r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash cdbad2434b7d127a4fc769807a9dc3e7
fa98cd9fc2309ab4423f33f683d17bdb17d76713
560cbbb751ab2884024da3b93fba6bc45c6434797dba72a98c05e7fc2bb94bc1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "560CBBB751AB2884024DA3B93FBA6BC45C6434797DBA72A98C05E7FC2BB94BC1"
Last-Modified: Sat, 26 Nov 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6100
Expires: Sun, 27 Nov 2022 09:04:05 GMT
Date: Sun, 27 Nov 2022 07:22:25 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 15b59d5e62caedb4bec3ba6724906c1e
960f801e608a56fdd11449f4face29f62cad2b21
8c72a45737c2eeddf328b0ed3236f3243551d904e94ec9dd7254972ebfb9229e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1777
Cache-Control: max-age=99500
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 07:22:25 GMT
Etag: "6381eaec-1d7"
Expires: Mon, 28 Nov 2022 11:00:45 GMT
Last-Modified: Sat, 26 Nov 2022 10:31:08 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 567df7db606cf5d0871aa5bc9311b6da
4263faac7cbab2fcaf6661911dcad5091c06be17
e9650e1fdc46fc8678708ddcc37ab369c7a6d50489a004be896f20c7a3a644b0
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 27 Nov 2022 07:17:37 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 288
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 71f9c681a82440fd55e76c780a20e55d
3147768cfbcdd06e0c6e69684292e68e99917a80
5ea71ce6dd9e927f9bb3f97f59cc1ac7dc25a949024815965b29bc5835614786
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5EA71CE6DD9E927F9BB3F97F59CC1AC7DC25A949024815965B29BC5835614786"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13025
Expires: Sun, 27 Nov 2022 10:59:30 GMT
Date: Sun, 27 Nov 2022 07:22:25 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: N20tT2kwBXFzjN1o33ClPNZkEFTGzriwv+7bEioBbniqklKu0cOQBqXhTEc82It59/7H2uk8oag=
x-amz-request-id: E624PDR844Z7Z713
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 27 Nov 2022 06:41:32 GMT
age: 2453
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 27 Nov 2022 07:22:25 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 3777052dd051aadd51d7ed0abe02aeb8
ef84205bb29e91e9b0bc1dec2bb1d087937dd74f
5f2c213da2f9b19ecd1a1b8b2eef8c431dad7a587bdb24338741b0848b2228c9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 07:22:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash ca9a5a187a9301acd15cc891755a13c8
1522515a371821fe1c94ce773898f2e913e03012
469bcc07c9e15d43d093697277d75eaa3199cb3f455b6fd32daaa0153f4e0f98
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 07:22:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.blogger.com/static/v1/widgets/55013136-widget_css_bundle.css
142.250.74.105200 OK 6.6 kB URL HTTP/2 www.blogger.com/static/v1/widgets/55013136-widget_css_bundle.css
IP 142.250.74.105:0
File type ASCII text, with very long lines (30596)
Hash 6f46e6f68353c7911fe34f31faa1518f
ea4dbfa2f87c18e9c51c59a32dfa9afb9c2c3472
0be7e26374fcff6f423b88e5f2a05d1cfdcb56abb4a78fa125e391989782ae0f
GET /static/v1/widgets/55013136-widget_css_bundle.css HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ambuyatel-binangkit.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 6620
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 22 Nov 2022 20:32:38 GMT
expires: Wed, 22 Nov 2023 20:32:38 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 22 Nov 2022 12:53:21 GMT
content-type: text/css
age: 384587
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
resources.blogblog.com/img/icon18_email.gif
142.250.74.105200 OK 164 B URL HTTP/2 resources.blogblog.com/img/icon18_email.gif
IP 142.250.74.105:0
File type GIF image data, version 89a, 18 x 13\012- data
Hash 36b9f993db1b953f3b9b08040aaf9af4
18248661b307586dc291fd2dff4bb59cf7579475
1258cbe1e2900ec3df11a83a6bb6008d7a833f783a6df80b0d5d45a052ac1466
GET /img/icon18_email.gif HTTP/1.1
Host: resources.blogblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ambuyatel-binangkit.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 164
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 22 Nov 2022 15:02:17 GMT
expires: Tue, 29 Nov 2022 15:02:17 GMT
cache-control: public, max-age=604800
last-modified: Mon, 21 Nov 2022 18:53:15 GMT
content-type: image/gif
age: 404408
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
resources.blogblog.com/img/icon18_edit_allbkg.gif
142.250.74.105200 OK 162 B URL HTTP/2 resources.blogblog.com/img/icon18_edit_allbkg.gif
IP 142.250.74.105:0
File type GIF image data, version 89a, 18 x 18\012- data
Hash c991641178ff05adf0d004298b5eafa9
d8f6ce8ecd92b86d49849360f6b81ceb10b4c941
ca9848e6006cfec8f9ffa29433ade8152204bdb95579200831c6dc0f53dff70b
GET /img/icon18_edit_allbkg.gif HTTP/1.1
Host: resources.blogblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ambuyatel-binangkit.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 162
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 22 Nov 2022 14:43:55 GMT
expires: Tue, 29 Nov 2022 14:43:55 GMT
cache-control: public, max-age=604800
last-modified: Mon, 21 Nov 2022 15:52:34 GMT
content-type: image/gif
age: 405510
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
apis.google.com/js/platform.js
142.250.74.174200 OK 21 kB URL HTTP/2 apis.google.com/js/platform.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1279)
Hash 7ac44ef24e267df17ff72f195b252806
62db12d9ce11a576ccd7fa3544d851c5fd42f3b7
aae7897e7b55999c1b3166309381d19ac488dced51e14071339d8b193a686a61
GET /js/platform.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ambuyatel-binangkit.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 20984
date: Sun, 27 Nov 2022 07:22:25 GMT
expires: Sun, 27 Nov 2022 07:22:25 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "7446758f13887885"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.blogger.com/static/v1/jsbin/3469866930-comment_from_post_iframe.js
142.250.74.105200 OK 6.6 kB URL HTTP/2 www.blogger.com/static/v1/jsbin/3469866930-comment_from_post_iframe.js
IP 142.250.74.105:0
File type ASCII text, with very long lines (1441)
Hash f60e5037324bf7fd2256c16929886f09
aae4b1aea3737e0268e3578dd1d0e7cfe6c6d66b
71846da8d45274b77549b110389ab3dbcb8ce042051b5c39547909c1c343dfde
GET /static/v1/jsbin/3469866930-comment_from_post_iframe.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ambuyatel-binangkit.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 6573
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 22 Nov 2022 18:59:43 GMT
expires: Wed, 22 Nov 2023 18:59:43 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Nov 2022 19:52:12 GMT
content-type: text/javascript
age: 390162
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 3777052dd051aadd51d7ed0abe02aeb8
ef84205bb29e91e9b0bc1dec2bb1d087937dd74f
5f2c213da2f9b19ecd1a1b8b2eef8c431dad7a587bdb24338741b0848b2228c9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 07:22:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 3777052dd051aadd51d7ed0abe02aeb8
ef84205bb29e91e9b0bc1dec2bb1d087937dd74f
5f2c213da2f9b19ecd1a1b8b2eef8c431dad7a587bdb24338741b0848b2228c9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 07:22:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 88e42375d2172305f819b892225cf877
674324641f82700172e72fe259ee2241361e2ea1
6dce3754a67df878b536c368657a492a1f908d408fe7fe5ba43c5d24c44434b3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 07:22:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.geaHZXF2-fw.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/cb=gapi.loaded_0?le=scs
142.250.74.174200 OK 58 kB URL HTTP/2 apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.geaHZXF2-fw.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/cb=gapi.loaded_0?le=scs
IP 142.250.74.174:0
File type ASCII text, with very long lines (580)
Hash 813b15c3004464f6bd39fd0773b04757
bd2218fe1e647f61132aad70d29cd91fd0416f26
446c6d83404c0fc4bc1ca6e1c0895f9400309185a534b3f4b6d500e668efeadf
GET /_/scs/abc-static/_/js/k=gapi.lb.en.geaHZXF2-fw.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/cb=gapi.loaded_0?le=scs HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ambuyatel-binangkit.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 57794
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 09:56:18 GMT
expires: Thu, 23 Nov 2023 09:56:18 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 01 Nov 2022 15:24:55 GMT
content-type: text/javascript; charset=UTF-8
age: 336367
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ambuyatel-binangkit.blogspot.com/2009/08/teori-konspirasi-influenza-h1n1.html
142.250.74.161200 OK 77 kB URL HTTP/1.1 ambuyatel-binangkit.blogspot.com/2009/08/teori-konspirasi-influenza-h1n1.html
IP 142.250.74.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (20275)
Hash e3f17963c67601ca8098c48d9ce1df4d
c3403c2a6ab05268107d5809d4a2d80175dc6efb
06d16a6f1109d27023dbed5441de189ed2f1a6ffff116187f902f0b442a11f67
GET /2009/08/teori-konspirasi-influenza-h1n1.html HTTP/1.1
Host: ambuyatel-binangkit.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Expires: Sun, 27 Nov 2022 07:22:25 GMT
Date: Sun, 27 Nov 2022 07:22:25 GMT
Cache-Control: private, max-age=0
Last-Modified: Tue, 08 Nov 2022 17:03:13 GMT
ETag: W/"a7c5221d88a3b5e3f22e150efa58d9391d1f3bbced1b355e4b2fa769163fac09"
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 77303
Server: GSE
pagead2.googlesyndication.com/pagead/js/google_top_exp.js
142.250.74.130200 OK 67 B URL HTTP/1.1 pagead2.googlesyndication.com/pagead/js/google_top_exp.js
IP 142.250.74.130:0
Hash 9bbc3ca32ec951a484589ce0e6b4db73
753d6f6183b33b2dee5dde2208fca91c17f5bb13
b8f16a16d2a7ea39a9cc079fdbe3af7d31393d62a853668bdd549e0a0311cb3c
GET /pagead/js/google_top_exp.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ambuyatel-binangkit.blogspot.com/
HTTP/1.1 200 OK
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: cafe
Content-Length: 67
X-XSS-Protection: 0
Date: Sat, 26 Nov 2022 10:51:15 GMT
Expires: Sat, 10 Dec 2022 10:51:15 GMT
Cache-Control: public, max-age=1209600
Age: 73870
ETag: 13036835877489095579
Content-Type: text/javascript; charset=UTF-8
2.bp.blogspot.com/__fXdPvxOQ8U/Sl8hzis2-3I/AAAAAAAAAeo/F5FfqPLfNjE/S1600-R/mailslot.gif
142.250.74.161200 OK 3.6 kB URL HTTP/1.1 2.bp.blogspot.com/__fXdPvxOQ8U/Sl8hzis2-3I/AAAAAAAAAeo/F5FfqPLfNjE/S1600-R/mailslot.gif
IP 142.250.74.161:0
File type GIF image data, version 89a, 72 x 81\012- data
Hash ea7c294c183f237f515ae4f46bbebe2a
b0b73e92b457a31fddd0745e4ee3899c4abd12c9
297ca7fb21d83958c191c1b267e7067a839cad5135080c207263dc11643a0e21
GET /__fXdPvxOQ8U/Sl8hzis2-3I/AAAAAAAAAeo/F5FfqPLfNjE/S1600-R/mailslot.gif HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ambuyatel-binangkit.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="mailslot.gif"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 3571
X-XSS-Protection: 0
Date: Sun, 27 Nov 2022 07:22:25 GMT
Expires: Fri, 25 Nov 2022 14:35:01 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v305"
Content-Type: image/gif
Age: 0
www.blogger.com/dyn-css/authorization.css?targetBlogID=8477566149422522776&zx=1dffbfc4-ecc0-4197-a4ee-1024bd7d0906
142.250.74.105200 OK 21 B URL HTTP/2 www.blogger.com/dyn-css/authorization.css?targetBlogID=8477566149422522776&zx=1dffbfc4-ecc0-4197-a4ee-1024bd7d0906
IP 142.250.74.105:0
File type very short file (no magic)
Hash a62e4d501434033d5d177e67d3aafdd0
34f7300c9ed47334cf10826d57af785321e3138b
b0cabcbfed4b1830ab1956efbd2eec32289a968323cb854a47ef98360ed0f522
GET /dyn-css/authorization.css?targetBlogID=8477566149422522776&zx=1dffbfc4-ecc0-4197-a4ee-1024bd7d0906 HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ambuyatel-binangkit.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 27 Nov 2022 07:22:25 GMT
last-modified: Sun, 27 Nov 2022 07:22:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-length: 21
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
forum.ozkorallah.com/sing/69.gif
3.130.204.160404 Not Found 791 B URL HTTP/1.0 forum.ozkorallah.com/sing/69.gif
IP 3.130.204.160:0
Hash 2bee9e9a031c47700122ab1544e99097
27c034c492982e88955ceb515ba63c01eee514f8
c36f2f39b8cde596ab47173973aa4f096e73c233a0b2eb71e9de97d772735282
GET /sing/69.gif HTTP/1.1
Host: forum.ozkorallah.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ambuyatel-binangkit.blogspot.com/
HTTP/1.0 404 Not Found
cache-control: no-cache
content-type: text/html
x-reason: MediaRequest
3.bp.blogspot.com/__fXdPvxOQ8U/SoJyNKgyBQI/AAAAAAAAAjk/7c5cBB-DVFE/S1600-R/DoaSelamatDariPenyakit.jpg
142.250.74.161200 OK 29 kB URL HTTP/1.1 3.bp.blogspot.com/__fXdPvxOQ8U/SoJyNKgyBQI/AAAAAAAAAjk/7c5cBB-DVFE/S1600-R/DoaSelamatDariPenyakit.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Google], baseline, precision 8, 283x400, components 3\012- data
Hash 1e0c25dcda28c9db0aa1705093463dd1
51ebd131c785238f383f4ce93a7fdf6fc443139c
ede37b30f62e5b88d019cc80a1bf093594fd2ab0cadfafea2a11f62d919b3146
GET /__fXdPvxOQ8U/SoJyNKgyBQI/AAAAAAAAAjk/7c5cBB-DVFE/S1600-R/DoaSelamatDariPenyakit.jpg HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ambuyatel-binangkit.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="DoaSelamatDariPenyakit.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 28702
X-XSS-Protection: 0
Date: Sun, 27 Nov 2022 07:22:25 GMT
Expires: Fri, 25 Nov 2022 14:35:01 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v239"
Content-Type: image/jpeg
Age: 0
bp1.blogger.com/__fXdPvxOQ8U/R-J-h3VqoDI/AAAAAAAAAPY/ylGWysa44aw/S1600-R/Al-Quran.jpg
142.250.74.174301 Moved Permanently 292 B URL HTTP/1.1 bp1.blogger.com/__fXdPvxOQ8U/R-J-h3VqoDI/AAAAAAAAAPY/ylGWysa44aw/S1600-R/Al-Quran.jpg
IP 142.250.74.174:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 2bd3f7a322283f337188d403bb3a2be9
3e45fc80a3c4e5b71d936e0ae0203d5681ba40ff
f877d0da2f8d0a82f4e0e69ef0f9a93f840be61e2ed22455b6b9bb7e85350168
GET /__fXdPvxOQ8U/R-J-h3VqoDI/AAAAAAAAAPY/ylGWysa44aw/S1600-R/Al-Quran.jpg HTTP/1.1
Host: bp1.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ambuyatel-binangkit.blogspot.com/
HTTP/1.1 301 Moved Permanently
Location: https://1.bp.blogspot.com/__fXdPvxOQ8U/R-J-h3VqoDI/AAAAAAAAAPY/ylGWysa44aw/S1600-R/Al-Quran.jpg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Type: text/html; charset=UTF-8
Date: Sun, 27 Nov 2022 07:22:25 GMT
Expires: Tue, 27 Dec 2022 07:22:25 GMT
Cache-Control: public, max-age=2592000
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 292
X-XSS-Protection: 0
3.bp.blogspot.com/__fXdPvxOQ8U/StIR4JJ6OnI/AAAAAAAAAos/wPiPuzwhOYU/S1600-R/Mount_kinabalu_panorama.jpg
142.250.74.161200 OK 39 kB URL HTTP/1.1 3.bp.blogspot.com/__fXdPvxOQ8U/StIR4JJ6OnI/AAAAAAAAAos/wPiPuzwhOYU/S1600-R/Mount_kinabalu_panorama.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=5, description= , orientation=[*0*], software=Google], baseline, precision 8, 1600x284, components 3\012- data
Hash 3bf73bdc986ea900fd9598baf683e597
e6955a2fb9450356b2016770f28dd952393050b9
b88d4481d799277ff0aa654b08a0bce65fbc0b24be51f0c1524b975ed5d367b9
GET /__fXdPvxOQ8U/StIR4JJ6OnI/AAAAAAAAAos/wPiPuzwhOYU/S1600-R/Mount_kinabalu_panorama.jpg HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ambuyatel-binangkit.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="Mount_kinabalu_panorama.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 38700
X-XSS-Protection: 0
Date: Sun, 27 Nov 2022 07:22:26 GMT
Expires: Fri, 25 Nov 2022 14:35:01 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v28b"
Content-Type: image/jpeg
Age: 0
www.gocurrency.com/v2/gocurrcalc_t.php?id=53
104.17.88.30301 Moved Permanently 0 B URL HTTP/1.1 www.gocurrency.com/v2/gocurrcalc_t.php?id=53
IP 104.17.88.30:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v2/gocurrcalc_t.php?id=53 HTTP/1.1
Host: www.gocurrency.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ambuyatel-binangkit.blogspot.com/
HTTP/1.1 301 Moved Permanently
Date: Sun, 27 Nov 2022 07:22:26 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sun, 27 Nov 2022 08:22:26 GMT
Location: https://www.gocurrency.com/v2/gocurrcalc_t.php?id=53
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77091cd8ebad0b02-OSL
ambuyatel-binangkit.blogspot.com/js/cookienotice.js
142.250.74.161200 OK 2.0 kB URL HTTP/1.1 ambuyatel-binangkit.blogspot.com/js/cookienotice.js
IP 142.250.74.161:0
Hash c4e1ed83d89245089b8a1203be20a377
f3940e1215b89300ef97d57a25993f25243b8688
afa801a129ff6fc98533118275db8a7d4a38fc91f8ab55ed4c19b864255e68d2
GET /js/cookienotice.js HTTP/1.1
Host: ambuyatel-binangkit.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ambuyatel-binangkit.blogspot.com/2009/08/teori-konspirasi-influenza-h1n1.html
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 2026
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Thu, 24 Nov 2022 14:35:01 GMT
Expires: Thu, 01 Dec 2022 14:35:01 GMT
Cache-Control: public, max-age=604800
Last-Modified: Thu, 24 Nov 2022 13:51:25 GMT
Content-Type: text/javascript
Age: 233245
3.bp.blogspot.com/_EDii1UvLsfY/S0CdPuSOFTI/AAAAAAAAAAU/oiT6x82f8PA/S230/UTM.jpg
142.250.74.161200 OK 15 kB URL HTTP/1.1 3.bp.blogspot.com/_EDii1UvLsfY/S0CdPuSOFTI/AAAAAAAAAAU/oiT6x82f8PA/S230/UTM.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 190x230, components 3\012- data
Hash 2a17293b55fd067231d6dc0c79f50b2d
ab3ccdb188316c22eab05176057167fe5647861f
bc0c7e2f5f26b2d062232afb338d1027af0a5485d3f7471c1c47d5bc1c89ce43
GET /_EDii1UvLsfY/S0CdPuSOFTI/AAAAAAAAAAU/oiT6x82f8PA/S230/UTM.jpg HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ambuyatel-binangkit.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="UTM.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 15160
X-XSS-Protection: 0
Date: Sun, 27 Nov 2022 07:22:26 GMT
Expires: Fri, 25 Nov 2022 14:35:01 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v5"
Content-Type: image/jpeg
Age: 0
4.bp.blogspot.com/__fXdPvxOQ8U/SmXCTV8DIUI/AAAAAAAAAhA/-7GHOsW8V-Q/S230/polis+wanita+iran.jpg
142.250.74.161200 OK 15 kB URL HTTP/1.1 4.bp.blogspot.com/__fXdPvxOQ8U/SmXCTV8DIUI/AAAAAAAAAhA/-7GHOsW8V-Q/S230/polis+wanita+iran.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 230x153, components 3\012- data
Hash 9e803def35e32002b3a9b225e266a476
a6bb0344d8215258d3ff344a5e5212e079694310
0111bc8d629370aea8c983484ddaba4dec56bf243c620c06ee10e0e0e7351f2c
GET /__fXdPvxOQ8U/SmXCTV8DIUI/AAAAAAAAAhA/-7GHOsW8V-Q/S230/polis+wanita+iran.jpg HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ambuyatel-binangkit.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="polis wanita iran.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 14663
X-XSS-Protection: 0
Date: Sun, 27 Nov 2022 07:22:26 GMT
Expires: Fri, 25 Nov 2022 14:35:01 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v210"
Content-Type: image/jpeg
Age: 0
2.bp.blogspot.com/__fXdPvxOQ8U/Sy8l3n9iD2I/AAAAAAAAAsw/DB8iKpFUHc4/S230/Qardhawi.jpg
142.250.74.161200 OK 15 kB URL HTTP/1.1 2.bp.blogspot.com/__fXdPvxOQ8U/Sy8l3n9iD2I/AAAAAAAAAsw/DB8iKpFUHc4/S230/Qardhawi.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 230x157, components 3\012- data
Hash 697d2598fae64e6ff7335fb94b3f8441
f4e2034a6f5da035c0a69b9c896630ee8fa32130
1f180f75d356beeeb3f03d3ff1db5ed77d753ec5cc34c5ad184413ff0b99c903
GET /__fXdPvxOQ8U/Sy8l3n9iD2I/AAAAAAAAAsw/DB8iKpFUHc4/S230/Qardhawi.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ambuyatel-binangkit.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="Qardhawi.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 15220
X-XSS-Protection: 0
Date: Sun, 27 Nov 2022 07:22:26 GMT
Expires: Fri, 25 Nov 2022 14:35:01 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v2cc"
Content-Type: image/jpeg
Age: 0
4.bp.blogspot.com/__fXdPvxOQ8U/SysdRBlGTdI/AAAAAAAAAso/rbtXWljXXo4/S1600-R/maal+hijrah.gif
142.250.74.161200 OK 30 kB URL HTTP/1.1 4.bp.blogspot.com/__fXdPvxOQ8U/SysdRBlGTdI/AAAAAAAAAso/rbtXWljXXo4/S1600-R/maal+hijrah.gif
IP 142.250.74.161:0
File type PNG image data, 118 x 114, 8-bit/color RGBA, non-interlaced\012- data
Hash 160603a1dd06c9df90bda5c0dcc12964
2a1864c55b943b025c41dc2064e26baa82f6c6bc
e65406be89f66420d37a12e768eb8ccf258936995f34de9cb343a1df5d02bdea
GET /__fXdPvxOQ8U/SysdRBlGTdI/AAAAAAAAAso/rbtXWljXXo4/S1600-R/maal+hijrah.gif HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ambuyatel-binangkit.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="maal hijrah.png"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 30058
X-XSS-Protection: 0
Date: Sun, 27 Nov 2022 07:22:26 GMT
Expires: Fri, 25 Nov 2022 14:35:01 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v2ca"
Content-Type: image/png
Age: 0
1.bp.blogspot.com/__fXdPvxOQ8U/SpJX99DBBxI/AAAAAAAAAjs/4-_24YXfEVU/S230/URUT+TAPAKAKI.jpg
142.250.74.161200 OK 18 kB URL HTTP/1.1 1.bp.blogspot.com/__fXdPvxOQ8U/SpJX99DBBxI/AAAAAAAAAjs/4-_24YXfEVU/S230/URUT+TAPAKAKI.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 230x224, components 3\012- data
Hash 524002b257c37ff6502755490e33d1c3
5f90ab12c89752d8f38accfb540a80ca18bc88c9
062955d3c10225e5d243ac90e5d35d824a3237cf6439d497b2d9f06131d5922d
GET /__fXdPvxOQ8U/SpJX99DBBxI/AAAAAAAAAjs/4-_24YXfEVU/S230/URUT+TAPAKAKI.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ambuyatel-binangkit.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="URUT TAPAKAKI.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 17597
X-XSS-Protection: 0
Date: Sun, 27 Nov 2022 07:22:26 GMT
Expires: Fri, 25 Nov 2022 14:35:01 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v23b"
Content-Type: image/jpeg
Age: 0
www.widgeo.net/geocompteur/geocompteur.php?c=geocity1&id=922168&i=60.50.170.101&fonce=&claire=
104.26.10.22200 OK 2.2 kB URL HTTP/1.1 www.widgeo.net/geocompteur/geocompteur.php?c=geocity1&id=922168&i=60.50.170.101&fonce=&claire=
