite48.svg HTTP/1.1
Host: ssl.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gstatic.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/docs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="docs"
report-to: {"group":"docs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/docs"}]}
content-length: 51325
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 21 Nov 2022 06:00:46 GMT
expires: Tue, 21 Nov 2023 06:00:46 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 19 Oct 2022 15:38:00 GMT
content-type: image/svg+xml
age: 536235
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 202915b1883479caedbf3182cb2008d7
42a79204d2c63c2e9c5b648d9f92be2403c45f56
68794fbf181b0abd0414090bbe52b87a66af50598d6d6e7fdc4f84701a43a719
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3836
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 10:58:01 GMT
Last-Modified: Sun, 27 Nov 2022 09:54:06 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 202915b1883479caedbf3182cb2008d7
42a79204d2c63c2e9c5b648d9f92be2403c45f56
68794fbf181b0abd0414090bbe52b87a66af50598d6d6e7fdc4f84701a43a719
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3374
Cache-Control: max-age=136029
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 10:58:01 GMT
Etag: "6382a5e8-118"
Expires: Tue, 29 Nov 2022 00:45:10 GMT
Last-Modified: Sat, 26 Nov 2022 23:48:56 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 280
cl.imghosts.com/imgh/video/upload/ar_16:9,c_fill,w_680/videos/t/2022-10/101924/cc6d9518697b6d3e16b64fe6cb127ae3.mp4?v=1669546680-bzOhlRLFziG_Bwt3v93QZNSRZzgDakiHSAPYlrsrF9o
172.64.144.64206 Partial Content 265 kB URL HTTP/2 cl.imghosts.com/imgh/video/upload/ar_16:9,c_fill,w_680/videos/t/2022-10/101924/cc6d9518697b6d3e16b64fe6cb127ae3.mp4?v=1669546680-bzOhlRLFziG_Bwt3v93QZNSRZzgDakiHSAPYlrsrF9o
IP 172.64.144.64:0
File type ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data
Size 265 kB (264564 bytes)
Hash c9958d6c072ef1ca278cde5a3c2469ed
443f575b956a48e772f3666f22fe5efe5c76d6fc
1709c595769b789fb68dfcdc1c0ee800319bd49a2ee09c93f777fb07d8d05c6f
GET /imgh/video/upload/ar_16:9,c_fill,w_680/videos/t/2022-10/101924/cc6d9518697b6d3e16b64fe6cb127ae3.mp4?v=1669546680-bzOhlRLFziG_Bwt3v93QZNSRZzgDakiHSAPYlrsrF9o HTTP/1.1
Host: cl.imghosts.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://www.seputarbansos.my.id/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 206 Partial Content
date: Sun, 27 Nov 2022 10:58:01 GMT
content-type: video/mp4;codecs=avc1
content-length: 264564
etag: "c9958d6c072ef1ca278cde5a3c2469ed"
last-modified: Wed, 12 Oct 2022 09:50:04 GMT
cache-control: public, max-age=31536000
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
access-control-allow-origin: *
timing-allow-origin: *
strict-transport-security: max-age=604800
x-content-type-options: nosniff
server-timing: akam;dur=13;start=2022-10-27T22:17:24.567Z;desc=miss,rtt;dur=0,cloudinary;dur=169;start=2022-10-19T10:37:44.125Z
cf-cache-status: HIT
age: 933104
expires: Mon, 27 Nov 2023 10:58:01 GMT
content-range: bytes 0-264563/264564
server: cloudflare
cf-ray: 770a58a76fb1b4ed-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cl.imghosts.com/imgh/image/fetch/ar_16:9,c_fill,f_mp4,fl_lossy,g_faces:auto,w_960/http%3A%2F%2Fimghosts.com%2Ft%2F2022-06%2F101924%2F2f6fb4f104d5f53ba037204ad9e62982.gif?v=1669546680-3ZOmhNFFGzsrOV_IK6TjbW29QocbXeT8RVyWc7F2NrY
172.64.144.64206 Partial Content 677 kB URL HTTP/2 cl.imghosts.com/imgh/image/fetch/ar_16:9,c_fill,f_mp4,fl_lossy,g_faces:auto,w_960/http%3A%2F%2Fimghosts.com%2Ft%2F2022-06%2F101924%2F2f6fb4f104d5f53ba037204ad9e62982.gif?v=1669546680-3ZOmhNFFGzsrOV_IK6TjbW29QocbXeT8RVyWc7F2NrY
IP 172.64.144.64:0
File type ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data
Size 677 kB (676763 bytes)
Hash 53338f3776c923210689cfb76525ffce
44f55c3fa7a31b7b2092326887cbac093b8746fa
23969aa095c52cf103b2628b3ed147d508e858a3714ca11d4be5bc617d4982e9
GET /imgh/image/fetch/ar_16:9,c_fill,f_mp4,fl_lossy,g_faces:auto,w_960/http%3A%2F%2Fimghosts.com%2Ft%2F2022-06%2F101924%2F2f6fb4f104d5f53ba037204ad9e62982.gif?v=1669546680-3ZOmhNFFGzsrOV_IK6TjbW29QocbXeT8RVyWc7F2NrY HTTP/1.1
Host: cl.imghosts.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://www.seputarbansos.my.id/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 206 Partial Content
date: Sun, 27 Nov 2022 10:58:01 GMT
content-type: video/mp4
content-length: 676763
etag: "53338f3776c923210689cfb76525ffce"
last-modified: Tue, 25 Oct 2022 20:54:50 GMT
x-request-id: e91a6d9b39b0eabc61ace1ebecdc6ff0
strict-transport-security: max-age=604800
cache-control: public, max-age=31536000
server-timing: fastly;dur=4042;cpu=0;start=2022-10-25T21:54:21.579Z;desc=miss,rtt;dur=0,cloudinary;dur=4022;start=2022-10-25T21:54:21.578Z,cld-id;desc=e91a6d9b39b0eabc61ace1ebecdc6ff0
timing-allow-origin: *
access-control-allow-origin: *
x-content-type-options: nosniff
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cf-cache-status: HIT
age: 2811796
expires: Mon, 27 Nov 2023 10:58:01 GMT
content-range: bytes 0-676762/676763
server: cloudflare
cf-ray: 770a58a76fbdb4ed-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 202915b1883479caedbf3182cb2008d7
42a79204d2c63c2e9c5b648d9f92be2403c45f56
68794fbf181b0abd0414090bbe52b87a66af50598d6d6e7fdc4f84701a43a719
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3836
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 10:58:01 GMT
Last-Modified: Sun, 27 Nov 2022 09:54:06 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 280
www.seputarbansos.my.id/feeds/posts/default/-/INFO%20GURU?alt=json-in-script&orderby=updated&start-index=37&max-results=5&callback=msRelatedPosts
142.250.74.179200 OK 11 kB URL HTTP/2 www.seputarbansos.my.id/feeds/posts/default/-/INFO%20GURU?alt=json-in-script&orderby=updated&start-index=37&max-results=5&callback=msRelatedPosts
IP 142.250.74.179:0
File type Unicode text, UTF-8 text, with very long lines (42372)
Hash d3617079134e1bf3cda95b0173f46773
8938f9f40e8a1a86956c074604da62e0be2140df
1e2d10145f4ac851794582822988f1d1d282a528a5c51a6e16eb5e274d020484
