operatesophisticatedcompletelyinfo-program.info Open in urlscan Pro
50.17.153.178  Public Scan

Submitted URL: http://aans1.blogspot.my/2015/09/perlawanan-dihentikan-tindakan-cerdik.html
Effective URL: https://operatesophisticatedcompletelyinfo-program.info/y3lWCwiP498hO9TYTVG3jUQwG2Y2kwKEoFQs4b0qgCE?cid=[CLICK_ID]&sid=[SUB_ID]
Submission: On January 18 via api from US — Scanned from US

Summary

This website contacted 29 IPs in 2 countries across 36 domains to perform 116 HTTP transactions. The main IP is 50.17.153.178, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is operatesophisticatedcompletelyinfo-program.info.
TLS certificate: Issued by R3 on January 16th 2024. Valid for: 3 months.
This is the only time operatesophisticatedcompletelyinfo-program.info was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 3 2607:f8b0:400... 15169 (GOOGLE)
13 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
1 9 2600:9000:211... 16509 (AMAZON-02)
4 2607:f8b0:400... 15169 (GOOGLE)
2 2 139.45.197.238 9002 (RETN-AS)
2 139.45.197.239 9002 (RETN-AS)
1 170.39.226.155 57695 (MISAKA Mi...)
1 2 18.191.83.3 16509 (AMAZON-02)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
5 2607:f8b0:400... 15169 (GOOGLE)
4 2607:f8b0:400... 15169 (GOOGLE)
3 23.48.224.79 20940 (AKAMAI-ASN1)
1 3.161.150.8 16509 (AMAZON-02)
1 3.163.115.42 16509 (AMAZON-02)
1 2a03:2880:f11... 32934 (FACEBOOK)
4 2606:4700:21:... 13335 (CLOUDFLAR...)
1 2606:2800:220... 15133 (EDGECAST)
1 52.201.6.220 14618 (AMAZON-AES)
17 2a03:2880:f01... 32934 (FACEBOOK)
2 2a03:2880:f00... 32934 (FACEBOOK)
2 2a03:2880:f00... 32934 (FACEBOOK)
1 18.238.55.87 16509 (AMAZON-02)
1 3.14.20.113 16509 (AMAZON-02)
2 52.200.240.59 14618 (AMAZON-AES)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 1 3.93.251.206 14618 (AMAZON-AES)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 50.17.153.178 14618 (AMAZON-AES)
116 29
Apex Domain
Subdomains
Transfer
21 fbcdn.net
static.xx.fbcdn.net — Cisco Umbrella Rank: 955
scontent-iad3-1.xx.fbcdn.net — Cisco Umbrella Rank: 4865
scontent-iad3-2.xx.fbcdn.net — Cisco Umbrella Rank: 4916
102 KB
17 sharethis.com
w.sharethis.com — Cisco Umbrella Rank: 26432
ws.sharethis.com — Cisco Umbrella Rank: 12458
l.sharethis.com — Cisco Umbrella Rank: 4514
t.sharethis.com — Cisco Umbrella Rank: 5730
platform-api.sharethis.com — Cisco Umbrella Rank: 4337
count-server.sharethis.com — Cisco Umbrella Rank: 10926
pd.sharethis.com — Cisco Umbrella Rank: 12612
89 KB
12 blogger.com
www.blogger.com — Cisco Umbrella Rank: 12161
282 KB
6 blogspot.com
aans1.blogspot.com
1.bp.blogspot.com — Cisco Umbrella Rank: 11960
4.bp.blogspot.com — Cisco Umbrella Rank: 15285
345 KB
5 youtube.com
www.youtube.com — Cisco Umbrella Rank: 75
972 KB
4 dtscout.com
t.dtscout.com — Cisco Umbrella Rank: 13665
4 KB
4 gstatic.com
fonts.gstatic.com
57 KB
2 ganda-ljo.com
ganda-ljo.com — Cisco Umbrella Rank: 921296
3 KB
2 padsdel.com
go.padsdel.com
376 B
2 padstm.com
go.padstm.com
590 B
2 google.com
apis.google.com — Cisco Umbrella Rank: 106
www.google.com Failed
77 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 28
jnn-pa.googleapis.com — Cisco Umbrella Rank: 220
937 B
1 operatesophisticatedcompletelyinfo-program.info
operatesophisticatedcompletelyinfo-program.info
700 B
1 finalice.net
pro.finalice.net — Cisco Umbrella Rank: 531220
542 B
1 wsafeguardpush.com
wsafeguardpush.com — Cisco Umbrella Rank: 265534
735 B
1 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 Failed
static.doubleclick.net — Cisco Umbrella Rank: 263
1 s-onetag.com
get.s-onetag.com — Cisco Umbrella Rank: 5021
1 crwdcntrl.net
bcp.crwdcntrl.net — Cisco Umbrella Rank: 898
614 B
1 blogblog.com
resources.blogblog.com — Cisco Umbrella Rank: 19720
2 KB
1 twitter.com
platform.twitter.com — Cisco Umbrella Rank: 1230
28 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 107
64 KB
1 amung.us
widgets.amung.us — Cisco Umbrella Rank: 30312
19 KB
1 clicksasia.com
www.clicksasia.com
290 B
1 blogspot.my
aans1.blogspot.my
476 B
0 linkedin.com Failed
px.ads.linkedin.com Failed
0 yahoo.com Failed
cms.analytics.yahoo.com Failed
0 ml314.com Failed
ml314.com Failed
0 eyeota.net Failed
ps.eyeota.net Failed
0 adsrvr.org Failed
match.adsrvr.org Failed
0 exelator.com Failed
loadus.exelator.com Failed
0 ggpht.com Failed
yt3.ggpht.com Failed
0 ytimg.com Failed
i.ytimg.com Failed
0 nuffnang.com.my Failed
eccdn1.synad3.nuffnang.com.my Failed
synad2.nuffnang.com.my Failed
0 cplus.com.my Failed
cplus.com.my Failed
0 busuk.org Failed
busuk.org Failed
0 melvister.com Failed
www.melvister.com Failed
116 36
Domain Requested by
17 static.xx.fbcdn.net www.facebook.com
12 www.blogger.com aans1.blogspot.com
www.blogger.com
7 ws.sharethis.com w.sharethis.com
ws.sharethis.com
aans1.blogspot.com
5 www.youtube.com aans1.blogspot.com
www.youtube.com
4 t.dtscout.com widgets.amung.us
t.dtscout.com
4 fonts.gstatic.com fonts.googleapis.com
www.blogger.com
www.youtube.com
3 t.sharethis.com w.sharethis.com
t.sharethis.com
3 1.bp.blogspot.com aans1.blogspot.com
2 ganda-ljo.com www.clicksasia.com
ganda-ljo.com
2 scontent-iad3-2.xx.fbcdn.net www.facebook.com
2 scontent-iad3-1.xx.fbcdn.net www.facebook.com
2 l.sharethis.com 1 redirects aans1.blogspot.com
2 go.padsdel.com aans1.blogspot.com
2 go.padstm.com 2 redirects
2 w.sharethis.com 1 redirects aans1.blogspot.com
2 apis.google.com aans1.blogspot.com
apis.google.com
2 aans1.blogspot.com aans1.blogspot.com
1 operatesophisticatedcompletelyinfo-program.info ganda-ljo.com
1 pro.finalice.net 1 redirects
1 wsafeguardpush.com 1 redirects
1 jnn-pa.googleapis.com www.youtube.com
1 static.doubleclick.net www.youtube.com
1 pd.sharethis.com t.dtscout.com
1 get.s-onetag.com t.dtscout.com
1 bcp.crwdcntrl.net platform-api.sharethis.com
1 resources.blogblog.com www.blogger.com
1 platform.twitter.com aans1.blogspot.com
1 www.facebook.com aans1.blogspot.com
1 count-server.sharethis.com ws.sharethis.com
1 platform-api.sharethis.com w.sharethis.com
1 4.bp.blogspot.com aans1.blogspot.com
1 widgets.amung.us aans1.blogspot.com
1 www.clicksasia.com aans1.blogspot.com
1 fonts.googleapis.com aans1.blogspot.com
1 aans1.blogspot.my 1 redirects
0 px.ads.linkedin.com Failed
0 cms.analytics.yahoo.com Failed
0 ml314.com Failed
0 ps.eyeota.net Failed
0 match.adsrvr.org Failed
0 loadus.exelator.com Failed
0 yt3.ggpht.com Failed www.youtube.com
0 i.ytimg.com Failed www.youtube.com
0 www.google.com Failed www.youtube.com
www.blogger.com
0 googleads.g.doubleclick.net Failed www.youtube.com
0 synad2.nuffnang.com.my Failed aans1.blogspot.com
0 eccdn1.synad3.nuffnang.com.my Failed aans1.blogspot.com
0 cplus.com.my Failed aans1.blogspot.com
0 busuk.org Failed aans1.blogspot.com
0 www.melvister.com Failed aans1.blogspot.com
116 50

This site contains no links.

Subject Issuer Validity Valid
*.blogger.com
GTS CA 1C3
2023-12-11 -
2024-03-04
3 months crt.sh
*.apis.google.com
GTS CA 1C3
2023-12-11 -
2024-03-04
3 months crt.sh
sharethis.com
Amazon RSA 2048 M02
2023-05-20 -
2024-06-17
a year crt.sh
*.google.com
GTS CA 1C3
2023-12-11 -
2024-03-04
3 months crt.sh
cert1-prod.aut.a24365.net
R3
2024-01-18 -
2024-04-17
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2023-10-28 -
2024-01-26
3 months crt.sh
dtscout.com
GTS CA 1P5
2024-01-18 -
2024-04-17
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2023-12-11 -
2024-03-04
3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01
2023-10-08 -
2024-11-05
a year crt.sh
*.s-onetag.com
Amazon RSA 2048 M03
2023-11-04 -
2024-12-01
a year crt.sh
ganda-ljo.com
Amazon RSA 2048 M01
2023-09-12 -
2024-10-10
a year crt.sh
*.doubleclick.net
GTS CA 1C3
2023-12-11 -
2024-03-04
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2023-12-11 -
2024-03-04
3 months crt.sh
operatesophisticatedcompletelyinfo-program.info
R3
2024-01-16 -
2024-04-15
3 months crt.sh

This page contains 7 frames:

Primary Page: https://operatesophisticatedcompletelyinfo-program.info/y3lWCwiP498hO9TYTVG3jUQwG2Y2kwKEoFQs4b0qgCE?cid=[CLICK_ID]&sid=[SUB_ID]
Frame ID: C8CF50216E15D2143FF5FC6E13CADAB3
Requests: 54 HTTP requests in this frame

Frame: https://www.youtube.com/embed/9ps97StqPxM
Frame ID: 1317172C9FB643A7F5154B439BF560C7
Requests: 16 HTTP requests in this frame

Frame: https://www.blogger.com/comment/frame/8306328461180016453?po=4016776587373148261&hl=en&blogspotRpcToken=8067955
Frame ID: 8FF7853089DA252F715B0BF0121F37ED
Requests: 11 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fnegerisembilan&width&height=590&colorscheme=light&show_faces=true&header=true&stream=true&show_border=true
Frame ID: DF0BF0936651B154FD6773228565476D
Requests: 26 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.1268.23381&cid=c010
Frame ID: D7ACA603D02C665D5EDF82D8A2FA2402
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/1.1268.23381/a/US/t_.js?cid=c010
Frame ID: F1914AD8F6D8DF0EC7931977B65B2D8F
Requests: 9 HTTP requests in this frame

Frame: https://t.dtscout.com/idg/?su=51A0170561113688C88A033E64E00CD2
Frame ID: E1E91D60BB04CA31961AED32E4828B55
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

404 Not Found

Page URL History Show full URLs

  1. http://aans1.blogspot.my/2015/09/perlawanan-dihentikan-tindakan-cerdik.html HTTP 302
    http://aans1.blogspot.com/2015/09/perlawanan-dihentikan-tindakan-cerdik.html Page URL
  2. https://ganda-ljo.com/zclkvisitor/76f69681-b643-11ee-b79c-12fbcb9b0367/d11f3a10-2cff-11ec-b832-0ae... Page URL
  3. https://ganda-ljo.com/zclkredirect?visitid=76f69681-b643-11ee-b79c-12fbcb9b0367&type=js&browserWid... Page URL
  4. https://wsafeguardpush.com/mc-test/f5bee1ea7c99920772438a653a04d1e7/index.php?cid=zr76f69681b64311eeb79... HTTP 302
    https://pro.finalice.net/ZGzGXN/?utm_source=24300&utm_campaign=14461906&cid=[CLICK_ID]&sid=[SUB_ID] HTTP 302
    https://operatesophisticatedcompletelyinfo-program.info/y3lWCwiP498hO9TYTVG3jUQwG2Y2kwKEoFQs4b0qgCE?cid=[CLICK_ID]&sid=[SUB_ID] Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • w\.sharethis\.com/

Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js

Page Statistics

116
Requests

58 %
HTTPS

58 %
IPv6

36
Domains

50
Subdomains

29
IPs

2
Countries

2045 kB
Transfer

6632 kB
Size

17
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://aans1.blogspot.my/2015/09/perlawanan-dihentikan-tindakan-cerdik.html HTTP 302
    http://aans1.blogspot.com/2015/09/perlawanan-dihentikan-tindakan-cerdik.html Page URL
  2. https://ganda-ljo.com/zclkvisitor/76f69681-b643-11ee-b79c-12fbcb9b0367/d11f3a10-2cff-11ec-b832-0aea8b85a94f?campaignid=4b644170-2bc4-11ee-a6a0-123f4a2b6bb7 Page URL
  3. https://ganda-ljo.com/zclkredirect?visitid=76f69681-b643-11ee-b79c-12fbcb9b0367&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false&usingEventListener=true Page URL
  4. https://wsafeguardpush.com/mc-test/f5bee1ea7c99920772438a653a04d1e7/index.php?cid=zr76f69681b64311eeb79c12fbcb9b0367fe51addcd224450598402ad0db665472079316f20d543c7e55&dom=juliet-ape-vzym86rqjp&s=0.020000 HTTP 302
    https://pro.finalice.net/ZGzGXN/?utm_source=24300&utm_campaign=14461906&cid=[CLICK_ID]&sid=[SUB_ID] HTTP 302
    https://operatesophisticatedcompletelyinfo-program.info/y3lWCwiP498hO9TYTVG3jUQwG2Y2kwKEoFQs4b0qgCE?cid=[CLICK_ID]&sid=[SUB_ID] Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://aans1.blogspot.my/2015/09/perlawanan-dihentikan-tindakan-cerdik.html HTTP 302
  • http://aans1.blogspot.com/2015/09/perlawanan-dihentikan-tindakan-cerdik.html
Request Chain 3
  • http://apis.google.com/js/plusone.js HTTP 307
  • https://apis.google.com/js/plusone.js
Request Chain 4
  • http://w.sharethis.com/button/buttons.js HTTP 301
  • https://w.sharethis.com/button/buttons.js
Request Chain 6
  • http://go.padstm.com/?id=292517 HTTP 302
  • http://go.padsdel.com/?id=292517
Request Chain 9
  • http://www.melvister.com/wp-content/uploads/2015/09/kes-malaysia.jpg HTTP 301
  • https://www.melvister.com/wp-content/uploads/2015/09/kes-malaysia.jpg
Request Chain 10
  • http://www.melvister.com/wp-content/uploads/2015/09/malaysia-vs-arab.jpg HTTP 301
  • https://www.melvister.com/wp-content/uploads/2015/09/malaysia-vs-arab.jpg
Request Chain 11
  • http://www.melvister.com/wp-content/uploads/2015/09/puak.jpg HTTP 301
  • https://www.melvister.com/wp-content/uploads/2015/09/puak.jpg
Request Chain 12
  • http://www.melvister.com/wp-content/uploads/2015/09/kebakaran.jpg HTTP 301
  • https://www.melvister.com/wp-content/uploads/2015/09/kebakaran.jpg
Request Chain 13
  • http://www.melvister.com/wp-content/uploads/2015/09/malaysia-1.jpg HTTP 301
  • https://www.melvister.com/wp-content/uploads/2015/09/malaysia-1.jpg
Request Chain 14
  • http://www.melvister.com/wp-content/uploads/2015/09/malaysia-2.jpg HTTP 301
  • https://www.melvister.com/wp-content/uploads/2015/09/malaysia-2.jpg
Request Chain 15
  • http://www.melvister.com/wp-content/uploads/2015/09/malaysia-3.jpg HTTP 301
  • https://www.melvister.com/wp-content/uploads/2015/09/malaysia-3.jpg
Request Chain 16
  • http://www.melvister.com/wp-content/uploads/2015/09/malaysia-5.jpg HTTP 301
  • https://www.melvister.com/wp-content/uploads/2015/09/malaysia-5.jpg
Request Chain 19
  • http://busuk.org/banner.jpg HTTP 301
  • https://busuk.org/banner.jpg
Request Chain 20
  • http://go.padstm.com/?id=292519 HTTP 302
  • http://go.padsdel.com/?id=292519
Request Chain 26
  • https://l.sharethis.com/pview?event=pview&version=buttons.js&lang=en&sessionID=1705611136135.36024&hostname=aans1.blogspot.com&location=%2F2015%2F09%2Fperlawanan-dihentikan-tindakan-cerdik.html&product=widget&fcmp=false&fcmpv2=false&publisher=ur.00000000-0000-0000-0000-000000000000&url=http%3A%2F%2Faans1.blogspot.com%2F2015%2F09%2Fperlawanan-dihentikan-tindakan-cerdik.html&title=Perlawanan%20dihentikan.%20Tindakan%20cerdik%20Ultras%20selamatkan%20maruah%20Harimau%20Malaya%20dari%20dimalukan%2010-0%20seperti%20dulu&sop=false&description=Punca%20perlawanan%20Malaysia%20vs%20Arab%20Saudi%20dihentikan%20pada%208%20September%202015.%20Penyokong%20Ultras%20Malaya%20telah%20membuat%20kecoh%20apabila%20membaling%20bom%20... HTTP 301
  • https://l.sharethis.com/sc?event=pview&version=buttons.js&lang=en&sessionID=1705611136135.36024&hostname=aans1.blogspot.com&location=%2F2015%2F09%2Fperlawanan-dihentikan-tindakan-cerdik.html&product=widget&fcmp=false&fcmpv2=false&publisher=ur.00000000-0000-0000-0000-000000000000&url=http%3A%2F%2Faans1.blogspot.com%2F2015%2F09%2Fperlawanan-dihentikan-tindakan-cerdik.html&title=Perlawanan%20dihentikan.%20Tindakan%20cerdik%20Ultras%20selamatkan%20maruah%20Harimau%20Malaya%20dari%20dimalukan%2010-0%20seperti%20dulu&sop=false&description=Punca%20perlawanan%20Malaysia%20vs%20Arab%20Saudi%20dihentikan%20pada%208%20September%202015.%20Penyokong%20Ultras%20Malaya%20telah%20membuat%20kecoh%20apabila%20membaling%20bom%20...&samesite=None
Request Chain 43
  • http://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fnegerisembilan&width&height=590&colorscheme=light&show_faces=true&header=true&stream=true&show_border=true HTTP 307
  • https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fnegerisembilan&width&height=590&colorscheme=light&show_faces=true&header=true&stream=true&show_border=true
Request Chain 57
  • http://t.sharethis.com/a/t_.htm?ver=1.1268.23381&cid=c010 HTTP 307
  • https://t.sharethis.com/a/t_.htm?ver=1.1268.23381&cid=c010
Request Chain 95
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

116 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
perlawanan-dihentikan-tindakan-cerdik.html
aans1.blogspot.com/2015/09/
Redirect Chain
  • http://aans1.blogspot.my/2015/09/perlawanan-dihentikan-tindakan-cerdik.html
  • http://aans1.blogspot.com/2015/09/perlawanan-dihentikan-tindakan-cerdik.html
56 KB
16 KB
Document
General
Full URL
http://aans1.blogspot.com/2015/09/perlawanan-dihentikan-tindakan-cerdik.html
Protocol
HTTP/1.1
Server
2607:f8b0:4006:80c::2001 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
2db331ff66567494dcd9912ecdfe782fbe3416afa2235aceb4360c45fc9f7430
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, max-age=0
Content-Encoding
gzip
Content-Length
15813
Content-Type
text/html; charset=UTF-8
Date
Thu, 18 Jan 2024 20:52:15 GMT
ETag
W/"462635c1d8441f489a3f6b9cb686fbff1eb1f25f73b8adf4b5b487df09f2e504"
Expires
Thu, 18 Jan 2024 20:52:15 GMT
Last-Modified
Wed, 17 Jan 2024 12:27:09 GMT
Server
GSE
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block

Redirect headers

Cache-Control
private, max-age=0
Content-Encoding
gzip
Content-Length
210
Content-Security-Policy
frame-ancestors 'self'
Content-Type
text/html; charset=UTF-8
Date
Thu, 18 Jan 2024 20:52:15 GMT
Expires
Thu, 18 Jan 2024 20:52:15 GMT
Location
http://aans1.blogspot.com/2015/09/perlawanan-dihentikan-tindakan-cerdik.html
Server
GSE
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block
55013136-widget_css_bundle.css
www.blogger.com/static/v1/widgets/
30 KB
7 KB
Stylesheet
General
Full URL
https://www.blogger.com/static/v1/widgets/55013136-widget_css_bundle.css
Requested by
Host: aans1.blogspot.com
URL: http://aans1.blogspot.com/2015/09/perlawanan-dihentikan-tindakan-cerdik.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2009 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1a2eca9e492e3a21e02dd77ad44d7af45c4091d35ede79e948b7a3f23e5b3617
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
http://aans1.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 22:33:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
80328
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6620
x-xss-protection
0
last-modified
Wed, 17 Jan 2024 21:05:19 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Thu, 16 Jan 2025 22:33:27 GMT
css
fonts.googleapis.com/
422 B
937 B
Stylesheet
General
Full URL
http://fonts.googleapis.com/css?family=Josefin+Slab
Requested by
Host: aans1.blogspot.com
URL: http://aans1.blogspot.com/2015/09/perlawanan-dihentikan-tindakan-cerdik.html
Protocol
HTTP/1.1
Server
2607:f8b0:4006:823::200a Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
73402e08e7c160348558102100e1b1dbcab884480b4887f7b6fc5167c96a5396
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
http://aans1.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Thu, 18 Jan 2024 20:52:15 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
X-XSS-Protection
0
Last-Modified
Thu, 18 Jan 2024 20:52:15 GMT
Server
ESF
Cross-Origin-Opener-Policy
same-origin-allow-popups
X-Frame-Options
SAMEORIGIN
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=86400, stale-while-revalidate=604800
Timing-Allow-Origin
*
Link
<http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires
Thu, 18 Jan 2024 20:52:15 GMT
plusone.js
apis.google.com/js/
Redirect Chain
  • http://apis.google.com/js/plusone.js
  • https://apis.google.com/js/plusone.js
56 KB
22 KB
Script
General
Full URL
https://apis.google.com/js/plusone.js
Requested by
Host: aans1.blogspot.com
URL: http://aans1.blogspot.com/2015/09/perlawanan-dihentikan-tindakan-cerdik.html
Protocol
H2
Server
2607:f8b0:4004:c19::66 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
63326a1c4e0eddd3501f0a064b06a2708eb0362f3ae934f53145978d3d0799b5
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
http://aans1.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 18 Jan 2024 20:52:15 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21930
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
etag
"198f19c141a8a438"
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 18 Jan 2024 20:52:15 GMT

Redirect headers

Location
https://apis.google.com/js/plusone.js
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
buttons.js
w.sharethis.com/button/
Redirect Chain
  • http://w.sharethis.com/button/buttons.js
  • https://w.sharethis.com/button/buttons.js
106 KB
27 KB
Script
General
Full URL
https://w.sharethis.com/button/buttons.js
Requested by
Host: aans1.blogspot.com
URL: http://aans1.blogspot.com/2015/09/perlawanan-dihentikan-tindakan-cerdik.html
Protocol
H2
Server
2600:9000:211c:3a00:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
c06ec88641687c7f653a3e6b3a601130400dc1698afe67c531d693406cd99440
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
http://aans1.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 08:40:22 GMT
content-encoding
gzip
via
1.1 6ecf35677ede41c0a96f262ec39b4894.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx/1.20.1
x-amz-cf-pop
JFK52-P4
age
43914
etag
W/"658496ad-1a60a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=259200
x-robots-tag
noindex, nofollow
x-amz-cf-id
lrg3dyfiXpVeGjjq-WINTknpfB5WVi6pnbQ8FFF8xtGqcxBO-ev6yA==
expires
Sun, 21 Jan 2024 08:40:22 GMT

Redirect headers

Date
Thu, 18 Jan 2024 20:52:15 GMT
Via
1.1 3f3479c6387cb9e42ecda1d46e66eddc.cloudfront.net (CloudFront)
Server
CloudFront
X-Amz-Cf-Pop
JFK52-P4
X-Cache
Redirect from cloudfront
Content-Type
text/html
Location
https://w.sharethis.com/button/buttons.js
Connection
keep-alive
Content-Length
167
X-Amz-Cf-Id
61B7jSSkrldctYViE7X1gge4dXmKHNCcXyU--o3M5D6-bz2N7sw4Gw==
12.jpg
1.bp.blogspot.com/-ho1JUe_TJ-8/Vdb8kU0l1dI/AAAAAAAAKNI/JB0-WlsU-eM/s1600/
119 KB
120 KB
Image
General
Full URL
http://1.bp.blogspot.com/-ho1JUe_TJ-8/Vdb8kU0l1dI/AAAAAAAAKNI/JB0-WlsU-eM/s1600/12.jpg
Requested by
Host: aans1.blogspot.com
URL: http://aans1.blogspot.com/2015/09/perlawanan-dihentikan-tindakan-cerdik.html
Protocol
HTTP/1.1
Server
2607:f8b0:4006:822::2001 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
b24bc09a6345b5ff13f8ed35497ae71ecb464dbde6470fdb6ff9a409d7cdd59a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
http://aans1.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Thu, 18 Jan 2024 20:42:01 GMT
X-Content-Type-Options
nosniff
Server
fife
Age
614
ETag
"v28d3"
Vary
Origin
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length
Cache-Control
public, max-age=86400, no-transform
Content-Disposition
inline;filename="12.jpg"
Timing-Allow-Origin
*
Content-Length
121948
X-XSS-Protection
0
Expires
Fri, 19 Jan 2024 20:42:01 GMT
/
go.padsdel.com/
Redirect Chain
  • http://go.padstm.com/?id=292517
  • http://go.padsdel.com/?id=292517
8 B
188 B
Script
General
Full URL
http://go.padsdel.com/?id=292517
Requested by
Host: aans1.blogspot.com
URL: http://aans1.blogspot.com/2015/09/perlawanan-dihentikan-tindakan-cerdik.html
Protocol
HTTP/1.1
Server
139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
3938c63e8b782001c4b451b439634c1380b1e262d919e11ba7374862835d83e4

Request headers

accept-language
en-US,en;q=0.9
Referer
http://aans1.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Thu, 18 Jan 2024 20:52:16 GMT
Server
nginx
Connection
keep-alive
Content-Length
8
Content-Type
application/octet-stream, text/plain

Redirect headers

Date
Thu, 18 Jan 2024 20:52:16 GMT
Strict-Transport-Security
max-age=1
X-Content-Type-Options
nosniff
Server
nginx
Content-Type
text/html
Location
http://go.padsdel.com/?id=292517
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
138
FotorCreated.jpg
1.bp.blogspot.com/-uzF0oVy_F7U/VgPjgVVKEuI/AAAAAAAAKag/UsyXtm5xJmA/s1600/
190 KB
190 KB
Image
General
Full URL
http://1.bp.blogspot.com/-uzF0oVy_F7U/VgPjgVVKEuI/AAAAAAAAKag/UsyXtm5xJmA/s1600/FotorCreated.jpg
Requested by
Host: aans1.blogspot.com
URL: http://aans1.blogspot.com/2015/09/perlawanan-dihentikan-tindakan-cerdik.html
Protocol
HTTP/1.1
Server
2607:f8b0:4006:822::2001 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
5610b5ea3ee9980442e7ecb7f199e6fb7c9dc28dea4c83502d7badbe76cc53a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
http://aans1.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Thu, 18 Jan 2024 20:42:02 GMT
X-Content-Type-Options
nosniff
Server
fife
Age
613
ETag
"v29a9"
Vary
Origin
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length
Cache-Control
public, max-age=86400, no-transform
Content-Disposition
inline;filename="FotorCreated.jpg"
Timing-Allow-Origin
*
Content-Length
194499
X-XSS-Protection
0
Expires
Fri, 19 Jan 2024 20:42:02 GMT
Sukan
aans1.blogspot.com/feeds/posts/default/-/
85 KB
18 KB
Script
General
Full URL
http://aans1.blogspot.com/feeds/posts/default/-/Sukan?alt=json-in-script&callback=related_results_labels&max-results=17
Requested by
Host: aans1.blogspot.com
URL: http://aans1.blogspot.com/2015/09/perlawanan-dihentikan-tindakan-cerdik.html
Protocol
HTTP/1.1
Server
2607:f8b0:4006:80c::2001 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
blogger-renderd /
Resource Hash
c031caee6292f7746af7052b3bea47d1e25ae21e1aa1c05d450d2fae91b9ef65
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
http://aans1.blogspot.com/2015/09/perlawanan-dihentikan-tindakan-cerdik.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Thu, 18 Jan 2024 20:52:16 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Wed, 17 Jan 2024 12:27:09 GMT
Server
blogger-renderd
ETag
W/"9ecf857c8ca07bb1065bbc51a61bf93e5adb12021ea70c155caba5cc67ccac62"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
text/javascript; charset=UTF-8
Cache-Control
public, must-revalidate, proxy-revalidate, max-age=1
Cross-Origin-Resource-Policy
cross-origin
Content-Length
17805
X-XSS-Protection
0
Expires
Thu, 18 Jan 2024 20:52:17 GMT
kes-malaysia.jpg
www.melvister.com/wp-content/uploads/2015/09/
Redirect Chain
  • http://www.melvister.com/wp-content/uploads/2015/09/kes-malaysia.jpg
  • https://www.melvister.com/wp-content/uploads/2015/09/kes-malaysia.jpg
0
0