IP 104.26.10.22:0
File type ASCII text, with very long lines (2149)
Hash 2e6696d9f181446c5f0cca21a780a2b8
df9ad163b8f1cbab4ed2d225a63b004c1260802c
e0f39f0bdce91122ed177ad58c65b1593acb6a767509b4e7b9c3abde973e8a7e
GET /geocompteur/geocompteur.php?c=geocity1&id=922168&i=60.50.170.101&fonce=&claire= HTTP/1.1
Host: www.widgeo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ambuyatel-binangkit.blogspot.com/
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 07:22:26 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
set-cookie: w_js_ads_code=ok; expires=Sat, 03-Dec-2022 07:22:25 GMT; Max-Age=518400; path=/; domain=widgeo.net
cache-control: public, max-age=604800
expires: Sun, 04 Dec 2022 07:22:25 GMT
content-encoding: gzip
vary: Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZdLB0IYzQ2wyjVNgej8JU4qa2n94cfopRoNLE3Xz8BY5MuZJKz7MQVcEgLXVJ19MQX5S%2B4s0MwhbQVEGZ84KbAJLsK0oxTYce13WjMzbKKUs%2BM94HIEivdn3uYYwDsVf"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 77091cd83fec0b31-OSL
alt-svc: h2=":443"; ma=60
www.widgeo.net/tracking.php?id=894375
104.26.10.22200 OK 20 B URL HTTP/1.1 www.widgeo.net/tracking.php?id=894375
IP 104.26.10.22:0
Hash 7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
GET /tracking.php?id=894375 HTTP/1.1
Host: www.widgeo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ambuyatel-binangkit.blogspot.com/
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 07:22:26 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: public, max-age=180
expires: Sun, 27 Nov 2022 07:25:25 GMT
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0jn5HZnXXHIqGHSqBrl%2BmUz0sG0ntp3a0O6Ffxk6SyCRVFJ79lgCQpa1WKSswK%2B%2FE6ZyhkugZtmnOkgXOLGgEXyJvLrq77g%2FQjvBuaZcKyCQ%2BaQ%2FMEC04TD5nsdp1eVX"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 77091cd83b980b65-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.widgeo.net/geocompteur/geolive.php?c=geolive_caroussel&adult=0&id=1045701
104.26.10.22200 OK 2.0 kB URL HTTP/1.1 www.widgeo.net/geocompteur/geolive.php?c=geolive_caroussel&adult=0&id=1045701
IP 104.26.10.22:0
File type ASCII text, with very long lines (2149)
Hash 77514aa2a0128de164900a027e680e8e
6222b185af0a1ef4765de16cb27ada663b14939e
8c38289eec2fe1cc46585df93b3adf645a123075f980d8e2bcdfb744b6df794c
GET /geocompteur/geolive.php?c=geolive_caroussel&adult=0&id=1045701 HTTP/1.1
Host: www.widgeo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ambuyatel-binangkit.blogspot.com/
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 07:22:26 GMT
Content-Type: application/javascript
Content-Length: 2032
Connection: keep-alive
set-cookie: w_js_ads_code=ok; expires=Sat, 03-Dec-2022 07:22:25 GMT; Max-Age=518400; path=/; domain=widgeo.net
cache-control: public, max-age=604800
expires: Sun, 04 Dec 2022 07:22:25 GMT
content-encoding: gzip
vary: Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RORr02RODl01k9CwRtPjGPiPaQwTR1YGFKQTlD5Mv1F2mYdea6g%2FuBKwsMvQ8YeTef9J9cxe%2BdR%2BGwQm%2Fzh2NnSnQguX2vhTWu%2Fzqan9a3AmAPKF4cSrZ4M38qWaLamQ"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 77091cd83a000b06-OSL
alt-svc: h2=":443"; ma=60
2.bp.blogspot.com/__fXdPvxOQ8U/Szi18HoLutI/AAAAAAAAAtg/wTetgYst9KE/S230/MENAKJUBKAN.jpg
142.250.74.161200 OK 14 kB URL HTTP/1.1 2.bp.blogspot.com/__fXdPvxOQ8U/Szi18HoLutI/AAAAAAAAAtg/wTetgYst9KE/S230/MENAKJUBKAN.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 230x221, components 3\012- data
Hash 2135fc63120e20b4915d858c7c7603fe
33641c9690054f820af9402e42da7c138b3d0321
2bd18a255f0414f443e3bbe0214e60232df885b932b2dc037fe92228a493d64d
GET /__fXdPvxOQ8U/Szi18HoLutI/AAAAAAAAAtg/wTetgYst9KE/S230/MENAKJUBKAN.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ambuyatel-binangkit.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="MENAKJUBKAN.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 13823
X-XSS-Protection: 0
Date: Sun, 27 Nov 2022 07:22:26 GMT
Expires: Fri, 25 Nov 2022 14:35:01 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v2d8"
Content-Type: image/jpeg
Age: 0
1.bp.blogspot.com/__fXdPvxOQ8U/SpsGgIffR3I/AAAAAAAAAj8/8_kkmFBNs54/S150/RAMADHAN+KAREEM.jpg
142.250.74.161200 OK 16 kB URL HTTP/1.1 1.bp.blogspot.com/__fXdPvxOQ8U/SpsGgIffR3I/AAAAAAAAAj8/8_kkmFBNs54/S150/RAMADHAN+KAREEM.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 150x113, components 3\012- data
Hash 0b0a1a39970194ae0c4844ef7415c05c
6a15df26093a6ed9ac28f81462d42eb476e55c34
a7dc63be4899ee9e7f29e4c2d9ed818f6f1ca221b72a75ee1ba6e9f3d49d1fef
GET /__fXdPvxOQ8U/SpsGgIffR3I/AAAAAAAAAj8/8_kkmFBNs54/S150/RAMADHAN+KAREEM.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ambuyatel-binangkit.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="RAMADHAN KAREEM.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 15680
X-XSS-Protection: 0
Date: Sun, 27 Nov 2022 07:22:26 GMT
Expires: Fri, 25 Nov 2022 14:35:01 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v23f"
Content-Type: image/jpeg
Age: 0
1.bp.blogspot.com/__fXdPvxOQ8U/SzLWB-tlHMI/AAAAAAAAAtQ/jsJu_WcFqKE/S1600-R/bomoh_pijak.jpg
142.250.74.161200 OK 19 kB URL HTTP/1.1 1.bp.blogspot.com/__fXdPvxOQ8U/SzLWB-tlHMI/AAAAAAAAAtQ/jsJu_WcFqKE/S1600-R/bomoh_pijak.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Google], baseline, precision 8, 300x179, components 3\012- data
Hash 79a951dc15bbfacddb12b8b7992d5ffd
f5d74c46377a1ad4c32e9b104bc372cdae563c6d
3e41456aa09adfbf0df9d9af30e04ec0f06c86a38ae12307b864f813489af070
GET /__fXdPvxOQ8U/SzLWB-tlHMI/AAAAAAAAAtQ/jsJu_WcFqKE/S1600-R/bomoh_pijak.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ambuyatel-binangkit.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="bomoh_pijak.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 19218
X-XSS-Protection: 0
Date: Sun, 27 Nov 2022 07:22:26 GMT
Expires: Fri, 25 Nov 2022 14:35:01 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v2d4"
Content-Type: image/jpeg
Age: 0
1.bp.blogspot.com/__fXdPvxOQ8U/SVZTMdkzK1I/AAAAAAAAAZQ/xBMkzYiAwNQ/S1600-R/LOGO+Jom+Sertai+PAS.jpg
142.250.74.161200 OK 18 kB URL HTTP/1.1 1.bp.blogspot.com/__fXdPvxOQ8U/SVZTMdkzK1I/AAAAAAAAAZQ/xBMkzYiAwNQ/S1600-R/LOGO+Jom+Sertai+PAS.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Google], baseline, precision 8, 320x224, components 3\012- data
Hash b35b03a11d888145f0bcc97d8a597476
d409c41078490ae67efa5672fdc45c4e57cc582d
a3b862aa53f674617806ef445c1f48c992dd1a28613fe83553daff70c7360563
GET /__fXdPvxOQ8U/SVZTMdkzK1I/AAAAAAAAAZQ/xBMkzYiAwNQ/S1600-R/LOGO+Jom+Sertai+PAS.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ambuyatel-binangkit.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="LOGO Jom Sertai PAS.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 18373
X-XSS-Protection: 0
Date: Sun, 27 Nov 2022 07:22:26 GMT
Expires: Fri, 25 Nov 2022 14:35:01 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v194"
Content-Type: image/jpeg
Age: 0
4.bp.blogspot.com/__fXdPvxOQ8U/SmW4eGEUD1I/AAAAAAAAAg4/-ICnoihTtvA/S230/PETUA.JPG
142.250.74.161200 OK 20 kB URL HTTP/1.1 4.bp.blogspot.com/__fXdPvxOQ8U/SmW4eGEUD1I/AAAAAAAAAg4/-ICnoihTtvA/S230/PETUA.JPG
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 230x193, components 3\012- data
Hash 8c75340955248de3b48b8aa5164e658e
43985fc5166fe14ae92eb62592a1ecba79c1bf60
60c91ec6778935c36a76834784883a29af77f06fceef83fbf16378df33c2efce
GET /__fXdPvxOQ8U/SmW4eGEUD1I/AAAAAAAAAg4/-ICnoihTtvA/S230/PETUA.JPG HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ambuyatel-binangkit.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="PETUA.JPG"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 20537
X-XSS-Protection: 0
Date: Sun, 27 Nov 2022 07:22:26 GMT
Expires: Fri, 25 Nov 2022 14:35:01 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v20e"
Content-Type: image/jpeg
Age: 0
4.bp.blogspot.com/__fXdPvxOQ8U/SzhOi9Aa6SI/AAAAAAAAAtY/_227-1wYIFY/S1600-R/mansuhkan-isa.jpg
142.250.74.161200 OK 13 kB URL HTTP/1.1 4.bp.blogspot.com/__fXdPvxOQ8U/SzhOi9Aa6SI/AAAAAAAAAtY/_227-1wYIFY/S1600-R/mansuhkan-isa.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Google], baseline, precision 8, 262x269, components 3\012- data
Hash b8815147ea051454a99af153ecd9d689
a45770171ef7b110a3372cd3906062d66637eff0
f2d52d47e599663e2fb5aa05801efc649901607460f8210922453d599528afe0
GET /__fXdPvxOQ8U/SzhOi9Aa6SI/AAAAAAAAAtY/_227-1wYIFY/S1600-R/mansuhkan-isa.jpg HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ambuyatel-binangkit.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="mansuhkan-isa.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 13380
X-XSS-Protection: 0
Date: Sun, 27 Nov 2022 07:22:26 GMT
Expires: Sun, 27 Nov 2022 01:52:09 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v2d6"
Content-Type: image/jpeg
Age: 0
3.bp.blogspot.com/__fXdPvxOQ8U/Sl8gVJI9v3I/AAAAAAAAAeg/JWGieFlaOA0/S230/UMNO+HABIS+100K+DI+MU.jpg
142.250.74.161200 OK 21 kB URL HTTP/1.1 3.bp.blogspot.com/__fXdPvxOQ8U/Sl8gVJI9v3I/AAAAAAAAAeg/JWGieFlaOA0/S230/UMNO+HABIS+100K+DI+MU.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 230x157, components 3\012- data
Hash c41a97f76f0aa58b9f6946a61333ad3e
b0b82a10d08823bcc8f110f5694f46d97641e06f
10bbc2945159c92c4029a9b853e23407ede0258676333d077720e706986ded65
GET /__fXdPvxOQ8U/Sl8gVJI9v3I/AAAAAAAAAeg/JWGieFlaOA0/S230/UMNO+HABIS+100K+DI+MU.jpg HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ambuyatel-binangkit.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="UMNO HABIS 100K DI MU.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 21376
X-XSS-Protection: 0
Date: Sun, 27 Nov 2022 07:22:26 GMT
Expires: Fri, 25 Nov 2022 14:35:01 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v1e8"
Content-Type: image/jpeg
Age: 0
4.bp.blogspot.com/__fXdPvxOQ8U/SmhX0N5JFeI/AAAAAAAAAiI/1AoVEr8owhw/S230/P8040076.jpg
142.250.74.161200 OK 14 kB URL HTTP/1.1 4.bp.blogspot.com/__fXdPvxOQ8U/SmhX0N5JFeI/AAAAAAAAAiI/1AoVEr8owhw/S230/P8040076.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 172x230, components 3\012- data
Hash 37248f8305ed2fc51d361a6bb40c1e11
4c34188f2e03f1d0a4835bf2e1ff1b5b8a1dd32b
71cadf4e7f5cb34c1e78e16393dd28619287c89f071e123e3d8f0592a56bbbd8
GET /__fXdPvxOQ8U/SmhX0N5JFeI/AAAAAAAAAiI/1AoVEr8owhw/S230/P8040076.jpg HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ambuyatel-binangkit.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="P8040076.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 13911
X-XSS-Protection: 0
Date: Sun, 27 Nov 2022 07:22:26 GMT
Expires: Fri, 25 Nov 2022 14:35:01 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v222"
Content-Type: image/jpeg
Age: 0
4.bp.blogspot.com/__fXdPvxOQ8U/Smbs2PDLFDI/AAAAAAAAAhg/EVwFxLM6XOY/S1600-R/jerat13.jpg
142.250.74.161200 OK 42 kB URL HTTP/1.1 4.bp.blogspot.com/__fXdPvxOQ8U/Smbs2PDLFDI/AAAAAAAAAhg/EVwFxLM6XOY/S1600-R/jerat13.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=4, orientation=[*0*], software=Google], baseline, precision 8, 400x273, components 3\012- data
Hash 0aef9b3bd82ed4f2c4bc2dd7e6b0f25d
7766639759909be06b1cce671c953d521e8ba20b
6eb711079dc1975c49fd67b955174e8a1422e5f08788417b71c6d8a18e367028
GET /__fXdPvxOQ8U/Smbs2PDLFDI/AAAAAAAAAhg/EVwFxLM6XOY/S1600-R/jerat13.jpg HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ambuyatel-binangkit.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="jerat13.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 42285
X-XSS-Protection: 0
Date: Sun, 27 Nov 2022 07:22:26 GMT
Expires: Fri, 25 Nov 2022 14:35:01 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v218"
Content-Type: image/jpeg
Age: 0
s10.histats.com/js9.js
46.105.201.240200 OK 4.5 kB IP 46.105.201.240:0
File type HTML document, ASCII text, with very long lines (11188), with no line terminators
Hash 445b07c690cf56758808b3bb5008645f
3b3d2443db9248eb84964e4cfb89e8ac5e9527a3
bf1d688a6de25030fa52fcf5307114e7f66a56ea50a7b8cf82560473871dd6a9
GET /js9.js HTTP/1.1
Host: s10.histats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ambuyatel-binangkit.blogspot.com/
HTTP/1.1 200 OK
date: Sun, 27 Nov 2022 07:20:29 GMT
last-modified: Thu, 16 Apr 2020 10:44:17 GMT
x-request-id: 150766524
etag: W/"421254336"
content-type: application/javascript; charset=UTF-8
content-encoding: gzip
vary: Accept-Encoding
x-cdn-pop: sbg
x-cdn-pop-ip: 137.74.120.0/27
x-cacheable: Matched cache
accept-ranges: bytes
content-length: 4451
x-iplb-request-id: 5B5A2A9A:7993_2E69C9F0:0050_63831032_31C9:29053
x-iplb-instance: 42305
www.utusan.com.my/utusan/special/sharlinie/cari_sharlinie.jpg
172.67.71.6301 Moved Permanently 0 B URL HTTP/1.1 www.utusan.com.my/utusan/special/sharlinie/cari_sharlinie.jpg
IP 172.67.71.6:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utusan/special/sharlinie/cari_sharlinie.jpg HTTP/1.1
Host: www.utusan.com.my
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ambuyatel-binangkit.blogspot.com/
HTTP/1.1 301 Moved Permanently
Date: Sun, 27 Nov 2022 07:22:26 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sun, 27 Nov 2022 08:22:26 GMT
Location: https://www.utusan.com.my/utusan/special/sharlinie/cari_sharlinie.jpg
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=puDYZAkEm%2BfVTDGFhGfIH2EUhHU668HfhmC8FhqP06MGv6BRMNebkjfpJsfwUoqNmrnmL9fKKiutZV5jJWza%2FtsKMtBKRMoucsmC0VImobHTk%2FjOAK%2Fc6HAb6TtgyWBQYu8A"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77091cda5fc7b524-OSL
alt-svc: h2=":443"; ma=60
2.bp.blogspot.com/__fXdPvxOQ8U/Snv-3wEB-II/AAAAAAAAAjc/Gx-HdvWndNw/S1600-R/sami+solat.jpg
142.250.74.161200 OK 11 kB URL HTTP/1.1 2.bp.blogspot.com/__fXdPvxOQ8U/Snv-3wEB-II/AAAAAAAAAjc/Gx-HdvWndNw/S1600-R/sami+solat.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Google], baseline, precision 8, 221x166, components 3\012- data
Hash 0646a2c3452a513f7ef7584955f07e1d
13f7493a8d1fcd339df81e436270c706ab258ea2
9e0b6d77f8b82b2449c0349f447f406e50e9b31e0f1f274b0cc5535aa131382a
GET /__fXdPvxOQ8U/Snv-3wEB-II/AAAAAAAAAjc/Gx-HdvWndNw/S1600-R/sami+solat.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ambuyatel-binangkit.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="sami solat.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 10720
X-XSS-Protection: 0
Date: Sun, 27 Nov 2022 07:22:26 GMT
Expires: Fri, 25 Nov 2022 14:35:01 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v237"
Content-Type: image/jpeg
Age: 0
3.bp.blogspot.com/__fXdPvxOQ8U/Sl3aYAC3-FI/AAAAAAAAAdo/XpABc3NGUvc/S230/MICHAEL+JACKSON.jpg
142.250.74.161200 OK 13 kB URL HTTP/1.1 3.bp.blogspot.com/__fXdPvxOQ8U/Sl3aYAC3-FI/AAAAAAAAAdo/XpABc3NGUvc/S230/MICHAEL+JACKSON.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 174x230, components 3\012- data
Hash 9cbf44357c70711f118f135cd5742b92
ae3236e1ba3c8e86d612f7f440f3417e91fbc8d3
5f12c1aab198ff87b4a84af9f24ee2d2e3970f7bdf412d55eeb1525dafa2df88
GET /__fXdPvxOQ8U/Sl3aYAC3-FI/AAAAAAAAAdo/XpABc3NGUvc/S230/MICHAEL+JACKSON.jpg HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ambuyatel-binangkit.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="MICHAEL JACKSON.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 13227
X-XSS-Protection: 0
Date: Sun, 27 Nov 2022 07:22:26 GMT
Expires: Fri, 25 Nov 2022 14:35:01 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v1da"
Content-Type: image/jpeg
Age: 0
netweather.accuweather.com/adcbin/netweather_v2/netweatherV2.asp?partner=netweather&tStyle=normal&logo=1&zipcode=AFR|EG|EG011|CAIRO|&lang=eng&size=12&theme=&metric=1&target=_self
23.36.76.104301 Moved Permanently 176 B URL HTTP/1.1 netweather.accuweather.com/adcbin/netweather_v2/netweatherV2.asp?partner=netweather&tStyle=normal&logo=1&zipcode=AFR|EG|EG011|CAIRO|&lang=eng&size=12&theme=&metric=1&target=_self
IP 23.36.76.104:0
ASN #20940 Akamai International B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 0d708c8943d419991a6e093a8d8240fa
ca65bdf67b481a5431864aeadfbf4fc51110bd27
4f64cf1c55910af23c6b829974003a3d5b917f9f03b6f611c5c82253f897cf7f
GET /adcbin/netweather_v2/netweatherV2.asp?partner=netweather&tStyle=normal&logo=1&zipcode=AFR|EG|EG011|CAIRO|&lang=eng&size=12&theme=&metric=1&target=_self HTTP/1.1
Host: netweather.accuweather.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ambuyatel-binangkit.blogspot.com/
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=UTF-8
Location: https://corporate.accuweather.com/resources/downloads
x-local-group: hweb
Content-Length: 176
Date: Sun, 27 Nov 2022 07:22:26 GMT
Connection: keep-alive
Set-Cookie: TS01c5781b=0174d4b34813d36c63ae5d594dff6ddf487d445ef4fcdd260a8e065f054802c730b0b61ad02d3e2b1e8d4327ce95c193b71f2af4ee; Path=/; Domain=.accuweather.com
4.bp.blogspot.com/__fXdPvxOQ8U/Sl3SrLQcPbI/AAAAAAAAAdQ/7z5UHRQUGa4/S230/BATU%2BTERGANTUNG.JPG
142.250.74.161200 OK 14 kB URL HTTP/1.1 4.bp.blogspot.com/__fXdPvxOQ8U/Sl3SrLQcPbI/AAAAAAAAAdQ/7z5UHRQUGa4/S230/BATU%2BTERGANTUNG.JPG
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 230x172, components 3\012- data
Hash 274dfc8a151f0c46946e56319c4bbfd5
59a40164a5aec048c2f71871d2c4fd6443d1a723
68828930059aafc7513f722281dd4a08d13d310596e5bf88b135c03e2d9c6786
GET /__fXdPvxOQ8U/Sl3SrLQcPbI/AAAAAAAAAdQ/7z5UHRQUGa4/S230/BATU%2BTERGANTUNG.JPG HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ambuyatel-binangkit.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="BATU+TERGANTUNG.JPG"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 13937
X-XSS-Protection: 0
Date: Sun, 27 Nov 2022 07:22:26 GMT
Expires: Fri, 25 Nov 2022 14:35:01 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v1d4"
Content-Type: image/jpeg
Age: 0
netweather.accuweather.com/adcbin/netweather_v2/netweatherV2.asp?partner=netweather&tStyle=normal&logo=1&zipcode=ASI|MY|MY011|KOTA%20KINABALU|&lang=eng&size=12&theme=&metric=1&target=_self
23.36.76.104301 Moved Permanently 176 B URL HTTP/1.1 netweather.accuweather.com/adcbin/netweather_v2/netweatherV2.asp?partner=netweather&tStyle=normal&logo=1&zipcode=ASI|MY|MY011|KOTA%20KINABALU|&lang=eng&size=12&theme=&metric=1&target=_self
IP 23.36.76.104:0
ASN #20940 Akamai International B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 0d708c8943d419991a6e093a8d8240fa
ca65bdf67b481a5431864aeadfbf4fc51110bd27
4f64cf1c55910af23c6b829974003a3d5b917f9f03b6f611c5c82253f897cf7f
GET /adcbin/netweather_v2/netweatherV2.asp?partner=netweather&tStyle=normal&logo=1&zipcode=ASI|MY|MY011|KOTA%20KINABALU|&lang=eng&size=12&theme=&metric=1&target=_self HTTP/1.1
Host: netweather.accuweather.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ambuyatel-binangkit.blogspot.com/
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=UTF-8
Location: https://corporate.accuweather.com/resources/downloads
x-local-group: hweb
Content-Length: 176
Date: Sun, 27 Nov 2022 07:22:26 GMT
Connection: keep-alive
Set-Cookie: TS01c5781b=0174d4b3488fe8f75a9acc792bd007963555690445a7359288d97beddddb008502479f1476845ea0a6914616a1217085bbd7175f3d; Path=/; Domain=.accuweather.com
1.bp.blogspot.com/__fXdPvxOQ8U/ScOQTB3j4ZI/AAAAAAAAAao/w3fSx10mHLQ/S1600-R/BOIKOT+US.jpg
142.250.74.161200 OK 30 kB URL HTTP/1.1 1.bp.blogspot.com/__fXdPvxOQ8U/ScOQTB3j4ZI/AAAAAAAAAao/w3fSx10mHLQ/S1600-R/BOIKOT+US.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Google], baseline, precision 8, 320x240, components 3\012- data
Hash e9a8213db8380e7f3d54099d32f8a4b4
80842f6b94ec03eafd4749aeb39a2f5dfed3dafc
e9665897b4cd5ec28f135a4f42c76685e3c56ba4f504c07a1014eeb1d19604f0
GET /__fXdPvxOQ8U/ScOQTB3j4ZI/AAAAAAAAAao/w3fSx10mHLQ/S1600-R/BOIKOT+US.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ambuyatel-binangkit.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="BOIKOT US.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 30506
X-XSS-Protection: 0
Date: Sun, 27 Nov 2022 07:22:26 GMT
Expires: Fri, 25 Nov 2022 14:35:01 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v1aa"
Content-Type: image/jpeg
Age: 0
3.bp.blogspot.com/__fXdPvxOQ8U/Sl3bA93Ac6I/AAAAAAAAAdw/C4BNjDgXRZ0/S230/MANOHARA+DAN+TT.gif
142.250.74.161200 OK 60 kB URL HTTP/1.1 3.bp.blogspot.com/__fXdPvxOQ8U/Sl3bA93Ac6I/AAAAAAAAAdw/C4BNjDgXRZ0/S230/MANOHARA+DAN+TT.gif
IP 142.250.74.161:0
File type PNG image data, 219 x 146, 8-bit/color RGB, non-interlaced\012- data
Hash d05d9f765d4c372e675379d695e9a030
0f6b0a8d6cdf5a864d81aba0cabe151faadf83fc
45b9284c6262d67617ad949dc3126c3458a3c882d7ac6ad9e10859fbdb0f6b76
GET /__fXdPvxOQ8U/Sl3bA93Ac6I/AAAAAAAAAdw/C4BNjDgXRZ0/S230/MANOHARA+DAN+TT.gif HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ambuyatel-binangkit.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="MANOHARA DAN TT.png"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 59715
X-XSS-Protection: 0
Date: Sun, 27 Nov 2022 07:22:26 GMT
Expires: Fri, 25 Nov 2022 14:35:01 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v1dc"
Content-Type: image/png
Age: 0
1.bp.blogspot.com/__fXdPvxOQ8U/Sl8d0DLrWMI/AAAAAAAAAeI/AoqPRJTQ2bA/S230/SAMSENG.jpg
142.250.74.161200 OK 19 kB URL HTTP/1.1 1.bp.blogspot.com/__fXdPvxOQ8U/Sl8d0DLrWMI/AAAAAAAAAeI/AoqPRJTQ2bA/S230/SAMSENG.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 230x153, components 3\012- data
Hash abbdfa7e947dc60f043047ae7ad951c8
565588115dbc3b6010e0dfc279dbf1f537bf3798
4bf5df87f6ec5dbdb777e47be115ec719182f4dc429fa50acccac676eeead018
GET /__fXdPvxOQ8U/Sl8d0DLrWMI/AAAAAAAAAeI/AoqPRJTQ2bA/S230/SAMSENG.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ambuyatel-binangkit.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="SAMSENG.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 19115
X-XSS-Protection: 0
Date: Sun, 27 Nov 2022 07:22:26 GMT
Expires: Sun, 27 Nov 2022 01:52:10 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v1e2"
Content-Type: image/jpeg