GET /feeds/posts/default/-/INFO%20GURU?alt=json-in-script&orderby=updated&start-index=37&max-results=5&callback=msRelatedPosts HTTP/1.1
Host: www.seputarbansos.my.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seputarbansos.my.id/2022/01/surat-edaran-dirjen-gtk.html
Cookie: MgidStorage=%7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A2%7D%2C%22C1241665%22%3A%7B%22page%22%3A1%2C%22time%22%3A1669546680738%7D%2C%22C1246508%22%3A%7B%22page%22%3A1%2C%22time%22%3A1669546680888%7D%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
etag: W/"b9ca59d52480993ae4cb69f3e8a94fee3c7afdbdb2b7d77614e71803665ddd87"
date: Sun, 27 Nov 2022 10:58:01 GMT
content-type: text/javascript; charset=UTF-8
server: blogger-renderd
expires: Sun, 27 Nov 2022 10:58:02 GMT
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
x-content-type-options: nosniff
x-xss-protection: 0
last-modified: Tue, 22 Nov 2022 15:16:20 GMT
content-encoding: gzip
content-length: 10766
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 201c67a6a552c4c28506830e2646627f
1862d50fa5241921b8303f3908e18c4a24d784d4
8217272d184496642167470195991bb3ba660d266b433d8d0dff1c1fcbb7a511
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8217272D184496642167470195991BB3BA660D266B433D8D0DFF1C1FCBB7A511"
Last-Modified: Sat, 26 Nov 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11619
Expires: Sun, 27 Nov 2022 14:11:40 GMT
Date: Sun, 27 Nov 2022 10:58:01 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 201c67a6a552c4c28506830e2646627f
1862d50fa5241921b8303f3908e18c4a24d784d4
8217272d184496642167470195991bb3ba660d266b433d8d0dff1c1fcbb7a511
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8217272D184496642167470195991BB3BA660D266B433D8D0DFF1C1FCBB7A511"
Last-Modified: Sat, 26 Nov 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11619
Expires: Sun, 27 Nov 2022 14:11:40 GMT
Date: Sun, 27 Nov 2022 10:58:01 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 8835f987270c3a6655732a8b9f79019d
b526a02966f50407fd20c881616a505ca6693ce3
349663442998cf63d2ff77fdfee46ac572703750f977b4f60e9082307309f7c2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 10:58:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lbs.eu-1-id5-sync.com/lbs/v1
162.19.138.119200 OK 34 B URL HTTP/1.1 lbs.eu-1-id5-sync.com/lbs/v1
IP 162.19.138.119:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 8e5cac957b6da14126a1ab01490a859e
299d63302099f69006e7b20d399ddcd8ad593d9b
8c7a962907cfd993a4d6616a1dce04cd188f25943d3f992a2d07c07c180e419f
GET /lbs/v1 HTTP/1.1
Host: lbs.eu-1-id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://www.seputarbansos.my.id
Connection: keep-alive
Referer: https://www.seputarbansos.my.id/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
date: Sun, 27 Nov 2022 10:58:01 GMT
access-control-allow-origin: https://www.seputarbansos.my.id
vary: Origin
content-type: application/json
content-length: 34
strict-transport-security: max-age=63072000; includeSubDomains; preload
lb.eu-1-id5-sync.com/lb/v1
141.95.33.111200 33 B URL HTTP/1.1 lb.eu-1-id5-sync.com/lb/v1
IP 141.95.33.111:0
File type JSON data\012- , ASCII text, with no line terminators
Hash f34c238d49e30012a2663309d62cc5bc
34ebcd8044382e8da918803068a15e9722fb6f87
173f415473a14ef797357e8829f0eafb13cdbe2a4583bd34dc29b9ce09dd2b3a
GET /lb/v1 HTTP/1.1
Host: lb.eu-1-id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://www.seputarbansos.my.id
Connection: keep-alive
Referer: https://www.seputarbansos.my.id/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-origin: https://www.seputarbansos.my.id
content-type: application/json;charset=UTF-8
transfer-encoding: chunked
date: Sun, 27 Nov 2022 10:58:01 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
lb.eu-1-id5-sync.com/lb/v1
141.95.33.111200 33 B URL HTTP/1.1 lb.eu-1-id5-sync.com/lb/v1
IP 141.95.33.111:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 0408f3160bb14abaa38982838ea8cbf2
4674e25d99b676aa48fe6119d4d0a2a86b4e4bdc
3c6eeef20c16b2ab0cced40c70e7a9471a9fe8cdb94b0e7f5cc5bc2f7cea264b
GET /lb/v1 HTTP/1.1
Host: lb.eu-1-id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://www.seputarbansos.my.id
Connection: keep-alive
Referer: https://www.seputarbansos.my.id/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-origin: https://www.seputarbansos.my.id
content-type: application/json;charset=UTF-8
transfer-encoding: chunked
date: Sun, 27 Nov 2022 10:58:01 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
lbs.eu-1-id5-sync.com/lbs/v1
162.19.138.119200 OK 34 B URL HTTP/1.1 lbs.eu-1-id5-sync.com/lbs/v1
IP 162.19.138.119:0
File type JSON data\012- , ASCII text, with no line terminators
Hash e95f7e59c37a7d8826a2cfe561ec2be7
e782f41021d3c6cd2b56c9121a9ff2dedac9be4c
312255783297e5453fc1750d6610cfdeff3bc73cd2cdff4a9ebf4cb1eabdffee
GET /lbs/v1 HTTP/1.1
Host: lbs.eu-1-id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://www.seputarbansos.my.id
Connection: keep-alive
Referer: https://www.seputarbansos.my.id/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
date: Sun, 27 Nov 2022 10:58:02 GMT
access-control-allow-origin: https://www.seputarbansos.my.id
vary: Origin
content-type: application/json
content-length: 34
strict-transport-security: max-age=63072000; includeSubDomains; preload
lb.eu-1-id5-sync.com/lb/v1
141.95.33.111200 33 B URL HTTP/1.1 lb.eu-1-id5-sync.com/lb/v1
IP 141.95.33.111:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 20d55c1f4ba60adfe86e5656ddf0df56
b3aa8e5c40c5c4b5cbc2141702bd630d695d18b7
18cda477134966988cd60bae449610d6b1cdaf83cde69a6d9424d2ba0e7f541a
GET /lb/v1 HTTP/1.1
Host: lb.eu-1-id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://www.seputarbansos.my.id
Connection: keep-alive
Referer: https://www.seputarbansos.my.id/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-origin: https://www.seputarbansos.my.id
content-type: application/json;charset=UTF-8
transfer-encoding: chunked
date: Sun, 27 Nov 2022 10:58:01 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
lbs.eu-1-id5-sync.com/lbs/v1
162.19.138.119200 OK 34 B URL HTTP/1.1 lbs.eu-1-id5-sync.com/lbs/v1