malaysia-vs-arab.jpg
www.melvister.com/wp-content/uploads/2015/09/
Redirect Chain
  • http://www.melvister.com/wp-content/uploads/2015/09/malaysia-vs-arab.jpg
  • https://www.melvister.com/wp-content/uploads/2015/09/malaysia-vs-arab.jpg
0
0

puak.jpg
www.melvister.com/wp-content/uploads/2015/09/
Redirect Chain
  • http://www.melvister.com/wp-content/uploads/2015/09/puak.jpg
  • https://www.melvister.com/wp-content/uploads/2015/09/puak.jpg
0
0

kebakaran.jpg
www.melvister.com/wp-content/uploads/2015/09/
Redirect Chain
  • http://www.melvister.com/wp-content/uploads/2015/09/kebakaran.jpg
  • https://www.melvister.com/wp-content/uploads/2015/09/kebakaran.jpg
0
0

malaysia-1.jpg
www.melvister.com/wp-content/uploads/2015/09/
Redirect Chain
  • http://www.melvister.com/wp-content/uploads/2015/09/malaysia-1.jpg
  • https://www.melvister.com/wp-content/uploads/2015/09/malaysia-1.jpg
0
0

malaysia-2.jpg
www.melvister.com/wp-content/uploads/2015/09/
Redirect Chain
  • http://www.melvister.com/wp-content/uploads/2015/09/malaysia-2.jpg
  • https://www.melvister.com/wp-content/uploads/2015/09/malaysia-2.jpg
0
0

malaysia-3.jpg
www.melvister.com/wp-content/uploads/2015/09/
Redirect Chain
  • http://www.melvister.com/wp-content/uploads/2015/09/malaysia-3.jpg
  • https://www.melvister.com/wp-content/uploads/2015/09/malaysia-3.jpg
0
0

malaysia-5.jpg
www.melvister.com/wp-content/uploads/2015/09/
Redirect Chain
  • http://www.melvister.com/wp-content/uploads/2015/09/malaysia-5.jpg
  • https://www.melvister.com/wp-content/uploads/2015/09/malaysia-5.jpg
0
0

icon18_edit_allbkg.gif
www.blogger.com/img/
162 B
747 B
Image
General
Full URL
http://www.blogger.com/img/icon18_edit_allbkg.gif
Requested by
Host: aans1.blogspot.com
URL: http://aans1.blogspot.com/2015/09/perlawanan-dihentikan-tindakan-cerdik.html
Protocol
HTTP/1.1
Server
2607:f8b0:4006:81e::2009 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ca9848e6006cfec8f9ffa29433ade8152204bdb95579200831c6dc0f53dff70b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
http://aans1.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Thu, 18 Jan 2024 09:46:23 GMT
X-Content-Type-Options
nosniff
Last-Modified
Thu, 18 Jan 2024 09:05:08 GMT
Server
sffe
Age
39953
Report-To
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Type
image/gif
Cache-Control
public, max-age=604800
Cross-Origin-Resource-Policy
cross-origin
Accept-Ranges
bytes
Content-Length
162
X-XSS-Protection
0
Cross-Origin-Opener-Policy-Report-Only
same-origin; report-to="blogger-tech"
Expires
Thu, 25 Jan 2024 09:46:23 GMT
4235886812-comment_from_post_iframe.js
www.blogger.com/static/v1/jsbin/
17 KB
7 KB
Script
General
Full URL
https://www.blogger.com/static/v1/jsbin/4235886812-comment_from_post_iframe.js
Requested by
Host: aans1.blogspot.com
URL: http://aans1.blogspot.com/2015/09/perlawanan-dihentikan-tindakan-cerdik.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2009 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d86e5bbbff2909f2cefcd5edbbb5b224660e76913e3872dc029758206955a8c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
http://aans1.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 10:55:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
35783
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6760
x-xss-protection
0
last-modified
Wed, 17 Jan 2024 11:03:46 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Fri, 17 Jan 2025 10:55:53 GMT
banner.jpg
busuk.org/
Redirect Chain
  • http://busuk.org/banner.jpg
  • https://busuk.org/banner.jpg
0
0

/
go.padsdel.com/
Redirect Chain
  • http://go.padstm.com/?id=292519
  • http://go.padsdel.com/?id=292519
8 B
188 B
Script
General
Full URL
http://go.padsdel.com/?id=292519
Requested by
Host: aans1.blogspot.com
URL: http://aans1.blogspot.com/2015/09/perlawanan-dihentikan-tindakan-cerdik.html
Protocol
HTTP/1.1
Server
139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
http://aans1.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Thu, 18 Jan 2024 20:52:16 GMT
Server
nginx
Connection
keep-alive
Content-Length
8
Content-Type
application/octet-stream, text/plain

Redirect headers

Date
Thu, 18 Jan 2024 20:52:16 GMT
Strict-Transport-Security
max-age=1
X-Content-Type-Options
nosniff
Server
nginx
Content-Type
text/html
Location
http://go.padsdel.com/?id=292519
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
138
inline.js
www.clicksasia.com/openx/www/delivery/
175 B
290 B
Script
General
Full URL
http://www.clicksasia.com/openx/www/delivery/inline.js
Requested by
Host: aans1.blogspot.com
URL: http://aans1.blogspot.com/2015/09/perlawanan-dihentikan-tindakan-cerdik.html
Protocol
HTTP/1.1
Server
170.39.226.155 Secaucus, United States, ASN57695 (MISAKA Misaka Network, Inc., US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
http://aans1.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Thu, 18 Jan 2024 20:52:17 GMT
Content-Length
175
Content-Type
application/javascript
spcjs.php
cplus.com.my/openx/www/delivery/
0
0

679989195-widgets.js
www.blogger.com/static/v1/widgets/
160 KB
58 KB
Script
General
Full URL
https://www.blogger.com/static/v1/widgets/679989195-widgets.js
Requested by
Host: aans1.blogspot.com
URL: http://aans1.blogspot.com/2015/09/perlawanan-dihentikan-tindakan-cerdik.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2009 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
739dbea7eb85c2e12156177af95d71cf74a08ce110a56c39e1ee2ff390a07e9b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
http://aans1.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 15:14:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
20280
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
59234
x-xss-protection
0
last-modified
Fri, 12 Jan 2024 12:02:32 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Fri, 17 Jan 2025 15:14:16 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.y0xCMa4KeeI.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8-3MGCaatZB3kdS5TpZdd-gOSBHg/
158 KB
55 KB
Script
General
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.y0xCMa4KeeI.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8-3MGCaatZB3kdS5TpZdd-gOSBHg/cb=gapi.loaded_0?le=scs
Requested by
Host: apis.google.com
URL: http://apis.google.com/js/plusone.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c19::66 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb1609e85d8370b7259775c76a2ba7456ee2ed72cb45cb68e59f14d3a6b0a0a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
http://aans1.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 20:01:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
89435
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
55872
x-xss-protection
0
last-modified
Wed, 06 Dec 2023 19:05:16 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 16 Jan 2025 20:01:41 GMT
async-buttons.js
ws.sharethis.com/button/
89 KB
19 KB
Script
General
Full URL
https://ws.sharethis.com/button/async-buttons.js
Requested by
Host: w.sharethis.com
URL: http://w.sharethis.com/button/buttons.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211c:3a00:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
c92c3814d5c8ef8bd016d9cb4dec18ff0dfca4a3f2b4968207888383095e0197
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
http://aans1.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 04:46:31 GMT
content-encoding
gzip
via
1.1 6ecf35677ede41c0a96f262ec39b4894.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
JFK52-P4
age
57945
x-cache
Hit from cloudfront
content-length
18814
server
nginx/1.20.1
etag
W/"658496e7-16245"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=259200
x-robots-tag
noindex, nofollow
x-amz-cf-id
h7gpl4aFwMAcKyXF7tllZ4t24ZDYLt0fL5ssiy5TnhqY3FhRTWQxcQ==
expires
Sun, 21 Jan 2024 04:46:31 GMT
sc
l.sharethis.com/
Redirect Chain
  • https://l.sharethis.com/pview?event=pview&version=buttons.js&lang=en&sessionID=1705611136135.36024&hostname=aans1.blogspot.com&location=%2F2015%2F09%2Fperlawanan-dihentikan-tindakan-cerdik.html&pro...
  • https://l.sharethis.com/sc?event=pview&version=buttons.js&lang=en&sessionID=1705611136135.36024&hostname=aans1.blogspot.com&location=%2F2015%2F09%2Fperlawanan-dihentikan-tindakan-cerdik.html&produc...
176 B
699 B
XHR
General
Full URL
https://l.sharethis.com/sc?event=pview&version=buttons.js&lang=en&sessionID=1705611136135.36024&hostname=aans1.blogspot.com&location=%2F2015%2F09%2Fperlawanan-dihentikan-tindakan-cerdik.html&product=widget&fcmp=false&fcmpv2=false&publisher=ur.00000000-0000-0000-0000-000000000000&url=http%3A%2F%2Faans1.blogspot.com%2F2015%2F09%2Fperlawanan-dihentikan-tindakan-cerdik.html&title=Perlawanan%20dihentikan.%20Tindakan%20cerdik%20Ultras%20selamatkan%20maruah%20Harimau%20Malaya%20dari%20dimalukan%2010-0%20seperti%20dulu&sop=false&description=Punca%20perlawanan%20Malaysia%20vs%20Arab%20Saudi%20dihentikan%20pada%208%20September%202015.%20Penyokong%20Ultras%20Malaya%20telah%20membuat%20kecoh%20apabila%20membaling%20bom%20...&samesite=None
Requested by
Host: aans1.blogspot.com
URL: http://aans1.blogspot.com/2015/09/perlawanan-dihentikan-tindakan-cerdik.html
Protocol
HTTP/1.1
Server
18.191.83.3 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-191-83-3.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
d7ccce9a24e9fb35e35609d658d3d905f2c045bd5ad1e354f5e1820c373ddb35
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
en-US,en;q=0.9
Referer
http://aans1.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Thu, 18 Jan 2024 20:52:16 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Access-Control-Max-Age
1728000
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
http://aans1.blogspot.com
Access-Control-Expose-Headers
stid
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Stid
ZGKABWWpj4AAAAAIZI9pAw==
Access-Control-Allow-Headers
*
Content-Length
176
X-Robots-Tag
noindex, nofollow

Redirect headers

Date
Thu, 18 Jan 2024 20:52:16 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Access-Control-Max-Age
1728000
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
http://aans1.blogspot.com
Location
/sc?event=pview&version=buttons.js&lang=en&sessionID=1705611136135.36024&hostname=aans1.blogspot.com&location=%2F2015%2F09%2Fperlawanan-dihentikan-tindakan-cerdik.html&product=widget&fcmp=false&fcmpv2=false&publisher=ur.00000000-0000-0000-0000-000000000000&url=http%3A%2F%2Faans1.blogspot.com%2F2015%2F09%2Fperlawanan-dihentikan-tindakan-cerdik.html&title=Perlawanan%20dihentikan.%20Tindakan%20cerdik%20Ultras%20selamatkan%20maruah%20Harimau%20Malaya%20dari%20dimalukan%2010-0%20seperti%20dulu&sop=false&description=Punca%20perlawanan%20Malaysia%20vs%20Arab%20Saudi%20dihentikan%20pada%208%20September%202015.%20Penyokong%20Ultras%20Malaya%20telah%20membuat%20kecoh%20apabila%20membaling%20bom%20...&samesite=None
Access-Control-Expose-Headers
stid
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Stid
ZGKABWWpj4AAAAAIZI9pAw==
Access-Control-Allow-Headers
*
Content-Length
804
X-Robots-Tag
noindex, nofollow
authorization.css
www.blogger.com/dyn-css/
1 B
684 B
Stylesheet
General
Full URL
https://www.blogger.com/dyn-css/authorization.css?targetBlogID=8306328461180016453&zx=eb262a5a-e694-4747-b2cf-798b21b024d9
Requested by
Host: aans1.blogspot.com
URL: http://aans1.blogspot.com/2015/09/perlawanan-dihentikan-tindakan-cerdik.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2009 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
Security Headers
Name Value
Content-Security-Policy script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
http://aans1.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
content-security-policy
script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
date
Thu, 18 Jan 2024 20:52:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 18 Jan 2024 20:52:16 GMT
server
GSE
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-type
text/css; charset=UTF-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
tab.js
widgets.amung.us/
29 KB
19 KB
Script
General
Full URL
http://widgets.amung.us/tab.js
Requested by
Host: aans1.blogspot.com
URL: http://aans1.blogspot.com/2015/09/perlawanan-dihentikan-tindakan-cerdik.html
Protocol
HTTP/1.1
Server
2606:4700:10::6816:4aab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
http://aans1.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Thu, 18 Jan 2024 20:52:16 GMT
content-encoding
gzip
CF-Cache-Status
HIT
Age
281
Transfer-Encoding
chunked
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 12 Jan 2023 17:19:40 GMT
Server
cloudflare
etag
W/"63c0412c-728a"
Vary
Accept-Encoding
Content-Type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=86400
CF-RAY
8479b8830e2e4267-EWR
expires
Fri, 19 Jan 2024 20:47:35 GMT
authorization.css
www.blogger.com/dyn-css/
1 B
88 B
Stylesheet
General
Full URL
https://www.blogger.com/dyn-css/authorization.css?targetBlogID=8306328461180016453&zx=eb262a5a-e694-4747-b2cf-798b21b024d9
Requested by
Host: aans1.blogspot.com
URL: http://aans1.blogspot.com/2015/09/perlawanan-dihentikan-tindakan-cerdik.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2009 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
Security Headers
Name Value
Content-Security-Policy script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
http://aans1.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
content-security-policy
script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
date
Thu, 18 Jan 2024 20:52:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 18 Jan 2024 20:52:16 GMT
server
GSE
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-type
text/css; charset=UTF-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
lb.js
eccdn1.synad3.nuffnang.com.my/
0
0