Age: 0
4.bp.blogspot.com/__fXdPvxOQ8U/Sl3cZ6hBk-I/AAAAAAAAAd4/dUv9n2ckG3s/S1600-R/senyum2.jpg
142.250.74.161200 OK 13 kB URL HTTP/1.1 4.bp.blogspot.com/__fXdPvxOQ8U/Sl3cZ6hBk-I/AAAAAAAAAd4/dUv9n2ckG3s/S1600-R/senyum2.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Google], baseline, precision 8, 400x302, components 3\012- data
Hash fa8f002293edb8ffe3dae8d4831b1d8c
976637bfd346ece584fde577e1865679135023da
bc6d22aab5e751ae66f33de417044ccdc39494c0bc207693319df388e7d45bb5
GET /__fXdPvxOQ8U/Sl3cZ6hBk-I/AAAAAAAAAd4/dUv9n2ckG3s/S1600-R/senyum2.jpg HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ambuyatel-binangkit.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="senyum2.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 13064
X-XSS-Protection: 0
Date: Sun, 27 Nov 2022 07:22:26 GMT
Expires: Fri, 25 Nov 2022 14:35:01 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v1de"
Content-Type: image/jpeg
Age: 0
2.bp.blogspot.com/__fXdPvxOQ8U/Sl87SANAkaI/AAAAAAAAAfI/CrnNlCsR_Gs/S150/KENDURI-LUKMAN.jpg
142.250.74.161200 OK 9.6 kB URL HTTP/1.1 2.bp.blogspot.com/__fXdPvxOQ8U/Sl87SANAkaI/AAAAAAAAAfI/CrnNlCsR_Gs/S150/KENDURI-LUKMAN.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 150x100, components 3\012- data
Hash 0fe22e7744fe8dbf1e73494f67e726df
c423aba25071ab23c22a01510c8ebcb4f11e0faa
ed89ce16ac3d640ef3ccac81639e69b0d9b810a3e49de99ec3249a7c39b4cd1c
GET /__fXdPvxOQ8U/Sl87SANAkaI/AAAAAAAAAfI/CrnNlCsR_Gs/S150/KENDURI-LUKMAN.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ambuyatel-binangkit.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="KENDURI-LUKMAN.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 9589
X-XSS-Protection: 0
Date: Sun, 27 Nov 2022 07:22:26 GMT
Expires: Fri, 25 Nov 2022 14:35:01 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v1f2"
Content-Type: image/jpeg
Age: 0
4.bp.blogspot.com/__fXdPvxOQ8U/Sl87vDiu4xI/AAAAAAAAAfQ/8HxDTeny15k/S230/SURAT+DAJJAL+1.jpg
142.250.74.161200 OK 13 kB URL HTTP/1.1 4.bp.blogspot.com/__fXdPvxOQ8U/Sl87vDiu4xI/AAAAAAAAAfQ/8HxDTeny15k/S230/SURAT+DAJJAL+1.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 168x230, components 3\012- data
Hash fb195ffef152459c1c2ac3b354ade630
6a489f0f0401acd4e05e8a0a7d9fdda0b917cb44
591d97e695ecef23b25e924c4a0609059af3a9130c81d5351939a3820c7f6ceb
GET /__fXdPvxOQ8U/Sl87vDiu4xI/AAAAAAAAAfQ/8HxDTeny15k/S230/SURAT+DAJJAL+1.jpg HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ambuyatel-binangkit.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="SURAT DAJJAL 1.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 12866
X-XSS-Protection: 0
Date: Sun, 27 Nov 2022 07:22:26 GMT
Expires: Fri, 25 Nov 2022 14:35:01 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v1f4"
Content-Type: image/jpeg
Age: 0
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 1070f987d04f66ed32c3055c234c9912
106e630271a81d058e7cb3c2b659feb17c611388
cdf1aa8aa5ab6b1a46108e12c388d75fa72a4089dd979c2ccb8003d536567d07
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 07:22:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
3.bp.blogspot.com/__fXdPvxOQ8U/SmSQGlvqytI/AAAAAAAAAgw/uqY7ayJNytA/S1600-R/cashflow.gif
142.250.74.161200 OK 8.7 kB URL HTTP/1.1 3.bp.blogspot.com/__fXdPvxOQ8U/SmSQGlvqytI/AAAAAAAAAgw/uqY7ayJNytA/S1600-R/cashflow.gif
IP 142.250.74.161:0
File type PNG image data, 162 x 72, 8-bit/color RGB, non-interlaced\012- data
Hash f475469b711079d57729dd02ded19d5a
fabf8a0596dabf728ac43aec717731b475870774
5c6f72d73964a766c9c20bb93f53d6b9a88856bee76059ba8fdf7e82b13d5054
GET /__fXdPvxOQ8U/SmSQGlvqytI/AAAAAAAAAgw/uqY7ayJNytA/S1600-R/cashflow.gif HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ambuyatel-binangkit.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="cashflow.png"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 8737
X-XSS-Protection: 0
Date: Sun, 27 Nov 2022 07:22:26 GMT
Expires: Sun, 27 Nov 2022 01:52:09 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v20c"
Content-Type: image/png
Age: 0
2.bp.blogspot.com/__fXdPvxOQ8U/SnF7804vuII/AAAAAAAAAi4/QQpcpZxmIHM/S150/H1N12.jpg
142.250.74.161200 OK 15 kB URL HTTP/1.1 2.bp.blogspot.com/__fXdPvxOQ8U/SnF7804vuII/AAAAAAAAAi4/QQpcpZxmIHM/S150/H1N12.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 150x125, components 3\012- data
Hash 63259f0830eef6db1f3ef75ca6517fb5
37e03cfb8ce66e0338239dc5d2af26d6dc773a9f
eaea5833b9737368ac56ef20394f10715d14a22ce11ae47b448c83dc307f5074
GET /__fXdPvxOQ8U/SnF7804vuII/AAAAAAAAAi4/QQpcpZxmIHM/S150/H1N12.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ambuyatel-binangkit.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="H1N12.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 15055
X-XSS-Protection: 0
Date: Sun, 27 Nov 2022 07:22:26 GMT
Expires: Fri, 25 Nov 2022 14:35:01 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v22e"
Content-Type: image/jpeg
Age: 0
1.bp.blogspot.com/__fXdPvxOQ8U/Sl8VyeNq5xI/AAAAAAAAAeA/v0P8-a3w9tA/S230/BALING.JPG
142.250.74.161200 OK 12 kB URL HTTP/1.1 1.bp.blogspot.com/__fXdPvxOQ8U/Sl8VyeNq5xI/AAAAAAAAAeA/v0P8-a3w9tA/S230/BALING.JPG
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 153x230, components 3\012- data
Hash 72885f5fb5dc7708ece1379a737f2ceb
7128f9e8b08f392fe0283428cefb06f8aea82cc5
7b08ca1a96c71ba6b34474177fb7139d2b1fbed651a082bbb39c0563362b3c8f
GET /__fXdPvxOQ8U/Sl8VyeNq5xI/AAAAAAAAAeA/v0P8-a3w9tA/S230/BALING.JPG HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ambuyatel-binangkit.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="BALING.JPG"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 12297
X-XSS-Protection: 0
Date: Sun, 27 Nov 2022 07:22:26 GMT
Expires: Fri, 25 Nov 2022 14:35:01 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v1e0"
Content-Type: image/jpeg
Age: 0
4.bp.blogspot.com/__fXdPvxOQ8U/Sl3VwL8AMHI/AAAAAAAAAdg/IsIWxZdwZ6g/S1600-R/gambar+terbakar+dinight+club+thailand.jpg
142.250.74.161200 OK 31 kB URL HTTP/1.1 4.bp.blogspot.com/__fXdPvxOQ8U/Sl3VwL8AMHI/AAAAAAAAAdg/IsIWxZdwZ6g/S1600-R/gambar+terbakar+dinight+club+thailand.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Google], baseline, precision 8, 400x267, components 3\012- data
Hash b7707db62e238c35a3b768c9b0e09f06
f14b4cb74d33a8cc9cd2c2d28f4d0e5e47fb2572
c609d2cc0b40a65c1c1bc4fcede15beefca465e65edc8080255f61e122bb2b78
GET /__fXdPvxOQ8U/Sl3VwL8AMHI/AAAAAAAAAdg/IsIWxZdwZ6g/S1600-R/gambar+terbakar+dinight+club+thailand.jpg HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ambuyatel-binangkit.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="gambar terbakar dinight club thailand.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 31242
X-XSS-Protection: 0
Date: Sun, 27 Nov 2022 07:22:26 GMT
Expires: Fri, 25 Nov 2022 14:35:01 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v1d8"
Content-Type: image/jpeg
Age: 0
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash fbb5add75f785ea16ca07c57d5de2aa1
b84b3a394ffd350e2e489f7422f1ac3abc7cdc44
7d377598741ab2e96af366c55ce11478b0e93b4b0f59ad8f0a51446f7a41d3df
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1464
Cache-Control: max-age=94498
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 07:22:26 GMT
Etag: "6381d89c-116"
Expires: Mon, 28 Nov 2022 09:37:24 GMT
Last-Modified: Sat, 26 Nov 2022 09:13:00 GMT
Server: ECS (amb/6B87)
X-Cache: HIT
Content-Length: 278
1.bp.blogspot.com/__fXdPvxOQ8U/R-J-h3VqoDI/AAAAAAAAAPY/ylGWysa44aw/S1600-R/Al-Quran.jpg
142.250.74.161200 OK 27 kB URL HTTP/2 1.bp.blogspot.com/__fXdPvxOQ8U/R-J-h3VqoDI/AAAAAAAAAPY/ylGWysa44aw/S1600-R/Al-Quran.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=4, software=Google], baseline, precision 8, 230x279, components 3\012- data
Hash beb507f27894d82c87caea6a79ef6ed9
7fa48367cf153e48215f416f5fa2ac3c6ab8f798
a3a7b8b94dd6afa21b608113e5342c7047c35bbcfb8e14399a4b3ae7c51d545c
GET /__fXdPvxOQ8U/R-J-h3VqoDI/AAAAAAAAAPY/ylGWysa44aw/S1600-R/Al-Quran.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ambuyatel-binangkit.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="Al-Quran.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 26608
x-xss-protection: 0
date: Sun, 27 Nov 2022 07:22:26 GMT
expires: Fri, 25 Nov 2022 14:35:02 GMT
cache-control: public, max-age=86400, no-transform
etag: "vf6"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 275f0035de997821992b512cf1c41d0a
cd24fff9ab00012c1c23622ab1f86aaaf02da8c9
1a8dd40698e960be61c4284c14c9d7a30dc3fe89bbbbf60618e741688f9f0f4a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5870
Cache-Control: max-age=130574
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 07:22:26 GMT
Etag: "63825452-118"
Expires: Mon, 28 Nov 2022 19:38:40 GMT
Last-Modified: Sat, 26 Nov 2022 18:00:50 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 280
www.neoworx.net/neocounter/neocounter2/neoworx_tracker.php?registered_id=50505&counter_id=50505
64.98.135.43301 Moved Permanently 226 B URL HTTP/1.1 www.neoworx.net/neocounter/neocounter2/neoworx_tracker.php?registered_id=50505&counter_id=50505
IP 64.98.135.43:0
ASN #32133 AS-TING-BACKBONE
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 1f3700d25a2aeef2e8d2bdfda7db6736
72070d6eb250bb7ebf3e8cb9d19c885d193116a4
d7f09cdc947b959f5b4fb763c16cddb6a74a0a960230b217e77d4ff56ec10cc7
GET /neocounter/neocounter2/neoworx_tracker.php?registered_id=50505&counter_id=50505 HTTP/1.1
Host: www.neoworx.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ambuyatel-binangkit.blogspot.com/
HTTP/1.1 301 Moved Permanently
Date: Sun, 27 Nov 2022 07:22:26 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://www.tonyadams.com/neocounter/neocounter2/neoworx_tracker.php?registered_id=50505&counter_id=50505
Server: Redirector/1.0
Cache-Control: private
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Alert, Content-Type, ETag, Retry-After, Last-Modified, Content-Length, Cache-Control, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 27 Nov 2022 07:11:12 GMT
cache-control: public,max-age=3600
age: 674
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash fbb5add75f785ea16ca07c57d5de2aa1
b84b3a394ffd350e2e489f7422f1ac3abc7cdc44
7d377598741ab2e96af366c55ce11478b0e93b4b0f59ad8f0a51446f7a41d3df
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1464
Cache-Control: max-age=94498
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 07:22:26 GMT
Etag: "6381d89c-116"
Expires: Mon, 28 Nov 2022 09:37:24 GMT
Last-Modified: Sat, 26 Nov 2022 09:13:00 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 278
www.youtube-nocookie.com/embed/88dtWkrI0xE?hl=en&fs=1&border=1
216.58.207.238301 Moved Permanently 0 B URL HTTP/1.1 www.youtube-nocookie.com/embed/88dtWkrI0xE?hl=en&fs=1&border=1
IP 216.58.207.238:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /embed/88dtWkrI0xE?hl=en&fs=1&border=1 HTTP/1.1
Host: www.youtube-nocookie.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ambuyatel-binangkit.blogspot.com/
HTTP/1.1 301 Moved Permanently
Content-Type: application/binary
X-Content-Type-Options: nosniff
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Date: Sun, 27 Nov 2022 07:22:26 GMT
Location: https://www.youtube-nocookie.com/embed/88dtWkrI0xE?hl=en&fs=1&border=1
Server: ESF
Content-Length: 0
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
extras3.smartgb.com/b/logo3_88_31.gif
168.235.66.146200 OK 1.5 kB URL HTTP/1.1 extras3.smartgb.com/b/logo3_88_31.gif
IP 168.235.66.146:0
File type GIF image data, version 89a, 88 x 31\012- data
Hash b3ddca2a79f07bf0e0284b8c274534bd
8cce49fbaaa260461bc672be10b18af37c50a339
34a839a03a3b6d66a3c08d40cb1cb2d7d563275daf5653c1b28446719d60ae8d
GET /b/logo3_88_31.gif HTTP/1.1
Host: extras3.smartgb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ambuyatel-binangkit.blogspot.com/
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 07:22:26 GMT
Server: Apache
Last-Modified: Wed, 24 May 2006 13:53:39 GMT
Accept-Ranges: bytes
Content-Length: 1494
Cache-Control: no-transform, max-age=1814400, public
Keep-Alive: timeout=2, max=25
Connection: Keep-Alive
Content-Type: image/gif
www.clocklink.com/embed.js
216.230.241.100301 Moved Permanently 326 B URL HTTP/1.1 www.clocklink.com/embed.js
IP 216.230.241.100:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash ae9a258b2d2b73eb4adf0101f766b958
8e2f402b506b0cfb03b7f05cbf530548492501c6
92f932451b27d303e52386948933af1b95880284bbf2c1ecbe3b8e16148b3f41
GET /embed.js HTTP/1.1
Host: www.clocklink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ambuyatel-binangkit.blogspot.com/
HTTP/1.1 301 Moved Permanently
Date: Sun, 27 Nov 2022 07:22:26 GMT
Server: Apache/2.2.15 (CentOS)
Location: https://www.clocklink.com//embed.js
Content-Length: 326
Connection: close
Content-Type: text/html; charset=iso-8859-1
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 275f0035de997821992b512cf1c41d0a
cd24fff9ab00012c1c23622ab1f86aaaf02da8c9
1a8dd40698e960be61c4284c14c9d7a30dc3fe89bbbbf60618e741688f9f0f4a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5870
Cache-Control: max-age=130574
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 07:22:26 GMT
Etag: "63825452-118"
Expires: Mon, 28 Nov 2022 19:38:40 GMT
Last-Modified: Sat, 26 Nov 2022 18:00:50 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 280
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 1070f987d04f66ed32c3055c234c9912
106e630271a81d058e7cb3c2b659feb17c611388
cdf1aa8aa5ab6b1a46108e12c388d75fa72a4089dd979c2ccb8003d536567d07
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 07:22:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.widgeo.net/geocompteur/geolive_html.php?id=1045701&c=geolive_caroussel&size=&nostats=&title=KELUARGA%20AMBUYAT%20EL-BINANGKIT%20V2%3A%20Teori%20Konspirasi%20Influenza%20A%20(H1N1)&ref=ambuyatel-binangkit.blogspot.com
104.26.10.22200 OK 859 B URL HTTP/1.1 www.widgeo.net/geocompteur/geolive_html.php?id=1045701&c=geolive_caroussel&size=&nostats=&title=KELUARGA%20AMBUYAT%20EL-BINANGKIT%20V2%3A%20Teori%20Konspirasi%20Influenza%20A%20(H1N1)&ref=ambuyatel-binangkit.blogspot.com
IP 104.26.10.22:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash b1aab94261ebcfcc5bf0555d04737ded
3441b2d19c2f4ae96c537ef8b9e681903366d519
8ca0f5541fe10c86cbecba1ad70446e03538e071e0731dbfad16d268ea56b427
GET /geocompteur/geolive_html.php?id=1045701&c=geolive_caroussel&size=&nostats=&title=KELUARGA%20AMBUYAT%20EL-BINANGKIT%20V2%3A%20Teori%20Konspirasi%20Influenza%20A%20(H1N1)&ref=ambuyatel-binangkit.blogspot.com HTTP/1.1
Host: www.widgeo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ambuyatel-binangkit.blogspot.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 07:22:26 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
set-cookie: idcompteurcc_1045701=done; expires=Mon, 28-Nov-2022 07:22:25 GMT; Max-Age=86400; path=/
online_idcompteurcc_1045701=done; expires=Sun, 27-Nov-2022 07:32:25 GMT; Max-Age=600; path=/
online_1045701=1; expires=Sun, 27-Nov-2022 07:32:25 GMT; Max-Age=600; path=/
pays_1045701=United+states%3D11%23Canada%3D5%23Norway%3D1%23; expires=Sun, 27-Nov-2022 07:32:25 GMT; Max-Age=600; path=/
cache-control: public, max-age=180
expires: Sun, 27 Nov 2022 07:25:25 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hD9hYjxZlmFiq1t4VTDY0LsLV100tnGwP5Q14LEAZrELYEO%2BzChkKCR0tihWF1EcXejtmNkGPY%2BQdZZquAeVrmbPX3ClMQ9W%2FXs%2FkxvbU0dM0c6yOsDJEdN9yxB5ntye"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 77091cdaf9460b31-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
e1.o.lencr.org/
23.36.76.226200 OK 346 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 288447b6a2c4b41dd4e037fcf14909bc
7d3001ceea7cfcf3530339b3e9aa22962592ebe3
39ca01bbd03cb0450afa0b8f027f76066d8bd3a5a3072cf8b05b334cf160d916
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "39CA01BBD03CB0450AFA0B8F027F76066D8BD3A5A3072CF8B05B334CF160D916"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20618
Expires: Sun, 27 Nov 2022 13:06:04 GMT
Date: Sun, 27 Nov 2022 07:22:26 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d3df71aab146eefc49acb608796aab63
8401892995193919376dfcd798b09c8261579454
a616c1e54e896576601e6107c1814adbebf35364d8ed807cdd89ac36b8200c88
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5242
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 07:22:26 GMT
Last-Modified: Sun, 27 Nov 2022 05:55:04 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 88e42375d2172305f819b892225cf877
674324641f82700172e72fe259ee2241361e2ea1
6dce3754a67df878b536c368657a492a1f908d408fe7fe5ba43c5d24c44434b3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 07:22:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
neocounter.neoworx-blog-tools.net/neocounter2/neocounter_launcher_8.js
103.224.182.251404 Not Found 196 B URL HTTP/1.1 neocounter.neoworx-blog-tools.net/neocounter2/neocounter_launcher_8.js
IP 103.224.182.251:0
ASN #133618 Trellian Pty. Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 62962daa1b19bbcc2db10b7bfd531ea6
d64bae91091eda6a7532ebec06aa70893b79e1f8
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
Analyzer Verdict Alert fortinet Malware
GET /neocounter2/neocounter_launcher_8.js HTTP/1.1
Host: neocounter.neoworx-blog-tools.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ambuyatel-binangkit.blogspot.com/
HTTP/1.1 404 Not Found
Date: Sun, 27 Nov 2022 07:22:26 GMT
Server: Apache/2.4.38 (Debian)
Content-Length: 196
Connection: close
Content-Type: text/html; charset=iso-8859-1
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash fbb5add75f785ea16ca07c57d5de2aa1
b84b3a394ffd350e2e489f7422f1ac3abc7cdc44
7d377598741ab2e96af366c55ce11478b0e93b4b0f59ad8f0a51446f7a41d3df
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=93034
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 07:22:26 GMT
Etag: "6381d89c-116"
Expires: Mon, 28 Nov 2022 09:13:00 GMT
Last-Modified: Sat, 26 Nov 2022 09:13:00 GMT
Server: nginx
Content-Length: 278
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 2034c4f478581061d113c3cb87e2f362
e9950a76f355c510f0449153fc23f67a9757bbe6
07e5f139ebbc8e61741506be27710036806f9e369c267e80eb9ec12587feab95
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 07:22:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash fbb5add75f785ea16ca07c57d5de2aa1
b84b3a394ffd350e2e489f7422f1ac3abc7cdc44
7d377598741ab2e96af366c55ce11478b0e93b4b0f59ad8f0a51446f7a41d3df
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=93034
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 07:22:26 GMT
Etag: "6381d89c-116"
Expires: Mon, 28 Nov 2022 09:13:00 GMT
Last-Modified: Sat, 26 Nov 2022 09:13:00 GMT
Server: nginx
Content-Length: 278
www.searchtruth.com/hijri/hijri.html
69.167.187.16301 Moved Permanently 252 B URL HTTP/1.1 www.searchtruth.com/hijri/hijri.html
IP 69.167.187.16:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash fa6bc17e352eb841c81a99981a02869c
30a28e696f19b3bcdb8a9b8e3d13edfa07a92486
e3b3559355a4ce5e0a5d1cbea2b56d8d8be8790d4a7adcca18f9de8bc531e14a
GET /hijri/hijri.html HTTP/1.1
Host: www.searchtruth.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ambuyatel-binangkit.blogspot.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sun, 27 Nov 2022 07:22:26 GMT
Server: Apache
Content-Security-Policy: img-src *;
X-Content-Type-Options: nosniff
Location: https://www.searchtruth.com/hijri/hijri.html
Cache-Control: max-age=600
Expires: Sun, 27 Nov 2022 07:32:26 GMT
Content-Length: 252
Keep-Alive: timeout=5, max=200
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
www.e-solat.gov.my/solat-iframe.php?kod=sbh07&lang=BM&url=URL&font=FONT&fontcolor=
163.53.154.158302 Moved Temporarily 0 B URL HTTP/1.0 www.e-solat.gov.my/solat-iframe.php?kod=sbh07&lang=BM&url=URL&font=FONT&fontcolor=
IP 163.53.154.158:0
ASN #17564 GITN M Sdn. Bhd.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /solat-iframe.php?kod=sbh07&lang=BM&url=URL&font=FONT&fontcolor= HTTP/1.1
Host: www.e-solat.gov.my
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ambuyatel-binangkit.blogspot.com/
Upgrade-Insecure-Requests: 1
HTTP/1.0 302 Moved Temporarily
Location: https://www.e-solat.gov.my/solat-iframe.php?kod=sbh07&lang=BM&url=URL&font=FONT&fontcolor=
Server: BigIP
Connection: Keep-Alive
Content-Length: 0
www.gocurrency.com/v2/gocurrcalc_t.php?id=53
104.17.88.30404 Not Found 25 B URL HTTP/2 www.gocurrency.com/v2/gocurrcalc_t.php?id=53
IP 104.17.88.30:0
Hash 64571a509b4ec40f93cc6e70648f1b06
cbdffc0ef8b3aaa76e28581a83d1ebdc49748f24
a9aa9ec7ef3ec92e7eb52220a9f0cb578ff2ba0a71cb3e9c1a0b828857529fcc
GET /v2/gocurrcalc_t.php?id=53 HTTP/1.1
Host: www.gocurrency.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ambuyatel-binangkit.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
date: Sun, 27 Nov 2022 07:22:26 GMT
content-type: text/html; charset=UTF-8
content-length: 25
cf-ray: 77091cd9bf461bfa-OSL
set-cookie: WEBSERVER=1; path=/
cf-cache-status: DYNAMIC
x-powered-by: PHP/7.4.30
vary: Accept-Encoding
server: cloudflare
X-Firefox-Spdy: h2
www.widgeo.net/geocompteur/geocity_html.php?id=922168&c=geocity1&size=&nostats=&title=KELUARGA%20AMBUYAT%20EL-BINANGKIT%20V2%3A%20Teori%20Konspirasi%20Influenza%20A%20(H1N1)&ref=ambuyatel-binangkit.blogspot.com&fullurl=http%3A%2F%2Fambuyatel-binangkit.blogspot.com%2F2009%2F08%2Fteori-konspirasi-influenza-h1n1.html
104.26.10.22200 OK 19 kB URL HTTP/1.1 www.widgeo.net/geocompteur/geocity_html.php?id=922168&c=geocity1&size=&nostats=&title=KELUARGA%20AMBUYAT%20EL-BINANGKIT%20V2%3A%20Teori%20Konspirasi%20Influenza%20A%20(H1N1)&ref=ambuyatel-binangkit.blogspot.com&fullurl=http%3A%2F%2Fambuyatel-binangkit.blogspot.com%2F2009%2F08%2Fteori-konspirasi-influenza-h1n1.html