IP 162.19.138.119:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 22c6f71b6d0f157f99ec4fc7c2f860a8
c8cb71a70dd37ae6ee383a398960096bdb46cdaf
c31c7e1f8f0d9a8b8d1969439a761038a1a751649ea63a7a1a2fccd37649e012
GET /lbs/v1 HTTP/1.1
Host: lbs.eu-1-id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://www.seputarbansos.my.id
Connection: keep-alive
Referer: https://www.seputarbansos.my.id/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
date: Sun, 27 Nov 2022 10:58:02 GMT
access-control-allow-origin: https://www.seputarbansos.my.id
vary: Origin
content-type: application/json
content-length: 34
strict-transport-security: max-age=63072000; includeSubDomains; preload
lbs.eu-1-id5-sync.com/lbs/v1
162.19.138.119200 OK 34 B URL HTTP/1.1 lbs.eu-1-id5-sync.com/lbs/v1
IP 162.19.138.119:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 565a542179518d0eaa30d48be22eb909
1eb4f590cda8ed777a0937c268748e7f50a0426c
9c29cdc64d767050244f9b30ba45e10aa710b47fbbab6136030b3b8ad681fa3f
GET /lbs/v1 HTTP/1.1
Host: lbs.eu-1-id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://www.seputarbansos.my.id
Connection: keep-alive
Referer: https://www.seputarbansos.my.id/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
date: Sun, 27 Nov 2022 10:58:02 GMT
access-control-allow-origin: https://www.seputarbansos.my.id
vary: Origin
content-type: application/json
content-length: 34
strict-transport-security: max-age=63072000; includeSubDomains; preload
lb.eu-1-id5-sync.com/lb/v1
141.95.33.111200 33 B URL HTTP/1.1 lb.eu-1-id5-sync.com/lb/v1
IP 141.95.33.111:0
File type JSON data\012- , ASCII text, with no line terminators
Hash d76c0c8f537d154d214fa2c94131c951
161c2a769e9eca2b45ac3e92719ffbd6fd680cfd
6601111de7f01ba4eb2382e1b280d1267a159279049b0b8e592d7c5cfab7c833
GET /lb/v1 HTTP/1.1
Host: lb.eu-1-id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://www.seputarbansos.my.id
Connection: keep-alive
Referer: https://www.seputarbansos.my.id/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-origin: https://www.seputarbansos.my.id
content-type: application/json;charset=UTF-8
transfer-encoding: chunked
date: Sun, 27 Nov 2022 10:58:01 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
lh3.googleusercontent.com/drive-viewer/AFDK6gMmuKrkfE9tnoEgorMFw_wN3aGp6U8BRLShi2tMqbS3peSiK5Q6b0JSlCOcJKeDuom3l2nkGIJVeI73rYFrGHp9PDyuSw=w800
142.250.74.33200 OK 353 kB URL HTTP/2 lh3.googleusercontent.com/drive-viewer/AFDK6gMmuKrkfE9tnoEgorMFw_wN3aGp6U8BRLShi2tMqbS3peSiK5Q6b0JSlCOcJKeDuom3l2nkGIJVeI73rYFrGHp9PDyuSw=w800
IP 142.250.74.33:0
File type PNG image data, 800 x 1257, 8-bit/color RGB, non-interlaced\012- data
Size 353 kB (353168 bytes)
Hash 01c116177a6b18fed8c235c4b04fc186
43dccfc752c06c7ed8e3503a1f0b19515f600974
725923195491e39e2404711a13e148febf78c58469898e4934bd95bd67ae46fc
GET /drive-viewer/AFDK6gMmuKrkfE9tnoEgorMFw_wN3aGp6U8BRLShi2tMqbS3peSiK5Q6b0JSlCOcJKeDuom3l2nkGIJVeI73rYFrGHp9PDyuSw=w800 HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://drive.google.com/
Origin: https://drive.google.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v1"
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: private, max-age=86400, no-transform
content-disposition: inline;filename="1.SE Aktivasi Akun Pembelajaran PMM - TTD.pdf.png"
content-type: image/png
vary: Origin
access-control-allow-credentials: true
access-control-allow-origin: https://drive.google.com
timing-allow-origin: https://drive.google.com
x-content-type-options: nosniff
date: Sun, 27 Nov 2022 10:58:01 GMT
server: fife
content-length: 353168
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Nov 2022 21:46:16 GMT
expires: Fri, 24 Nov 2023 21:46:16 GMT
cache-control: public, max-age=31536000
age: 220306
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
blogger.googleusercontent.com/img/a/AVvXsEjTWuRt1gMekRPR_wSazu9crOf11JZp6KtE-Rznf98sODJbbcrppld6nVLoGqILOgqAuKcRUXjOxHaVfwvAcJXnlL2PPgYH5kkiQeHGN0AzFQIOtwUVVyzjZhJKEc22cgaBkk09_TOIgvXJrZ_Qtwy2MhaWKByDVgLFOMh5_FpAORpprpSm2eOMAiGiHQ=w640-h356
142.250.74.33200 OK 110 kB URL HTTP/2 blogger.googleusercontent.com/img/a/AVvXsEjTWuRt1gMekRPR_wSazu9crOf11JZp6KtE-Rznf98sODJbbcrppld6nVLoGqILOgqAuKcRUXjOxHaVfwvAcJXnlL2PPgYH5kkiQeHGN0AzFQIOtwUVVyzjZhJKEc22cgaBkk09_TOIgvXJrZ_Qtwy2MhaWKByDVgLFOMh5_FpAORpprpSm2eOMAiGiHQ=w640-h356
IP 142.250.74.33:0
File type PNG image data, 640 x 356, 8-bit/color RGB, non-interlaced\012- data
Size 110 kB (110480 bytes)
Hash 20ddf0cfc15664d9c1d7b874aadf176b
ea44f81aa3ad296b71d533dcbe356029973fdb8c
271040d3477d8c25499a07e93983aa2228426eecde47d412db4b624ee7aaa6be
GET /img/a/AVvXsEjTWuRt1gMekRPR_wSazu9crOf11JZp6KtE-Rznf98sODJbbcrppld6nVLoGqILOgqAuKcRUXjOxHaVfwvAcJXnlL2PPgYH5kkiQeHGN0AzFQIOtwUVVyzjZhJKEc22cgaBkk09_TOIgvXJrZ_Qtwy2MhaWKByDVgLFOMh5_FpAORpprpSm2eOMAiGiHQ=w640-h356 HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seputarbansos.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v8041"
expires: Mon, 28 Nov 2022 10:58:02 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="SE.png"
content-type: image/png
vary: Origin
x-content-type-options: nosniff
date: Sun, 27 Nov 2022 10:58:02 GMT
server: fife
content-length: 110480
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
18.185.190.54200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 18.185.190.54:0
File type ASCII text, with no line terminators
Hash 1b5bfa125d925bdb1faf1987e4f827e7
3a6e88d45902fc20ef79cb3f37d19cd8083a2544
58ce6ff4b580b6f547873afd86127ca7206ebaa8d31c054fcfb393923c614067
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.seputarbansos.my.id
Connection: keep-alive
Referer: https://www.seputarbansos.my.id/
Cookie: uid_id2=fab480c8-dc8f-4b0c-ad12-9a4da37d633e:1:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 10:58:02 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.seputarbansos.my.id
access-control-allow-credentials: true
X-Firefox-Spdy: h2
jsc.mgid.com/s/e/seputarbansos.my.id.1246508.js
104.19.133.78200 OK 1.4 kB URL HTTP/2 jsc.mgid.com/s/e/seputarbansos.my.id.1246508.js
IP 104.19.133.78:0
File type ASCII text, with very long lines (2355)
Hash e9773589155c42a56fc8279059983c74