9ps97StqPxM
www.youtube.com/embed/ Frame 1317
92 KB
41 KB
Document
General
Full URL
https://www.youtube.com/embed/9ps97StqPxM
Requested by
Host: aans1.blogspot.com
URL: http://aans1.blogspot.com/2015/09/perlawanan-dihentikan-tindakan-cerdik.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::200e Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://aans1.blogspot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
cross-origin-resource-policy
cross-origin
date
Thu, 18 Jan 2024 20:52:16 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
subcribe%2Bthesis.gif
4.bp.blogspot.com/-Cjrjhse6Exc/T_YQ7dMaIpI/AAAAAAAACxg/3RqA3xoGSj0/s1600/
354 B
818 B
Image
General
Full URL
http://4.bp.blogspot.com/-Cjrjhse6Exc/T_YQ7dMaIpI/AAAAAAAACxg/3RqA3xoGSj0/s1600/subcribe%2Bthesis.gif
Requested by
Host: aans1.blogspot.com
URL: http://aans1.blogspot.com/2015/09/perlawanan-dihentikan-tindakan-cerdik.html
Protocol
HTTP/1.1
Server
2607:f8b0:4006:822::2001 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
http://aans1.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Thu, 18 Jan 2024 20:42:02 GMT
X-Content-Type-Options
nosniff
Server
fife
Age
614
ETag
"v248c"
Vary
Origin
Content-Type
image/gif
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length
Cache-Control
public, max-age=86400, no-transform
Content-Disposition
inline;filename="subcribe thesis.gif"
Timing-Allow-Origin
*
Content-Length
354
X-XSS-Protection
0
Expires
Fri, 19 Jan 2024 20:42:02 GMT
lW-swjwOK3Ps5GSJlNNkMalNpiZe_ldbOR4W71msR349Kg.woff2
fonts.gstatic.com/s/josefinslab/v26/
10 KB
11 KB
Font
General
Full URL
http://fonts.gstatic.com/s/josefinslab/v26/lW-swjwOK3Ps5GSJlNNkMalNpiZe_ldbOR4W71msR349Kg.woff2
Requested by
Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Josefin+Slab
Protocol
HTTP/1.1
Server
2607:f8b0:4006:80c::2003 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
394851aa5b50c25c7cd5498ff2f5b1575591265b82c07dcd1848894aef3f7700
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://fonts.googleapis.com/
Origin
http://aans1.blogspot.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Thu, 18 Jan 2024 09:22:59 GMT
X-Content-Type-Options
nosniff
Age
41357
Content-Security-Policy-Report-Only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy
cross-origin
Content-Length
10324
X-XSS-Protection
0
Last-Modified
Thu, 24 Aug 2023 21:40:04 GMT
Server
sffe
Cross-Origin-Opener-Policy
same-origin; report-to="apps-themes"
Report-To
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Expires
Fri, 17 Jan 2025 09:22:59 GMT
t.dhj
t.sharethis.com/1/k/
2 KB
2 KB
Script
General
Full URL
https://t.sharethis.com/1/k/t.dhj?rnd=1705611136472&cid=c010&dmn=aans1.blogspot.com&gdpr_domain=false
Requested by
Host: w.sharethis.com
URL: http://w.sharethis.com/button/buttons.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.48.224.79 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-224-79.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
http://aans1.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Thu, 18 Jan 2024 20:52:16 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
Content-Type
application/javascript
Cache-Control
private, max-age=3600
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
1364
Expires
Thu, 18 Jan 2024 21:52:16 GMT
panorama.js
platform-api.sharethis.com/
39 KB
12 KB
Script
General
Full URL
https://platform-api.sharethis.com/panorama.js
Requested by
Host: w.sharethis.com
URL: http://w.sharethis.com/button/buttons.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.150.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-150-8.atl59.r.cloudfront.net
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
http://aans1.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 20:43:37 GMT
content-encoding
gzip
via
1.1 9768d3869cd25955b086c1904f7610fe.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Tue, 09 Jan 2024 01:04:19 GMT
x-amz-cf-pop
ATL59-P5
age
519
etag
W/"9a71-18cebbfb638"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
x-cache
Hit from cloudfront
cache-control
public, max-age=3600
accept-ranges
bytes
x-amz-cf-id
Usk3pzEZai7k0w6bhs6XCVDhJNYxS9SRBF3FT3RQIaV0tODAncrgTQ==
8306328461180016453
www.blogger.com/comment/frame/ Frame 8FF7
62 KB
17 KB
Document
General
Full URL
https://www.blogger.com/comment/frame/8306328461180016453?po=4016776587373148261&hl=en&blogspotRpcToken=8067955
Requested by
Host: www.blogger.com
URL: https://www.blogger.com/static/v1/jsbin/4235886812-comment_from_post_iframe.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2009 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/BloggerCommentUi/cspreport script-src 'report-sample' 'nonce-s3UBJP8qStQlvfYFIJDigw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/BloggerCommentUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /_/BloggerCommentUi/cspreport/allowlist
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://aans1.blogspot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
require-trusted-types-for 'script';report-uri /_/BloggerCommentUi/cspreport script-src 'report-sample' 'nonce-s3UBJP8qStQlvfYFIJDigw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/BloggerCommentUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /_/BloggerCommentUi/cspreport/allowlist
content-type
text/html; charset=utf-8
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-site
date
Thu, 18 Jan 2024 20:52:16 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options
nosniff
x-ua-compatible
IE=edge
x-xss-protection
0
buttons-secure.css
ws.sharethis.com/button/css/
23 KB
4 KB
Stylesheet
General
Full URL
https://ws.sharethis.com/button/css/buttons-secure.css
Requested by
Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/async-buttons.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211c:3a00:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
http://aans1.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 18:43:57 GMT
content-encoding
gzip
via
1.1 6ecf35677ede41c0a96f262ec39b4894.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 21 Dec 2023 19:49:59 GMT
server
nginx/1.20.1
x-amz-cf-pop
JFK52-P4
age
7699
etag
W/"658496e7-5a76"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
x-robots-tag
noindex, nofollow
content-length
3851
x-amz-cf-id
ebNmMl6W1FXZdfij8sNvv5D-z68SdcmQ1laJUzy3_tG0K0bio3SAaQ==
get_counts
count-server.sharethis.com/v2.0/
154 B
509 B
Script
General
Full URL
https://count-server.sharethis.com/v2.0/get_counts?url=http%3A%2F%2Faans1.blogspot.com%2F2015%2F09%2Fperlawanan-dihentikan-tindakan-cerdik.html&cb=stButtons.processCB&wd=true
Requested by
Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/async-buttons.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.163.115.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-163-115-42.atl58.r.cloudfront.net
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
http://aans1.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 20:52:16 GMT
via
1.1 97b305844cde7654074bc07393573ad0.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
ATL58-P9
etag
654a131b2796a0b0740536d8dea98b66
x-cache
Miss from cloudfront
content-type
text/javascript
cache-control
public, max-age=60
content-length
154
apigw-requestid
RwNcKj7aIAMEPCA=
x-amz-cf-id
rT4781PqxR-Is1NkAJQNe34UC6hfZsIYTaE8RgjlUAj6M8lweYekeA==
linkedin_counter.png
ws.sharethis.com/images/2017/
2 KB
3 KB
Image
General
Full URL
https://ws.sharethis.com/images/2017/linkedin_counter.png
Requested by
Host: aans1.blogspot.com
URL: http://aans1.blogspot.com/2015/09/perlawanan-dihentikan-tindakan-cerdik.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211c:3a00:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
http://aans1.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 19:48:20 GMT
via
1.1 6ecf35677ede41c0a96f262ec39b4894.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx/1.20.1
x-amz-cf-pop
JFK52-P4
age
2336636
etag
"658496ad-9e1"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex, nofollow
content-length
2529
x-amz-cf-id
WhkcqpB99NZwdaxwh2B-4wHTfgsGippW6Jc8rjUibfKTBdmg5KnNKQ==
expires
Sat, 21 Dec 2024 19:48:20 GMT
facebook_counter.png
ws.sharethis.com/images/2017/
2 KB
3 KB
Image
General
Full URL
https://ws.sharethis.com/images/2017/facebook_counter.png
Requested by
Host: aans1.blogspot.com
URL: http://aans1.blogspot.com/2015/09/perlawanan-dihentikan-tindakan-cerdik.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211c:3a00:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
http://aans1.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 19:48:19 GMT
via
1.1 6ecf35677ede41c0a96f262ec39b4894.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx/1.20.1
x-amz-cf-pop
JFK52-P4
age
2336637
etag
"658496ad-977"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex, nofollow
content-length
2423
x-amz-cf-id
Zh1TlwZgyRTMtMMNfCCHX31Xh9uJjw2F1jUvFTdOK0xs6Xa5aHmyHA==
expires
Sat, 21 Dec 2024 19:48:19 GMT
sharethis_counter.png
ws.sharethis.com/images/2017/
3 KB
3 KB
Image
General
Full URL
https://ws.sharethis.com/images/2017/sharethis_counter.png
Requested by
Host: aans1.blogspot.com
URL: http://aans1.blogspot.com/2015/09/perlawanan-dihentikan-tindakan-cerdik.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211c:3a00:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
http://aans1.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 19:48:19 GMT
via
1.1 6ecf35677ede41c0a96f262ec39b4894.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx/1.20.1
x-amz-cf-pop
JFK52-P4
age
2336637
etag
"658496ad-a58"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex, nofollow
content-length
2648
x-amz-cf-id
o6NGX39pz5KWLrHxi1lwX0CLienN-U9I-h3OquqCXtq_xheqTkjRnw==
expires
Sat, 21 Dec 2024 19:48:19 GMT
ss.js
synad2.nuffnang.com.my/
0
0

likebox.php
www.facebook.com/plugins/ Frame DF0B
Redirect Chain
  • http://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fnegerisembilan&width&height=590&colorscheme=light&show_faces=true&header=true&stream=true&show_border=true
  • https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fnegerisembilan&width&height=590&colorscheme=light&show_faces=true&header=true&stream=true&show_border=true
221 KB
64 KB
Document
General
Full URL
https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fnegerisembilan&width&height=590&colorscheme=light&show_faces=true&header=true&stream=true&show_border=true
Requested by
Host: aans1.blogspot.com
URL: http://aans1.blogspot.com/2015/09/perlawanan-dihentikan-tindakan-cerdik.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://aans1.blogspot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Thu, 18 Jan 2024 20:52:17 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster
?0
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=(self)
permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), encrypted-media=()
pragma
no-cache
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints
default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
A8mZu/1vwijTGkcZ9xSDPyzQ71YFJ99CmI97/dq9JHMSRhNO3kwFBcfNuK2dGaBr/8AMIphFsS8RiOqSm52HXg==
x-xss-protection
0

Redirect headers

Cross-Origin-Resource-Policy
Cross-Origin
Location
https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fnegerisembilan&width&height=590&colorscheme=light&show_faces=true&header=true&stream=true&show_border=true
Non-Authoritative-Reason
HSTS
/
t.dtscout.com/i/
7 KB
4 KB
Script
General
Full URL
https://t.dtscout.com/i/?l=http%3A%2F%2Faans1.blogspot.com%2F2015%2F09%2Fperlawanan-dihentikan-tindakan-cerdik.html&j=
Requested by
Host: widgets.amung.us
URL: http://widgets.amung.us/tab.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
http://aans1.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 20:52:16 GMT
x-t
0.25
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uGB5QaWdfd5QUmpIVE5gYvy1jCNTe%2FNSGWLsPx%2FLMZNOvkGCC4UuEP28RvXaFhsx5uhJqRtC3dMNGM5LhFGuo97lje9uhO4IH4OrOQ9G1WRBQRydjm6U%2FuqTVrmy91cd1zO0YP5%2FiqjZrqM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
no-cache
x-s
ger1
cf-ray
8479b884bc8a42a7-EWR
expires
Thu, 18 Jan 2024 20:52:15 GMT
widgets.js
platform.twitter.com/
91 KB
28 KB
Script
General
Full URL
http://platform.twitter.com/widgets.js
Requested by
Host: aans1.blogspot.com
URL: http://aans1.blogspot.com/2015/09/perlawanan-dihentikan-tindakan-cerdik.html
Protocol
HTTP/1.1
Server
2606:2800:220:131d:1d30:1f1d:238b:1e56 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (phd/FD68) /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
http://aans1.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Thu, 18 Jan 2024 20:52:16 GMT
Content-Encoding
gzip
Age
987
x-amz-server-side-encryption
AES256
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length
27597
Last-Modified
Mon, 11 Dec 2023 17:20:28 GMT
Server
ECS (phd/FD68)
Etag
"824beb891744db98ccbd3a456e59e0f7+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=1800
google_16.png
ws.sharethis.com/images/2017/
751 B
1 KB
Image
General
Full URL
https://ws.sharethis.com/images/2017/google_16.png
Requested by
Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/css/buttons-secure.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211c:3a00:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ws.sharethis.com/button/css/buttons-secure.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 19:48:28 GMT
via
1.1 6ecf35677ede41c0a96f262ec39b4894.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx/1.20.1
x-amz-cf-pop
JFK52-P4
age
2336628
etag
"658496ad-2ef"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex, nofollow
content-length
751
x-amz-cf-id
DlkHc9wcJdIQJUWiZIuaF-umbX0St0h0xvxenBg7ccew2lghBG5lgA==
expires
Sat, 21 Dec 2024 19:48:28 GMT
bubble_arrow.png
ws.sharethis.com/secure/images/
979 B
1 KB
Image
General
Full URL
https://ws.sharethis.com/secure/images/bubble_arrow.png
Requested by
Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/css/buttons-secure.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211c:3a00:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ws.sharethis.com/button/css/buttons-secure.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 19:48:19 GMT
via
1.1 6ecf35677ede41c0a96f262ec39b4894.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx/1.20.1
x-amz-cf-pop
JFK52-P4
age
2336637
etag
"658496e7-3d3"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex, nofollow
content-length
979
x-amz-cf-id
JbKDi39reBORUQFPAiu65SakDkRUwk1YW5fPwi8dOIaF_IOL1KDnYw==
expires
Sat, 21 Dec 2024 19:48:19 GMT
bullet.gif
1.bp.blogspot.com/-zt1heJ3mBLg/T7zVmDb7EII/AAAAAAAAA-Q/hpQivcNMPP4/s1600/
311 B
765 B
Image
General
Full URL
http://1.bp.blogspot.com/-zt1heJ3mBLg/T7zVmDb7EII/AAAAAAAAA-Q/hpQivcNMPP4/s1600/bullet.gif
Requested by
Host: aans1.blogspot.com
URL: http://aans1.blogspot.com/2015/09/perlawanan-dihentikan-tindakan-cerdik.html
Protocol
HTTP/1.1
Server
2607:f8b0:4006:822::2001 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
http://aans1.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Thu, 18 Jan 2024 20:42:02 GMT
X-Content-Type-Options
nosniff
Server
fife
Age
614
ETag
"v4ca"
Vary
Origin
Content-Type
image/gif
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length
Cache-Control
public, max-age=86400, no-transform
Content-Disposition
inline;filename="bullet.gif"
Timing-Allow-Origin
*
Content-Length
311
X-XSS-Protection
0
Expires
Fri, 19 Jan 2024 20:42:02 GMT
m=_b,_tp
www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.E5jR4BOSLxQ.es5.O/am=AwYSBg/d=1/excm=_b,_tp,commentformiframeview/ed=1/dg=0/wt=2/ujg=1/rs=AEy-KP2EeKU9v4fTq-tvTgaXZQzh2hTDnw/ Frame 8FF7
178 KB
63 KB
Script
General
Full URL
https://www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.E5jR4BOSLxQ.es5.O/am=AwYSBg/d=1/excm=_b,_tp,commentformiframeview/ed=1/dg=0/wt=2/ujg=1/rs=AEy-KP2EeKU9v4fTq-tvTgaXZQzh2hTDnw/m=_b,_tp
Requested by
Host: www.blogger.com
URL: https://www.blogger.com/comment/frame/8306328461180016453?po=4016776587373148261&hl=en&blogspotRpcToken=8067955
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2009 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.blogger.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 09:52:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
39576
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/blogger-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64145
x-xss-protection
0
last-modified
Wed, 17 Jan 2024 09:07:43 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/blogger-boq-js-css-signers"
vary
Accept-Encoding
report-to
{"group":"boq-infra/blogger-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/blogger-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Fri, 17 Jan 2025 09:52:40 GMT
cspreport
www.blogger.com/_/BloggerCommentUi/ Frame 8FF7
0
26 B
Other
General
Full URL
https://www.blogger.com/_/BloggerCommentUi/cspreport
Requested by
Host: aans1.blogspot.com
URL: http://aans1.blogspot.com/2015/09/perlawanan-dihentikan-tindakan-cerdik.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2009 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-wTJjjIwdz6UhtEitKBZRLg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/BloggerCommentUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /_/BloggerCommentUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/BloggerCommentUi/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.blogger.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Thu, 18 Jan 2024 20:52:16 GMT
content-security-policy
script-src 'report-sample' 'nonce-wTJjjIwdz6UhtEitKBZRLg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/BloggerCommentUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /_/BloggerCommentUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/BloggerCommentUi/cspreport
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
www-player.css
www.youtube.com/s/player/42a553e1/ Frame 1317
359 KB
47 KB
Stylesheet
General
Full URL
https://www.youtube.com/s/player/42a553e1/www-player.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/9ps97StqPxM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::200e Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.youtube.com/embed/9ps97StqPxM
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 08:24:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
131259
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47506
x-xss-protection
0
last-modified
Wed, 17 Jan 2024 05:15:15 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 16 Jan 2025 08:24:37 GMT
embed.js
www.youtube.com/s/player/42a553e1/player_ias.vflset/en_US/ Frame 1317
53 KB
16 KB
Script
General
Full URL
https://www.youtube.com/s/player/42a553e1/player_ias.vflset/en_US/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/9ps97StqPxM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::200e Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.youtube.com/embed/9ps97StqPxM
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 08:24:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
131259
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16724
x-xss-protection
0
last-modified
Wed, 17 Jan 2024 05:15:15 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 16 Jan 2025 08:24:37 GMT
www-embed-player.js
www.youtube.com/s/player/42a553e1/www-embed-player.vflset/ Frame 1317
323 KB
97 KB
Script
General
Full URL
https://www.youtube.com/s/player/42a553e1/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/9ps97StqPxM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::200e Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.youtube.com/embed/9ps97StqPxM
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 06:42:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
50995
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
98861
x-xss-protection
0
last-modified
Wed, 17 Jan 2024 05:15:15 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 17 Jan 2025 06:42:21 GMT
base.js
www.youtube.com/s/player/42a553e1/player_ias.vflset/en_US/ Frame 1317
2 MB
771 KB
Script
General
Full URL
https://www.youtube.com/s/player/42a553e1/player_ias.vflset/en_US/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/9ps97StqPxM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::200e Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.youtube.com/embed/9ps97StqPxM
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 15:28:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
19410
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
788873
x-xss-protection
0
last-modified
Wed, 17 Jan 2024 05:15:15 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 17 Jan 2025 15:28:46 GMT
anon36.png
resources.blogblog.com/img/ Frame 8FF7
2 KB
2 KB
Image
General
Full URL
https://resources.blogblog.com/img/anon36.png
Requested by
Host: www.blogger.com
URL: https://www.blogger.com/comment/frame/8306328461180016453?po=4016776587373148261&hl=en&blogspotRpcToken=8067955
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2009 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.blogger.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 12:28:24 GMT
x-content-type-options
nosniff
last-modified
Wed, 17 Jan 2024 21:05:19 GMT
server
sffe
age
30232
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type
image/png
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1654
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
expires
Thu, 25 Jan 2024 12:28:24 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 8FF7
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.blogger.com
URL: https://www.blogger.com/comment/frame/8306328461180016453?po=4016776587373148261&hl=en&blogspotRpcToken=8067955
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2003 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.blogger.com/
Origin
https://www.blogger.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 22:31:26 GMT
x-content-type-options
nosniff
age
80450
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 16 Jan 2025 22:31:26 GMT
t_.htm
t.sharethis.com/a/ Frame D7AC
Redirect Chain
  • http://t.sharethis.com/a/t_.htm?ver=1.1268.23381&cid=c010
  • https://t.sharethis.com/a/t_.htm?ver=1.1268.23381&cid=c010
2 KB
1 KB
Document
General
Full URL
https://t.sharethis.com/a/t_.htm?ver=1.1268.23381&cid=c010
Requested by
Host: t.sharethis.com
URL: https://t.sharethis.com/1/k/t.dhj?rnd=1705611136472&cid=c010&dmn=aans1.blogspot.com&gdpr_domain=false
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.48.224.79 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-224-79.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains

Request headers

Referer
http://aans1.blogspot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=604800
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1160
Content-Type
text/html
Date
Thu, 18 Jan 2024 20:52:16 GMT
Expires
Thu, 25 Jan 2024 20:52:16 GMT
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
X-Robots-Tag
noindex, nofollow

Redirect headers

Cross-Origin-Resource-Policy
Cross-Origin
Location
https://t.sharethis.com/a/t_.htm?ver=1.1268.23381&cid=c010#rnd=1705611136472&cid=c010&dmn=aans1.blogspot.com&gdpr_domain=false&tt=t.dhj&dhjLcy=299&lbl=pxcel&flbl=pxcel&ll=d&ver=1.1268.23381&ell=d&cck=__stid&pn=%2F2015%2F09%2Fperlawanan-dihentikan-tindakan-cerdik.html&qs=na&rdn=aans1.blogspot.com&rpn=%2F2015%2F09%2Fperlawanan-dihentikan-tindakan-cerdik.html&rqs=na&cc=US&cont=NA&ipaddr=
Non-Authoritative-Reason
HSTS
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 1317
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/9ps97StqPxM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2003 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 22:31:26 GMT
x-content-type-options
nosniff
age
80450
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 16 Jan 2025 22:31:26 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 1317
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/9ps97StqPxM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2003 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 11:18:50 GMT
x-content-type-options
nosniff
age
34406
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 17 Jan 2025 11:18:50 GMT
m=ws9Tlc,n73qwf,UUJqVe,IZT63,e5qFLc,vfuNJf,O1Gjze,byfTOb,lsjVmc,xUdipf,OTA3Ae,COQbmf,fKUV3e,aurFic,U0aPgd,ZwDk9d,V3dDOb,mI3LFb,WO9ee,eD1YLc,gZjhIf,O6y8ed,MpJwZc,PrPYRd,LEikZe,NwH0H,OmgaI,lazG7b,XVM...
www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.E5jR4BOSLxQ.es5.O/ck=boq-blogger.BloggerCommentUi.qmyDtqYr5vs.L.B1.O/am=AwYSBg/d=1/exm=_b,_tp/excm=_b,_tp,commentformiframevi... Frame 8FF7
293 KB
103 KB
Script
General
Full URL
https://www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.E5jR4BOSLxQ.es5.O/ck=boq-blogger.BloggerCommentUi.qmyDtqYr5vs.L.B1.O/am=AwYSBg/d=1/exm=_b,_tp/excm=_b,_tp,commentformiframeview/ed=1/wt=2/ujg=1/rs=AEy-KP2qIjNO6iZHNUUacLGFrcGY-b0AQQ/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:duFQFc/m=ws9Tlc,n73qwf,UUJqVe,IZT63,e5qFLc,vfuNJf,O1Gjze,byfTOb,lsjVmc,xUdipf,OTA3Ae,COQbmf,fKUV3e,aurFic,U0aPgd,ZwDk9d,V3dDOb,mI3LFb,WO9ee,eD1YLc,gZjhIf,O6y8ed,MpJwZc,PrPYRd,LEikZe,NwH0H,OmgaI,lazG7b,XVMNvd,L1AAkb,KUM7Z,Mlhmy,duFQFc,hc6Ubd,lwddkf,gychg,w9hDv,EEDORb,RMhBfe,SdcwHb,aW3pY,SpsfSb,EFQ78c,Ulmmrd,ZfAoz,mdR7q,wmnU7d,xQtZb,Z5uLle,JNoxi,kWgXee,MI6k7c,kjKdXe,BVgquf,ovKuLd,hKSk3e,MdUzUe,yDVVkb,zbML3c,KG2eXe,zr1jrb,VwDzFe,Uas9Hd,A7fCU,pjICDe
Requested by
Host: www.blogger.com
URL: https://www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.E5jR4BOSLxQ.es5.O/am=AwYSBg/d=1/excm=_b,_tp,commentformiframeview/ed=1/dg=0/wt=2/ujg=1/rs=AEy-KP2EeKU9v4fTq-tvTgaXZQzh2hTDnw/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2009 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.blogger.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 09:52:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
39563
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/blogger-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
105436
x-xss-protection
0
last-modified
Sat, 13 Jan 2024 05:08:12 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/blogger-boq-js-css-signers"
vary
Accept-Encoding
report-to
{"group":"boq-infra/blogger-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/blogger-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Fri, 17 Jan 2025 09:52:53 GMT
map
bcp.crwdcntrl.net/6/
156 B
614 B
XHR
General
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/panorama.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.201.6.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-201-6-220.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash

Request headers

Referer
http://aans1.blogspot.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 18 Jan 2024 20:52:17 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
http://aans1.blogspot.com
cache-control
no-cache
x-server
10.40.2.106
access-control-allow-credentials
true
content-length
156
expires
0
m=VXdfxd,fgib1c,YwHGTd,pxq3x
www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.E5jR4BOSLxQ.es5.O/ck=boq-blogger.BloggerCommentUi.qmyDtqYr5vs.L.B1.O/am=AwYSBg/d=1/exm=A7fCU,BVgquf,COQbmf,EEDORb,EFQ78c,IZT6... Frame 8FF7
75 KB
26 KB
Script
General
Full URL
https://www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.E5jR4BOSLxQ.es5.O/ck=boq-blogger.BloggerCommentUi.qmyDtqYr5vs.L.B1.O/am=AwYSBg/d=1/exm=A7fCU,BVgquf,COQbmf,EEDORb,EFQ78c,IZT63,JNoxi,KG2eXe,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,Mlhmy,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,PrPYRd,RMhBfe,SdcwHb,SpsfSb,U0aPgd,UUJqVe,Uas9Hd,Ulmmrd,V3dDOb,VwDzFe,WO9ee,XVMNvd,Z5uLle,ZfAoz,ZwDk9d,_b,_tp,aW3pY,aurFic,byfTOb,duFQFc,e5qFLc,eD1YLc,fKUV3e,gZjhIf,gychg,hKSk3e,hc6Ubd,kWgXee,kjKdXe,lazG7b,lsjVmc,lwddkf,mI3LFb,mdR7q,n73qwf,ovKuLd,pjICDe,vfuNJf,w9hDv,wmnU7d,ws9Tlc,xQtZb,xUdipf,yDVVkb,zbML3c,zr1jrb/excm=_b,_tp,commentformiframeview/ed=1/wt=2/ujg=1/rs=AEy-KP2qIjNO6iZHNUUacLGFrcGY-b0AQQ/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:duFQFc/m=VXdfxd,fgib1c,YwHGTd,pxq3x
Requested by
Host: www.blogger.com
URL: https://www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.E5jR4BOSLxQ.es5.O/am=AwYSBg/d=1/excm=_b,_tp,commentformiframeview/ed=1/dg=0/wt=2/ujg=1/rs=AEy-KP2EeKU9v4fTq-tvTgaXZQzh2hTDnw/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2009 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.blogger.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 09:53:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
39557
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/blogger-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26606
x-xss-protection
0
last-modified
Sat, 13 Jan 2024 05:08:12 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/blogger-boq-js-css-signers"
vary
Accept-Encoding
report-to
{"group":"boq-infra/blogger-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/blogger-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Fri, 17 Jan 2025 09:53:00 GMT
t_.js
t.sharethis.com/1.1268.23381/a/US/ Frame F191
26 KB
10 KB
Script
General
Full URL
https://t.sharethis.com/1.1268.23381/a/US/t_.js?cid=c010
Requested by
Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1268.23381&cid=c010
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.48.224.79 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-224-79.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://t.sharethis.com/a/t_.htm?ver=1.1268.23381&cid=c010
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Thu, 18 Jan 2024 20:52:17 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
Content-Type
text/javascript
Cache-Control
max-age=604800
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
9958
Expires
Thu, 25 Jan 2024 20:52:17 GMT
b2n2oa5788B.css
static.xx.fbcdn.net/rsrc.php/v3/yu/l/0,cross/ Frame DF0B
22 KB
5 KB
Stylesheet
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yu/l/0,cross/b2n2oa5788B.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fnegerisembilan&width&height=590&colorscheme=light&show_faces=true&header=true&stream=true&show_border=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
date
Thu, 18 Jan 2024 20:52:17 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
xlCTqsjGZaBrbWC+sEOzjg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
4987
reporting-endpoints
x-fb-debug
Nx1XfZ7JcdGgu1/nWTf+hJq9TF8dDhCRXVkibvRSUjDXvw3nhjFmk/Uu0C0nkTvDhZfz+QxqgGXZAWexxze11g==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Fri, 17 Jan 2025 18:30:52 GMT
nYpzKWqvlq9.css
static.xx.fbcdn.net/rsrc.php/v3/y9/l/0,cross/ Frame DF0B
19 KB
5 KB
Stylesheet
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y9/l/0,cross/nYpzKWqvlq9.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fnegerisembilan&width&height=590&colorscheme=light&show_faces=true&header=true&stream=true&show_border=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
date
Thu, 18 Jan 2024 20:52:17 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
o/7VM47+HYG0hT0S5PaW4w==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
5162
reporting-endpoints
x-fb-debug
aw7v8ogg4BirLfciy2jG0Lnm7or+WrkAhccT3ulKleRQ58LvroSSvFbUfHdkZb+26X6bPX6mO0eL/zL6ZRUScw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Thu, 16 Jan 2025 18:55:18 GMT
d1QGUIEOFY_.css
static.xx.fbcdn.net/rsrc.php/v3/yZ/l/0,cross/ Frame DF0B
27 KB
7 KB
Stylesheet
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yZ/l/0,cross/d1QGUIEOFY_.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fnegerisembilan&width&height=590&colorscheme=light&show_faces=true&header=true&stream=true&show_border=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date
Thu, 18 Jan 2024 20:52:17 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
XdmALQ2j6BKTrBKrQPVqBQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
6325
reporting-endpoints
x-fb-debug
zuGzXn+1xDtn4N6rg4H0LYh4SemTkQKPaRb9BNICIh5M2EE/WA/C2FYfTaG9WciIeVw0S7PRvl/bEgccJl8sew==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sun, 05 Jan 2025 16:39:38 GMT
87FSS3oZw2l.css
static.xx.fbcdn.net/rsrc.php/v3/y7/l/0,cross/ Frame DF0B
33 KB
8 KB
Stylesheet
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y7/l/0,cross/87FSS3oZw2l.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fnegerisembilan&width&height=590&colorscheme=light&show_faces=true&header=true&stream=true&show_border=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
date
Thu, 18 Jan 2024 20:52:17 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
JSow0qlBTdNACUeKNcw23Q==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
7226
reporting-endpoints
x-fb-debug
Q5yTaq+ewn3fBOeuh/jWJcubahPB5K1yd6HihaNxShYX41F2JY+Sflv8JoHwcdRrBJT2Cy63juAqCTddSTo41w==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 11 Jan 2025 06:33:41 GMT
XaRr_Gkp-Na.css
static.xx.fbcdn.net/rsrc.php/v3/yi/l/0,cross/ Frame DF0B
4 KB
1 KB
Stylesheet
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yi/l/0,cross/XaRr_Gkp-Na.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fnegerisembilan&width&height=590&colorscheme=light&show_faces=true&header=true&stream=true&show_border=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
date
Thu, 18 Jan 2024 20:52:17 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
CiLaKqnYaaOBM2a4fBr0Zw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1193
reporting-endpoints
x-fb-debug
BH6EV5ZGTBmjk/i5ZzaMQI2m1XlfbXkh8A8q3MfsWRZHqmxr0ZGrYiDrmp+jFqp7nbOAwAHeK4UU600K+MIiSg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Mon, 13 Jan 2025 18:33:10 GMT
E23g9b-s4oe.js
static.xx.fbcdn.net/rsrc.php/v3/yy/r/ Frame DF0B
353 KB
0
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yy/r/E23g9b-s4oe.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fnegerisembilan&width&height=590&colorscheme=light&show_faces=true&header=true&stream=true&show_border=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
date
Thu, 18 Jan 2024 20:52:17 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
teIu21d4MVfbEDJrFr6rSw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
93314
reporting-endpoints
x-fb-debug
Q0Z4qYmgS/dyXB//BQHVXkZK2407PrPOb/BB2fXCzlweimzWB5P0KmLUoZpnh9owfutLoo+lC2QRDqwV5XhN2g==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Thu, 16 Jan 2025 00:06:53 GMT
ru8zNtgW1u3.js
static.xx.fbcdn.net/rsrc.php/v3/yx/r/ Frame DF0B
94 KB
0
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yx/r/ru8zNtgW1u3.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fnegerisembilan&width&height=590&colorscheme=light&show_faces=true&header=true&stream=true&show_border=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
date
Thu, 18 Jan 2024 20:52:17 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
xfgcH48ZrXyM9ExSIhREow==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27517
reporting-endpoints
x-fb-debug
kAYn6i0LiMNb9IYMyXYVElHokfVpWW0wTBdUG7i+mmnUdYii1nQmgZzsqQU0aKr3UTDDSgUl1Rd5sxhcXfD3VQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 11 Jan 2025 16:03:42 GMT
Cn_OgNtBsi4.js
static.xx.fbcdn.net/rsrc.php/v3/yd/r/ Frame DF0B
7 KB
0
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yd/r/Cn_OgNtBsi4.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fnegerisembilan&width&height=590&colorscheme=light&show_faces=true&header=true&stream=true&show_border=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date
Thu, 18 Jan 2024 20:52:17 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
B9gIP5hWP1n5LlUoNnhxow==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
2301
reporting-endpoints
x-fb-debug
V5vbUy5zr+J0HVkvLGKpgX6tJxmyJ8lLO3PXfgFkR+u8TShNoNXJBQPx9IIe8SGNCKPC6q1fU46Utf2ZBw99Ew==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Thu, 09 Jan 2025 18:56:50 GMT
WDd6AOxHz0q.js
static.xx.fbcdn.net/rsrc.php/v3/yz/r/ Frame DF0B
51 KB
0
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yz/r/WDd6AOxHz0q.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fnegerisembilan&width&height=590&colorscheme=light&show_faces=true&header=true&stream=true&show_border=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
date
Thu, 18 Jan 2024 20:52:17 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
iP8mA2aK/kTnUfNMkpvOEw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
16598
reporting-endpoints
x-fb-debug
b2/n/JG4rZyrP4PHwhdk84/nCvQ2nWWyvzMRInY3xr89D6R8Q/pdX7wKsCInTUc/ctDenKz0qkEv7/t4ffDtDQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Thu, 16 Jan 2025 22:03:41 GMT
p55HfXW__mM.js
static.xx.fbcdn.net/rsrc.php/v3/yF/r/ Frame DF0B
507 B
0
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fnegerisembilan&width&height=590&colorscheme=light&show_faces=true&header=true&stream=true&show_border=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date
Thu, 18 Jan 2024 20:52:17 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
L5E9gSgR735vyjAzTFly4g==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
293
reporting-endpoints
x-fb-debug
NsN/A2NkeStl4cqCJTtj2vmsXgjtSWNwLeiGZBseznrN0uFDf7XV2/sADi5jBLQAQSxDgmvGrYfxBjujEObODg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Thu, 09 Jan 2025 18:19:55 GMT
HoMN5oU548h.js
static.xx.fbcdn.net/rsrc.php/v3/yn/r/ Frame DF0B
210 KB
0
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yn/r/HoMN5oU548h.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fnegerisembilan&width&height=590&colorscheme=light&show_faces=true&header=true&stream=true&show_border=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
date
Thu, 18 Jan 2024 20:52:17 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
NABz48nFQ34JnSEDiGvgMQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
61440
reporting-endpoints
x-fb-debug
3ULHz5iTHgNj04smIX4mh5ET5Hb9LuWB3+LQRVT384cTXuP/yE40SZyYEOON8ni9MedXDQ4C1POj4l5NbhSTQQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), fullscreen=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Thu, 16 Jan 2025 17:10:17 GMT
ls_i9KIcBkn.js
static.xx.fbcdn.net/rsrc.php/v3/yr/r/ Frame DF0B
17 KB
0
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yr/r/ls_i9KIcBkn.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fnegerisembilan&width&height=590&colorscheme=light&show_faces=true&header=true&stream=true&show_border=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
date
Thu, 18 Jan 2024 20:52:17 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
gKsuYubrLFtIPae8YhmKHg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
5714
reporting-endpoints
x-fb-debug
z7XC4Hn9kwu46VdNct/5o5asZYH6NgUIg7/oPQz/+1o7e7aMfw/uTSBzPBP4Iung27i21OUxDCxGjNJzbqZmag==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), fullscreen=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Thu, 16 Jan 2025 17:15:28 GMT
xg5NEKS2wWK.js
static.xx.fbcdn.net/rsrc.php/v3/y8/r/ Frame DF0B
28 KB
0
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y8/r/xg5NEKS2wWK.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fnegerisembilan&width&height=590&colorscheme=light&show_faces=true&header=true&stream=true&show_border=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
date
Thu, 18 Jan 2024 20:52:17 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
RD8pDGr4EOhfQQPRrH9Iow==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
7385
reporting-endpoints
x-fb-debug
HC9GxOwk5hMTdytUspJ1A9rxZVAIvsHGw811T2UdREG07LFu0yEupvjlOb+X8mi60VtqsyEQ0yvCwqPhiDLGPQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Tue, 14 Jan 2025 23:26:39 GMT
uwgVV4_bDB1.js
static.xx.fbcdn.net/rsrc.php/v3/y_/r/ Frame DF0B
61 KB
0
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y_/r/uwgVV4_bDB1.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fnegerisembilan&width&height=590&colorscheme=light&show_faces=true&header=true&stream=true&show_border=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
date
Thu, 18 Jan 2024 20:52:17 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
8QMUwgFcESv9uj1lwERypA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
15978
reporting-endpoints
x-fb-debug
AC+8gbBQlNfA0Z42LNDLcWwQrChM8/mL/rv3S42xzhQ6kuAyPpghKEWHp2Eo6H/6az5o3T6owJ/Y/P52yvUE3A==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Wed, 15 Jan 2025 00:27:01 GMT
Gnm9vzFr_bN.js
static.xx.fbcdn.net/rsrc.php/v3iEpO4/yo/l/en_US/ Frame DF0B
70 KB
0
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iEpO4/yo/l/en_US/Gnm9vzFr_bN.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fnegerisembilan&width&height=590&colorscheme=light&show_faces=true&header=true&stream=true&show_border=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
date
Thu, 18 Jan 2024 20:52:17 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
h9roFUGEDyi5KOSrmiZMkw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
20068
reporting-endpoints
x-fb-debug
0jRKOsNUFMlFg9/EuF5S2cFdYA9kgy6q1CcahMeFiZetxQ5NIRJrOZRL8Li6rSJqzcWCCsurEv6FEwtEFVcmwQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Thu, 16 Jan 2025 19:17:16 GMT
2_UQu_HhTQu.js
static.xx.fbcdn.net/rsrc.php/v3/yG/r/ Frame DF0B
8 KB
0
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yG/r/2_UQu_HhTQu.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fnegerisembilan&width&height=590&colorscheme=light&show_faces=true&header=true&stream=true&show_border=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
date
Thu, 18 Jan 2024 20:52:17 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
9fmJr3THTP07qrIGN3DNCQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
2755
reporting-endpoints
x-fb-debug
HFKfdQMMb2WUBVnOHsOqFSo01wTUO/M+0YRFlrDC1Mew/ooq05gc3GPxlQ/02Zu41H0vCfOHnhfI7N70/BfDJA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Thu, 16 Jan 2025 22:35:31 GMT
h7HIW9_HKoT.js
static.xx.fbcdn.net/rsrc.php/v3iEBX4/ys/l/en_US/ Frame DF0B
61 KB
0
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iEBX4/ys/l/en_US/h7HIW9_HKoT.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fnegerisembilan&width&height=590&colorscheme=light&show_faces=true&header=true&stream=true&show_border=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
date
Thu, 18 Jan 2024 20:52:17 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
Uno35WcrAOGsS5PnHbRxRw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
19129
reporting-endpoints
x-fb-debug
IeZOJWd3EoHZSN9rD6IbCAynj6p2RPjJCcfg+EdjiFVCkQP0TFoW+clrs8yUCqhbIgqjBsTIPSWK3txijF9oyQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Fri, 17 Jan 2025 18:32:50 GMT
348221017_1209284916451339_337913526562614543_n.jpg
scontent-iad3-1.xx.fbcdn.net/v/t39.30808-6/ Frame DF0B
21 KB
21 KB
Image
General
Full URL
https://scontent-iad3-1.xx.fbcdn.net/v/t39.30808-6/348221017_1209284916451339_337913526562614543_n.jpg?stp=dst-jpg_p75x225&_nc_cat=107&ccb=1-7&_nc_sid=081abc&_nc_ohc=KzHvtaApL_wAX8Sd-2A&_nc_ht=scontent-iad3-1.xx&edm=AEDRbFQEAAAA&oh=00_AfBJ1-GTY7o8PtK0BBvWwfylL5f72H8qHjSF5ij42CANxQ&oe=65ADFF44
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fnegerisembilan&width&height=590&colorscheme=light&show_faces=true&header=true&stream=true&show_border=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 20:52:17 GMT
x-storage-error-category
dfs:none;sc_p:200:WSE_NOT_SET
last-modified
Fri, 19 May 2023 17:03:47 GMT
content-type
image/jpeg
access-control-allow-origin
*
content-digest
adler32=4240304918
thrift_fmhk
GBB59w6uNf0fWcd1z2t8rmmQFfDr4Z0EvFUAAAA=
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
4168212833
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
21557
347858564_1474972766590160_8824702055268704932_n.jpg
scontent-iad3-2.xx.fbcdn.net/v/t39.30808-1/ Frame DF0B
2 KB
2 KB
Image
General
Full URL
https://scontent-iad3-2.xx.fbcdn.net/v/t39.30808-1/347858564_1474972766590160_8824702055268704932_n.jpg?stp=c26.0.50.50a_cp0_dst-jpg_p50x50&_nc_cat=111&ccb=1-7&_nc_sid=4da83f&_nc_ohc=Hj44Ch-8M2YAX-W3eZ5&_nc_ht=scontent-iad3-2.xx&edm=AEDRbFQEAAAA&oh=00_AfCclGWKgSnXdni-MLmf6GvSgDLtUuA42mMhnqIu69qDTg&oe=65AF44FA
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fnegerisembilan&width&height=590&colorscheme=light&show_faces=true&header=true&stream=true&show_border=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f003:100:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 20:52:17 GMT
x-storage-error-category
dfs:none;sc_p:200:WSE_NOT_SET
last-modified
Fri, 19 May 2023 17:03:46 GMT
content-type
image/jpeg
access-control-allow-origin
*
content-digest
adler32=1412898179
thrift_fmhk
GBB20+RAe6twycX6try0li+YFfDr4Z0EvFUAAAA=
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
4074430761
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
1599
419531254_785229543647725_5405021832545327094_n.jpg
scontent-iad3-2.xx.fbcdn.net/v/t39.30808-6/ Frame DF0B
27 KB
28 KB
Image
General
Full URL
https://scontent-iad3-2.xx.fbcdn.net/v/t39.30808-6/419531254_785229543647725_5405021832545327094_n.jpg?stp=dst-jpg_s403x403&_nc_cat=100&ccb=1-7&_nc_sid=a0818e&_nc_ohc=Ib0foK7DTrQAX84nf_V&_nc_ht=scontent-iad3-2.xx&edm=AEDRbFQEAAAA&oh=00_AfAFtJ_TawHrnNwR9pPH1mgGLL4Pt9qKjnVp4OA-roZI7g&oe=65AE0B64
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fnegerisembilan&width&height=590&colorscheme=light&show_faces=true&header=true&stream=true&show_border=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f003:100:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 20:52:17 GMT
x-storage-error-category
dfs:none;sc_p:200:WSE_NOT_SET
last-modified
Wed, 17 Jan 2024 05:07:42 GMT
content-type
image/jpeg
access-control-allow-origin
*
content-digest
adler32=2999267906
thrift_fmhk
GBCq4KuNWpfpfzN6nX7Za9YNFfDr4Z0EvFUAAAA=
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
483245213
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
28148
418734045_900739061362090_2178986457055554490_n.jpg
scontent-iad3-1.xx.fbcdn.net/v/t15.5256-10/ Frame DF0B
25 KB
25 KB
Image
General
Full URL
https://scontent-iad3-1.xx.fbcdn.net/v/t15.5256-10/418734045_900739061362090_2178986457055554490_n.jpg?stp=dst-jpg_p280x280&_nc_cat=108&ccb=1-7&_nc_sid=869369&_nc_ohc=r9ARkAisjCUAX-IaQT2&_nc_oc=AQlLufzdOZiK3DkIlUyHTOl6Wuy0OeaksefNhnGHZsBkMO7k_v0rGeyranOokDOKF-8mvJxVMZ2du_ZbUfh0dsVU&_nc_ht=scontent-iad3-1.xx&edm=AEDRbFQEAAAA&oh=00_AfCLThqVhWGHk3fPBMcx1KyoWTJt_mrYy1tLzPbvFx2Bqg&oe=65AE366F
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fnegerisembilan&width&height=590&colorscheme=light&show_faces=true&header=true&stream=true&show_border=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 20:52:17 GMT
x-storage-error-category
dfs:none;sc_p:200:WSE_NOT_SET
last-modified
Fri, 12 Jan 2024 12:07:55 GMT
content-type
image/jpeg
access-control-allow-origin
*
content-digest
adler32=2327985019
thrift_fmhk
GBAyKyAEB0V3OHVwfdNsTtxnFfDr4Z0EvFUAAAA=
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
3401135870
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
25247
418727305_781196310717715_6712858121578558001_n.jpg
scontent-iad3-1.xx.fbcdn.net/v/t39.30808-6/ Frame DF0B
0
0

415276003_901934284871426_7283530131165750118_n.jpg
scontent-iad3-2.xx.fbcdn.net/v/t15.5256-10/ Frame DF0B
0
0