IP 104.26.10.22:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (33820)
Hash 048562967d3b91fdfcb58752b386728d
7c823f1a2b3a86b553dcd397116af35460193b68
caaf1c357850f48cfb609a70f9152b191416bdb3c78dbdfb60d847cca3f124d9
GET /geocompteur/geocity_html.php?id=922168&c=geocity1&size=&nostats=&title=KELUARGA%20AMBUYAT%20EL-BINANGKIT%20V2%3A%20Teori%20Konspirasi%20Influenza%20A%20(H1N1)&ref=ambuyatel-binangkit.blogspot.com&fullurl=http%3A%2F%2Fambuyatel-binangkit.blogspot.com%2F2009%2F08%2Fteori-konspirasi-influenza-h1n1.html HTTP/1.1
Host: www.widgeo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ambuyatel-binangkit.blogspot.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 07:22:26 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
p3p: CP="NOI ADM DEV COM NAV OUR STP"
set-cookie: monpays=NO; expires=Sat, 25-Feb-2023 07:22:25 GMT; Max-Age=7776000; path=/
pays=Norway; expires=Sat, 25-Feb-2023 07:22:25 GMT; Max-Age=7776000; path=/
ville=Oslo; expires=Sat, 25-Feb-2023 07:22:25 GMT; Max-Age=7776000; path=/
idcompteurcc_922168=done; expires=Mon, 28-Nov-2022 07:22:25 GMT; Max-Age=86400; path=/
online_idcompteurcc_922168=done; expires=Sun, 27-Nov-2022 07:25:25 GMT; Max-Age=180; path=/
originecc_922168=United%2BStates%2523Chicago%25235677%257CUnited%2BStates%2523United%2BStates%2BCity%25231900%257CUnited%2BStates%2523Ashburn%2523171%257CMalaysia%2523Kuala%2BLumpur%2523127%257CCanada%2523Canada%2BCity%252357%257CGermany%2523Germany%2BCity%252344%257CMalaysia%2523Malaysia%2BCity%252336%257CBrunei%2BDarussalam%2523Bandar%2BSeri%2BBegawan%252322%257CMalaysia%2523Petaling%2BJaya%252321%257CRussian%2BFederation%2523Moscow%252320%257CRussian%2BFederation%2523Saint%2BPetersburg%252318%257CMalaysia%2523Puchong%252318%257CMalaysia%2523Kajang%252318%257CMalaysia%2523Shah%2BAlam%252317%257CIreland%2523Dublin%252317%257CUnited%2BStates%2523Seattle%252315%257CIndonesia%2523Jakarta%252315%257CGermany%2523Nurnberg%252315%257CUnited%2BStates%2523Columbus%252314%257CMalaysia%2523Kota%2BKinabalu%252313%257CMalaysia%2523Ipoh%252312%257CIndonesia%2523Surabaya%252312%257CBangladesh%2523Dhaka%252311%257CRussian%2BFederation%2523Gatchina%252311%257CSingapore%2523Singapore%252311%257CCambodia%2523Cambodia%2BCity%252310%257CMalaysia%2523Johor%2BBahru%252310%257CFinland%2523Finland%2BCity%252310%257CMalaysia%2523Penang%25238%257C; expires=Sun, 27-Nov-2022 07:25:25 GMT; Max-Age=180; path=/
online_922168=1; expires=Sun, 27-Nov-2022 07:25:25 GMT; Max-Age=180; path=/
jour_922168=17; expires=Sun, 27-Nov-2022 07:25:25 GMT; Max-Age=180; path=/
total_922168=8947; expires=Sun, 27-Nov-2022 07:25:25 GMT; Max-Age=180; path=/
bonus_922168=0; expires=Mon, 28-Nov-2022 07:22:25 GMT; Max-Age=86400; path=/
bonus_j_922168=1; expires=Sun, 27-Nov-2022 07:25:25 GMT; Max-Age=180; path=/
cache-control: public, max-age=180
expires: Sun, 27 Nov 2022 07:25:25 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=brI4xmRsyPtjhit9WLQp8S%2BoQ3gNRY1fJL3JczaHiD%2FHeHt5vfZBG9azlCkwbUr4bp8klgfMc%2Byg3W7eZzE7eacXDD19OB3izXBBTcVWXlF7IwkzbZ1aev%2Ff41WLJ%2Fti"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 77091cdb2b990b06-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.widgeo.net/tcm_t_u.js
104.26.10.22200 OK 0 B URL HTTP/2 www.widgeo.net/tcm_t_u.js
IP 104.26.10.22:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tcm_t_u.js HTTP/1.1
Host: www.widgeo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ambuyatel-binangkit.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 27 Nov 2022 07:22:26 GMT
content-type: application/javascript
content-length: 0
cf-bgj: minify
cf-polished: origSize=4360
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 02:34:50 GMT
last-modified: Sat, 01 Oct 2022 00:32:25 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 190055
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mVsgt%2BnLJBIHr%2Fk4frJ%2F4Yc4uoFJmE2LklQ2enIDgU8%2BX9xigdNhZogj76zgCQmHYldAEnZPkz2ivNVeiklw5eZjLbhTn7Vih2RSUsixyfz%2ByhbJeYQ7Tftd0csNi54k"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77091cdd6a48b51b-OSL
X-Firefox-Spdy: h2
accounts.google.com/ServiceLogin?passive=true&continue=https://www.blogger.com/followers.g?blogID%3D8477566149422522776%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByMwMDAwMDAqByNmZmZkY2MyByMzRDgxRUU6ByMwMDAwMDBCByMwMDAwMDBKByMwMDAwMDBSByMwMDAwMDBaC3RyYW5zcGFyZW50%26pageSize%3D21%26postID%3D4477733346807701257%26origin%3Dhttp://ambuyatel-binangkit.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.geaHZXF2-fw.O/d%253D1/rs%253DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/m%253D__features__%26bpli%3D1&followup=https://www.blogger.com/followers.g?blogID%3D8477566149422522776%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByMwMDAwMDAqByNmZmZkY2MyByMzRDgxRUU6ByMwMDAwMDBCByMwMDAwMDBKByMwMDAwMDBSByMwMDAwMDBaC3RyYW5zcGFyZW50%26pageSize%3D21%26postID%3D4477733346807701257%26origin%3Dhttp://ambuyatel-binangkit.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.geaHZXF2-fw.O/d%253D1/rs%253DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/m%253D__features__%26bpli%3D1&go=true
216.58.207.237302 Found 491 B URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https://www.blogger.com/followers.g?blogID%3D8477566149422522776%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByMwMDAwMDAqByNmZmZkY2MyByMzRDgxRUU6ByMwMDAwMDBCByMwMDAwMDBKByMwMDAwMDBSByMwMDAwMDBaC3RyYW5zcGFyZW50%26pageSize%3D21%26postID%3D4477733346807701257%26origin%3Dhttp://ambuyatel-binangkit.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.geaHZXF2-fw.O/d%253D1/rs%253DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/m%253D__features__%26bpli%3D1&followup=https://www.blogger.com/followers.g?blogID%3D8477566149422522776%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByMwMDAwMDAqByNmZmZkY2MyByMzRDgxRUU6ByMwMDAwMDBCByMwMDAwMDBKByMwMDAwMDBSByMwMDAwMDBaC3RyYW5zcGFyZW50%26pageSize%3D21%26postID%3D4477733346807701257%26origin%3Dhttp://ambuyatel-binangkit.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.geaHZXF2-fw.O/d%253D1/rs%253DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/m%253D__features__%26bpli%3D1&go=true
IP 216.58.207.237:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (542)
Hash 1c6b138c1ae37ac613a9782def788793
a3498157b95da3ce4a9a24af6bf92d0efeba6238
2b45ceebf93d9e54ee3448823faa4494dc65a9e678ddd5606a732584df98fdfa
GET /ServiceLogin?passive=true&continue=https://www.blogger.com/followers.g?blogID%3D8477566149422522776%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByMwMDAwMDAqByNmZmZkY2MyByMzRDgxRUU6ByMwMDAwMDBCByMwMDAwMDBKByMwMDAwMDBSByMwMDAwMDBaC3RyYW5zcGFyZW50%26pageSize%3D21%26postID%3D4477733346807701257%26origin%3Dhttp://ambuyatel-binangkit.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.geaHZXF2-fw.O/d%253D1/rs%253DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/m%253D__features__%26bpli%3D1&followup=https://www.blogger.com/followers.g?blogID%3D8477566149422522776%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByMwMDAwMDAqByNmZmZkY2MyByMzRDgxRUU6ByMwMDAwMDBCByMwMDAwMDBKByMwMDAwMDBSByMwMDAwMDBaC3RyYW5zcGFyZW50%26pageSize%3D21%26postID%3D4477733346807701257%26origin%3Dhttp://ambuyatel-binangkit.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.geaHZXF2-fw.O/d%253D1/rs%253DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/m%253D__features__%26bpli%3D1&go=true HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ambuyatel-binangkit.blogspot.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 27 Nov 2022 07:22:26 GMT
location: https://www.blogger.com/followers.g?blogID=8477566149422522776&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMwMDAwMDAiByMwMDAwMDAqByNmZmZkY2MyByMzRDgxRUU6ByMwMDAwMDBCByMwMDAwMDBKByMwMDAwMDBSByMwMDAwMDBaC3RyYW5zcGFyZW50&pageSize=21&postID=4477733346807701257&origin=http%3A%2F%2Fambuyatel-binangkit.blogspot.com%2F&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.geaHZXF2-fw.O%2Fd%3D1%2Frs%3DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ%2Fm%3D__features__&bpli=1
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-lP1AMl0Tr7oLCldycmTWwg' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 491
server: GSE
set-cookie: __Host-GAPS=1:V0CIbt6vp82ezV4-a1HQvc1Qw9GkRg:NVksLTA8EHmmvJtf;Path=/;Expires=Tue, 26-Nov-2024 07:22:26 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
play.google.com/log?format=json&hasfast=true&authuser=0
142.250.74.110200 OK 0 B URL HTTP/2 play.google.com/log?format=json&hasfast=true&authuser=0
IP 142.250.74.110:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Referer: https://www.blogger.com/
Origin: https://www.blogger.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.blogger.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Sun, 27 Nov 2022 07:22:26 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: CONSENT=PENDING+759; expires=Tue, 26-Nov-2024 07:22:26 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 27 Nov 2022 07:22:26 GMT
cache-control: private
X-Firefox-Spdy: h2
corporate.accuweather.com/resources/downloads
192.0.66.129301 Moved Permanently 20 B URL HTTP/2 corporate.accuweather.com/resources/downloads
IP 192.0.66.129:0
Hash 7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
GET /resources/downloads HTTP/1.1
Host: corporate.accuweather.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ambuyatel-binangkit.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Sun, 27 Nov 2022 07:22:26 GMT
content-type: text/html; charset=utf-8
content-length: 20
location: https://app.accuweather.com/app-download
expires: Sun, 27 Nov 2022 07:29:15 GMT
cache-control: max-age=3600
x-redirect-by: redirection
x-rq: arn2 0 2 9980
content-encoding: gzip
age: 3190
x-cache: hit
X-Firefox-Spdy: h2
www.widgeo.net/geocompteur/css/jquery.flipster.css
104.26.10.22200 OK 1.3 kB URL HTTP/1.1 www.widgeo.net/geocompteur/css/jquery.flipster.css
IP 104.26.10.22:0
File type ASCII text, with very long lines (6509), with no line terminators
Hash 45722c8e6cd7fe64f52e4f6991e87e09
db335fdfc38c3c4bf3796f1172f1a81a68a7c853
f4d7170d0a626ffc52cdc54873a7a9a738129a2bec084cec72f23dd03235f0b9
GET /geocompteur/css/jquery.flipster.css HTTP/1.1
Host: www.widgeo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.widgeo.net/geocompteur/geolive_html.php?id=1045701&c=geolive_caroussel&size=&nostats=&title=KELUARGA%20AMBUYAT%20EL-BINANGKIT%20V2%3A%20Teori%20Konspirasi%20Influenza%20A%20(H1N1)&ref=ambuyatel-binangkit.blogspot.com
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 07:22:26 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Cf-Bgj: minify
Cf-Polished: origSize=7688
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 23:17:55 GMT
last-modified: Thu, 20 Jun 2019 15:14:42 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 201869
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R6OQUHWAQ%2FveJeUnFhwhH7HFlxraNtlVdQvi4JGxaqubR3LALDRtDI2ACS37mrStjp7zG0ZZduQjSh9bXFvlXZN8ZK%2Fwjfrn11XLs2c3MeVMCCg58YYbUw47CkTjMGlD"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 77091cddda610b31-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.widgeo.net/geocompteur/shadow/48x48/shadow/flag_united%20states.png
104.26.10.22200 OK 2.8 kB URL HTTP/2 www.widgeo.net/geocompteur/shadow/48x48/shadow/flag_united%20states.png
IP 104.26.10.22:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash b3e36d6fb2561cf72f9442e8a90587e4
b7cc5df39f5068f451ab9b34128b75c963f4541a
730b39c556b59b20cfa21370deabdaa03a19425b1518784cb9d19e3ecb98b0ad
GET /geocompteur/shadow/48x48/shadow/flag_united%20states.png HTTP/1.1
Host: www.widgeo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.widgeo.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 07:22:26 GMT
content-type: image/webp
content-length: 2780
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=3344
content-disposition: inline; filename="flag_united%20states.webp"
vary: Accept
cache-control: public, max-age=2592000
expires: Sat, 24 Dec 2022 21:29:13 GMT
last-modified: Thu, 20 Jun 2019 15:14:42 GMT
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 208392
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yCi5sp2fWZLvRCWh8lyRQA95MYPk9Eu4Uafo4Sgw%2FlKq5DAtcgCs6MB9%2Bq3v7ztLcCZBT1ID68jrkPNN8d5JbmK%2B7UCQWOvaR2dJfi2PcGwFNxXU3greGh0q7UKx3ODd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77091cddeaa2b51b-OSL
X-Firefox-Spdy: h2
www.widgeo.net/geocompteur/shadow/48x48/shadow/flag_norway.png
104.26.10.22200 OK 1.9 kB URL HTTP/2 www.widgeo.net/geocompteur/shadow/48x48/shadow/flag_norway.png
IP 104.26.10.22:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash d16fec1fd29d7aa3aeefb6f3a4cf0dd6
29dde63cda69f0cad0f221eb8deeb6d3d44fc0a9
5842826858330305dbe81c87715dd7b6e8479e78be521fb1c8fd385c818bb28b
GET /geocompteur/shadow/48x48/shadow/flag_norway.png HTTP/1.1
Host: www.widgeo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.widgeo.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 07:22:26 GMT
content-type: image/webp
content-length: 1928
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=2216
content-disposition: inline; filename="flag_norway.webp"
vary: Accept
cache-control: public, max-age=2592000
expires: Sat, 24 Dec 2022 14:35:01 GMT
last-modified: Thu, 20 Jun 2019 15:14:42 GMT
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 233244
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MzehzPITkDMh212yY6wJdFUerusZGq5dS1UwMhWcOYP2cTe8zjK4P8aXNWMPI9%2BhGKN2EhEYBMxsum%2FGEpsgrjmMhptKf414mt5fZ8rCVskJwOGifHoyxhhQN2bfkBF4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77091cddeaa6b51b-OSL
X-Firefox-Spdy: h2
www.widgeo.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
104.26.10.22200 OK 3.9 kB URL HTTP/1.1 www.widgeo.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
IP 104.26.10.22:0
File type ASCII text, with very long lines (12331)
Hash 54c87b7a9007d256c837e382cab4170d
6c8f44204021f68596af9ae5a742c3ad1b76a6ec
3a09f98b09786cd8fbe71cc17d07660e767fc1c8d2ea467f912bc328766a54a1
GET /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js HTTP/1.1
Host: www.widgeo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.widgeo.net/geocompteur/geolive_html.php?id=1045701&c=geolive_caroussel&size=&nostats=&title=KELUARGA%20AMBUYAT%20EL-BINANGKIT%20V2%3A%20Teori%20Konspirasi%20Influenza%20A%20(H1N1)&ref=ambuyatel-binangkit.blogspot.com
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 07:22:26 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 22 Nov 2022 13:35:09 GMT
ETag: W/"637cd00d-302c"
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dWpr4YN9UFDoME6VlDaqtoD3BPUqgAullqZd%2BXfBNx%2B20RAQN7T%2FKOA%2FRcgdmQKl4%2BeVrawE78lVb9hX6czNoZVbNVDc0sdgsRmMVmqISDxR3cNb3AdeTAu4%2BsGK7Uwr"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77091cddfd310b06-OSL
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Expires: Tue, 29 Nov 2022 07:22:26 GMT
Cache-Control: max-age=172800, public
Content-Encoding: gzip
play.google.com/log?format=json&hasfast=true&authuser=0
142.250.74.110200 OK 131 B URL HTTP/2 play.google.com/log?format=json&hasfast=true&authuser=0
IP 142.250.74.110:0
File type JSON data\012- , ASCII text, with no line terminators
Hash babb6f090aeebc6f421624475b4aefff
06079b7547949822c118224e51604f4c5ebf80c8
b2fe8b91f31edc7284cc9690e90dd4a38d985598374df68967d917590beb55dd
POST /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
X-Goog-AuthUser: 0
Content-Type: application/x-www-form-urlencoded;charset=utf-8
Content-Length: 1558
Origin: https://www.blogger.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.blogger.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web
content-type: text/plain; charset=UTF-8
content-encoding: gzip
date: Sun, 27 Nov 2022 07:22:26 GMT
server: Playlog
cache-control: private
content-length: 131
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: CONSENT=PENDING+794; expires=Tue, 26-Nov-2024 07:22:26 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 27 Nov 2022 07:22:26 GMT
X-Firefox-Spdy: h2
www.blogger.com/img/logo-16.png
142.250.74.105200 OK 279 B URL HTTP/1.1 www.blogger.com/img/logo-16.png
IP 142.250.74.105:0
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 5ffecab6c722bb0adc3fce8d83b27993
0e59b05d3da526e82bb4f5d47c5d94e2a318dafb
cca664ca16fde285160e80eae6ba4501c27b1dd1ce09aec1e84caa74b5baff53
GET /img/logo-16.png HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ambuyatel-binangkit.blogspot.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 279
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 23 Nov 2022 04:27:52 GMT
Expires: Wed, 30 Nov 2022 04:27:52 GMT
Cache-Control: public, max-age=604800
Last-Modified: Tue, 22 Nov 2022 07:51:00 GMT
Content-Type: image/png
Age: 356074
push.services.mozilla.com/
54.70.239.215101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.70.239.215:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: yqydetk46JKRxX2ue6gUvw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 9hh00MuR7q5tUE7jaZGnEI8stjs=
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f626177a70e8f6b85513718ca26cc05b
beebe237ab79a9489ccdd6c4a7e765eb47e49ea4
90fb981b29df73344d1a1230136e1d9acb1d49d1692342b3f49acfc98abd5ba5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "90FB981B29DF73344D1A1230136E1D9ACB1D49D1692342B3F49ACFC98ABD5BA5"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3133
Expires: Sun, 27 Nov 2022 08:14:39 GMT
Date: Sun, 27 Nov 2022 07:22:26 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 5af61422c4eaa1b995ec63e463abda26
db75634681ed688840773ce828c169ac9da7d131
506791493bb08d458008ad072ac34a26c2170c1e775b83f55f20cd8af97aa895
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 07:22:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.islam.gov.my/portal/img/solat.gif
103.233.160.31302 Found 229 B URL HTTP/1.1 www.islam.gov.my/portal/img/solat.gif
IP 103.233.160.31:0
ASN #141201 Malaysian Administration Modernisation and Management Planning Unit MAMPU
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash b48233092b629b9bc6fe9f49e9e0a78b
dc54b1bc0aaf8ab7d0a55cad30a9437919fff011
6dd6980eedec600e943b6709def2f462ff6ed9e083069978210a6d20a99ccfdf
GET /portal/img/solat.gif HTTP/1.1
Host: www.islam.gov.my
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ambuyatel-binangkit.blogspot.com/
HTTP/1.1 302 Found
Date: Sun, 27 Nov 2022 07:22:26 GMT
Server: Apache
Location: https://www.islam.gov.my/portal/img/solat.gif
Content-Length: 229
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 9f6cc8d3fe9092a6d3901e873a87fd87
2e0aac117a4cc57596efb3d6f6624c269f94b031
e73982e62b92abac3d15b161f4525448cc2bc8b9bacefdcbfc6f87b74ec372e4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 07:22:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.widgeo.net/geocompteur/shadow/flag_united%20states.png
104.26.10.22200 OK 1.0 kB URL HTTP/2 www.widgeo.net/geocompteur/shadow/flag_united%20states.png
IP 104.26.10.22:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 03d9bb2b449e6e964d86aec6d71b6856
e9b1da7fa7d59eaa78b2e2ad681c1e126fb55aa8
6baa676f5ca2682fd2d7945ca2d3b06759d8a1bdd4974e4c3e00b80643410399
GET /geocompteur/shadow/flag_united%20states.png HTTP/1.1
Host: www.widgeo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.widgeo.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 07:22:26 GMT
content-type: image/webp
content-length: 1008
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=1214
content-disposition: inline; filename="flag_united%20states.webp"
vary: Accept
cache-control: public, max-age=2592000
expires: Thu, 15 Dec 2022 19:39:07 GMT
last-modified: Thu, 20 Jun 2019 15:14:42 GMT
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 992598
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9kbuE1OookSSb%2BEVBJtcKHHeL4qF0U2i8ZB4r%2B2jmMo%2BPiuUdJBPnIox6Iz78UyGdIqsTrjNf3UR9CAY%2FGRX%2FjCBZ0PrDRI8UUO11hs41fJEYj74eKoSgHrxQiOONHus"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77091cde7b3cb51b-OSL
X-Firefox-Spdy: h2
www.widgeo.net/geocompteur/shadow/flag_malaysia.png
104.26.10.22200 OK 990 B URL HTTP/2 www.widgeo.net/geocompteur/shadow/flag_malaysia.png
IP 104.26.10.22:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash b69697ab6effe9c72ebc0d4768d9f8bc
806c9c63795f99ce88b81475741fe06b1346a94d
1a473a4d01199896dd76d0882be0aa5e3a9ada7201e4d21f61c74ec3ee5463da
GET /geocompteur/shadow/flag_malaysia.png HTTP/1.1
Host: www.widgeo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.widgeo.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 07:22:26 GMT
content-type: image/webp
content-length: 990
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=1216
content-disposition: inline; filename="flag_malaysia.webp"
vary: Accept
cache-control: public, max-age=2592000
expires: Thu, 22 Dec 2022 22:04:40 GMT
last-modified: Thu, 20 Jun 2019 15:14:42 GMT
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 379065
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JyuW5EIa89%2F9OxV9ZNBYkfsMUFk2DclwJXBLaZpaXlKmVVwD%2BMnJZnCNmYcEkT8ZqeSdH9mE2mvVcQYe2AsStkb%2FeP5p0TBVtCXAU9OmBpVz3LeiJ37NOZG3%2FvptImx5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77091cde8b68b51b-OSL
X-Firefox-Spdy: h2
www.widgeo.net/geocompteur/shadow/flag_canada.png
104.26.10.22200 OK 886 B URL HTTP/2 www.widgeo.net/geocompteur/shadow/flag_canada.png
IP 104.26.10.22:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 9dfda6415875b226812181f7ea64fcc8
6cdf4ed8b0a4d6a748510ab74d772183a55bdf38
b5e378613935ec7dabd4e11e095b4141b16462909085a185e3a093c8900e6a55
GET /geocompteur/shadow/flag_canada.png HTTP/1.1