251736b122bf6b6ae61dd4adab3879b9b6a460db
60be4331974115ea06d7a65d430873dab5be3f18f7ab3afd79baa84b63b861f4
GET /s/e/seputarbansos.my.id.1246508.js HTTP/1.1
Host: jsc.mgid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seputarbansos.my.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 27 Nov 2022 10:57:59 GMT
content-type: text/javascript
x-amz-id-2: JRr/6N4U7t5Pd526rV28Fyk7mzw2cgP5CLh7YujtQnhGjmF1tYHXbLYV2HULyoh43q0MYfT9SLM=
x-amz-request-id: W3B149MP36FD46YX
last-modified: Wed, 23 Nov 2022 11:50:38 GMT
etag: W/"a73903532f38dd8c9a2e13c5bb160638"
x-amz-version-id: SINHylmDnIFmybTjYd6ZgA1qnTikbZ_O
cf-cache-status: MISS
expires: Sun, 27 Nov 2022 13:57:59 GMT
cache-control: public, max-age=10800
set-cookie: __cf_bm=.UCHBCK6EUroztEnMkodpdDetkBmQt4nLKWuNdA3zUs-1669546679-0-AQmprOB3Ggkljq5LfMr1mLZ8RpNYG9vsPOEulTj7EXwZCWYaMQXw+lDbuVPl8l37hZaNKVKmvUn+p/HFDYDS+iA=; path=/; expires=Sun, 27-Nov-22 11:27:59 GMT; domain=.mgid.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 770a589cdcc7fac0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7a4ad623b80e46c36daea4e37670538d
497b2300e3207ed1589887556ea66c7357b80cc8
598661f425f8ec09228a7e8aeb651f0374652b78bace87f1ce458633428550a6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "598661F425F8EC09228A7E8AEB651F0374652B78BACE87F1CE458633428550A6"
Last-Modified: Sat, 26 Nov 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9657
Expires: Sun, 27 Nov 2022 13:38:59 GMT
Date: Sun, 27 Nov 2022 10:58:02 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7a4ad623b80e46c36daea4e37670538d
497b2300e3207ed1589887556ea66c7357b80cc8
598661f425f8ec09228a7e8aeb651f0374652b78bace87f1ce458633428550a6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "598661F425F8EC09228A7E8AEB651F0374652B78BACE87F1CE458633428550A6"
Last-Modified: Sat, 26 Nov 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9657
Expires: Sun, 27 Nov 2022 13:38:59 GMT
Date: Sun, 27 Nov 2022 10:58:02 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7a4ad623b80e46c36daea4e37670538d
497b2300e3207ed1589887556ea66c7357b80cc8
598661f425f8ec09228a7e8aeb651f0374652b78bace87f1ce458633428550a6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "598661F425F8EC09228A7E8AEB651F0374652B78BACE87F1CE458633428550A6"
Last-Modified: Sat, 26 Nov 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9657
Expires: Sun, 27 Nov 2022 13:38:59 GMT
Date: Sun, 27 Nov 2022 10:58:02 GMT
Connection: keep-alive
id5-sync.com/g/v2/231.json
141.95.33.111200 216 B URL HTTP/1.1 id5-sync.com/g/v2/231.json
IP 141.95.33.111:0
File type JSON data\012- , ASCII text, with no line terminators
Hash ff9664e3017cd71f1b5e7303c53f39ec
33c2f66241aa0e63578ea26622dc4e222d396354
ea1f44a2ba6ceeb56c4e26d50b354968c8f52b9193331b75e794b11fc5a14dbe
POST /g/v2/231.json HTTP/1.1
Host: id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 437
Origin: https://www.seputarbansos.my.id
Connection: keep-alive
Referer: https://www.seputarbansos.my.id/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-origin: https://www.seputarbansos.my.id
access-control-allow-credentials: true
content-type: application/json;charset=UTF-8
transfer-encoding: chunked
date: Sun, 27 Nov 2022 10:58:01 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
id5-sync.com/g/v2/231.json
141.95.33.111200 259 B URL HTTP/1.1 id5-sync.com/g/v2/231.json
IP 141.95.33.111:0
File type gzip compressed data, max compression\012- data
Hash 116c64fb10ab082b54236edfd27341b3
dfdde61205932aeb6ab6a113681182df7e0fe74a
0e16890a63ebeb3533db57a64a8bedba43ddfb2de0ce2cdde54f5bbb95fe7258
POST /g/v2/231.json HTTP/1.1
Host: id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 437
Origin: https://www.seputarbansos.my.id
Connection: keep-alive
Referer: https://www.seputarbansos.my.id/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-origin: https://www.seputarbansos.my.id
access-control-allow-credentials: true
content-type: application/json;charset=UTF-8
transfer-encoding: chunked
date: Sun, 27 Nov 2022 10:58:01 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
id5-sync.com/g/v2/231.json
141.95.33.111200 216 B URL HTTP/1.1 id5-sync.com/g/v2/231.json
IP 141.95.33.111:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 671c0166300a9d3dfe0f9bc951c687da
f35ebc70a8b3d80d475db79c17dee7f3bfd2a24c
5babd50484454be1ca533dddfd1c6e2fce098f36b16ca41b78e95d7d1313c7ff
POST /g/v2/231.json HTTP/1.1
Host: id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 437
Origin: https://www.seputarbansos.my.id
Connection: keep-alive
Referer: https://www.seputarbansos.my.id/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-origin: https://www.seputarbansos.my.id
access-control-allow-credentials: true
content-type: application/json;charset=UTF-8
transfer-encoding: chunked
date: Sun, 27 Nov 2022 10:58:01 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
id5-sync.com/g/v2/231.json
141.95.33.111200 216 B URL HTTP/1.1 id5-sync.com/g/v2/231.json
IP 141.95.33.111:0
File type JSON data\012- , ASCII text, with no line terminators
Hash ddfbd5258ef4a91eba63ccb0ff87f181
7babc3de6ca11cc9c31785ea0dc9deed73aba813
5ddd3bfd8d74a0225e477552428a1624e299603335d8c4d503fe14902d3e821b
POST /g/v2/231.json HTTP/1.1
Host: id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 437
Origin: https://www.seputarbansos.my.id
Connection: keep-alive
Referer: https://www.seputarbansos.my.id/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-origin: https://www.seputarbansos.my.id
access-control-allow-credentials: true
content-type: application/json;charset=UTF-8
transfer-encoding: chunked
date: Sun, 27 Nov 2022 10:58:01 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
r3.o.lencr.org/
23.36.76.226200 OK 258 kB IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
File type PNG image data, 800 x 1257, 8-bit/color RGB, non-interlaced\012- data
Size 258 kB (257462 bytes)
Hash c0611c39a9e1a8d145550969c648f792
56ae261de0ca105a0c3ce63bb38aabac9239c93a
2c6f757b7942ba1f021896996ccc2eb71d2a2057061b687c182a22d3a0ed12e2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2C175B54D7281B4960A5ACC06CAC38607F87B947B68B9DAAAAC85835AB313E2B"