/
t.dtscout.com/idg/ Frame E1E9
1 KB
0
Document
General
Full URL
https://t.dtscout.com/idg/?su=51A0170561113688C88A033E64E00CD2
Requested by
Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=http%3A%2F%2Faans1.blogspot.com%2F2015%2F09%2Fperlawanan-dihentikan-tindakan-cerdik.html&j=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
http://aans1.blogspot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
8479b887d89642a7-EWR
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 18 Jan 2024 20:52:17 GMT
expires
Thu, 18 Jan 2024 20:52:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vfira2UMSoYZFPzyKPHfhRGwu3UuNj0c8cSDT3KkxHve3pP%2BqyLkPizK8njDXmigEMTS3Ce0j2e2evCJzHnWBBLcHD6vZnmOaOMxaW99yh7BvjIPzqV8Mji71dUBHo62tSpoxIwhXZVYc5U%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
tag.min.js
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/
33 KB
0
Script
General
Full URL
https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by
Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=http%3A%2F%2Faans1.blogspot.com%2F2015%2F09%2Fperlawanan-dihentikan-tindakan-cerdik.html&j=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-87.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
http://aans1.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding
gzip
via
1.1 acbc16f609c0c9804b8a2c3d38d3023e.cloudfront.net (CloudFront)
date
Thu, 18 Jan 2024 13:23:20 GMT
last-modified
Thu, 01 Jun 2023 19:57:33 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P4
age
26938
x-amz-server-side-encryption
AES256
etag
W/"b338879bf41a826d9e1b316528a8409d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=86400
x-amz-cf-id
TEU_AUmAi7lLBT08RyYt41m3gx1CPwokRh_8zS-1L6T4PWmxi16hIQ==
dtscout
pd.sharethis.com/pd/
2 KB
0
Script
General
Full URL
https://pd.sharethis.com/pd/dtscout
Requested by
Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=http%3A%2F%2Faans1.blogspot.com%2F2015%2F09%2Fperlawanan-dihentikan-tindakan-cerdik.html&j=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.14.20.113 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-14-20-113.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
en-US,en;q=0.9
Referer
http://aans1.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Thu, 18 Jan 2024 20:52:17 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
2444
Content-Type
application/javascript
/
t.dtscout.com/pv/
51 B
0
Script
General
Full URL
https://t.dtscout.com/pv/?_a=v&_h=aans1.blogspot.com&_ss=2iz82qerc3&_pv=1&_ls=0&_u1=1&_u3=1&_cc=us&_pl=d&_cbid=15id&_cb=_dtspv.c
Requested by
Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=http%3A%2F%2Faans1.blogspot.com%2F2015%2F09%2Fperlawanan-dihentikan-tindakan-cerdik.html&j=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
http://aans1.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 20:52:17 GMT
x-t
0.125
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LcS5up0tx154M9O3DZUMrTQSA58C7omfpxQ%2FGMfwGt2AIEv295nG%2FoNHrTYvI9fa6ZENPsQBqWcqOKhvog%2BxXYPTLb%2BusZQMxRzAFdl7SD%2B96KGKBXLkbNmy%2BNI33w9zsIfuXJuPSiO22QI%3D"}],"group":"cf-nel","max_age":604800}
x-c
0
content-type
application/javascript
cache-control
no-cache
cf-ray
8479b887d89a42a7-EWR
expires
Thu, 18 Jan 2024 20:52:16 GMT
truncated
/ Frame DF0B
2 KB
0
Stylesheet
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
text/css;charset=utf-8
truncated
/ Frame DF0B
457 B
0
Stylesheet
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
text/css;charset=utf-8
d11f3a10-2cff-11ec-b832-0aea8b85a94f
ganda-ljo.com/zclkvisitor/76f69681-b643-11ee-b79c-12fbcb9b0367/
1 KB
2 KB
Document
General
Full URL
https://ganda-ljo.com/zclkvisitor/76f69681-b643-11ee-b79c-12fbcb9b0367/d11f3a10-2cff-11ec-b832-0aea8b85a94f?campaignid=4b644170-2bc4-11ee-a6a0-123f4a2b6bb7
Requested by
Host: www.clicksasia.com
URL: http://www.clicksasia.com/openx/www/delivery/inline.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.200.240.59 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-200-240-59.compute-1.amazonaws.com
Software
JhYzHhpf /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'
X-Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'

Request headers

Referer
http://aans1.blogspot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-headers
X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
*
cache-control
no-store, no-cache, pre-check=0, post-check=0
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
content-type
text/html;charset=UTF-8
date
Thu, 18 Jan 2024 20:52:17 GMT
server
JhYzHhpf
x-content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
x-webkit-csp
default-src 'self'; script-src 'self' 'unsafe-inline'
/
t.dtscout.com/pv/
0
286 B
Ping
General
Full URL
https://t.dtscout.com/pv/
Requested by
Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=http%3A%2F%2Faans1.blogspot.com%2F2015%2F09%2Fperlawanan-dihentikan-tindakan-cerdik.html&j=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
http://aans1.blogspot.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryPlBST3WBvW7j1rUQ

Response headers

date
Thu, 18 Jan 2024 20:52:17 GMT
x-t
0.159
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lOboy0BClaGfv7A%2FYUmLf4M4BNoE1BlAMxmyW0kaGhJRFvOyVYLdqxBa%2FEcvYndE9hz6YpokuJDvrKCi0eRHgmmkkTZdslozfFQ7H2gxatpf%2FWCI9Jr7SnUreWdMPYkugT%2FjY8c2nZ9Ya%2Bc%3D"}],"group":"cf-nel","max_age":604800}
x-c
0
content-type
application/javascript
cache-control
no-cache
cf-ray
8479b88808e042a7-EWR
expires
Thu, 18 Jan 2024 20:52:16 GMT
id
googleads.g.doubleclick.net/pagead/ Frame 1317
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
0
0

ad_status.js
static.doubleclick.net/instream/ Frame 1317
29 B
0
Script
General
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/42a553e1/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2006 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 20:39:53 GMT
x-content-type-options
nosniff
age
744
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 18 Jan 2024 20:54:53 GMT
m=RqjULd
www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.E5jR4BOSLxQ.es5.O/ck=boq-blogger.BloggerCommentUi.qmyDtqYr5vs.L.B1.O/am=AwYSBg/d=1/exm=A7fCU,BVgquf,COQbmf,EEDORb,EFQ78c,IZT6... Frame 8FF7
18 KB
0
Script
General
Full URL
https://www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.E5jR4BOSLxQ.es5.O/ck=boq-blogger.BloggerCommentUi.qmyDtqYr5vs.L.B1.O/am=AwYSBg/d=1/exm=A7fCU,BVgquf,COQbmf,EEDORb,EFQ78c,IZT63,JNoxi,KG2eXe,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,Mlhmy,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,PrPYRd,RMhBfe,SdcwHb,SpsfSb,U0aPgd,UUJqVe,Uas9Hd,Ulmmrd,V3dDOb,VXdfxd,VwDzFe,WO9ee,XVMNvd,YwHGTd,Z5uLle,ZfAoz,ZwDk9d,_b,_tp,aW3pY,aurFic,byfTOb,duFQFc,e5qFLc,eD1YLc,fKUV3e,fgib1c,gZjhIf,gychg,hKSk3e,hc6Ubd,kWgXee,kjKdXe,lazG7b,lsjVmc,lwddkf,mI3LFb,mdR7q,n73qwf,ovKuLd,pjICDe,pxq3x,vfuNJf,w9hDv,wmnU7d,ws9Tlc,xQtZb,xUdipf,yDVVkb,zbML3c,zr1jrb/excm=_b,_tp,commentformiframeview/ed=1/wt=2/ujg=1/rs=AEy-KP2qIjNO6iZHNUUacLGFrcGY-b0AQQ/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:duFQFc/m=RqjULd
Requested by
Host: www.blogger.com
URL: https://www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.E5jR4BOSLxQ.es5.O/am=AwYSBg/d=1/excm=_b,_tp,commentformiframeview/ed=1/dg=0/wt=2/ujg=1/rs=AEy-KP2EeKU9v4fTq-tvTgaXZQzh2hTDnw/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2009 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.blogger.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 09:53:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
39557
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/blogger-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6388
x-xss-protection
0
last-modified
Sat, 13 Jan 2024 05:08:12 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/blogger-boq-js-css-signers"
vary
Accept-Encoding
report-to
{"group":"boq-infra/blogger-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/blogger-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Fri, 17 Jan 2025 09:53:00 GMT
m=bm51tf
www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.E5jR4BOSLxQ.es5.O/ck=boq-blogger.BloggerCommentUi.qmyDtqYr5vs.L.B1.O/am=AwYSBg/d=1/exm=A7fCU,BVgquf,COQbmf,EEDORb,EFQ78c,IZT6... Frame 8FF7
0
0

Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame
0
0
Preflight
General
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:807::200a Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Thu, 18 Jan 2024 20:52:17 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 1317
0
0

remote.js
www.youtube.com/s/player/42a553e1/player_ias.vflset/en_US/ Frame 1317
0
0

QaMcj-JulTnv9WX-ZKiswnw1NZ6KstGU-WkCl6294a4.js
www.google.com/js/th/ Frame 1317
0
0

hqdefault.webp
i.ytimg.com/vi_webp/9ps97StqPxM/ Frame 1317
0
0

truncated
/ Frame 1317
175 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
AIf8zZRhjD4njsOGYxLFsvoJxR73IOJVq8XPHLcLsA=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 1317
0
0

api.js
www.google.com/recaptcha/ Frame 8FF7
0
0

jserror
www.blogger.com/_/BloggerCommentUi/ Frame 8FF7
0
0

/
loadus.exelator.com/load/ Frame F191
0
0

tpid=ZGKABWWpj4AAAAAIZI9pAw%3D%3D&gdpr=0&gdpr_consent=
bcp.crwdcntrl.net/5/c=9084/tp=SARE/ Frame F191
0
0

generic
match.adsrvr.org/track/cmf/ Frame F191
0
0

pixel
ps.eyeota.net/ Frame F191
0
0

utsync.ashx
ml314.com/ Frame F191
0
0

cms
cms.analytics.yahoo.com/ Frame F191
0
0

db_sync
px.ads.linkedin.com/ Frame F191
0
0

a.gif
t.sharethis.com/d/ Frame F191
0
0

log_event
www.youtube.com/youtubei/v1/ Frame 1317
0
0

zclkredirect
ganda-ljo.com/
588 B
1 KB
Document
General
Full URL
https://ganda-ljo.com/zclkredirect?visitid=76f69681-b643-11ee-b79c-12fbcb9b0367&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false&usingEventListener=true
Requested by
Host: ganda-ljo.com
URL: https://ganda-ljo.com/zclkvisitor/76f69681-b643-11ee-b79c-12fbcb9b0367/d11f3a10-2cff-11ec-b832-0aea8b85a94f?campaignid=4b644170-2bc4-11ee-a6a0-123f4a2b6bb7
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.200.240.59 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-200-240-59.compute-1.amazonaws.com
Software
SFUQeKHn /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'
X-Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'

Request headers

Referer
https://ganda-ljo.com/zclkvisitor/76f69681-b643-11ee-b79c-12fbcb9b0367/d11f3a10-2cff-11ec-b832-0aea8b85a94f?campaignid=4b644170-2bc4-11ee-a6a0-123f4a2b6bb7
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-headers
X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
*
cache-control
no-store, no-cache, pre-check=0, post-check=0
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
content-type
text/html;charset=UTF-8
date
Thu, 18 Jan 2024 20:52:17 GMT
redirected
JS
server
SFUQeKHn
x-content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
x-webkit-csp
default-src 'self'; script-src 'self' 'unsafe-inline'
Primary Request y3lWCwiP498hO9TYTVG3jUQwG2Y2kwKEoFQs4b0qgCE
operatesophisticatedcompletelyinfo-program.info/
Redirect Chain
  • https://wsafeguardpush.com/mc-test/f5bee1ea7c99920772438a653a04d1e7/index.php?cid=zr76f69681b64311eeb79c12fbcb9b0367fe51addcd224450598402ad0db665472079316f20d543c7e55&dom=juliet-ape-vzym86rqjp&s=0....
  • https://pro.finalice.net/ZGzGXN/?utm_source=24300&utm_campaign=14461906&cid=[CLICK_ID]&sid=[SUB_ID]
  • https://operatesophisticatedcompletelyinfo-program.info/y3lWCwiP498hO9TYTVG3jUQwG2Y2kwKEoFQs4b0qgCE?cid=[CLICK_ID]&sid=[SUB_ID]
552 B
700 B
Document
General
Full URL
https://operatesophisticatedcompletelyinfo-program.info/y3lWCwiP498hO9TYTVG3jUQwG2Y2kwKEoFQs4b0qgCE?cid=[CLICK_ID]&sid=[SUB_ID]
Requested by
Host: ganda-ljo.com
URL: https://ganda-ljo.com/zclkredirect?visitid=76f69681-b643-11ee-b79c-12fbcb9b0367&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false&usingEventListener=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.17.153.178 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-17-153-178.compute-1.amazonaws.com
Software
nginx /
Resource Hash
a980b60a8922f510d2da527e74ec9443a57dcc65444dbd6a3ae87dceb28090eb

Request headers

Referer
https://ganda-ljo.com/zclkredirect?visitid=76f69681-b643-11ee-b79c-12fbcb9b0367&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false&usingEventListener=true
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
keep-alive
Content-Length
552
Content-Type
text/html
Date
Thu, 18 Jan 2024 20:52:18 GMT
Server
nginx

Redirect headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8479b88f3de343b5-EWR
content-type
text/html
date
Thu, 18 Jan 2024 20:52:18 GMT
location
https://operatesophisticatedcompletelyinfo-program.info/y3lWCwiP498hO9TYTVG3jUQwG2Y2kwKEoFQs4b0qgCE?cid=[CLICK_ID]&sid=[SUB_ID]
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kMwtUO72iM2S131q2WfAqb9hFn5Q7t7L5J2ozVV0AXZ6FIxDvjkwzrYZluwvx2yNZ3WsIRS93T0VEMbTXZC3jnWy6MOQ5AiW0Z4%2BcWK4lVp0tjDcW9ThNd0Sm%2FAa4xQsYjrKQl56ICu6ZFJpJ1RG"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=15724800; includeSubDomains