Host: www.widgeo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.widgeo.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 07:22:26 GMT
content-type: image/webp
content-length: 886
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=1148
content-disposition: inline; filename="flag_canada.webp"
vary: Accept
cache-control: public, max-age=2592000
expires: Sat, 24 Dec 2022 07:00:43 GMT
last-modified: Thu, 20 Jun 2019 15:14:42 GMT
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 260501
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yxcflJd%2B4M74%2FW6mpv47JqwPNL14AjbskfGJrvfXQwa4dKEyH2fwut69P1%2FdacUw2Ultt8RU87n1afdY1UZjUkUVRBsR7DmbfUWWTvWv7vVaovAVuM0%2BzMGyRDDk80c%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77091cde8b6ab51b-OSL
X-Firefox-Spdy: h2
www.widgeo.net/geocompteur/shadow/flag_brunei%20darussalam.png
104.26.10.22200 OK 990 B URL HTTP/2 www.widgeo.net/geocompteur/shadow/flag_brunei%20darussalam.png
IP 104.26.10.22:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 4650c67c1a783f767876462b80933b3b
07c179ad72aad48438bc138b8ab6fe384db00f66
5eecac367465648d7246daf36b665135467ca2d3ddcdb8e3aa8fcda67c6ec88f
GET /geocompteur/shadow/flag_brunei%20darussalam.png HTTP/1.1
Host: www.widgeo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.widgeo.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 07:22:26 GMT
content-type: image/webp
content-length: 990
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=1226
content-disposition: inline; filename="flag_brunei%20darussalam.webp"
vary: Accept
cache-control: public, max-age=2592000
expires: Sat, 17 Dec 2022 02:44:36 GMT
last-modified: Thu, 20 Jun 2019 15:14:42 GMT
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 880669
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ykPugr0pEc5bNvLbWHbFlnrBNZfmugxGLEPYO4SuV1MYOn%2BVU9mqovDH9rRxqVW2eK1WfbWjuu2c4%2FOxpHiv280SaUayBBStSoGnmWGI2uuua4U%2BFyiFRbojrjIzZsJz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77091cde8b6db51b-OSL
X-Firefox-Spdy: h2
www.widgeo.net/geocompteur/shadow/flag_russian%20federation.png
104.26.10.22200 OK 680 B URL HTTP/2 www.widgeo.net/geocompteur/shadow/flag_russian%20federation.png
IP 104.26.10.22:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 852881aef6d6a8bca3123c3201f64c74
0e5ef2c61383bb79c8a6ea068d9a688631d844fa
41c20a2d0dc8fe26ec1e5c7e71b5d82fc09e7ce0bd30db7abb516474f5c186a1
GET /geocompteur/shadow/flag_russian%20federation.png HTTP/1.1
Host: www.widgeo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.widgeo.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 07:22:26 GMT
content-type: image/webp
content-length: 680
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=857
content-disposition: inline; filename="flag_russian%20federation.webp"
vary: Accept
cache-control: public, max-age=2592000
expires: Mon, 28 Nov 2022 00:43:35 GMT
last-modified: Thu, 20 Jun 2019 15:14:42 GMT
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 2529530
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MMSira7yOmVEzxYqEjOLRYtbaDA5pKjv%2Fo%2Bk0hOOOYAOEfVm3DfwjgzNEkDRRTUZbuv0WbXIJjtY6yMd2IbBus%2FJ5wEaFaiqgblF2a9QCphIb971kVw%2FNLw0upmE%2FK3G"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77091cde8b6fb51b-OSL
X-Firefox-Spdy: h2
www.widgeo.net/geocompteur/shadow/flag_ireland.png
104.26.10.22200 OK 712 B URL HTTP/2 www.widgeo.net/geocompteur/shadow/flag_ireland.png
IP 104.26.10.22:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 8e55f246106bcd5ae49ef1a026ec80d3
a5afe18fe64456cbb16e31287f4106228267f584
eaf4b1563a65fb7bd06ace795835a00a4f491a48506996bd65c161d35002351e
GET /geocompteur/shadow/flag_ireland.png HTTP/1.1
Host: www.widgeo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.widgeo.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 07:22:26 GMT
content-type: image/webp
content-length: 712
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=937
content-disposition: inline; filename="flag_ireland.webp"
vary: Accept
cache-control: public, max-age=2592000
expires: Fri, 23 Dec 2022 12:40:14 GMT
last-modified: Thu, 20 Jun 2019 15:14:42 GMT
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 326531
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2OOgIDO3kIEE8tSBhTKzqpIkSkqpLVO05Fxgi8dG%2Bb6MiZrquhV%2FGtytsk2GAaCirjPAIvjkosq9Z45k%2BhxtJ4zHqnVHAHKNSWUeVSgDVEy1iVeh9rmHeTGcQ9n9L0ep"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77091cde8b70b51b-OSL
X-Firefox-Spdy: h2
www.widgeo.net/geocompteur/shadow/flag_germany.png
104.26.10.22200 OK 686 B URL HTTP/2 www.widgeo.net/geocompteur/shadow/flag_germany.png
IP 104.26.10.22:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 1c667705cee250254b246ed54d521b22
ebb8e80e0820a7e73926c5d2ff02c5f74c9925b1
1b4f1b8a79090e222e116c0bb9a7333a8b88f41dd2172122f67e8c0f1a6c2e21
GET /geocompteur/shadow/flag_germany.png HTTP/1.1
Host: www.widgeo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.widgeo.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 07:22:26 GMT
content-type: image/webp
content-length: 686
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=873
content-disposition: inline; filename="flag_germany.webp"
vary: Accept
cache-control: public, max-age=2592000
expires: Mon, 26 Dec 2022 19:58:36 GMT
last-modified: Thu, 20 Jun 2019 15:14:42 GMT
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 41029
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7pPDirAlav8PnmXNF69Hu8bti2IVOM%2ByWLmEJpVFh%2FxeYE3ZvJldH2tZ%2Bpgh13LCpXL72wNkKQGp3HLPpDRHw%2B8aW88LVpQ2VTDDkVB72J4txsFnAlmw6qtl9V6DVE00"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77091cde8b6bb51b-OSL
X-Firefox-Spdy: h2
www.widgeo.net/geocompteur/shadow/flag_indonesia.png
104.26.10.22200 OK 636 B URL HTTP/2 www.widgeo.net/geocompteur/shadow/flag_indonesia.png
IP 104.26.10.22:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 5e77754fdc15606180f65f2e026f028a
bb36e8089ddbff9b38077692c1c8d4c8d20a1a4f
09144b8bff61169e3ede346c6ed7f2590fb29f0fc75cd396ecb4c6947c2678b2
GET /geocompteur/shadow/flag_indonesia.png HTTP/1.1
Host: www.widgeo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.widgeo.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 07:22:26 GMT
content-type: image/webp
content-length: 636
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=820
content-disposition: inline; filename="flag_indonesia.webp"
vary: Accept
cache-control: public, max-age=2592000
expires: Thu, 22 Dec 2022 21:36:37 GMT
last-modified: Thu, 20 Jun 2019 15:14:42 GMT
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 380748
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h8aJe9Fn%2BA8oalQCuliuO46Ixf7Rs%2FT3C8vAZt5kOoM7a87M2sFChJH5rNcEOfM7oGUGr5GmOOJw399tdtIlvAEYWu7F8e5NMfWOfCYbmNAIqxKvL51bcNN7XplbXEci"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77091cde9b78b51b-OSL
X-Firefox-Spdy: h2
www.widgeo.net/geocompteur/shadow/flag_bangladesh.png
104.26.10.22200 OK 824 B URL HTTP/2 www.widgeo.net/geocompteur/shadow/flag_bangladesh.png
IP 104.26.10.22:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash fda033492cc9954e333f12982d8b3a73
643379f831ee7bb9447262e326f759024bc3c196
93b2111e0009e79e40b18ac53ec7e49d3703956ddf9696f62140f098c219ace6
GET /geocompteur/shadow/flag_bangladesh.png HTTP/1.1
Host: www.widgeo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.widgeo.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 07:22:26 GMT
content-type: image/webp
content-length: 824
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=1024
content-disposition: inline; filename="flag_bangladesh.webp"
vary: Accept
cache-control: public, max-age=2592000
expires: Sat, 17 Dec 2022 10:26:20 GMT
last-modified: Thu, 20 Jun 2019 15:14:42 GMT
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 852966
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6S0NMZpJL061jW1M8Cqz%2BbsNQ%2B0stwph3K2Nmob9NphT6BNbKsuhdX%2Fwz5PdiJsSA4%2Bs%2BuGe4qSj9ozRBGHcx3AU1bWQNi4vmgm4VLAkdqe3RkRZUmBEKDNRYWtted98"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77091cde9b79b51b-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash e9895464b828d538dc654c678c82b181
af5791cd48761cb3f3f979b481c23e1508692823
c93a71d276aa3f386bef66ed2b4d69e041cccc9a4df5024b14d54ce2569948f0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 07:22:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash e9895464b828d538dc654c678c82b181
af5791cd48761cb3f3f979b481c23e1508692823
c93a71d276aa3f386bef66ed2b4d69e041cccc9a4df5024b14d54ce2569948f0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 07:22:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.widgeo.net/geocompteur/shadow/flag_singapore.png
104.26.10.22200 OK 768 B URL HTTP/2 www.widgeo.net/geocompteur/shadow/flag_singapore.png
IP 104.26.10.22:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 931d98f74f8bbb82364a40f7c3c5ea3b
f844a679d51126b38659a25e9c71c748da392714
04f122230781518f0b5807695a1c731e33bea9ba0264d612c799485074204627
GET /geocompteur/shadow/flag_singapore.png HTTP/1.1
Host: www.widgeo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.widgeo.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 07:22:27 GMT
content-type: image/webp
content-length: 768
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=939
content-disposition: inline; filename="flag_singapore.webp"
vary: Accept
cache-control: public, max-age=2592000
expires: Sun, 04 Dec 2022 21:13:02 GMT
last-modified: Thu, 20 Jun 2019 15:14:42 GMT
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 1937364
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x0S54i0Xt1HKFoHkg6SPvKjT3Uj6dcdTrJyynagBvYzKTwmCK4f3FA%2BOD2UHXcGgJdeh7gexKgl2F2eeji0Uh3XAusZpPsqN4ua%2B9cb6DQIXu8Vxd1NnG%2BdiFXjcHbVl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77091cdebb8eb51b-OSL
X-Firefox-Spdy: h2
www.google.com/recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu
142.250.74.164200 OK 665 B URL HTTP/2 www.google.com/recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu
IP 142.250.74.164:0
File type ASCII text, with very long lines (1034), with no line terminators
Hash 34e37af4d526255a20a2056cd5f4addf
bcac186d6a49539e69a3f67aa08d0188966f5623
51a2c479b272414cb9d7e1ec62edffbad01217068b73d516d33cb8f26a4fc634
GET /recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Sun, 27 Nov 2022 07:22:27 GMT
date: Sun, 27 Nov 2022 07:22:27 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 665
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.widgeo.net/geocompteur/shadow/flag_cambodia.png
104.26.10.22200 OK 804 B URL HTTP/2 www.widgeo.net/geocompteur/shadow/flag_cambodia.png
IP 104.26.10.22:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 22139beff42b271c6cff19ff56adb3ab
bc9bc3557e5ce891a067ba1391ead96b10b1b7e4
7e44d404a9404add096d97d266777b1689351d8d349a42721c1bad5d2936cd04
GET /geocompteur/shadow/flag_cambodia.png HTTP/1.1
Host: www.widgeo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.widgeo.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 07:22:27 GMT
content-type: image/webp
content-length: 804
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=1031
content-disposition: inline; filename="flag_cambodia.webp"
vary: Accept
cache-control: public, max-age=2592000
expires: Wed, 21 Dec 2022 07:50:19 GMT
last-modified: Thu, 20 Jun 2019 15:14:42 GMT
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 516727
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LarqipujgZ6T0JIZu401r8TvRKPxmwyyD7tcNiSa8lZvLmMfqBLA9CKXPnRCS0wBYKNMfeRLT4vcAaXwT0%2FU7q2fc2QskDTqxi4Ro1B8jF1aYsUMg1T0yjV01VWdAlpB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77091cdecb9db51b-OSL
X-Firefox-Spdy: h2
www.widgeo.net/geocompteur/shadow/flag_finland.png
104.26.10.22200 OK 724 B URL HTTP/2 www.widgeo.net/geocompteur/shadow/flag_finland.png
IP 104.26.10.22:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 4bb42c0a72d24163a22f5b03c19014ca
333c2b0e19045c6162ea18f96cde896e9568c965
57f34fcc77132fcdfc669956854f38ebc6089241f1d5f52d7218d06365c9e750
GET /geocompteur/shadow/flag_finland.png HTTP/1.1
Host: www.widgeo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.widgeo.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 07:22:27 GMT
content-type: image/webp
content-length: 724
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=899
content-disposition: inline; filename="flag_finland.webp"
vary: Accept
cache-control: public, max-age=2592000
expires: Mon, 28 Nov 2022 00:42:59 GMT
last-modified: Thu, 20 Jun 2019 15:14:42 GMT
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 2529568
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C%2BrUV24RtFj9m1Sajaie16mQuevhZ%2FCDxr7p%2BzM%2BqnwIajzgXWfXUMVyObUAqp%2FebFbRxPJltE70iynmrSTGuSFYdhv4D7O9aNbc4oIpG5x41Rl5xx6Hg%2FJBrjvqCc0%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77091cdedba6b51b-OSL
X-Firefox-Spdy: h2
www.widgeo.net/hitparade.php?pagexiti=geocity1
104.26.10.22200 OK 16 kB URL HTTP/2 www.widgeo.net/hitparade.php?pagexiti=geocity1
IP 104.26.10.22:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 2612c0a82c3ab8ce02b64280d3792e95
7111b24423a285468b1de90501a806e5a9586f77
56ac88d4f1b7b7e88e8bfc5e66059511ebec3431c3f2700c03d50a8203ec3b38
GET /hitparade.php?pagexiti=geocity1 HTTP/1.1
Host: www.widgeo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ambuyatel-binangkit.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 27 Nov 2022 07:22:26 GMT
content-type: text/html; charset=UTF-8
cache-control: public, max-age=180
expires: Sun, 27 Nov 2022 07:25:25 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pw1rg8Fq5c1ANuDRoNOVuuj9pW2JjZQ9Ow5Cy8%2FdRhqjGoGbcsSyzgkKbB%2FBAO6IvhEHWOQ5vjTLpCxsOuUVc8EUXA1xWvZx4dvaahyDoqYjNPnF0w%2BZjyuNQ34KSniW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77091cdc0957b51b-OSL
content-encoding: br
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.195200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube-nocookie.com
Connection: keep-alive
Referer: https://www.youtube-nocookie.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 26 Nov 2022 12:31:58 GMT
expires: Sun, 26 Nov 2023 12:31:58 GMT
cache-control: public, max-age=31536000
age: 67829
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.guidedways.com/freeplugins/dictsearch.php
144.76.219.5301 Moved Permanently 162 B URL HTTP/1.1 www.guidedways.com/freeplugins/dictsearch.php
IP 144.76.219.5:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /freeplugins/dictsearch.php HTTP/1.1
Host: www.guidedways.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ambuyatel-binangkit.blogspot.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 27 Nov 2022 07:22:27 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://www.guidedways.com/freeplugins/dictsearch.php
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 2.2 kB IP 142.250.74.35:0
Hash 5c8123643947ab69c172c07417a6fa26
951003f2ce2e93af5d6776bb3143802d1474f69e
521245a5588663811e5a9d3819ac4339b4dcc5d4c753c2ab841ebe529203f697
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 07:22:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash e9895464b828d538dc654c678c82b181
af5791cd48761cb3f3f979b481c23e1508692823
c93a71d276aa3f386bef66ed2b4d69e041cccc9a4df5024b14d54ce2569948f0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 07:22:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js
142.250.74.163200 OK 163 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js
IP 142.250.74.163:0
File type ASCII text, with very long lines (730)
Size 163 kB (162976 bytes)
Hash 79d18cf4265108d7cecca1bf4ada6109
e51d0285a545381d4c39e9e0292a650ffeeecbb9
59ce7253f371df0833c3f72d4748ef812002b90a49413c56d0ca7c40bb5a0ab6
GET /recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
Origin: https://www.blogger.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 162976
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 26 Nov 2022 21:26:04 GMT
expires: Sun, 26 Nov 2023 21:26:04 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 14 Nov 2022 03:01:59 GMT
content-type: text/javascript
age: 35783
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 84abff6446cfdae7d3c07cc264f768dc
6261abadddd8b0d3048206e82825dd57eab3e643
4747272fb0ee8be679e5b6231015ad6758a8309dbf4b5e863ae17c3fc297a071
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4800
Cache-Control: max-age=119451
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 07:22:27 GMT
Etag: "63822d0e-1d7"
Expires: Mon, 28 Nov 2022 16:33:18 GMT
Last-Modified: Sat, 26 Nov 2022 15:13:18 GMT
Server: ECS (amb/6B87)
X-Cache: HIT
Content-Length: 471
www.widgeo.net/geocompteur/jquery.flipster.min.js
104.26.10.22200 OK 3.2 kB URL HTTP/1.1 www.widgeo.net/geocompteur/jquery.flipster.min.js
IP 104.26.10.22:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (7651)
Hash 84fb99273e451e7e5698d598130720b8
64388d720ed53aa1af84df46cde5046f136e1408
674f791c0a5e491346ece0fbeb197980a7a6b50a23fc33636d0b9a4974106d2a
GET /geocompteur/jquery.flipster.min.js HTTP/1.1
Host: www.widgeo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.widgeo.net/geocompteur/geolive_html.php?id=1045701&c=geolive_caroussel&size=&nostats=&title=KELUARGA%20AMBUYAT%20EL-BINANGKIT%20V2%3A%20Teori%20Konspirasi%20Influenza%20A%20(H1N1)&ref=ambuyatel-binangkit.blogspot.com
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 07:22:27 GMT
Content-Type: application/javascript
Content-Length: 3157
Connection: keep-alive
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 21:42:07 GMT
last-modified: Thu, 20 Jun 2019 15:14:42 GMT
content-encoding: gzip
vary: Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 294019
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x9UtZsxXOo9Pm1XgMEkJwdrIqOoWn9JlNDal5xW4%2FTRAe3SctsrBagYYwCfp8kcjMFKTGewZnLPJrh9ywZwp2acPwQkl1MfnorvRg7ikYw8KcS365Htlu9TL2p%2BYOqFI"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 77091ce04ec90b06-OSL
alt-svc: h2=":443"; ma=60
www.googletagmanager.com/gtag/js?id=G-RP7FMTL79Y
142.250.74.168200 OK 76 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-RP7FMTL79Y
IP 142.250.74.168:0
File type ASCII text, with very long lines (19102)
Hash 17b09a1f8db2581130ce641f8a5e150f
4a780b37daa9953b2ef4f0b865dfa976ed675aae
fe033c75bb994b3707163c84de60d01d29011e14cce15aafea4b1508b54b4cfc
GET /gtag/js?id=G-RP7FMTL79Y HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.widgeo.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 27 Nov 2022 07:22:27 GMT
expires: Sun, 27 Nov 2022 07:22:27 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 75954
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.widgeo.net/geocompteur/img/tmp/earth_blue.png
104.26.10.22200 OK 2.6 kB URL HTTP/2 www.widgeo.net/geocompteur/img/tmp/earth_blue.png
IP 104.26.10.22:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 007ede82537f2eb7e991ea20c6bc7b78
e6468eec65f4630144c093e01f801fdfa9b192d1
fdba9a1248b8c6cf7a3d1261e0acbb873a4a4caf93bd4647bf6f15ea4e11f9ab
GET /geocompteur/img/tmp/earth_blue.png HTTP/1.1
Host: www.widgeo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.widgeo.net/geocompteur/css/city_css.php?c=geocity1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 07:22:27 GMT
content-type: image/webp
content-length: 2620
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=3276
content-disposition: inline; filename="earth_blue.webp"
vary: Accept
cache-control: public, max-age=2592000
expires: Thu, 08 Dec 2022 19:52:34 GMT
last-modified: Thu, 20 Jun 2019 15:14:42 GMT
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 1596592
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z21p5ASyU9gwfj%2F40c6s2nQKkq5sIowvkx5pkr%2BWuH3ehJ4bhgDdQbhcRRl6ynJzfCGB2hy024m3C8Z3e%2BpavDlbED3Ao2biO7kEg6JA%2BbNDTyo3m%2Bb1N8jBwc8DVLQa"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77091ce08d11b51b-OSL
X-Firefox-Spdy: h2
www.widgeo.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
104.26.10.22200 OK 37 kB URL HTTP/2 www.widgeo.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
IP 104.26.10.22:0
File type ASCII text, with very long lines (32038)
Hash 8582fdcade165395619dabdc0688de49
bf544c48401eeb2f671dd2692c534a1de55de48a
a5e1e145217c2bb68ca77eead69a265c8c05b09d19a98c86947f0ed5be593e9e
GET /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js HTTP/1.1
Host: www.widgeo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.widgeo.net/hitparade.php?pagexiti=geocity1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 07:22:27 GMT
content-type: application/javascript
last-modified: Tue, 22 Nov 2022 13:35:09 GMT
etag: W/"637cd00d-302c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p426TiSnEo0EZSXHVhA3FKZN7lVL7lSjIRKowtxtyhJOfCxdOKjVrenh62kSbrL3YPuZz6ofUoafd3VfUmeUL%2B8yd8aNl21nU1CshsaWxBaANFLNllbRTO2vyvF9SyF5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77091cdefbc0b51b-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Tue, 29 Nov 2022 07:22:27 GMT
cache-control: max-age=172800, public
content-encoding: gzip
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js
142.250.74.42200 OK 25 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js
IP 142.250.74.42:0
File type ASCII text, with very long lines (820)
Hash cc24419c482370498f3c227ac73d666b
37fc103ace873f47102e0ca88eb4735bc6806750
152fa070788f0cf29dc062f03860897c39c7ffa13e6eee2dc3e5dc131ecbc7aa
GET /ajax/libs/jquery/1.4.2/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.widgeo.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 24715
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 14:17:21 GMT
expires: Thu, 23 Nov 2023 14:17:21 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 320706