Last-Modified: Sun, 27 Nov 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13552
Expires: Sun, 27 Nov 2022 14:43:54 GMT
Date: Sun, 27 Nov 2022 10:58:02 GMT
Connection: keep-alive
wastedinvaluable.com/sbar.json?key=8d6983bd520bd6562358368619db233e
192.243.59.12200 OK 4.2 kB URL HTTP/1.1 wastedinvaluable.com/sbar.json?key=8d6983bd520bd6562358368619db233e
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type JSON data\012- , ASCII text, with very long lines (5742), with no line terminators
Hash 012f6e813b1d21ea82bb6128553e52cc
3cff17dd041f34fb9ea2bd9db608c67afc4d6c11
9e978dc651557b23a0f6a0432d53eb9b60d6cdaada1fdb999e2cb625ed45133e
Analyzer Verdict Alert fortinet Malware
GET /sbar.json?key=8d6983bd520bd6562358368619db233e HTTP/1.1
Host: wastedinvaluable.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.seputarbansos.my.id
Connection: keep-alive
Referer: https://www.seputarbansos.my.id/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sun, 27 Nov 2022 10:58:02 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.seputarbansos.my.id
Access-Control-Allow-Origin: https://www.seputarbansos.my.id
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=17067232; expires=Mon, 28 Nov 2022 10:58:02 GMT; secure; SameSite=None
pdhtkv=true; expires=Mon, 28 Nov 2022 10:58:02 GMT; secure; SameSite=None
uncs=1; expires=Mon, 28 Nov 2022 10:58:02 GMT; secure; SameSite=None
pdhtkv29=true; expires=Mon, 28 Nov 2022 10:58:02 GMT; secure; SameSite=None
uncs29=1; expires=Mon, 28 Nov 2022 10:58:02 GMT; secure; SameSite=None
slec8d6983bd520bd6562358368619db233e=[3760946]; expires=Sun, 27 Nov 2022 10:58:07 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: fd3e5597d9b1ea7d391a6ea245369eec
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
wastedinvaluable.com/ren.gif?sid=H4sIAAAAAAAC%2F1RS32scVRi908Y%2BKAgWQcRfiyhUkM3Mzs5m1z4E01optk1sK3nx5d65dzbX3Jk73Duzs8lTNCAVBLeKoG%2BTs0mDWorFN0GUTV9kQcz6IHlo8E9QinmW3SwEP5j5vnvPeTjnfPfjrfyQuMjpwdJVvS6VorNB1a2cW5YJ14WtXLtZ8dyqe76yLJNG%2FXylO%2F6ZzhueG1Td1ypvi3BVz9Zcz3U916tckkZEujs7QSHTuy2v2nKr9VrVC%2Bromv%2Bfbe7AUge8c0jOQvLRYyu%2F3ocMB0ji7y8Ku5rp9PW34lzRTBt0%2BO57yWqiiwTxyRgZB1GyO2VD2xEhX52CTnanDqA722MHYHJEnD89sGR3KhOss3OslCmIBIw%2FgaIzgFADSDpAqDch%2BT4BQo5ri0jiO9e0KejaMUrH6IjMHD2CLEZk5uHTSOJ7C0p2Kze0yjOpE4tuVEJ2B5DtAdJ8D9m6A1nsIcw%2BguS%2FkdmjK0ji7UWrNCQvJ%2B6lHEBGAyjRA7UO8vEnHeSRgzx1EPODCg1akevORSzy%2FWY9DEPfD8Og2eAB9%2BvNyEUejuX1kKU9hKqH0GwgNRtYlbf3g7Mw%2BS%2BwKyUsd2CzEXHe3UCHlygEQWEJCkpQSIIiIyg65Q5XtmbLO1zZnHnTXpt2v%2BzrrL1Fd3TWFgnZSg%2FJU%2BNonBn1F1bFQaXJG62mz3hQcxlvBI2aHzT9RrPhtTir%2Bb6AlSWkPTVxuy5H5LmXnkEqR%2BT07xqM7sGqPYTyedD8BdCiP1dzQVf69aaL9eQHK9I8o4bRxGpbjdeqkoPrEmk2g2zN2VKH5NnJplphDSIczh%2F9O%2Fjs%2FXNHCE2J1JT4QD4gaKtb%2Feu6INvXdWHJ%2FcU0k7Fcp%2BMt3shoJma%2BfUesFdrwyxdt75s3wzEwHu%2FeFDa7QhMuk7Yl3y1IzoW5pE0oyE%2BX7bJgS7ldWchNkqdXli5cuhynRlgrdTIAlftzXyCUI%2FL41Y3J%2B3zx0weQZgCTl4jzIZkWpN5DmG7ApsP5Rxe%2B%2FPDMKw9hNYFRJxyWOijysm9q7ORSyRHxv34ZSgznP%2F%2FkzD%2F3Xn0SlJWw4iQGJoY%2F%2F33M37K30DYOaLaJJC7RMSU6qgRVPdj8dD9LzXD%2BD39SYMrpM2WcbaaMun0cr5UHFRFEbiTcmmBRi0Vz1OWtqN5itOWJORZQD5kdhZsLP%2F4HAAD%2F%2FwEAAP%2F%2FhnEVG3sEAAA%3D
192.243.59.12200 OK 7 B URL HTTP/1.1 wastedinvaluable.com/ren.gif?sid=H4sIAAAAAAAC%2F1RS32scVRi908Y%2BKAgWQcRfiyhUkM3Mzs5m1z4E01optk1sK3nx5d65dzbX3Jk73Duzs8lTNCAVBLeKoG%2BTs0mDWorFN0GUTV9kQcz6IHlo8E9QinmW3SwEP5j5vnvPeTjnfPfjrfyQuMjpwdJVvS6VorNB1a2cW5YJ14WtXLtZ8dyqe76yLJNG%2FXylO%2F6ZzhueG1Td1ypvi3BVz9Zcz3U916tckkZEujs7QSHTuy2v2nKr9VrVC%2Bromv%2Bfbe7AUge8c0jOQvLRYyu%2F3ocMB0ji7y8Ku5rp9PW34lzRTBt0%2BO57yWqiiwTxyRgZB1GyO2VD2xEhX52CTnanDqA722MHYHJEnD89sGR3KhOss3OslCmIBIw%2FgaIzgFADSDpAqDch%2BT4BQo5ri0jiO9e0KejaMUrH6IjMHD2CLEZk5uHTSOJ7C0p2Kze0yjOpE4tuVEJ2B5DtAdJ8D9m6A1nsIcw%2BguS%2FkdmjK0ji7UWrNCQvJ%2B6lHEBGAyjRA7UO8vEnHeSRgzx1EPODCg1akevORSzy%2FWY9DEPfD8Og2eAB9%2BvNyEUejuX1kKU9hKqH0GwgNRtYlbf3g7Mw%2BS%2BwKyUsd2CzEXHe3UCHlygEQWEJCkpQSIIiIyg65Q5XtmbLO1zZnHnTXpt2v%2BzrrL1Fd3TWFgnZSg%2FJU%2BNonBn1F1bFQaXJG62mz3hQcxlvBI2aHzT9RrPhtTir%2Bb6AlSWkPTVxuy5H5LmXnkEqR%2BT07xqM7sGqPYTyedD8BdCiP1dzQVf69aaL9eQHK9I8o4bRxGpbjdeqkoPrEmk2g2zN2VKH5NnJplphDSIczh%2F9O%2Fjs%2FXNHCE2J1JT4QD4gaKtb%2Feu6INvXdWHJ%2FcU0k7Fcp%2BMt3shoJma%2BfUesFdrwyxdt75s3wzEwHu%2FeFDa7QhMuk7Yl3y1IzoW5pE0oyE%2BX7bJgS7ldWchNkqdXli5cuhynRlgrdTIAlftzXyCUI%2FL41Y3J%2B3zx0weQZgCTl4jzIZkWpN5DmG7ApsP5Rxe%2B%2FPDMKw9hNYFRJxyWOijysm9q7ORSyRHxv34ZSgznP%2F%2FkzD%2F3Xn0SlJWw4iQGJoY%2F%2F33M37K30DYOaLaJJC7RMSU6qgRVPdj8dD9LzXD%2BD39SYMrpM2WcbaaMun0cr5UHFRFEbiTcmmBRi0Vz1OWtqN5itOWJORZQD5kdhZsLP%2F4HAAD%2F%2FwEAAP%2F%2FhnEVG3sEAAA%3D
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RS32scVRi908Y%2BKAgWQcRfiyhUkM3Mzs5m1z4E01optk1sK3nx5d65dzbX3Jk73Duzs8lTNCAVBLeKoG%2BTs0mDWorFN0GUTV9kQcz6IHlo8E9QinmW3SwEP5j5vnvPeTjnfPfjrfyQuMjpwdJVvS6VorNB1a2cW5YJ14WtXLtZ8dyqe76yLJNG%2FXylO%2F6ZzhueG1Td1ypvi3BVz9Zcz3U916tckkZEujs7QSHTuy2v2nKr9VrVC%2Bromv%2Bfbe7AUge8c0jOQvLRYyu%2F3ocMB0ji7y8Ku5rp9PW34lzRTBt0%2BO57yWqiiwTxyRgZB1GyO2VD2xEhX52CTnanDqA722MHYHJEnD89sGR3KhOss3OslCmIBIw%2FgaIzgFADSDpAqDch%2BT4BQo5ri0jiO9e0KejaMUrH6IjMHD2CLEZk5uHTSOJ7C0p2Kze0yjOpE4tuVEJ2B5DtAdJ8D9m6A1nsIcw%2BguS%2FkdmjK0ji7UWrNCQvJ%2B6lHEBGAyjRA7UO8vEnHeSRgzx1EPODCg1akevORSzy%2FWY9DEPfD8Og2eAB9%2BvNyEUejuX1kKU9hKqH0GwgNRtYlbf3g7Mw%2BS%2BwKyUsd2CzEXHe3UCHlygEQWEJCkpQSIIiIyg65Q5XtmbLO1zZnHnTXpt2v%2BzrrL1Fd3TWFgnZSg%2FJU%2BNonBn1F1bFQaXJG62mz3hQcxlvBI2aHzT9RrPhtTir%2Bb6AlSWkPTVxuy5H5LmXnkEqR%2BT07xqM7sGqPYTyedD8BdCiP1dzQVf69aaL9eQHK9I8o4bRxGpbjdeqkoPrEmk2g2zN2VKH5NnJplphDSIczh%2F9O%2Fjs%2FXNHCE2J1JT4QD4gaKtb%2Feu6INvXdWHJ%2FcU0k7Fcp%2BMt3shoJma%2BfUesFdrwyxdt75s3wzEwHu%2FeFDa7QhMuk7Yl3y1IzoW5pE0oyE%2BX7bJgS7ldWchNkqdXli5cuhynRlgrdTIAlftzXyCUI%2FL41Y3J%2B3zx0weQZgCTl4jzIZkWpN5DmG7ApsP5Rxe%2B%2FPDMKw9hNYFRJxyWOijysm9q7ORSyRHxv34ZSgznP%2F%2FkzD%2F3Xn0SlJWw4iQGJoY%2F%2F33M37K30DYOaLaJJC7RMSU6qgRVPdj8dD9LzXD%2BD39SYMrpM2WcbaaMun0cr5UHFRFEbiTcmmBRi0Vz1OWtqN5itOWJORZQD5kdhZsLP%2F4HAAD%2F%2FwEAAP%2F%2FhnEVG3sEAAA%3D HTTP/1.1
Host: wastedinvaluable.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seputarbansos.my.id/