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.melvister.com
URL
https://www.melvister.com/wp-content/uploads/2015/09/kes-malaysia.jpg
Domain
www.melvister.com
URL
https://www.melvister.com/wp-content/uploads/2015/09/malaysia-vs-arab.jpg
Domain
www.melvister.com
URL
https://www.melvister.com/wp-content/uploads/2015/09/puak.jpg
Domain
www.melvister.com
URL
https://www.melvister.com/wp-content/uploads/2015/09/kebakaran.jpg
Domain
www.melvister.com
URL
https://www.melvister.com/wp-content/uploads/2015/09/malaysia-1.jpg
Domain
www.melvister.com
URL
https://www.melvister.com/wp-content/uploads/2015/09/malaysia-2.jpg
Domain
www.melvister.com
URL
https://www.melvister.com/wp-content/uploads/2015/09/malaysia-3.jpg
Domain
www.melvister.com
URL
https://www.melvister.com/wp-content/uploads/2015/09/malaysia-5.jpg
Domain
busuk.org
URL
https://busuk.org/banner.jpg
Domain
cplus.com.my
URL
http://cplus.com.my/openx/www/delivery/spcjs.php?id=439
Domain
eccdn1.synad3.nuffnang.com.my
URL
http://eccdn1.synad3.nuffnang.com.my/lb.js
Domain
synad2.nuffnang.com.my
URL
http://synad2.nuffnang.com.my/ss.js
Domain
scontent-iad3-1.xx.fbcdn.net
URL
https://scontent-iad3-1.xx.fbcdn.net/v/t39.30808-6/418727305_781196310717715_6712858121578558001_n.jpg?stp=dst-jpg_p235x350&_nc_cat=110&ccb=1-7&_nc_sid=a0818e&_nc_ohc=-578j0qzF3AAX-3vwT1&_nc_ht=scontent-iad3-1.xx&edm=AEDRbFQEAAAA&oh=00_AfD-3slj1NH0zfZ6Sjw2ITmV8T9zfzqsj1rmEXLYn9bNAA&oe=65AF5E9D
Domain
scontent-iad3-2.xx.fbcdn.net
URL
https://scontent-iad3-2.xx.fbcdn.net/v/t15.5256-10/415276003_901934284871426_7283530131165750118_n.jpg?stp=dst-jpg_p280x280&_nc_cat=105&ccb=1-7&_nc_sid=869369&_nc_ohc=dQOhnXR24fYAX80Uahe&_nc_ht=scontent-iad3-2.xx&edm=AEDRbFQEAAAA&oh=00_AfCVUh8u92LtbQbcpQtFA0ATjrwxSSi0bguQP0P65SBpMA&oe=65ADA65F
Domain
googleads.g.doubleclick.net
URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Domain
www.blogger.com
URL
https://www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.E5jR4BOSLxQ.es5.O/ck=boq-blogger.BloggerCommentUi.qmyDtqYr5vs.L.B1.O/am=AwYSBg/d=1/exm=A7fCU,BVgquf,COQbmf,EEDORb,EFQ78c,IZT63,JNoxi,KG2eXe,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,Mlhmy,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,PrPYRd,RMhBfe,RqjULd,SdcwHb,SpsfSb,U0aPgd,UUJqVe,Uas9Hd,Ulmmrd,V3dDOb,VXdfxd,VwDzFe,WO9ee,XVMNvd,YwHGTd,Z5uLle,ZfAoz,ZwDk9d,_b,_tp,aW3pY,aurFic,byfTOb,duFQFc,e5qFLc,eD1YLc,fKUV3e,fgib1c,gZjhIf,gychg,hKSk3e,hc6Ubd,kWgXee,kjKdXe,lazG7b,lsjVmc,lwddkf,mI3LFb,mdR7q,n73qwf,ovKuLd,pjICDe,pxq3x,vfuNJf,w9hDv,wmnU7d,ws9Tlc,xQtZb,xUdipf,yDVVkb,zbML3c,zr1jrb/excm=_b,_tp,commentformiframeview/ed=1/wt=2/ujg=1/rs=AEy-KP2qIjNO6iZHNUUacLGFrcGY-b0AQQ/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:duFQFc/m=bm51tf
Domain
jnn-pa.googleapis.com
URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Domain
www.youtube.com
URL
https://www.youtube.com/s/player/42a553e1/player_ias.vflset/en_US/remote.js
Domain
www.google.com
URL
https://www.google.com/js/th/QaMcj-JulTnv9WX-ZKiswnw1NZ6KstGU-WkCl6294a4.js
Domain
i.ytimg.com
URL
https://i.ytimg.com/vi_webp/9ps97StqPxM/hqdefault.webp
Domain
yt3.ggpht.com
URL
https://yt3.ggpht.com/ytc/AIf8zZRhjD4njsOGYxLFsvoJxR73IOJVq8XPHLcLsA=s68-c-k-c0x00ffffff-no-rj
Domain
www.google.com
URL
https://www.google.com/recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu
Domain
www.blogger.com
URL
https://www.blogger.com/_/BloggerCommentUi/jserror?script=https%3A%2F%2Fwww.blogger.com%2Fcomment%2Fframe%2F8306328461180016453%3Fpo%3D4016776587373148261%26hl%3Den%26blogspotRpcToken%3D8067955%23%257B%2522color%2522%253A%2522rgb(34%252C%252034%252C%252034)%2522%252C%2522backgroundColor%2522%253A%2522rgb(255%252C%2520255%252C%2520255)%2522%252C%2522unvisitedLinkColor%2522%253A%2522rgb(61%252C%2520133%252C%2520198)%2522%252C%2522fontFamily%2522%253A%2522%255C%2522Segoe%2520UI%255C%2522%252C%2520serif%2522%257D&error=Failed%20to%20retrieve%20dependencies%20of%20service%20pjICDe%3A%20Failed%20to%20retrieve%20dependencies%20of%20service%20pjICDe%3A%20Failed%20to%20retrieve%20dependencies%20of%20service%20zr1jrb%3A%20Failed%20to%20retrieve%20dependencies%20of%20service%20zbML3c%3A%20Failed%20to%20retrieve%20dependencies%20of%20service%20MdUzUe%3A%20Failed%20to%20retrieve%20dependencies%20of%20service%20Z5uLle%3A%20gbar%20is%20not%20defined&line=Not%20available
Domain
loadus.exelator.com
URL
https://loadus.exelator.com/load/?p=847&g=001&j=0&gdpr=0&gdpr_consent=
Domain
bcp.crwdcntrl.net
URL
https://bcp.crwdcntrl.net/5/c=9084/tp=SARE/tpid=ZGKABWWpj4AAAAAIZI9pAw%3D%3D&gdpr=0&gdpr_consent=?https%3A%2F%2Fsync.sharethis.com%2Fint%2Flotame%3Fuid%3D%24%7Bprofile_id%7D%26gdpr%3D0%26gdpr_consent%3D
Domain
match.adsrvr.org
URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent=
Domain
ps.eyeota.net
URL
https://ps.eyeota.net/pixel?pid=1mpb5m0&t=gif&gdpr=0&gdpr_consent=
Domain
ml314.com
URL
https://ml314.com/utsync.ashx?eid=50131&et=13&cid=lr&fp=ZGKABWWpj4AAAAAIZI9pAw%3D%3D&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fidsync.rlcdn.com%2F395886.gif%3Fpartner_uid%3D%5BPersonID%5D
Domain
cms.analytics.yahoo.com
URL
https://cms.analytics.yahoo.com/cms?partner_id=SHARE&gdpr=0&euconsent=
Domain
px.ads.linkedin.com
URL
https://px.ads.linkedin.com/db_sync?pid=12608&puuid=ZGKABWWpj4AAAAAIZI9pAw%3D%3D&rand=1705611137834&gdpr=0&gdpr_consent=?https%3A%2F%2Fsync.sharethis.com%2Fdrawbridge%3Fuid%3D%24%7BUUID%7D%26gdpr%3D0%26gdpr_consent%3D
Domain
t.sharethis.com
URL
https://t.sharethis.com/d/a.gif?cid=c010&dmn=aans1.blogspot.com&gdpr_domain=false&tt=t.dhj&dhjLcy=299&lbl=pxcel&flbl=pxcel&ll=d&ver=1.1268.23381&ell=d&cck=__stid&pn=%2F2015%2F09%2Fperlawanan-dihentikan-tindakan-cerdik.html&qs=na&rdn=aans1.blogspot.com&rpn=%2F2015%2F09%2Fperlawanan-dihentikan-tindakan-cerdik.html&rqs=na&cc=US&cont=NA&evid=lMJWe0YABBiOnrJqgBN0&urls=!2!0!b-10q,!2!0!b-12t,!2!0!b-10l,!2!0!b-10x,!2!0!b-125,!2!0!b-17y,!2!0!b-12h&rnd=1705611137840&cid=c010&version=1.1268.23381&cc=US&cont=NA&repeat=0&htmLcy=662&sndBcn=1
Domain
www.youtube.com
URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Domain/Path Name / Value
.google.com/ Name: NID
Value: 511=peYI9ThckCUB4XxPoXmdWYaVaj0pW_S-OAZuNVzzkntJc4Umrcsv0Z7qdtDaYl-H1vkaOfYzJmAx4iBxccOxmLNjQT_RAIoshFo28tqIze8V7EP2M9kRSPlAhyRxs4fOlyvvtCgksTtWklWe-FYauwr4NWnldtJ0WFqKkQNNZjY
.sharethis.com/ Name: __stid
Value: ZGKABWWpj4AAAAAIZI9pAw==
.sharethis.com/ Name: __stidv
Value: 2
.youtube.com/ Name: YSC
Value: EjG6_9AKe6c
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: AKu-618qx0M
.dtscout.com/ Name: m
Value: 1
.dtscout.com/ Name: st
Value: 1
.dtscout.com/ Name: oa
Value: 1
.dtscout.com/ Name: df
Value: 1705611136
.dtscout.com/ Name: l
Value: 51A0170561113688C88A033E64E00CD2
.aans1.blogspot.com/ Name: lotame_domain_check
Value: aans1.blogspot.com
.crwdcntrl.net/ Name: _cc_dc
Value: 0
.crwdcntrl.net/ Name: _cc_id
Value: bcbfd74a38708bc1c3b5c1ba4228f567
.aans1.blogspot.com/ Name: _cc_id
Value: bcbfd74a38708bc1c3b5c1ba4228f567
.aans1.blogspot.com/ Name: panoramaId_expiry
Value: 1705697537214
.t.sharethis.com/ Name: pxcelPage_default_c010
Value: 0_7_1705611137834
wsafeguardpush.com/ Name: PHPSESSID
Value: ua30alfnk9al0bus84av5oqs1v

15 Console Messages

Source Level URL
Text
network error URL: http://cplus.com.my/openx/www/delivery/spcjs.php?id=439
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: http://eccdn1.synad3.nuffnang.com.my/lb.js
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://www.melvister.com/wp-content/uploads/2015/09/kes-malaysia.jpg
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://www.melvister.com/wp-content/uploads/2015/09/malaysia-1.jpg
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://www.melvister.com/wp-content/uploads/2015/09/kebakaran.jpg
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://www.melvister.com/wp-content/uploads/2015/09/puak.jpg
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://www.melvister.com/wp-content/uploads/2015/09/malaysia-2.jpg
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://www.melvister.com/wp-content/uploads/2015/09/malaysia-vs-arab.jpg
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://www.melvister.com/wp-content/uploads/2015/09/malaysia-3.jpg
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: http://synad2.nuffnang.com.my/ss.js
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://www.melvister.com/wp-content/uploads/2015/09/malaysia-5.jpg
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
security error (Line 6)
Message:
This document requires 'TrustedScript' assignment.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'bluetooth'.
network error URL: https://operatesophisticatedcompletelyinfo-program.info/y3lWCwiP498hO9TYTVG3jUQwG2Y2kwKEoFQs4b0qgCE?cid=[CLICK_ID]&sid=[SUB_ID]
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
4.bp.blogspot.com
aans1.blogspot.com
aans1.blogspot.my
apis.google.com
bcp.crwdcntrl.net
busuk.org
cms.analytics.yahoo.com
count-server.sharethis.com
cplus.com.my
eccdn1.synad3.nuffnang.com.my
fonts.googleapis.com
fonts.gstatic.com
ganda-ljo.com
get.s-onetag.com
go.padsdel.com
go.padstm.com
googleads.g.doubleclick.net
i.ytimg.com
jnn-pa.googleapis.com
l.sharethis.com
loadus.exelator.com
match.adsrvr.org
ml314.com
operatesophisticatedcompletelyinfo-program.info
pd.sharethis.com
platform-api.sharethis.com
platform.twitter.com
pro.finalice.net
ps.eyeota.net
px.ads.linkedin.com
resources.blogblog.com
scontent-iad3-1.xx.fbcdn.net
scontent-iad3-2.xx.fbcdn.net
static.doubleclick.net
static.xx.fbcdn.net
synad2.nuffnang.com.my
t.dtscout.com
t.sharethis.com
w.sharethis.com
widgets.amung.us
ws.sharethis.com
wsafeguardpush.com
www.blogger.com
www.clicksasia.com
www.facebook.com
www.google.com
www.melvister.com
www.youtube.com
yt3.ggpht.com
bcp.crwdcntrl.net
busuk.org
cms.analytics.yahoo.com
cplus.com.my
eccdn1.synad3.nuffnang.com.my
googleads.g.doubleclick.net
i.ytimg.com
jnn-pa.googleapis.com
loadus.exelator.com
match.adsrvr.org
ml314.com
ps.eyeota.net
px.ads.linkedin.com
scontent-iad3-1.xx.fbcdn.net
scontent-iad3-2.xx.fbcdn.net
synad2.nuffnang.com.my
t.sharethis.com
www.blogger.com
www.google.com
www.melvister.com
www.youtube.com
yt3.ggpht.com
139.45.197.238
139.45.197.239
170.39.226.155
18.191.83.3
18.238.55.87
23.48.224.79
2600:9000:211c:3a00:3:c04e:c780:93a1
2606:2800:220:131d:1d30:1f1d:238b:1e56
2606:4700:10::6816:4aab
2606:4700:21::8d65:780b
2606:4700:3031::6815:2e27
2607:f8b0:4004:c19::66
2607:f8b0:4006:807::200a
2607:f8b0:4006:80c::2001
2607:f8b0:4006:80c::2003
2607:f8b0:4006:81e::2009
2607:f8b0:4006:821::2006
2607:f8b0:4006:822::2001
2607:f8b0:4006:823::200a
2607:f8b0:4006:824::200e
2a03:2880:f003:100:face:b00c:0:3
2a03:2880:f003:c0e:face:b00c:0:3
2a03:2880:f012:10c:face:b00c:0:3
2a03:2880:f112:83:face:b00c:0:25de
3.14.20.113
3.161.150.8
3.163.115.42
3.93.251.206
50.17.153.178
52.200.240.59
52.201.6.220
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
1a2eca9e492e3a21e02dd77ad44d7af45c4091d35ede79e948b7a3f23e5b3617
2db331ff66567494dcd9912ecdfe782fbe3416afa2235aceb4360c45fc9f7430
3938c63e8b782001c4b451b439634c1380b1e262d919e11ba7374862835d83e4
394851aa5b50c25c7cd5498ff2f5b1575591265b82c07dcd1848894aef3f7700
5610b5ea3ee9980442e7ecb7f199e6fb7c9dc28dea4c83502d7badbe76cc53a1
63326a1c4e0eddd3501f0a064b06a2708eb0362f3ae934f53145978d3d0799b5
73402e08e7c160348558102100e1b1dbcab884480b4887f7b6fc5167c96a5396
739dbea7eb85c2e12156177af95d71cf74a08ce110a56c39e1ee2ff390a07e9b
a980b60a8922f510d2da527e74ec9443a57dcc65444dbd6a3ae87dceb28090eb
b24bc09a6345b5ff13f8ed35497ae71ecb464dbde6470fdb6ff9a409d7cdd59a
bb1609e85d8370b7259775c76a2ba7456ee2ed72cb45cb68e59f14d3a6b0a0a5
c031caee6292f7746af7052b3bea47d1e25ae21e1aa1c05d450d2fae91b9ef65
c06ec88641687c7f653a3e6b3a601130400dc1698afe67c531d693406cd99440
c92c3814d5c8ef8bd016d9cb4dec18ff0dfca4a3f2b4968207888383095e0197
ca9848e6006cfec8f9ffa29433ade8152204bdb95579200831c6dc0f53dff70b
d7ccce9a24e9fb35e35609d658d3d905f2c045bd5ad1e354f5e1820c373ddb35
d86e5bbbff2909f2cefcd5edbbb5b224660e76913e3872dc029758206955a8c6