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8c50a722e520a995186565626be3471b
4a1fccab0cf359536b6dc5e390912625536f4683
5448a82fe9511e616c85996e8f5018413e443d52b808cc6177ec6da28920c32f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5448A82FE9511E616C85996E8F5018413E443D52B808CC6177EC6DA28920C32F"
Last-Modified: Sun, 27 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21530
Expires: Sun, 27 Nov 2022 13:21:17 GMT
Date: Sun, 27 Nov 2022 07:22:27 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 0ee1d1a60ec1770ec3e880a25c257f5d
015b05feff63bdcf8fae4d1a8c0c83c923a2ca67
b6845619444a37f322c044933a44cf3fd283a18a54d03bad4f76a2ed8c2cbaf6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 07:22:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.widgeo.net/geocompteur/geowidget_js.js
104.26.10.22200 OK 23 kB URL HTTP/2 www.widgeo.net/geocompteur/geowidget_js.js
IP 104.26.10.22:0
File type ASCII text, with very long lines (866)
Hash 33d2c80ef50bf51fa2033bcc435653fe
64df8e252a13d33b6a9ac8c5e2f7b3cc5c76514f
1451fa166669bb754dcc75118af5b1c6961d96da0fe8dba5a2bf4b6ed7161138
GET /geocompteur/geowidget_js.js HTTP/1.1
Host: www.widgeo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.widgeo.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 07:22:27 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=2217
cache-control: public, max-age=604800
expires: Tue, 29 Nov 2022 12:50:42 GMT
last-modified: Thu, 13 Feb 2020 12:35:42 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 412304
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BgPUPNs4qWYIGlpp1k%2B5Qk02S8Abvveuj0qLOmSqEMLaF35fst%2FmqOzbBjygCMj9Is3fJ4BXXgCsIXHRHdchTL4XJcRsTRvHlxfy8q6JKnWeMZyd%2FjrCL13%2BmKL0SRHB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77091ce09d20b51b-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.comodoca.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash dee02792fedce3e3dfed1c030b9745be
dcf10edf2ac96339c6ab2724a9186d9439f2fdd7
bc91af1c4c33eb4d270b9a1c78c0a815cc1838768ffde7842e239d8a3580951d
POST / HTTP/1.1
Host: ocsp.comodoca.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 07:22:27 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 25 Nov 2022 12:47:13 GMT
Expires: Fri, 02 Dec 2022 12:47:12 GMT
Etag: "dcf10edf2ac96339c6ab2724a9186d9439f2fdd7"
Cache-Control: max-age=557100,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77091cdffe850b06-OSL
logv33.xiti.com/hit.xiti?s=281802&p=geolive&hl=7x22x27&r=1280x1024x24x24&ref=http://ambuyatel-binangkit.blogspot.com/
143.204.46.236302 Found 152 B URL HTTP/2 logv33.xiti.com/hit.xiti?s=281802&p=geolive&hl=7x22x27&r=1280x1024x24x24&ref=http://ambuyatel-binangkit.blogspot.com/
IP 143.204.46.236:0
File type HTML document, ASCII text
Hash ad9aa0021c4d8b3044e1f05b0fc35d65
fbe07f1706ea3b05f899c018a913660d2d35a70b
7ce3c335e1ac86c0155a8e1561915af5dd42399f03d0e17595011b2d59f19578
GET /hit.xiti?s=281802&p=geolive&hl=7x22x27&r=1280x1024x24x24&ref=http://ambuyatel-binangkit.blogspot.com/ HTTP/1.1
Host: logv33.xiti.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.widgeo.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=utf-8
content-length: 152
date: Sun, 27 Nov 2022 07:22:27 GMT
cache-control: no-store
location: /hit.xiti?s=281802&p=geolive&hl=7x22x27&r=1280x1024x24x24&ref=http://ambuyatel-binangkit.blogspot.com/&Rdt=On
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
set-cookie: idrxvr=F60A07A1-1036-4C04-867C-6C4BF1286927; Path=/; Domain=xiti.com; Expires=Wed, 27 Dec 2023 07:22:27 GMT; HttpOnly
atidx=F60A07A1-1036-4C04-867C-6C4BF1286927; Path=/; Domain=xiti.com; Expires=Wed, 27 Dec 2023 07:22:27 GMT; HttpOnly; Secure
atid=F60A07A1-1036-4C04-867C-6C4BF1286927; Path=/; Domain=xiti.com; Expires=Wed, 27 Dec 2023 07:22:27 GMT; HttpOnly; Secure; SameSite=None
strict-transport-security: max-age=15768000
x-cache: Miss from cloudfront
via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Bq_9Elbpx6C_qGQG78brPrz6AUKjUp5dedh1nexobN2KcyxUwytpug==
X-Firefox-Spdy: h2
app.accuweather.com/app-download
199.60.103.254200 OK 18 kB URL HTTP/2 app.accuweather.com/app-download
IP 199.60.103.254:0
ASN #209242 Cloudflare London, LLC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (974)
Hash 1d9c7a2a59655c7fce6157338360f263
cdc622dbbf6e951ec5bae0a9e112bb5dbd276034
fcdafe7a6af79e2d091c449b96d5556d41c51a7461e45dfc2f1d07d365bd8407
GET /app-download HTTP/1.1
Host: app.accuweather.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ambuyatel-binangkit.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 27 Nov 2022 07:22:27 GMT
content-type: text/html; charset=UTF-8
cache-control: s-maxage=10800, max-age=0
etag: W/"7ee53e14ac01702635d14d566ea9fc72"
last-modified: Sun, 27 Nov 2022 02:40:14 GMT
link: </hs/hsstatic/cos-i18n/static-1.53/bundles/project.js>; rel=preload; as=script,</hs/hsstatic/HubspotToolsMenu/static-1.138/js/index.js>; rel=preload; as=script
strict-transport-security: max-age=31536000
content-security-policy: upgrade-insecure-requests
edge-cache-tag: CT-78111170588,P-7482826,CW-30063268623,CW-78111884636,E-72101896560,E-78104573007,E-78105494437,E-78112470303,E-78112496684,E-78112671562,E-78112732502,E-78112890690,E-78112994639,E-78113133579,E-78113158831,E-78113335563,E-78113336112,E-78113581974,PGS-ALL,SW-2,TS-78112665345
referrer-policy: no-referrer-when-downgrade
x-hs-cache-config: BrowserCache-5s-EdgeCache-180s
x-hs-cache-control: s-maxage=10800, max-age=0
x-hs-cf-cache-status: HIT
x-hs-combine-css: Disabled
x-hs-content-id: 78111170588
x-hs-hub-id: 7482826
x-hs-prerendered: Sun, 27 Nov 2022 02:40:14 GMT
x-powered-by: HubSpot
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pd3epg7tSr%2FuC2t36Ecqyd4op4V%2Bp8GCh3YrUAFo9e9fHk2SsYkL89SX%2BWMVuqxmXNE4HUL4ZoQPQaJhO9Q%2FYEKTUi4N%2FlveplLpo7vCS6xiVWFcCFdB9dEFqcToVKoDPOKHKZc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
set-cookie: __cf_bm=Ct3w0V21AuMA2p59AEj4k81SnuBRs.l1XoG7BF6jUKE-1669533747-0-AR+2U1rHOXP4rAJ+OlKf39ebulWVfFBf9VJ7cweschPPwyB+VqCLC8xejcbpA+IdULaiJvuEn2Yko62Z4xj5q60=; path=/; expires=Sun, 27-Nov-22 07:52:27 GMT; domain=.app.accuweather.com; HttpOnly; Secure; SameSite=None
__cfruid=19be1aef7f4eabfbc03e0729a8eec54451f46d87-1669533747; path=/; domain=.app.accuweather.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 77091cdf0cbfb50b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-h2-pushed: </hs/hsstatic/cos-i18n/static-1.53/bundles/project.js>,</hs/hsstatic/HubspotToolsMenu/static-1.138/js/index.js>
X-Firefox-Spdy: h2
www.clocklink.com//embed.js
216.230.241.100200 OK 1.5 kB URL HTTP/1.1 www.clocklink.com//embed.js
IP 216.230.241.100:0
File type ASCII text, with very long lines (1463), with no line terminators
Hash 372b5128807a95307cd556fd0a306bba
acc48e04862add1cd138ef9e0f3dac0f1aeabe97
d9f4a87ec7d94fae44b2e3bcfa3d5f3429f885e537973cce9c5133ddd01752f9
GET //embed.js HTTP/1.1
Host: www.clocklink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ambuyatel-binangkit.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 07:22:27 GMT
Server: Apache/2.2.15 (CentOS)
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Last-Modified: Mon, 23 Apr 2018 17:37:11 GMT
ETag: "3601bf-5b7-56a877cd9ec79"
Accept-Ranges: bytes
Content-Length: 1463
Connection: close
Content-Type: text/javascript
www.searchtruth.com/hijri/hijri.html
69.167.187.16200 OK 4.0 kB URL HTTP/2 www.searchtruth.com/hijri/hijri.html
IP 69.167.187.16:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text
Hash 71bf426563d452a66f9c35863cc1fa19
cb0390fd3991676a1a8d01b473e112ababc24db7
0557b24a5d98990cb6168df960b7deca7de1629671ff5c3c7baac148b8e4f214
GET /hijri/hijri.html HTTP/1.1
Host: www.searchtruth.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ambuyatel-binangkit.blogspot.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-security-policy: img-src *;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Wed, 15 Aug 2018 00:55:42 GMT
accept-ranges: bytes
cache-control: max-age=600, public, private, must-revalidate
expires: Sun, 27 Nov 2022 07:32:27 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 4026
content-type: text/html
date: Sun, 27 Nov 2022 07:22:27 GMT
server: Apache
X-Firefox-Spdy: h2
www.ukhwah.com/topblog/button.php?u=abdinabu
104.21.1.141301 Moved Permanently 0 B URL HTTP/1.1 www.ukhwah.com/topblog/button.php?u=abdinabu
IP 104.21.1.141:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /topblog/button.php?u=abdinabu HTTP/1.1
Host: www.ukhwah.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ambuyatel-binangkit.blogspot.com/
HTTP/1.1 301 Moved Permanently
Date: Sun, 27 Nov 2022 07:22:27 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.4.33
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Redirect-By: WordPress
Vary: Accept-Encoding
Location: https://www.ukhwah.com/topblog/button.php?u=abdinabu
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GF3K%2FJ3eO7TnvMSSAd0f4tyrDr17F3k8gKjCWBMt%2FK4RkJ7QQDdQwqRUJOkm0HuDjdB9a8OwKvHc9jzJt2d4rYXnvXJPen%2FS4gdj9I44hr1FCEzcEsUSCaGKRbNnQ2kReQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 77091cdafb0bb4f9-OSL
alt-svc: h2=":443"; ma=60
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash 5a0fcc802da86fb6bf725ed0c6069a76
0182a268932c8141f8f2e76199e433a1f96de5b7
944605d1855ddeafe3fcac2c4cd4ede656decbeae060a1de1b233cf26502e1eb
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 07:22:27 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Thu, 01 Dec 2022 05:56:32 GMT
ETag: "0182a268932c8141f8f2e76199e433a1f96de5b7"
Last-Modified: Sun, 27 Nov 2022 05:56:33 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: MISS
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77091ce0cd47b4fa-OSL
www.gocurrency.com/v2/gocurrcalc_t.php?id=53
104.17.88.30404 Not Found 25 B URL HTTP/2 www.gocurrency.com/v2/gocurrcalc_t.php?id=53
IP 104.17.88.30:0
Hash 64571a509b4ec40f93cc6e70648f1b06
cbdffc0ef8b3aaa76e28581a83d1ebdc49748f24
a9aa9ec7ef3ec92e7eb52220a9f0cb578ff2ba0a71cb3e9c1a0b828857529fcc
GET /v2/gocurrcalc_t.php?id=53 HTTP/1.1
Host: www.gocurrency.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ambuyatel-binangkit.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
date: Sun, 27 Nov 2022 07:22:27 GMT
content-type: text/html; charset=UTF-8
content-length: 25
cf-ray: 77091cdf8a131bfa-OSL
set-cookie: WEBSERVER=1; path=/
cf-cache-status: DYNAMIC
x-powered-by: PHP/7.4.30
vary: Accept-Encoding
server: cloudflare
X-Firefox-Spdy: h2
logv33.xiti.com/hit.xiti?s=281802&p=geolive&hl=7x22x27&r=1280x1024x24x24&ref=http://ambuyatel-binangkit.blogspot.com/&Rdt=On
143.204.46.236200 OK 373 B URL HTTP/2 logv33.xiti.com/hit.xiti?s=281802&p=geolive&hl=7x22x27&r=1280x1024x24x24&ref=http://ambuyatel-binangkit.blogspot.com/&Rdt=On
IP 143.204.46.236:0
File type GIF image data, version 89a, 39 x 25\012- data
Hash 29cb2a1e585dff1f4282449fdbbab2d7
075d147195f9dba1862a6f3990d219d7c4389225
86fd3be02ab9497ebb14a884fb226386cd0db257b234b005f0000326ae8c9081
GET /hit.xiti?s=281802&p=geolive&hl=7x22x27&r=1280x1024x24x24&ref=http://ambuyatel-binangkit.blogspot.com/&Rdt=On HTTP/1.1
Host: logv33.xiti.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.widgeo.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/gif
content-length: 373
date: Sun, 27 Nov 2022 07:22:27 GMT
cache-control: no-store
strict-transport-security: max-age=15768000
x-cache: Miss from cloudfront
via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: SanfZFfh6_lU7dc54nK7xg7Q_nQljge8DoBCWjv0SJqIEf-MPUasZw==
X-Firefox-Spdy: h2
logv33.xiti.com/hit.xiti?s=281802&p=geocity1&hl=7x22x27&r=1280x1024x24x24&ref=http://ambuyatel-binangkit.blogspot.com/&Rdt=On
143.204.46.236200 OK 373 B URL HTTP/2 logv33.xiti.com/hit.xiti?s=281802&p=geocity1&hl=7x22x27&r=1280x1024x24x24&ref=http://ambuyatel-binangkit.blogspot.com/&Rdt=On
IP 143.204.46.236:0
File type GIF image data, version 89a, 39 x 25\012- data
Hash 29cb2a1e585dff1f4282449fdbbab2d7
075d147195f9dba1862a6f3990d219d7c4389225
86fd3be02ab9497ebb14a884fb226386cd0db257b234b005f0000326ae8c9081
GET /hit.xiti?s=281802&p=geocity1&hl=7x22x27&r=1280x1024x24x24&ref=http://ambuyatel-binangkit.blogspot.com/&Rdt=On HTTP/1.1
Host: logv33.xiti.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.widgeo.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/gif
content-length: 373
date: Sun, 27 Nov 2022 07:22:27 GMT
cache-control: no-store
strict-transport-security: max-age=15768000
x-cache: Miss from cloudfront
via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: hUzMKKMG4EAZ_saln0uWGVoA5XQnVgtJJTw7rRqfiRI4CBMLGa_PpA==
X-Firefox-Spdy: h2
www.e-solat.gov.my/solat-iframe.php?kod=sbh07&lang=BM&url=URL&font=FONT&fontcolor=
163.53.154.158404 Not Found 196 B URL HTTP/1.1 www.e-solat.gov.my/solat-iframe.php?kod=sbh07&lang=BM&url=URL&font=FONT&fontcolor=
IP 163.53.154.158:0
ASN #17564 GITN M Sdn. Bhd.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 62962daa1b19bbcc2db10b7bfd531ea6
d64bae91091eda6a7532ebec06aa70893b79e1f8
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
GET /solat-iframe.php?kod=sbh07&lang=BM&url=URL&font=FONT&fontcolor= HTTP/1.1
Host: www.e-solat.gov.my
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ambuyatel-binangkit.blogspot.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 404 Not Found
Date: Sun, 27 Nov 2022 07:22:27 GMT
Content-Length: 196
Content-Type: text/html; charset=iso-8859-1
Cache-Control: max-age=84600, public
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 8835f987270c3a6655732a8b9f79019d
b526a02966f50407fd20c881616a505ca6693ce3
349663442998cf63d2ff77fdfee46ac572703750f977b4f60e9082307309f7c2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 07:22:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 8835f987270c3a6655732a8b9f79019d
b526a02966f50407fd20c881616a505ca6693ce3
349663442998cf63d2ff77fdfee46ac572703750f977b4f60e9082307309f7c2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 07:22:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 8835f987270c3a6655732a8b9f79019d
b526a02966f50407fd20c881616a505ca6693ce3
349663442998cf63d2ff77fdfee46ac572703750f977b4f60e9082307309f7c2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 07:22:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 8835f987270c3a6655732a8b9f79019d
b526a02966f50407fd20c881616a505ca6693ce3
349663442998cf63d2ff77fdfee46ac572703750f977b4f60e9082307309f7c2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 07:22:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.170200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.170:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube-nocookie.com/
Origin: https://www.youtube-nocookie.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube-nocookie.com
vary: origin, referer, x-origin
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Sun, 27 Nov 2022 07:22:28 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.170200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.170:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 8afea2b9c36032d842c81ac1305546b3
67397d5951f7466e7f89d7386d33af88ae382912
961ae5f892fad750790b743cd5a7049519019126a658d753b6c97533b9c24ac9
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube-nocookie.com
Connection: keep-alive
Referer: https://www.youtube-nocookie.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sun, 27 Nov 2022 07:22:28 GMT
server: ESF
cache-control: private
content-length: 31291
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube-nocookie.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open+Sans:400,700
142.250.74.10200 OK 1.5 kB URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans:400,700
IP 142.250.74.10:0
Hash 716f14061a9a0a5201d07d31c0f7049f
f8b290ec327ac468d601bbe5f36b526f7b1decb9
5ce91156176cb7af655f20b710c6e81c84175b25c46d372be6afe4ee75ace0ea
GET /css?family=Open+Sans:400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.widgeo.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 27 Nov 2022 07:22:27 GMT
date: Sun, 27 Nov 2022 07:22:27 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash a99a4f21dea8b1b8cb5dd5f18939e527
056b6a4be26991ccb87802ac8cd46160a703bf59
5e443711f489e2f43acf10f5cf2018305d0c23744b9d52daa3170e2d1c99f46f
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 07:22:28 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Thu, 01 Dec 2022 06:54:01 GMT
ETag: "056b6a4be26991ccb87802ac8cd46160a703bf59"
Last-Modified: Sun, 27 Nov 2022 06:54:02 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: MISS
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77091ce21dca0b3d-OSL
vortex.accuweather.com/adcbin/netweather_v2/backgrounds/spring1_240x420_bg.jpg
2.23.131.205301 Moved Permanently 176 B URL HTTP/1.1 vortex.accuweather.com/adcbin/netweather_v2/backgrounds/spring1_240x420_bg.jpg
IP 2.23.131.205:0
ASN #1299 Telia Company AB
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 0d708c8943d419991a6e093a8d8240fa
ca65bdf67b481a5431864aeadfbf4fc51110bd27
4f64cf1c55910af23c6b829974003a3d5b917f9f03b6f611c5c82253f897cf7f
GET /adcbin/netweather_v2/backgrounds/spring1_240x420_bg.jpg HTTP/1.1
Host: vortex.accuweather.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ambuyatel-binangkit.blogspot.com/
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=UTF-8
Location: https://corporate.accuweather.com/resources/downloads
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
x-local-group: hweb
Content-Length: 176
Date: Sun, 27 Nov 2022 07:22:28 GMT
Connection: keep-alive
Set-Cookie: ak_bmsc=B1ABEB6BBBCABCD74E3CB69059A1C2A4~000000000000000000000000000000~YAAQjIVlX2LnooGEAQAAf0v3txESZMbCmspkQrocXgarY8r8SgZxwCRoulMLgakfvyoivogh6LePw24rlsEZCSHPkyxPFW5JKY+6Spht2VcNjKUPlDwgXdPxhjx9ppgdVgmNQSzpoKH2dhuFxTM9Wacmd7WiLpLReHMdSCOgw6YowUR+7Ed79ChKFrKsyj7S3o0nHyKhicecTEElJ4E5CNxVNXB/ObLEgKfjDq37aqwezXrllyAE7jqz4gWoLKbqV1/BOmoG64fVCrPsXxnclV8+eUBv29lvw4HDQ2XHzGbB11QKY/uIMJqg/Cb9ekRQkwnm8KkNvMhEcA==; Domain=.accuweather.com; Path=/; Expires=Sun, 27 Nov 2022 09:22:28 GMT; Max-Age=7200; HttpOnly
lh3.googleusercontent.com/a-/ACNPEu9LEG_HD7NjhwFfbe09CvFvhtB_vh-Roo3fPdPQ=s96-p
142.250.74.33200 OK 3.6 kB URL HTTP/2 lh3.googleusercontent.com/a-/ACNPEu9LEG_HD7NjhwFfbe09CvFvhtB_vh-Roo3fPdPQ=s96-p
IP 142.250.74.33:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 96x96, components 3\012- data
Hash bebaede1a6b442848b39b20a54c0ff37
e04eb9e84e2f5e5738603a79fa363177f36a9a31
112c270dbaeceea2fa4858774256600196e3eced16a922cc4003a769816914ed
GET /a-/ACNPEu9LEG_HD7NjhwFfbe09CvFvhtB_vh-Roo3fPdPQ=s96-p HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v2a"
expires: Mon, 28 Nov 2022 07:22:28 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Sun, 27 Nov 2022 07:22:28 GMT
server: fife
content-length: 3619
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/a-/ACNPEu-NmZ7jpJuDOj3YWsbr1D5th3lLAHt0maiTOkVez2Q=s96-p
142.250.74.33200 OK 23 kB URL HTTP/2 lh3.googleusercontent.com/a-/ACNPEu-NmZ7jpJuDOj3YWsbr1D5th3lLAHt0maiTOkVez2Q=s96-p
IP 142.250.74.33:0
File type PNG image data, 96 x 96, 8-bit/color RGB, non-interlaced\012- data
Hash 686f47d4155129a024c7f5d95bb9b067
6715667f78c8c8c3505f86837ae8a62e382c1fc2
0996fcde848a81fed15d60c33b6a1190212f4f5659e8fa49075a29047910056c
GET /a-/ACNPEu-NmZ7jpJuDOj3YWsbr1D5th3lLAHt0maiTOkVez2Q=s96-p HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.png"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 22562
x-xss-protection: 0
date: Sun, 27 Nov 2022 03:31:55 GMT
expires: Fri, 25 Nov 2022 14:35:13 GMT
cache-control: public, max-age=86400, no-transform
age: 13833
etag: "v5fa7"
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/a-/ACNPEu83eae7ier9ttuDS9jSfQoSauYRsWr95MRiqVUZWw=s96-p
142.250.74.33200 OK 5.1 kB URL HTTP/2 lh3.googleusercontent.com/a-/ACNPEu83eae7ier9ttuDS9jSfQoSauYRsWr95MRiqVUZWw=s96-p
IP 142.250.74.33:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 96x96, components 3\012- data
Hash 60682b97409c1fc16f9b65fb1b1b7290
fbabde0646f936b683ee895a5bfeab4bce23f0d7
c874065a0c84dc3efdd19a9677f6602933dda23846fcb543d7520cd954319547
GET /a-/ACNPEu83eae7ier9ttuDS9jSfQoSauYRsWr95MRiqVUZWw=s96-p HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v147"
expires: Mon, 28 Nov 2022 07:22:28 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Sun, 27 Nov 2022 07:22:28 GMT
server: fife
content-length: 5130
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.guidedways.com/error_docs/server.svg
144.76.219.5200 OK 7.4 kB URL HTTP/2 www.guidedways.com/error_docs/server.svg
IP 144.76.219.5:0
ASN #24940 Hetzner Online GmbH
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (7416), with no line terminators
Hash 1cc0945f8514ed0f47a5d9d513782bdd
d6989f342cdb9886f48a6d3da3cb71353bbab1ef
f74b80306280ccf2ddc635eb09f5f36070ee5769365b0a7a53ca3747602eebcb
GET /error_docs/server.svg HTTP/1.1
Host: www.guidedways.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.guidedways.com/error_docs/styles.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 27 Nov 2022 07:22:28 GMT
content-type: image/svg+xml
content-length: 7416
last-modified: Fri, 13 Oct 2017 10:28:14 GMT
etag: "59e0953e-1cf8"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
lh3.googleusercontent.com/p/AF1QipMWDh3EF6S2DckfxI8__O3lbHSGykQhMjZ7uR0C=s45-c?key=CIbuhcnmlpf2QA
142.250.74.33200 OK 4.1 kB URL HTTP/2 lh3.googleusercontent.com/p/AF1QipMWDh3EF6S2DckfxI8__O3lbHSGykQhMjZ7uR0C=s45-c?key=CIbuhcnmlpf2QA
IP 142.250.74.33:0
File type PNG image data, 45 x 45, 8-bit/color RGB, non-interlaced\012- data
Hash 0de62a99d881fd3155252650f05c1219
db6bfba3e75c214a6d59ebb4eb8f89bba4196fef