Cookie: u_pl=17067232; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec8d6983bd520bd6562358368619db233e=[3760946]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sun, 27 Nov 2022 10:58:03 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 8ca8903904783a8b318466a2f69d068a
Strict-Transport-Security: max-age=0; includeSubdomains
unseenreport.com/pxf.gif?uuid=fab480c8-dc8f-4b0c-ad12-9a4da37d633e&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=8d6983bd520bd6562358368619db233e&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=10
192.243.59.12200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=fab480c8-dc8f-4b0c-ad12-9a4da37d633e&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=8d6983bd520bd6562358368619db233e&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=10
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=fab480c8-dc8f-4b0c-ad12-9a4da37d633e&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=8d6983bd520bd6562358368619db233e&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=10 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seputarbansos.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sun, 27 Nov 2022 10:58:03 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 7d975ab83d55023a1b242872be838248
Strict-Transport-Security: max-age=0; includeSubdomains
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f3a3efe248a599bcccf04881f3d686cb
10e5741399303e7c20f334d8dd72b4b8c968c0d4
cef064183db51cefadcca610b91c5ea86154ae2024029d60e59a152a7a3b1723
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CEF064183DB51CEFADCCA610B91C5EA86154AE2024029D60E59A152A7A3B1723"
Last-Modified: Sat, 26 Nov 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9920
Expires: Sun, 27 Nov 2022 13:43:23 GMT
Date: Sun, 27 Nov 2022 10:58:03 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ce55e81445f700b6b290ec842b17e5ad
fabdff5a1233d6f7780a15909cb2a4c8ec2af825
36adcf898ee0c49024419b2d15c2ac2d3d48543480fee5efd8731b32f120f5e5
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "36ADCF898EE0C49024419B2D15C2AC2D3D48543480FEE5EFD8731B32F120F5E5"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19442
Expires: Sun, 27 Nov 2022 16:22:05 GMT
Date: Sun, 27 Nov 2022 10:58:03 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ce55e81445f700b6b290ec842b17e5ad
fabdff5a1233d6f7780a15909cb2a4c8ec2af825
36adcf898ee0c49024419b2d15c2ac2d3d48543480fee5efd8731b32f120f5e5
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "36ADCF898EE0C49024419B2D15C2AC2D3D48543480FEE5EFD8731B32F120F5E5"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19442
Expires: Sun, 27 Nov 2022 16:22:05 GMT
Date: Sun, 27 Nov 2022 10:58:03 GMT
Connection: keep-alive
cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/mac/multi/1/img/flash-logo.png
172.64.108.13200 OK 9.4 kB URL HTTP/2 cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/mac/multi/1/img/flash-logo.png
IP 172.64.108.13:0
File type PNG image data, 240 x 240, 8-bit colormap, non-interlaced\012- data
Hash 910542c04f8bf2f90ee33d17d538a006
18d5943e5d51539038f7988c34bccef2937c5545
5969cb3c5c4f573f5c05035ddf9748ee17d5c71df6fca4e484f65d30e2694e57
GET /sb/interstitial/software/flashPlayer/mac/multi/1/img/flash-logo.png HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 10:58:03 GMT
content-type: image/png
content-length: 9360
last-modified: Wed, 01 Sep 2021 12:22:39 GMT
etag: "612f708f-2490"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 1026405
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WbIZsCRGgyTtUAE2%2F7BXMyklO64KgePZXGmSUC6O%2Fi7FlDB5JfQVdsTJTF0aL09LjU4B2BTAd8C7I6idEg0b6P6%2BUwQpT2M7JR%2F%2BEfgSWxETTjkbjzvy9XwLdIqUAlRHB95XVF7yNdft"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 770a58b38dbb004e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.id5-sync.com/api/1.0/id5-api.js
172.67.38.106200 OK 20 kB URL HTTP/2 cdn.id5-sync.com/api/1.0/id5-api.js
IP 172.67.38.106:0
File type ASCII text, with very long lines (58519)
Hash e0cdd58f45a6fdc7d87d13e843c9a6f9
6e72d861cde0dd171c8a23e637d9d2bf19d77b66
50ca1a82564441f44bc5dc3492ec5a76e45af6dabb816abcc298adee1018be78
GET /api/1.0/id5-api.js HTTP/1.1
Host: cdn.id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seputarbansos.my.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 27 Nov 2022 10:58:01 GMT
content-type: text/javascript;charset=utf-8
x-amz-id-2: NzzDMQRIzsXNjVR7/B6e4yrrDcazBk60q2/S2QH7YxwqiaX7/iQchWRPdgPY0BswypKEPiqaJg8=
x-amz-request-id: EK159HTWSS7GNBQ8
last-modified: Thu, 24 Nov 2022 12:48:29 GMT
etag: W/"9ee82d693d1e83b3a37ee20226716f78"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=3600
cf-cache-status: HIT
age: 2680
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
server: cloudflare
cf-ray: 770a58a5cdf41bfa-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ce55e81445f700b6b290ec842b17e5ad
fabdff5a1233d6f7780a15909cb2a4c8ec2af825
36adcf898ee0c49024419b2d15c2ac2d3d48543480fee5efd8731b32f120f5e5
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "36ADCF898EE0C49024419B2D15C2AC2D3D48543480FEE5EFD8731B32F120F5E5"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19442
Expires: Sun, 27 Nov 2022 16:22:05 GMT
Date: Sun, 27 Nov 2022 10:58:03 GMT
Connection: keep-alive
wastedinvaluable.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Finterstitial%2Fsoftware%2FflashPlayer%2Fmac%2Fmulti%2F1%2Fcss%2Fstyle.css&l=4522&fd=337
192.243.59.12200 OK 0 B URL HTTP/1.1 wastedinvaluable.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Finterstitial%2Fsoftware%2FflashPlayer%2Fmac%2Fmulti%2F1%2Fcss%2Fstyle.css&l=4522&fd=337
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Finterstitial%2Fsoftware%2FflashPlayer%2Fmac%2Fmulti%2F1%2Fcss%2Fstyle.css&l=4522&fd=337 HTTP/1.1
Host: wastedinvaluable.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seputarbansos.my.id/
Cookie: u_pl=17067232; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec8d6983bd520bd6562358368619db233e=[3760946]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sun, 27 Nov 2022 10:58:03 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/mac/multi/1/css/animate.css
172.64.108.13200 OK 368 kB URL HTTP/2 cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/mac/multi/1/css/animate.css
IP 172.64.108.13:0
Size 368 kB (367694 bytes)
Hash c2630a8342768cb140236591c9587be5
62142953707839a95f0b09d0a7387677903194a3
c0d3819d79d867a0613447fe8bdbefe4ef703112cd60914fd557dbc02638ac83
GET /sb/interstitial/software/flashPlayer/mac/multi/1/css/animate.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.seputarbansos.my.id
Connection: keep-alive
Referer: https://www.seputarbansos.my.id/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 27 Nov 2022 10:58:03 GMT
content-type: text/css
last-modified: Wed, 01 Sep 2021 12:22:34 GMT
etag: W/"612f708a-13591"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=peiX54xnGK0M8s5%2B%2BXintswxLHoCAlTGMBNpib%2FrIUI5D4ClM0wyYF5VtUW8U0w4EK%2Bg4GGW5gAciae4SdDPr4jWOjANb1o98UkaYLQK05znfcG3re91REoB1ujQYrD1umSGYARxbpHf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 770a58b34d93004e-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
wastedinvaluable.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Finterstitial%2Fsoftware%2FflashPlayer%2Fmac%2Fmulti%2F1%2Fjs%2Fscript.js&l=23003&fd=495
192.243.59.12200 OK 0 B URL HTTP/1.1 wastedinvaluable.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Finterstitial%2Fsoftware%2FflashPlayer%2Fmac%2Fmulti%2F1%2Fjs%2Fscript.js&l=23003&fd=495
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Finterstitial%2Fsoftware%2FflashPlayer%2Fmac%2Fmulti%2F1%2Fjs%2Fscript.js&l=23003&fd=495 HTTP/1.1
Host: wastedinvaluable.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seputarbansos.my.id/
Cookie: u_pl=17067232; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec8d6983bd520bd6562358368619db233e=[3760946]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sun, 27 Nov 2022 10:58:04 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/mac/multi/1/js/jquery.min.js
172.64.108.13200 OK 31 kB URL HTTP/2 cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/mac/multi/1/js/jquery.min.js
IP 172.64.108.13:0
File type ASCII text, with very long lines (32025), with CRLF line terminators
Hash 5d51bed4ab7dfdafab06ec62505c51b3
b29464a9f489ba32e05a859dfafa95c81117981e
3f0a61c87416a76165b51014bbc0334911b3e824a7df8c328ed6a3d44bb0947c
GET /sb/interstitial/software/flashPlayer/mac/multi/1/js/jquery.min.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 10:58:03 GMT
content-type: application/javascript
last-modified: Wed, 01 Sep 2021 12:22:37 GMT
etag: W/"612f708d-149a0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 1026405
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ojqZsnoHou2FvAUjR0j6WCE72VN%2ByaBeKH%2BCZ3rMtmZEpedzDMRSYpRPO373LAkZLTefpKY%2Bt6Q4jR6C1LwNo%2FVlatF0ltPJ4MbGJHE%2FKZgS39BRmIV%2FNdurEQTt5hqKzoGYxNGPrLE4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 770a58b38dbc004e-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
wastedinvaluable.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRit3o17UBBcBBF%2FDaKwgkz6x%2Fx0D8HsurKYTeLuSi5eqqtqJmWqu5qq7ulJTtGArCA4qwh667xJNqjL4uJNEGWyFxkQMx4khw3%2BCcpizjKTgeAH3d9X9d7hvffVx9vZEXGR0cPla3pDKkVnq2W3dGFFxlzntrR4s%2BS5ZfdiaUXGtcrFUnf8M503PLdadl8rvS3Ymp71Xc91PdcrXZFGtHR3doJCJnebXrnplit%2B2atW0DX%2FP9vMgaUOeOeInIfko8dWf70PyQaIo%2B8vC7uW6uT1t6JM0VQbdPjee%2FFarPMY0enYMg5a8d6UDW1HhHx1BjremzqA7uyMHSCUI%2BL86SGM96YyEXZ2T5SGCiJGyJ9A3hlAqAEkHYDpLUh%2BQADGsbiEOLqzqE1O109QOkZHZOb4EWQ%2BIjMPn0Yc3ZtXslu6oVWWSh1bdFsFZHcA2R4gyfaRbjiQ%2BT5Y%2BhEk%2F43MHi8gjnaWrNKQvJi4l3IA2RpAiR6odZCNP%2BkgaznIEgcRPyzRarPluvVW2AqCRoUxFgSMVRs1XuVBpdFykbGxvB7SpAememBmE4nZxJq8fVA9D5P9ArtawHIHNh0R591NdHiBXBDkliCnBLkkyFOCvFPscmV9W9zhymahN%2B3%2BtAdFX6ftbbqr07aIyXZyRJ4aR%2BPMqL%2BwJg5LDV5rNoKQV3035LVqzQ%2BqjaDWqHlNHvpBIGBlAWnPTNxuyBF57qVnkMgROfu7Rkj3YdU%2BmHweNHsBNO%2FXfRd0tV9puNiIf7AiyVJqQhpbbcvRellycF0gSWeQrjvb6og8O9lUk%2FkQbDh3%2FO%2Fgs%2FcvHIOZAokp8IF8QNBWt%2FrXdU52ruvckvtLSSojuUHHW7yR0lTMfPuOWM%2B14Vcv2943b7IxMB7v3hQ2XaAxl3Hbku%2FmJefCXNGGCfLTVbsiwuXMrs5nJs6SheVLV65GiRHWSh0PQOVB%2FQswOSKPX9ucvM8XP30AaQYwWYEoG5JpQep9sGQTNhnOPbr05YfnXnkIqwmMOuWEiYM8K%2FrGD08vlRyR4OuXocRw7vNPzv1z79UnQcMCVpzGEIrhz3%2Bf8LftLbSNA5puIY4KdEyBjipAVQ82O9tPEzOc%2ByOYFELl9ENlnJ1QGXX7JF4rD0tVryIaYaPOOA8F417dDxqB6%2FqcV%2BpN4TWR2hHbmv%2FxPwAAAP%2F%2FAQAA%2F%2F%2BSeZv9ewQAAA%3D%3D
192.243.59.12200 OK 7 B URL HTTP/1.1 wastedinvaluable.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRit3o17UBBcBBF%2FDaKwgkz6x%2Fx0D8HsurKYTeLuSi5eqqtqJmWqu5qq7ulJTtGArCA4qwh667xJNqjL4uJNEGWyFxkQMx4khw3%2BCcpizjKTgeAH3d9X9d7hvffVx9vZEXGR0cPla3pDKkVnq2W3dGFFxlzntrR4s%2BS5ZfdiaUXGtcrFUnf8M503PLdadl8rvS3Ymp71Xc91PdcrXZFGtHR3doJCJnebXrnplit%2B2atW0DX%2FP9vMgaUOeOeInIfko8dWf70PyQaIo%2B8vC7uW6uT1t6JM0VQbdPjee%2FFarPMY0enYMg5a8d6UDW1HhHx1BjremzqA7uyMHSCUI%2BL86SGM96YyEXZ2T5SGCiJGyJ9A3hlAqAEkHYDpLUh%2BQADGsbiEOLqzqE1O109QOkZHZOb4EWQ%2BIjMPn0Yc3ZtXslu6oVWWSh1bdFsFZHcA2R4gyfaRbjiQ%2BT5Y%2BhEk%2F43MHi8gjnaWrNKQvJi4l3IA2RpAiR6odZCNP%2BkgaznIEgcRPyzRarPluvVW2AqCRoUxFgSMVRs1XuVBpdFykbGxvB7SpAememBmE4nZxJq8fVA9D5P9ArtawHIHNh0R591NdHiBXBDkliCnBLkkyFOCvFPscmV9W9zhymahN%2B3%2BtAdFX6ftbbqr07aIyXZyRJ4aR%2BPMqL%2BwJg5LDV5rNoKQV3035LVqzQ%2BqjaDWqHlNHvpBIGBlAWnPTNxuyBF57qVnkMgROfu7Rkj3YdU%2BmHweNHsBNO%2FXfRd0tV9puNiIf7AiyVJqQhpbbcvRellycF0gSWeQrjvb6og8O9lUk%2FkQbDh3%2FO%2Fgs%2FcvHIOZAokp8IF8QNBWt%2FrXdU52ruvckvtLSSojuUHHW7yR0lTMfPuOWM%2B14Vcv2943b7IxMB7v3hQ2XaAxl3Hbku%2FmJefCXNGGCfLTVbsiwuXMrs5nJs6SheVLV65GiRHWSh0PQOVB%2FQswOSKPX9ucvM8XP30AaQYwWYEoG5JpQep9sGQTNhnOPbr05YfnXnkIqwmMOuWEiYM8K%2FrGD08vlRyR4OuXocRw7vNPzv1z79UnQcMCVpzGEIrhz3%2Bf8LftLbSNA5puIY4KdEyBjipAVQ82O9tPEzOc%2ByOYFELl9ENlnJ1QGXX7JF4rD0tVryIaYaPOOA8F417dDxqB6%2FqcV%2BpN4TWR2hHbmv%2FxPwAAAP%2F%2FAQAA%2F%2F%2BSeZv9ewQAAA%3D%3D