74507f6bafd04361d09d29ad22a525469e8edf80ac001acdbe6baa99e03dfb00
GET /p/AF1QipMWDh3EF6S2DckfxI8__O3lbHSGykQhMjZ7uR0C=s45-c?key=CIbuhcnmlpf2QA HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v49"
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: private, max-age=86400, no-transform
content-disposition: inline;filename="Profile picture.png"
content-type: image/png
vary: Origin
x-content-type-options: nosniff
date: Sun, 27 Nov 2022 07:22:28 GMT
server: fife
content-length: 4132
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/p/AF1QipOuz85vR7sftqQZbPL8u_cFVJ86VttjnSAbde6h=s45-c?key=CIWghNSB5p7ZjgE
142.250.74.33200 OK 5.1 kB URL HTTP/2 lh3.googleusercontent.com/p/AF1QipOuz85vR7sftqQZbPL8u_cFVJ86VttjnSAbde6h=s45-c?key=CIWghNSB5p7ZjgE
IP 142.250.74.33:0
File type PNG image data, 45 x 45, 8-bit/color RGB, non-interlaced\012- data
Hash 9c20ec288841aba59ffa54a72bfa1c77
b6e094f921990c56a8d3bcbf636ab7162b4247a4
900da94b49984bd1e2207579a43060fc71ad9d7f6efb597c5a5face193c9743c
GET /p/AF1QipOuz85vR7sftqQZbPL8u_cFVJ86VttjnSAbde6h=s45-c?key=CIWghNSB5p7ZjgE HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v4d1"
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: private, max-age=86400, no-transform
content-disposition: inline;filename="Profile picture.png"
content-type: image/png
vary: Origin
x-content-type-options: nosniff
date: Sun, 27 Nov 2022 07:22:28 GMT
server: fife
content-length: 5067
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 8835f987270c3a6655732a8b9f79019d
b526a02966f50407fd20c881616a505ca6693ce3
349663442998cf63d2ff77fdfee46ac572703750f977b4f60e9082307309f7c2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 07:22:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lh3.googleusercontent.com/p/AF1QipPW_saGYKjeM8ZUChkk6wr8WkzBHQx7roQJPlpH=s45-c?key=CKWon4Ot8qHp_gE
142.250.74.33200 OK 5.4 kB URL HTTP/2 lh3.googleusercontent.com/p/AF1QipPW_saGYKjeM8ZUChkk6wr8WkzBHQx7roQJPlpH=s45-c?key=CKWon4Ot8qHp_gE
IP 142.250.74.33:0
File type PNG image data, 45 x 45, 8-bit/color RGB, non-interlaced\012- data
Hash a077b2ac183fb92f2df124935f386e29
4d5d581ee6325a2733370884e43e710445cd17c3
7f4a7b1bf7fc02f6602dc1aad2548aac25145272af31770d6eceb605079d13a6
GET /p/AF1QipPW_saGYKjeM8ZUChkk6wr8WkzBHQx7roQJPlpH=s45-c?key=CKWon4Ot8qHp_gE HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "vf3"
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: private, max-age=86400, no-transform
content-disposition: inline;filename="Profile picture.png"
content-type: image/png
vary: Origin
x-content-type-options: nosniff
date: Sun, 27 Nov 2022 07:22:28 GMT
server: fife
content-length: 5362
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/p/AF1QipNHzoLFtxbdrLHG9cKknPvAmqVJ6dBQx91g0uGR=s45-c?key=CKqJ8ra9162DQw
142.250.74.33200 OK 4.8 kB URL HTTP/2 lh3.googleusercontent.com/p/AF1QipNHzoLFtxbdrLHG9cKknPvAmqVJ6dBQx91g0uGR=s45-c?key=CKqJ8ra9162DQw
IP 142.250.74.33:0
File type PNG image data, 45 x 45, 8-bit/color RGB, non-interlaced\012- data
Hash 7193f984023fb7139c670aaea2489269
1e61ed725147d08fbde9ee8aae938adc81d8ccd6
39055ce381952cf143b9cffc825db90c97d5d7667bd513bebb8a48423e02600b
GET /p/AF1QipNHzoLFtxbdrLHG9cKknPvAmqVJ6dBQx91g0uGR=s45-c?key=CKqJ8ra9162DQw HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v57"
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: private, max-age=86400, no-transform
content-disposition: inline;filename="Profile picture.png"
content-type: image/png
vary: Origin
x-content-type-options: nosniff
date: Sun, 27 Nov 2022 07:22:28 GMT
server: fife
content-length: 4815
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/p/AF1QipNbNa4CvWE315YzqSr6UrI87xQ4GIJLAkSBINhf=s45-c?key=CNi7wMXThtvTWQ
142.250.74.33200 OK 4.0 kB URL HTTP/2 lh3.googleusercontent.com/p/AF1QipNbNa4CvWE315YzqSr6UrI87xQ4GIJLAkSBINhf=s45-c?key=CNi7wMXThtvTWQ
IP 142.250.74.33:0
File type PNG image data, 45 x 45, 8-bit/color RGB, non-interlaced\012- data
Hash d6bf92641944e9b2fdad263761ccd77c
94920392b7fa1d01afaa428c891631c7ab481c84
edbdfa5e5e2f202c16f70fe7f60042d291b826e333b114bac105e0addf702213
GET /p/AF1QipNbNa4CvWE315YzqSr6UrI87xQ4GIJLAkSBINhf=s45-c?key=CNi7wMXThtvTWQ HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v90c"
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: private, max-age=86400, no-transform
content-disposition: inline;filename="Profile picture.png"
content-type: image/png
vary: Origin
x-content-type-options: nosniff
date: Sun, 27 Nov 2022 07:22:28 GMT
server: fife
content-length: 3995
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.calendarlabs.com/calendars/web-content/calendar.php?cid=1002&uid=779965960&c=10&l=en&cbg=D46D2B&cfg=FFFFFF&hfg=FFFFFF&hfg1=FFFFFF&ct=70&cb=1&cbc=000000&cf=verdana&cp=bottom&sw=1&hp=t&ib=1&ibc=FFDC82&i=images/orchid.jpg
69.16.220.190301 Moved Permanently 506 B URL HTTP/1.1 www.calendarlabs.com/calendars/web-content/calendar.php?cid=1002&uid=779965960&c=10&l=en&cbg=D46D2B&cfg=FFFFFF&hfg=FFFFFF&hfg1=FFFFFF&ct=70&cb=1&cbc=000000&cf=verdana&cp=bottom&sw=1&hp=t&ib=1&ibc=FFDC82&i=images/orchid.jpg
IP 69.16.220.190:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (348)
Hash df036085d3cc68c68ab996a5d1c3a7ed
9b6f237ab60f5cac75c2816e388b72376ede1634
476e1b8b539cd1049b86a9c6232fc4fcb783362062816a3822d416815b288ef2
GET /calendars/web-content/calendar.php?cid=1002&uid=779965960&c=10&l=en&cbg=D46D2B&cfg=FFFFFF&hfg=FFFFFF&hfg1=FFFFFF&ct=70&cb=1&cbc=000000&cf=verdana&cp=bottom&sw=1&hp=t&ib=1&ibc=FFDC82&i=images/orchid.jpg HTTP/1.1
Host: www.calendarlabs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ambuyatel-binangkit.blogspot.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sun, 27 Nov 2022 07:22:28 GMT
Server: Apache
Location: https://www.calendarlabs.com/calendars/web-content/calendar.php?cid=1002&uid=779965960&c=10&l=en&cbg=D46D2B&cfg=FFFFFF&hfg=FFFFFF&hfg1=FFFFFF&ct=70&cb=1&cbc=000000&cf=verdana&cp=bottom&sw=1&hp=t&ib=1&ibc=FFDC82&i=images/orchid.jpg
Cache-Control: max-age=7200
Expires: Sun, 27 Nov 2022 09:22:28 GMT
Content-Length: 506
Keep-Alive: timeout=2, max=500
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
lh3.googleusercontent.com/p/AF1QipNC7Ke-AL0jsp40JvjnAQGPykLd9usWAi5XfkHa=s45-c?key=CP743pHN8aa11wE
142.250.74.33200 OK 4.0 kB URL HTTP/2 lh3.googleusercontent.com/p/AF1QipNC7Ke-AL0jsp40JvjnAQGPykLd9usWAi5XfkHa=s45-c?key=CP743pHN8aa11wE
IP 142.250.74.33:0
File type PNG image data, 45 x 45, 8-bit/color RGB, non-interlaced\012- data
Hash 28f67a4ffc5ea72e633c2076737e7dac
1509427a503dd3e6b805afe98d09c4dd551280a6
bdcdd636f3f4ff563bbe636c46a770fb2951f76e5762176106e5dc549f058da0
GET /p/AF1QipNC7Ke-AL0jsp40JvjnAQGPykLd9usWAi5XfkHa=s45-c?key=CP743pHN8aa11wE HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v4"
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: private, max-age=86400, no-transform
content-disposition: inline;filename="Profile picture.png"
content-type: image/png
vary: Origin
x-content-type-options: nosniff
date: Sun, 27 Nov 2022 07:22:28 GMT
server: fife
content-length: 3952
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/p/AF1QipO_-LHmd65nW2l36-DUwhaq0_Cxe7FndlxqqlOE=s45-c?key=CJeG9pqziKX-Hg
142.250.74.33200 OK 5.7 kB URL HTTP/2 lh3.googleusercontent.com/p/AF1QipO_-LHmd65nW2l36-DUwhaq0_Cxe7FndlxqqlOE=s45-c?key=CJeG9pqziKX-Hg
IP 142.250.74.33:0
File type PNG image data, 45 x 45, 8-bit/color RGB, non-interlaced\012- data
Hash a80a5395322c2e08de01dbde36ad3ead
fce4a1adf57c38a4d461fcf3306da7bbc3c0f08a
7aa359d192a9773915b018331b5dcdf1cbfe7b342e191bdd6e3054467ccd328b
GET /p/AF1QipO_-LHmd65nW2l36-DUwhaq0_Cxe7FndlxqqlOE=s45-c?key=CJeG9pqziKX-Hg HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v5021"
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: private, max-age=86400, no-transform
content-disposition: inline;filename="Profile picture.png"
content-type: image/png
vary: Origin
x-content-type-options: nosniff
date: Sun, 27 Nov 2022 07:22:28 GMT
server: fife
content-length: 5687
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 9d420c67936291dac4118fb8857c9dbe
1beab74dbb46786be052b4f05aaa70796cef5017
b491b6765c27e4152f2a8c8316f66204c6fd148f4d1cef39644521f1ad52053d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=98067
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 07:22:28 GMT
Etag: "6381ec47-116"
Expires: Mon, 28 Nov 2022 10:36:55 GMT
Last-Modified: Sat, 26 Nov 2022 10:36:55 GMT
Server: nginx
Content-Length: 278
lh3.googleusercontent.com/p/AF1QipP340fMo1mWqauhheEtBrzdiLXiuewPEw4bJl_w=s45-c?key=CPfb0pXR8vXEzgE
142.250.74.33200 OK 4.2 kB URL HTTP/2 lh3.googleusercontent.com/p/AF1QipP340fMo1mWqauhheEtBrzdiLXiuewPEw4bJl_w=s45-c?key=CPfb0pXR8vXEzgE
IP 142.250.74.33:0
File type PNG image data, 45 x 45, 8-bit/color RGB, non-interlaced\012- data
Hash 7e30ace7462540d3a3efc25023759ba6
33e2671fffcd22ad674e73770249718d223c95c7
19c125b9ad255fb5411254cdbffbef4a61104b8cae84742ee766c9160bf1d375
GET /p/AF1QipP340fMo1mWqauhheEtBrzdiLXiuewPEw4bJl_w=s45-c?key=CPfb0pXR8vXEzgE HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v2c2"
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: private, max-age=86400, no-transform
content-disposition: inline;filename="Profile picture.png"
content-type: image/png
vary: Origin
x-content-type-options: nosniff
date: Sun, 27 Nov 2022 07:22:28 GMT
server: fife
content-length: 4221
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13402
Expires: Sun, 27 Nov 2022 11:05:50 GMT
Date: Sun, 27 Nov 2022 07:22:28 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13402
Expires: Sun, 27 Nov 2022 11:05:50 GMT
Date: Sun, 27 Nov 2022 07:22:28 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13402
Expires: Sun, 27 Nov 2022 11:05:50 GMT
Date: Sun, 27 Nov 2022 07:22:28 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cc0a257323f882caff067adb86d906e4
cedf2f21be7cd366bd46055b62b5513db3011dfc
c16a9296d5e840a468fef7fb2764b9f7d4b3131d7ade2ce4999de1eead5469e0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4803
x-amzn-requestid: 80f7f1c8-0316-4181-83ac-2787b1ae825f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4iFHoIAMF2-g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-2c0a081b07e0785b4350c10c;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: AVwDLlKoy5pc9NNuR_OakMB0ONGAoO-k2AKwV--b2sjiaqYSKAWlZg==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 21:42:14 GMT
etag: "cedf2f21be7cd366bd46055b62b5513db3011dfc"
content-type: image/jpeg
age: 34814
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13402
Expires: Sun, 27 Nov 2022 11:05:50 GMT
Date: Sun, 27 Nov 2022 07:22:28 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46a2bb7d-e57c-4751-a56f-0802ae9eaee6.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46a2bb7d-e57c-4751-a56f-0802ae9eaee6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e615cdc2e330b5cf76435abce9aa631a
71f737c3cee7766494157cd6491ce247a785c09e
853f68bf79a553b9fbf0e10391424faf0a3c071370d05d369563f7824d1bda84
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46a2bb7d-e57c-4751-a56f-0802ae9eaee6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9063
x-amzn-requestid: f00ac8bd-6466-4c92-9b99-0e71b4b2345c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b8Jr4ENtoAMFzvA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637b2318-0e3a57932987e29521388dd7;Sampled=0
x-amzn-remapped-date: Mon, 21 Nov 2022 07:04:56 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: ntfumip5IjOlyoe6ASlwJ1PjPLN1yZHkK_iiDDKfmMCyI__PrrGVMA==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 82893cc36087a50f9a150a621d10e740.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 12:27:26 GMT
age: 68102
etag: "71f737c3cee7766494157cd6491ce247a785c09e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13402
Expires: Sun, 27 Nov 2022 11:05:50 GMT
Date: Sun, 27 Nov 2022 07:22:28 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15290721-a62e-49b8-80c6-967680cff24f.jpeg
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15290721-a62e-49b8-80c6-967680cff24f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f7f16c0f8a8e710210ce77c0e4c1c2a2
590c34be54c9889eec4ff7993e070fda836f711f
4224287ba765da59c877ac4f1dec65accc5bec934b7598d9cbbee669ba4ab12e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15290721-a62e-49b8-80c6-967680cff24f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6883
x-amzn-requestid: 9e3878c9-1817-427e-b121-969a8cbc7ad8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cL1ySF0tIAMFY4Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638169a8-5143ffea77b70cf67ef60ad7;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 01:19:36 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: K4mksi8EQxTxRXDqN-0iWJc-LmiI7joDX5xGmPb1HetziDj4mRCC7Q==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 05:53:37 GMT
age: 5331
etag: "590c34be54c9889eec4ff7993e070fda836f711f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdee4f5d4-5a5e-4a39-9681-50795cecc0f4.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdee4f5d4-5a5e-4a39-9681-50795cecc0f4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2cd887044e91d7ed0f1a8d7119ff7dd0
ae8aa4ce6ddaccba771fe65446926b60fc5628da
bad283c15531000b7a8c126d442154b64a880cc26196a46cbd2e6266a526db67
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdee4f5d4-5a5e-4a39-9681-50795cecc0f4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10199
x-amzn-requestid: baee3bbe-7ded-425a-ae39-fccfc8169217
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4iF1VIAMF09g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-5522727b2f09b27e63b23270;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: K2eKLQhrsCdd4ASsfEibRuZAYW4CpPTlO3fZs7xdoKrw1HBxfTGkEA==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 21:42:14 GMT
etag: "ae8aa4ce6ddaccba771fe65446926b60fc5628da"
content-type: image/jpeg
age: 34814
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4565b77f-3e3b-4410-b35b-b4e9a478ce4f.jpeg
34.120.237.76200 OK 8.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4565b77f-3e3b-4410-b35b-b4e9a478ce4f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cc51742200b699c93a6ede66c7997d2a
1021cf938f62cf18466e2ff4d55ce8c52c0f9cf6
a7cc50883ac1a59fc14f0467551dec16cef3b033df599b23916427c5e42be1aa
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4565b77f-3e3b-4410-b35b-b4e9a478ce4f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8145
x-amzn-requestid: 8aaa302d-30b2-4fb0-aafe-e63f3d9bf680
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCSogEkHIAMFtxA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637d97cf-660d88387db5e9a145718d46;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 03:47:27 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 5XZhJ2zj6Ca5gubdHU0DyM-doTvt2pU38IBKx_vLKtDdN2G8VUW-fg==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 19:43:10 GMT
age: 41958
etag: "1021cf938f62cf18466e2ff4d55ce8c52c0f9cf6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0b2959f-9d1d-41c7-a7c1-b9f52a7766ac.jpeg
34.120.237.76200 OK 7.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0b2959f-9d1d-41c7-a7c1-b9f52a7766ac.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 76c00eceed956377d7469ef58b0815cb
97a135335f5b1b042adeb385718f8808cb78528b
81fb72ab752b2eb39ab6ee015055304490b3b6c3259968703fd07c2a2eed1e61
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0b2959f-9d1d-41c7-a7c1-b9f52a7766ac.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7380
x-amzn-requestid: 18589644-299c-4a39-9376-db1bd1472009
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4iEegIAMFeuQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-23990acc0fdc599a75a534e3;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: RqsZxAtbOkWBGbXJ3sZHxcS-ZvWOw7Yg2Qd4zj0QLhrp3wAXC8w6jA==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 21:42:14 GMT
etag: "97a135335f5b1b042adeb385718f8808cb78528b"
content-type: image/jpeg
age: 34814
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.islam.gov.my/portal/img/solat.gif
103.233.160.31301 Moved Permanently 0 B URL HTTP/2 www.islam.gov.my/portal/img/solat.gif
IP 103.233.160.31:0
ASN #141201 Malaysian Administration Modernisation and Management Planning Unit MAMPU
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /portal/img/solat.gif HTTP/1.1
Host: www.islam.gov.my
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ambuyatel-binangkit.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Sun, 27 Nov 2022 07:22:28 GMT
server: Apache
x-powered-by: PHP/7.4.27
pragma: no-cache
expires: Wed, 17 Aug 2005 00:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-content-type-options: nosniff
location: https://www.islam.gov.my/ms/portal/img/solat.gif
last-modified: Sun, 27 Nov 2022 07:22:28 GMT
content-length: 0
content-type: text/html; charset=utf-8
set-cookie: b7f6bc5c05493a9b0097659750e45769=jq9q4c5q25u3fuupeb1ar0vlku; path=/; HttpOnly
X-Firefox-Spdy: h2
www.guidedways.com/error_docs/styles.css
144.76.219.5200 OK 23 kB URL HTTP/2 www.guidedways.com/error_docs/styles.css
IP 144.76.219.5:0
ASN #24940 Hetzner Online GmbH
Hash 1e4dd2260bd3ab81b76486133dc3fb89
921950641818593f82fdbbe35c5e4bbc7803121b
cac427737833190a87b1d622a0d40aa7ad93295d53779fc5e327ed4dac5c758c
GET /error_docs/styles.css HTTP/1.1
Host: www.guidedways.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.guidedways.com/freeplugins/dictsearch.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 27 Nov 2022 07:22:27 GMT
content-type: text/css
last-modified: Fri, 13 Oct 2017 10:28:14 GMT
etag: W/"59e0953e-aa0"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
2.bp.blogspot.com/__fXdPvxOQ8U/Sy9mCCiwXyI/AAAAAAAAAs4/4xvggz0LUy0/S1600-R/kartun+kini.gif
142.250.74.161200 OK 0 B URL HTTP/1.1 2.bp.blogspot.com/__fXdPvxOQ8U/Sy9mCCiwXyI/AAAAAAAAAs4/4xvggz0LUy0/S1600-R/kartun+kini.gif
IP 142.250.74.161:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /__fXdPvxOQ8U/Sy9mCCiwXyI/AAAAAAAAAs4/4xvggz0LUy0/S1600-R/kartun+kini.gif HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ambuyatel-binangkit.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="kartun kini.gif"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 5151
X-XSS-Protection: 0
Date: Sun, 27 Nov 2022 07:22:26 GMT
Expires: Fri, 25 Nov 2022 14:35:01 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v2ef"
Content-Type: image/gif
Age: 0
www.calendarlabs.com/calendars/web-content/images/orchid.jpg
69.16.220.190200 OK 21 kB URL HTTP/2 www.calendarlabs.com/calendars/web-content/images/orchid.jpg
IP 69.16.220.190:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=4, xresolution=62, yresolution=70, resolutionunit=2, software=Paint.NET v3.36], baseline, precision 8, 180x370, components 3\012- data
Hash 7118a1b52ddf8a3756e3d23d7afcaf05
b694966ad76e47a27f3a05fc58ded98b5a464cc6
619436833a11135412026ccf42ff6a2e24889a64ac961410480e1a8b721dd60a
GET /calendars/web-content/images/orchid.jpg HTTP/1.1
Host: www.calendarlabs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.calendarlabs.com/calendars/web-content/calendar.php?cid=1002&uid=779965960&c=10&l=en&cbg=D46D2B&cfg=FFFFFF&hfg=FFFFFF&hfg1=FFFFFF&ct=70&cb=1&cbc=000000&cf=verdana&cp=bottom&sw=1&hp=t&ib=1&ibc=FFDC82&i=images/orchid.jpg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 15 Nov 2014 19:13:38 GMT
accept-ranges: bytes
content-length: 20857
cache-control: max-age=2592000
expires: Tue, 27 Dec 2022 07:22:28 GMT
link: <https://www.calendarlabs.com/calendars/web-content/images/orchid.jpg>; rel="canonical"
content-type: image/jpeg
date: Sun, 27 Nov 2022 07:22:28 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash c1110d51de4424a45f2b55d25cce77aa
6c65ff3af4d33ba452c703a5e0649ada35f3c4ab
68d44af5dca12d99ea7a2d7ed2877375db59cdd8286fa12d50fcb574fbade9e8
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2264
Cache-Control: max-age=92047
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 07:22:29 GMT
Etag: "6381cbec-118"
Expires: Mon, 28 Nov 2022 08:56:36 GMT
Last-Modified: Sat, 26 Nov 2022 08:18:52 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 280
www.islam.gov.my/ms/portal/img/solat.gif
103.233.160.31404 Not Found 6.2 kB URL HTTP/2 www.islam.gov.my/ms/portal/img/solat.gif
IP 103.233.160.31:0
ASN #141201 Malaysian Administration Modernisation and Management Planning Unit MAMPU
Hash 02197a3ff2aa3be0c35943d604df8af5
ffe7572365b3b23d468b766d1a72ebbb623f712c
7f03665376cae9ff4334c688d9647c24e50b7de45c5b370b70c27f49ecf0c458
GET /ms/portal/img/solat.gif HTTP/1.1
Host: www.islam.gov.my
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ambuyatel-binangkit.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
date: Sun, 27 Nov 2022 07:22:28 GMT
server: Apache
x-powered-by: PHP/7.4.27
cache-control: no-cache
pragma: no-cache
x-content-type-options: nosniff
content-type: text/html; charset=UTF-8
set-cookie: b7f6bc5c05493a9b0097659750e45769=618d9cqpam9v3am9cllqo58vut; path=/; HttpOnly
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e413346bdf4cea48847886fc7871e4d8
5d89ec3ae90ebf5069321bfc6fb0abeff77db028
85398a907af9d7c7041b28ec00595c5056ee3ecb51d9f09e4e75b6bfa0859d84
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "85398A907AF9D7C7041B28EC00595C5056EE3ECB51D9F09E4E75B6BFA0859D84"
Last-Modified: Sat, 26 Nov 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8992
Expires: Sun, 27 Nov 2022 09:52:21 GMT
Date: Sun, 27 Nov 2022 07:22:29 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 346 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 288447b6a2c4b41dd4e037fcf14909bc
7d3001ceea7cfcf3530339b3e9aa22962592ebe3
39ca01bbd03cb0450afa0b8f027f76066d8bd3a5a3072cf8b05b334cf160d916