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRit3o17UBBcBBF%2FDaKwgkz6x%2Fx0D8HsurKYTeLuSi5eqqtqJmWqu5qq7ulJTtGArCA4qwh667xJNqjL4uJNEGWyFxkQMx4khw3%2BCcpizjKTgeAH3d9X9d7hvffVx9vZEXGR0cPla3pDKkVnq2W3dGFFxlzntrR4s%2BS5ZfdiaUXGtcrFUnf8M503PLdadl8rvS3Ymp71Xc91PdcrXZFGtHR3doJCJnebXrnplit%2B2atW0DX%2FP9vMgaUOeOeInIfko8dWf70PyQaIo%2B8vC7uW6uT1t6JM0VQbdPjee%2FFarPMY0enYMg5a8d6UDW1HhHx1BjremzqA7uyMHSCUI%2BL86SGM96YyEXZ2T5SGCiJGyJ9A3hlAqAEkHYDpLUh%2BQADGsbiEOLqzqE1O109QOkZHZOb4EWQ%2BIjMPn0Yc3ZtXslu6oVWWSh1bdFsFZHcA2R4gyfaRbjiQ%2BT5Y%2BhEk%2F43MHi8gjnaWrNKQvJi4l3IA2RpAiR6odZCNP%2BkgaznIEgcRPyzRarPluvVW2AqCRoUxFgSMVRs1XuVBpdFykbGxvB7SpAememBmE4nZxJq8fVA9D5P9ArtawHIHNh0R591NdHiBXBDkliCnBLkkyFOCvFPscmV9W9zhymahN%2B3%2BtAdFX6ftbbqr07aIyXZyRJ4aR%2BPMqL%2BwJg5LDV5rNoKQV3035LVqzQ%2BqjaDWqHlNHvpBIGBlAWnPTNxuyBF57qVnkMgROfu7Rkj3YdU%2BmHweNHsBNO%2FXfRd0tV9puNiIf7AiyVJqQhpbbcvRellycF0gSWeQrjvb6og8O9lUk%2FkQbDh3%2FO%2Fgs%2FcvHIOZAokp8IF8QNBWt%2FrXdU52ruvckvtLSSojuUHHW7yR0lTMfPuOWM%2B14Vcv2943b7IxMB7v3hQ2XaAxl3Hbku%2FmJefCXNGGCfLTVbsiwuXMrs5nJs6SheVLV65GiRHWSh0PQOVB%2FQswOSKPX9ucvM8XP30AaQYwWYEoG5JpQep9sGQTNhnOPbr05YfnXnkIqwmMOuWEiYM8K%2FrGD08vlRyR4OuXocRw7vNPzv1z79UnQcMCVpzGEIrhz3%2Bf8LftLbSNA5puIY4KdEyBjipAVQ82O9tPEzOc%2ByOYFELl9ENlnJ1QGXX7JF4rD0tVryIaYaPOOA8F417dDxqB6%2FqcV%2BpN4TWR2hHbmv%2FxPwAAAP%2F%2FAQAA%2F%2F%2BSeZv9ewQAAA%3D%3D HTTP/1.1
Host: wastedinvaluable.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seputarbansos.my.id/
Cookie: u_pl=17067232; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec8d6983bd520bd6562358368619db233e=[3760946]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sun, 27 Nov 2022 10:58:04 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: cf411dd1cb405350de917daa78c9266e
Strict-Transport-Security: max-age=0; includeSubdomains
cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/mac/multi/1/css/style.css
172.64.108.13200 OK 1.3 kB URL HTTP/2 cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/mac/multi/1/css/style.css
IP 172.64.108.13:0
Hash b0b362d133eb4904706bb0622229b74f
22d89f78efb4c1cf967ac7e28821f4f39df8baf7
79b0f34463059aaa97b3b2f0f3319f64e893a595ce9e300d86fb031cc7fa28c0
GET /sb/interstitial/software/flashPlayer/mac/multi/1/css/style.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.seputarbansos.my.id
Connection: keep-alive
Referer: https://www.seputarbansos.my.id/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 27 Nov 2022 10:58:03 GMT
content-type: text/css
last-modified: Wed, 01 Sep 2021 12:22:34 GMT
etag: W/"612f708a-11aa"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ft7LjYvW3aOJAMlPk9iBoWI0EiZE65Q3f0iDDv3Ko%2F%2B3p5xPz1fjQLKu7kG6QSCvayFf0B33ldgv2b9pAOJBP%2BYiMRCssAP9vOSndxTEm9RSsYSYUByFzfjuHzEZ8nFmp%2F8ZFE2Kr2w5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 770a58b34d95004e-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
216.58.207.195200 OK 0 B URL HTTP/2 fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 216.58.207.195:0
GET /s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.seputarbansos.my.id
Connection: keep-alive
Referer: https://www.seputarbansos.my.id/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15816
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 26 Nov 2022 21:11:43 GMT
expires: Sun, 26 Nov 2023 21:11:43 GMT
cache-control: public, max-age=31536000
age: 49576
last-modified: Wed, 24 Jul 2019 01:19:00 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.barscreative1.com/sb/interstitial/software/flashPlayer/mac/multi/1/index.html
45.133.44.3200 OK 0 B URL HTTP/2 cdn.barscreative1.com/sb/interstitial/software/flashPlayer/mac/multi/1/index.html
IP 45.133.44.3:0
ASN #39572 DataWeb Global Group B.V.
Analyzer Verdict Alert fortinet Phishing
GET /sb/interstitial/software/flashPlayer/mac/multi/1/index.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.seputarbansos.my.id
Connection: keep-alive
Referer: https://www.seputarbansos.my.id/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 27 Nov 2022 10:58:03 GMT
content-type: text/html; charset=utf-8
server: nginx/1.17.6
last-modified: Wed, 01 Sep 2021 12:22:33 GMT
etag: W/"612f7089-cfb"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
expires: Sun, 27 Nov 2022 11:58:03 GMT
x-proxy-cache: HIT
X-Firefox-Spdy: h2
jsc.mgid.com/s/e/seputarbansos.my.id.1241665.js
104.19.133.78200 OK 0 B URL HTTP/2 jsc.mgid.com/s/e/seputarbansos.my.id.1241665.js
IP 104.19.133.78:0
GET /s/e/seputarbansos.my.id.1241665.js HTTP/1.1
Host: jsc.mgid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seputarbansos.my.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 27 Nov 2022 10:57:59 GMT
content-type: text/javascript
x-amz-id-2: FAi/OgcxwsAXK2bshTNXX86qOp2ySpKLRBe+z08CRnB0VQmbNT7QUWWJa/4pVatxdL0exgb+wcw=
x-amz-request-id: W3B1KRXT02VW7DN0
last-modified: Wed, 23 Nov 2022 11:49:24 GMT
etag: W/"d7f42632ce7c373bba23b4b1d9f08031"
x-amz-version-id: 3Bh4QwB5.W_2ItzxklwRbMFp9b0Z0Mk_
cf-cache-status: MISS
expires: Sun, 27 Nov 2022 13:57:59 GMT
cache-control: public, max-age=10800
set-cookie: __cf_bm=f3NlhhWQVHPjtWVYTb5hsVlxjDvo2LsNGWxvn2SK6WA-1669546679-0-AdluMH6A4Eb3pe68zgpyZY00l3V2kpygPAyxSkwwZ0TUKgOBffyTg3ShJmOsHDKuF2awt/lTOCWSJNgNG4BzaNw=; path=/; expires=Sun, 27-Nov-22 11:27:59 GMT; domain=.mgid.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 770a589cccbffac0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Google+Sans:300,400,500,700
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Google+Sans:300,400,500,700
IP 142.250.74.10:0
GET /css?family=Google+Sans:300,400,500,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://drive.google.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 27 Nov 2022 10:58:00 GMT
date: Sun, 27 Nov 2022 10:58:00 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/mac/multi/1/img/close.svg
172.64.108.13200 OK 0 B URL HTTP/2 cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/mac/multi/1/img/close.svg
IP 172.64.108.13:0
GET /sb/interstitial/software/flashPlayer/mac/multi/1/img/close.svg HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 10:58:03 GMT
content-type: image/svg+xml
last-modified: Wed, 01 Sep 2021 12:22:39 GMT
etag: W/"612f708f-4ff"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 1026405
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tXbpjwQOGG2TYVAd71DK0At9JLwhYqfQmlPuVrgrXUiIggMXMJXMhwEly0fEa%2FoZsdgo2AGDYXFmXodvOlMQUyBz9%2FiSMyTVWGQorzajvuUD4a%2FmQE8iZYhL5%2BzEqqox3sZLg7v3YbgE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 770a58b38db6004e-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2