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "39CA01BBD03CB0450AFA0B8F027F76066D8BD3A5A3072CF8B05B334CF160D916"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20615
Expires: Sun, 27 Nov 2022 13:06:04 GMT
Date: Sun, 27 Nov 2022 07:22:29 GMT
Connection: keep-alive
my.rtmark.net/gid.js?userId=4a429a1989374373a561c4f15aae9fd6
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?userId=4a429a1989374373a561c4f15aae9fd6
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash 171127da9c79013f143fc386cefcf64f
7764f711d797b1181fd17f6ce7eed1a4e56c5ca3
fd8263c322361538fa40ddd49cf1ce3eecf20ac820e99e10441a24ce64890cbe
GET /gid.js?userId=4a429a1989374373a561c4f15aae9fd6 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://ambuyatel-binangkit.blogspot.com
Connection: keep-alive
Referer: http://ambuyatel-binangkit.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 27 Nov 2022 07:22:29 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: http://ambuyatel-binangkit.blogspot.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=4a429a1989374373a561c4f15aae9fd6; expires=Mon, 27 Nov 2023 07:22:29 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 9d420c67936291dac4118fb8857c9dbe
1beab74dbb46786be052b4f05aaa70796cef5017
b491b6765c27e4152f2a8c8316f66204c6fd148f4d1cef39644521f1ad52053d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2
Cache-Control: max-age=98067
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 07:22:29 GMT
Etag: "6381ec47-116"
Expires: Mon, 28 Nov 2022 10:36:56 GMT
Last-Modified: Sat, 26 Nov 2022 10:36:55 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 278
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash c910a44bf58b708c25d146fd52adb8e9
374a72c3026ea1fa5defd1e8eb7be2ca7184dfd5
3cf34029e6a112320130d154ac1291e49bcb4a80f0caaf84309456986f0adc77
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 07:22:29 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 25 Nov 2022 13:33:17 GMT
Expires: Fri, 02 Dec 2022 13:33:16 GMT
Etag: "374a72c3026ea1fa5defd1e8eb7be2ca7184dfd5"
Cache-Control: max-age=453646,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77091cf05d840b3d-OSL
www.ukhwah.com/topblog/button.php?u=abdinabu
104.21.1.141301 Moved Permanently 12 B URL HTTP/2 www.ukhwah.com/topblog/button.php?u=abdinabu
IP 104.21.1.141:0
File type JSON data\012- , ASCII text, with no line terminators
Hash adb4650bfc9d2a73d4dd69583b0ceb14
1ce399d6e936232aaf2192cd7903a279c5015f22
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed
GET /topblog/button.php?u=abdinabu HTTP/1.1
Host: www.ukhwah.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ambuyatel-binangkit.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Sun, 27 Nov 2022 07:22:29 GMT
content-type: text/html; charset=UTF-8
location: https://ukhwah.com/topblog/button.php?u=abdinabu
x-powered-by: PHP/7.4.33
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
x-redirect-by: WordPress
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W8uAz5PQ6ag49gIEBgseDmPXBFidplsGyh%2B0Fkz5fHJp7v6B0NldxSmeuVAgbUyDWtpZxtsxE7hLDUxxUqGefnIG%2Bc4s7Bv1rJsfV25BFWOhgbscvCT0Gu78wCM4xtP70Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77091ce67bbfb4f9-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
142.250.74.170200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 142.250.74.170:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube-nocookie.com/
Origin: https://www.youtube-nocookie.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube-nocookie.com
vary: origin, referer, x-origin
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Sun, 27 Nov 2022 07:22:30 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
142.250.74.170200 OK 114 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 142.250.74.170:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 0191144bbcdece3b80ae5e076364c2d1
a73605ee3337fc648725a9487d50b680c092e1a7
b1e10d21d0534dbca2cf48ecd4ec1ea8101c990d7f6d800ebacfcef2e0892ffe
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 1347
Origin: https://www.youtube-nocookie.com
Connection: keep-alive
Referer: https://www.youtube-nocookie.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sun, 27 Nov 2022 07:22:30 GMT
server: ESF
cache-control: private
content-length: 114
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube-nocookie.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
onmarshtompor.com/?rb=zsAqmVU9PTXSYQNqcUivUmPW-fvjLgfoGxWSJb3vjKtijkHZkITO09Qj1eOZjUWn1fKP66ikyMdgbWOaHCKIapdj5oU2VNyfXxBOAtKgfpTD7yN07jNWjgTR7M_kRuyldni1E9oCotFh3T4AL9YA88eQSc5MRqAyuXZnOYDmsketSLQ7b2fUQPme5n-dglsxgHBrj1AJgrX3PbCVjLC6Wfh1ptcyrOUKOD6ZaLa2U3PNc0oTXcCE3uNB1dNKNbKe8zLLOg%3D%3D&request_ab2=96002&zoneid=3294720&js_build=iclick-v1.454.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=13&pl=http%3A%2F%2Fambuyatel-binangkit.blogspot.com%2F2009%2F08%2Fteori-konspirasi-influenza-h1n1.html%23&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.454.0&bs=8b599aac-2a0a-4e4e-a53f-5b402fc52bcc&userId=4a429a1989374373a561c4f15aae9fd6&m=link
139.45.197.243200 OK 1.9 kB URL HTTP/1.1 onmarshtompor.com/?rb=zsAqmVU9PTXSYQNqcUivUmPW-fvjLgfoGxWSJb3vjKtijkHZkITO09Qj1eOZjUWn1fKP66ikyMdgbWOaHCKIapdj5oU2VNyfXxBOAtKgfpTD7yN07jNWjgTR7M_kRuyldni1E9oCotFh3T4AL9YA88eQSc5MRqAyuXZnOYDmsketSLQ7b2fUQPme5n-dglsxgHBrj1AJgrX3PbCVjLC6Wfh1ptcyrOUKOD6ZaLa2U3PNc0oTXcCE3uNB1dNKNbKe8zLLOg%3D%3D&request_ab2=96002&zoneid=3294720&js_build=iclick-v1.454.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=13&pl=http%3A%2F%2Fambuyatel-binangkit.blogspot.com%2F2009%2F08%2Fteori-konspirasi-influenza-h1n1.html%23&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.454.0&bs=8b599aac-2a0a-4e4e-a53f-5b402fc52bcc&userId=4a429a1989374373a561c4f15aae9fd6&m=link
IP 139.45.197.243:0
File type JSON data\012- , ASCII text, with very long lines (2402), with no line terminators
Hash 03160711802255b82878afef1e168c12
f79bb40d7c979aa8fbbf7793f0370c3c39171970
d8761d522c8ebf83b7c416d3b625b1517c0c77e3b91585a3aa8796be5399e0cd
GET /?rb=zsAqmVU9PTXSYQNqcUivUmPW-fvjLgfoGxWSJb3vjKtijkHZkITO09Qj1eOZjUWn1fKP66ikyMdgbWOaHCKIapdj5oU2VNyfXxBOAtKgfpTD7yN07jNWjgTR7M_kRuyldni1E9oCotFh3T4AL9YA88eQSc5MRqAyuXZnOYDmsketSLQ7b2fUQPme5n-dglsxgHBrj1AJgrX3PbCVjLC6Wfh1ptcyrOUKOD6ZaLa2U3PNc0oTXcCE3uNB1dNKNbKe8zLLOg%3D%3D&request_ab2=96002&zoneid=3294720&js_build=iclick-v1.454.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=13&pl=http%3A%2F%2Fambuyatel-binangkit.blogspot.com%2F2009%2F08%2Fteori-konspirasi-influenza-h1n1.html%23&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.454.0&bs=8b599aac-2a0a-4e4e-a53f-5b402fc52bcc&userId=4a429a1989374373a561c4f15aae9fd6&m=link HTTP/1.1
Host: onmarshtompor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ambuyatel-binangkit.blogspot.com/
Origin: http://ambuyatel-binangkit.blogspot.com
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 27 Nov 2022 07:22:30 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: 5298cd550565d05e8b86452d1bc0b0c3
Access-Control-Allow-Origin: http://ambuyatel-binangkit.blogspot.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Access-Control-Max-Age: 86400
Pragma: no-cache
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 11 Jan 1994 10:00:00 GMT
Set-Cookie: OAID=4a429a1989374373a561c4f15aae9fd6; expires=Mon, 27 Nov 2023 07:22:30 GMT; path=/
oaidts=1669533750; expires=Mon, 27 Nov 2023 07:22:30 GMT; path=/
syncedCookie=true; expires=Sun, 04 Dec 2022 07:22:30 GMT; path=/
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Timing-Allow-Origin: *, *
Content-Encoding: gzip
www.tonyadams.com/
203.143.89.81200 OK 143 kB IP 203.143.89.81:0
ASN #140576 VPSBlocks Pty Ltd
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- assembler source text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8047), with CRLF, LF line terminators
Size 143 kB (143300 bytes)
Hash 81a32fa43530f7a0147535da27167ed0
537b4e022a6d3954a337a2bf51409842473de587
d622cfef4752fa2d4ccd82b61fa68e15c0829b3ba83cf742b8bdaa5abc39f681
GET / HTTP/1.1
Host: www.tonyadams.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ambuyatel-binangkit.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 07:22:28 GMT
Server: Apache
X-Powered-By: PHP/5.6.40
Link: <https://www.tonyadams.com/wp-json/>; rel="https://api.w.org/", <https://www.tonyadams.com/wp-json/wp/v2/pages/17055>; rel="alternate"; type="application/json", <https://www.tonyadams.com/>; rel=shortlink
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
neocounter.neoworx-blog-tools.net/neocounter2/neocounter_launcher_8.js
103.224.182.251404 Not Found 196 B URL HTTP/1.1 neocounter.neoworx-blog-tools.net/neocounter2/neocounter_launcher_8.js
IP 103.224.182.251:0
ASN #133618 Trellian Pty. Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 62962daa1b19bbcc2db10b7bfd531ea6
d64bae91091eda6a7532ebec06aa70893b79e1f8
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
Analyzer Verdict Alert fortinet Malware
GET /neocounter2/neocounter_launcher_8.js HTTP/1.1
Host: neocounter.neoworx-blog-tools.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ambuyatel-binangkit.blogspot.com/
HTTP/1.1 404 Not Found
Date: Sun, 27 Nov 2022 07:22:31 GMT
Server: Apache/2.4.38 (Debian)
Content-Length: 196
Connection: close
Content-Type: text/html; charset=iso-8859-1
ambuyatel-binangkit.blogspot.com/favicon.ico
142.250.74.161200 OK 412 B URL HTTP/1.1 ambuyatel-binangkit.blogspot.com/favicon.ico
IP 142.250.74.161:0
File type MS Windows icon resource - 2 icons, 32x32, 8 bits/pixel, 16x16, 8 bits/pixel\012- data
Hash 501c61a70f5c41181aa050d9110909ca
5b985d5671a7caf686fdfb1df13488c4407f6c9f
c4aaf001607ee331f6871b4dbbf45942b1e197726714fd106e46d70cc10ee97e
GET /favicon.ico HTTP/1.1
Host: ambuyatel-binangkit.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ambuyatel-binangkit.blogspot.com/2009/08/teori-konspirasi-influenza-h1n1.html
Cookie: ck_TCM_pop=1; prefetchAd_3294720=true; HstCfa198174=1669533751227; HstCla198174=1669533751227; HstCmu198174=1669533751227; HstPn198174=1; HstPt198174=1; HstCnv198174=1; HstCns198174=1
HTTP/1.1 200 OK
Content-Type: image/x-icon
Expires: Sun, 27 Nov 2022 07:22:31 GMT
Date: Sun, 27 Nov 2022 07:22:31 GMT
Cache-Control: private, max-age=86400
Last-Modified: Tue, 08 Nov 2022 17:03:13 GMT
ETag: W/"a7c5221d88a3b5e3f22e150efa58d9391d1f3bbced1b355e4b2fa769163fac09"
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 412
Server: GSE
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 18db75b0e5b6926f1dfadc75d7d3307b
ab815db60a45201f18402ecff5972a885be66ae6
792280128f223d23cece87293930d0170b67641286845c3442832c7313a4cde4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "792280128F223D23CECE87293930D0170B67641286845C3442832C7313A4CDE4"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9897
Expires: Sun, 27 Nov 2022 10:07:28 GMT
Date: Sun, 27 Nov 2022 07:22:31 GMT
Connection: keep-alive
cb.amazingcounters.com/counter.php?i=2070470&c=6211723
172.67.197.160500 Internal Server Error 919 B URL HTTP/1.1 cb.amazingcounters.com/counter.php?i=2070470&c=6211723
IP 172.67.197.160:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 1a2f4e12cd1fdfc001b417768f395a83
366e78e8faf77deb231c5b4772a02f6b7c40fe2c
5b013bcf573739d5a0d48ae283a6679dc645609d80eef7932595fd3db948b618
GET /counter.php?i=2070470&c=6211723 HTTP/1.1
Host: cb.amazingcounters.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ambuyatel-binangkit.blogspot.com/
HTTP/1.1 500 Internal Server Error
Date: Sun, 27 Nov 2022 07:22:31 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p4I5wcab52VtdR0POZUZY1d7MBKzZkKb3utRYQBldhnlKTxsHDig2VBUfGmjwovSImc4bn8iVMrEFd%2Bg%2F%2BX1VwI3KSh51Xc3ipr45lB5aUY4s3xVsp4q8P3ly3vEyr5USiYACIr7unw3"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 77091cfbd9c1b52d-OSL
alt-svc: h2=":443"; ma=60
s4.histats.com/stats/198174.php?198174&@f16&@g1&@h1&@i1&@j1669533751227&@k0&@l1&@mKELUARGA%20AMBUYAT%20EL-BINANGKIT%20V2%3A%20Teori%20Konspirasi%20Influenza%20A%20(H1N1)&@n0&@o1000&@q0&@r0&@s441&@ten-US&@u1280&@b1:-11474685&@b3:1669533751&@b4:js9.js&@b5:0&@a-_0.2.1&@vhttp%3A%2F%2Fambuyatel-binangkit.blogspot.com%2F2009%2F08%2Fteori-konspirasi-influenza-h1n1.html%23&@w
198.27.80.143200 OK 47 B URL HTTP/1.1 s4.histats.com/stats/198174.php?198174&@f16&@g1&@h1&@i1&@j1669533751227&@k0&@l1&@mKELUARGA%20AMBUYAT%20EL-BINANGKIT%20V2%3A%20Teori%20Konspirasi%20Influenza%20A%20(H1N1)&@n0&@o1000&@q0&@r0&@s441&@ten-US&@u1280&@b1:-11474685&@b3:1669533751&@b4:js9.js&@b5:0&@a-_0.2.1&@vhttp%3A%2F%2Fambuyatel-binangkit.blogspot.com%2F2009%2F08%2Fteori-konspirasi-influenza-h1n1.html%23&@w
IP 198.27.80.143:0
File type ASCII text, with no line terminators
Hash 06b05ae9614bafae9b0b09cfbeed559e
9b087683529b7b89a117b2d5cbb35a93e7dcbaca
a60692031ce09be66be89784e8b0214c0f8b6f52cd8fd6a36129a635ffe41ad2
GET /stats/198174.php?198174&@f16&@g1&@h1&@i1&@j1669533751227&@k0&@l1&@mKELUARGA%20AMBUYAT%20EL-BINANGKIT%20V2%3A%20Teori%20Konspirasi%20Influenza%20A%20(H1N1)&@n0&@o1000&@q0&@r0&@s441&@ten-US&@u1280&@b1:-11474685&@b3:1669533751&@b4:js9.js&@b5:0&@a-_0.2.1&@vhttp%3A%2F%2Fambuyatel-binangkit.blogspot.com%2F2009%2F08%2Fteori-konspirasi-influenza-h1n1.html%23&@w HTTP/1.1
Host: s4.histats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ambuyatel-binangkit.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 07:22:32 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 47
Connection: close
s10.histats.com/counters/cc_441.js
46.105.201.240200 OK 10 kB URL HTTP/2 s10.histats.com/counters/cc_441.js
IP 46.105.201.240:0
File type HTML document, ASCII text, with very long lines (21649), with no line terminators
Hash 299e3ff0539f0f426ab62c11cf7601dc
48ac2e974179e4a87b59804a0aea81044ccd831d
4d9f7b6e0780433547c3556f584c5a617f2592fdbcbfff3ea5f90e75db14a474
GET /counters/cc_441.js HTTP/1.1
Host: s10.histats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ambuyatel-binangkit.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 27 Nov 2022 06:18:12 GMT
etag: "-1709007155"
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
x-request-id: 113937445
content-type: text/javascript
content-encoding: br
x-grace: full
x-cdn-pop: sbg
x-cdn-pop-ip: 137.74.120.0/27
x-cacheable: Matched cache
accept-ranges: bytes
content-length: 10515
X-Firefox-Spdy: h2
www.ukhwah.com/topblog/button.php?u=abdinabu
104.21.1.141301 Moved Permanently 0 B URL HTTP/1.1 www.ukhwah.com/topblog/button.php?u=abdinabu
IP 104.21.1.141:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /topblog/button.php?u=abdinabu HTTP/1.1
Host: www.ukhwah.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ambuyatel-binangkit.blogspot.com/
HTTP/1.1 301 Moved Permanently
Date: Sun, 27 Nov 2022 07:22:32 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.4.33
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Redirect-By: WordPress
Vary: Accept-Encoding
Location: https://www.ukhwah.com/topblog/button.php?u=abdinabu
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DaSiZMPH7wWkTIEv3dmA%2Fo8HyYgzF6mzbDBSMqfGoreUwH86THY805fE34Q2co%2Fw0UHsPuHx5W1zE2qvtJOO1xyVb2PiEeE2tN6oSmGed5WHj4SNY67D82gNfHgSJyOUIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 77091cfacc60b4f9-OSL
alt-svc: h2=":443"; ma=60
inklinkor.com/tag.min.js
104.21.91.63200 OK 0 B IP 104.21.91.63:0
GET /tag.min.js HTTP/1.1
Host: inklinkor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ambuyatel-binangkit.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 27 Nov 2022 07:22:26 GMT
content-type: text/javascript; charset=utf-8
x-trace-id: 0e8ea1a70f32cfa957e39dbc9d413335
cache-control: max-age=86400
last-modified: Wed, 23 Nov 2022 10:04:39 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
expires: Mon, 28 Nov 2022 05:39:19 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 6187
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oeRuoohcEkCHgYRYOGuf9G5bnSOrQWR6UzQptpP0HHFD2vkF142X9t21YeJZAf%2Bw1AYTNemFuX0YDPtFdHdMfipRrPijVlJ1kfHMFQbI7EIVNCGyRxpV%2BgCxEVv%2FdDMb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77091cdbbbbf0b55-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
bedrapiona.com/5/3294720/?oo=1&js_build=iclick-v1.454.0
139.45.197.234200 OK 0 B URL HTTP/2 bedrapiona.com/5/3294720/?oo=1&js_build=iclick-v1.454.0
IP 139.45.197.234:0
GET /5/3294720/?oo=1&js_build=iclick-v1.454.0 HTTP/1.1
Host: bedrapiona.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://ambuyatel-binangkit.blogspot.com
Connection: keep-alive
Referer: http://ambuyatel-binangkit.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 27 Nov 2022 07:22:27 GMT
content-type: application/json
x-trace-id: cf6192642af81909189ecc7c478fc2ee
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: http://ambuyatel-binangkit.blogspot.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=4a429a1989374373a561c4f15aae9fd6; expires=Mon, 27 Nov 2023 07:22:27 GMT; path=/; secure; SameSite=None
oaidts=1669533747; expires=Mon, 27 Nov 2023 07:22:27 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
ukhwah.com/topblog/button.php?u=abdinabu
104.21.1.141404 Not Found 0 B URL HTTP/2 ukhwah.com/topblog/button.php?u=abdinabu
IP 104.21.1.141:0
GET /topblog/button.php?u=abdinabu HTTP/1.1
Host: ukhwah.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ambuyatel-binangkit.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
date: Sun, 27 Nov 2022 07:22:31 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.33
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://ukhwah.com/wp-json/>; rel="https://api.w.org/"
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lnj2kIWACQjXUaiI0svham71mE%2FIUGU2lFKXu%2BAVH5uwA%2F%2FKB8Z09%2F3MjllM15b77XJ126G9eH3AAW1dzfBV4Yg0wRnsGSaZbNyP8%2F%2FNDSRWvRL44XYnDhVcP9In"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77091cef5a60b4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.widgeo.net/tcm.js
104.26.10.22200 OK 0 B IP 104.26.10.22:0
GET /tcm.js HTTP/1.1
Host: www.widgeo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ambuyatel-binangkit.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 27 Nov 2022 07:22:26 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=3693
cache-control: public, max-age=604800
expires: Sat, 03 Dec 2022 06:42:01 GMT
last-modified: Wed, 12 Oct 2022 00:08:47 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 88824
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ymmMiXnmSYWAy2sWng9FFkC4e6UQZWN5ZSID5S2Ew1dI1FxpS8FdFKfYE24DXouyMkmqAfgz1ntNNOTzNgvl6JZZroBzA0ERx%2FDkKgihkaHwScdpLW1GbktfdAq7JBGx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77091cdba91cb51b-OSL
content-encoding: br
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
216.58.207.195200 OK 0 B URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 216.58.207.195:0
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.widgeo.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Nov 2022 05:42:51 GMT
expires: Fri, 24 Nov 2023 05:42:51 GMT
cache-control: public, max-age=31536000
age: 265176
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.utusan.com.my/utusan/special/sharlinie/cari_sharlinie.jpg
172.67.71.6404 Not Found 0 B URL HTTP/2 www.utusan.com.my/utusan/special/sharlinie/cari_sharlinie.jpg
IP 172.67.71.6:0
GET /utusan/special/sharlinie/cari_sharlinie.jpg HTTP/1.1
Host: www.utusan.com.my
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ambuyatel-binangkit.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
date: Sun, 27 Nov 2022 07:22:29 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding,Cookie
cf-edge-cache: cache,platform=wordpress
x-ua-compatible: IE=edge
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://www.utusan.com.my/wp-json/>; rel="https://api.w.org/"
x-cache: MISS
cf-cache-status: BYPASS
set-cookie: X_CACHE_KEY=3f5c35cdaa68d51c300740854bee1e03; Expires=Mon, 28 Nov 2022 07:22:27 GMT; Path=/;
ppwp_wp_session=558ee876b3b27991e9580faa2a02030b%7C%7C1669535547%7C%7C1669535187; expires=Sun, 27-Nov-2022 07:52:27 GMT; Max-Age=1800; path=/
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1scD61tTRt5TJlBCFHhanof9%2BZb65b92q9bxndN4JssjRkGvoUIcfseHtoMTfEgdgzs4uD6i9p1UApUnl3SeLQRHIG8HBz8EIeLDKNhdxROs2Jyv4VCZ27UXKQAHgSKJCZ7p"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77091cdc7a71b4ff-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.widgeo.net/hitparade.php?pagexiti=geolive
104.26.10.22200 OK 0 B URL HTTP/2 www.widgeo.net/hitparade.php?pagexiti=geolive
IP 104.26.10.22:0
GET /hitparade.php?pagexiti=geolive HTTP/1.1
Host: www.widgeo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ambuyatel-binangkit.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 27 Nov 2022 07:22:26 GMT
content-type: text/html; charset=UTF-8
cache-control: public, max-age=180
expires: Sun, 27 Nov 2022 07:25:25 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M6MA6T7l3MJIwgZjldLdahXiHaT%2FhGMfHtZOIBxMTuv80oAAJoKXZN6I%2Bbq%2F64%2FJ%2BxgcHKChFMvWawXtZG2%2FFexlIiS5b8Z3OaLrhzuc6B9Srj6EdAMiCIXBZ87MywYV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77091cdd3a2db51b-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.guidedways.com/freeplugins/dictsearch.php
144.76.219.5404 Not Found 0 B URL HTTP/2 www.guidedways.com/freeplugins/dictsearch.php
IP 144.76.219.5:0
ASN #24940 Hetzner Online GmbH
GET /freeplugins/dictsearch.php HTTP/1.1
Host: www.guidedways.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ambuyatel-binangkit.blogspot.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
server: nginx
date: Sun, 27 Nov 2022 07:22:27 GMT
content-type: text/html
etag: W/"59e0953e-328"
content-encoding: br
X-Firefox-Spdy: h2