tattoos-girl-fish-chinas-news.blogspot.de/2011/09/carmen-christian-singer-carmen.html
142.250.74.161302 Moved Temporarily 222 B URL HTTP/1.1 tattoos-girl-fish-chinas-news.blogspot.de/2011/09/carmen-christian-singer-carmen.html
IP 142.250.74.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 5c10bcf284035f00faad58cc768fabff
0b39d4a2258b28b94473b855e0c37225e6ee9eb1
d198ad8c3fcf510788e40df408d8e4028df92fb7f8e630986dfbabdee685e9b6
Analyzer Verdict Alert fortinet Malware
GET /2011/09/carmen-christian-singer-carmen.html HTTP/1.1
Host: tattoos-girl-fish-chinas-news.blogspot.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Moved Temporarily
Location: http://tattoos-girl-fish-chinas-news.blogspot.com/2011/09/carmen-christian-singer-carmen.html
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Wed, 23 Nov 2022 10:53:39 GMT
Expires: Wed, 23 Nov 2022 10:53:39 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 222
Server: GSE
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1456357aecbd23f21ad98da57e0127eb
7074815b39fa8da9013883971d665e4c1b0797ea
f3eba265ee64870b2f822f1511b36c747d763c382557789cdad8be1d3b52d1f5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F3EBA265EE64870B2F822F1511B36C747D763C382557789CDAD8BE1D3B52D1F5"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2721
Expires: Wed, 23 Nov 2022 11:39:00 GMT
Date: Wed, 23 Nov 2022 10:53:39 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b59d95402dfb464c176610284ba13f65
1a6c62fb0d48654dd204b66161bb03fefe60f71a
40cfd59b890ec5a3570603d28d90bd7e5c506babd52c2ece93e09f1c7b2a6880
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2288
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 10:53:39 GMT
Last-Modified: Wed, 23 Nov 2022 10:15:31 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 054ff0d1a0a43f7cb1d78dbd34e27f99
3caf54f3de1d6a8c6f6454083f8b8e7dec77db54
fcdcef8306ae31f20c366489e1f88aa40b08f154d25d45f4055c4f8cdef47634
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FCDCEF8306AE31F20C366489E1F88AA40B08F154D25D45F4055C4F8CDEF47634"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8358
Expires: Wed, 23 Nov 2022 13:12:57 GMT
Date: Wed, 23 Nov 2022 10:53:39 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash d130218d0e2841f39c99610fe1a2ab90
29fbe1e177ee55c7a61ae0a206afff271cf5f945
6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Alert, Content-Type, Retry-After, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 23 Nov 2022 10:18:47 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2092
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: rvX2w4zfZnjb7AaI8wPADLajQZRJDPp/u9jBL1TkgIuoTGRmwz3jkE6dLsEcRO6cLSo3x57LV+E=
x-amz-request-id: B36KZY0YWTF3DWSR
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 23 Nov 2022 10:39:58 GMT
age: 821
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 10:53:39 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
tattoos-girl-fish-chinas-news.blogspot.com/2011/09/carmen-christian-singer-carmen.html
142.250.74.161200 OK 16 kB URL HTTP/1.1 tattoos-girl-fish-chinas-news.blogspot.com/2011/09/carmen-christian-singer-carmen.html
IP 142.250.74.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (11517)
Hash 590e3a01bd655d8e76839f203728cbe5
6ac0e3d5ddc65eb19928479cd51d9c2a9c22c2c8
d84432ce20b1ce69d48d6b1e2d28f21c1e72d7db477d589e3b1034577a877421
Analyzer Verdict Alert fortinet Malware
GET /2011/09/carmen-christian-singer-carmen.html HTTP/1.1
Host: tattoos-girl-fish-chinas-news.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Expires: Wed, 23 Nov 2022 10:53:39 GMT
Date: Wed, 23 Nov 2022 10:53:39 GMT
Cache-Control: private, max-age=0
Last-Modified: Sat, 05 Nov 2022 10:57:18 GMT
ETag: W/"e2f0959536201dd460acee8870a96163eccc24188184b790357528ee3312142a"
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 16236
Server: GSE
tattoos-girl-fish-chinas-news.blogspot.com/js/cookienotice.js
142.250.74.161200 OK 2.0 kB URL HTTP/1.1 tattoos-girl-fish-chinas-news.blogspot.com/js/cookienotice.js
IP 142.250.74.161:0
Hash c4e1ed83d89245089b8a1203be20a377
f3940e1215b89300ef97d57a25993f25243b8688
afa801a129ff6fc98533118275db8a7d4a38fc91f8ab55ed4c19b864255e68d2
Analyzer Verdict Alert fortinet Malware
GET /js/cookienotice.js HTTP/1.1
Host: tattoos-girl-fish-chinas-news.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tattoos-girl-fish-chinas-news.blogspot.com/2011/09/carmen-christian-singer-carmen.html
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: text/javascript
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 2026
Date: Wed, 23 Nov 2022 10:53:39 GMT
Expires: Wed, 30 Nov 2022 10:53:39 GMT
Cache-Control: public, max-age=604800
Last-Modified: Wed, 23 Nov 2022 07:50:07 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Alert, Content-Type, ETag, Retry-After, Last-Modified, Content-Length, Cache-Control, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 23 Nov 2022 10:11:11 GMT
cache-control: public,max-age=3600
age: 2548
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 2158a9300fe45b9c7eb9f8bee64fd5a8
efc67da3b98aa908a9493a352701f55eac794728
101dcb3cccef1a365cbae9a0034dd15e3ac1717fd28aa846555b80195502f249
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 10:53:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 165239386725b4bbcec0b58e061fcbf8
432130a9faf4cdb78bda0711652167f6e47504ea
d54365afd16d109d460c64ce05984fb4716ae923647237a2f542066ba52cb47e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 10:53:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 2158a9300fe45b9c7eb9f8bee64fd5a8
efc67da3b98aa908a9493a352701f55eac794728
101dcb3cccef1a365cbae9a0034dd15e3ac1717fd28aa846555b80195502f249
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 10:53:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 2158a9300fe45b9c7eb9f8bee64fd5a8
efc67da3b98aa908a9493a352701f55eac794728
101dcb3cccef1a365cbae9a0034dd15e3ac1717fd28aa846555b80195502f249
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 10:53:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.blogger.com/static/v1/widgets/55013136-widget_css_bundle.css
142.250.74.105200 OK 6.6 kB URL HTTP/2 www.blogger.com/static/v1/widgets/55013136-widget_css_bundle.css
IP 142.250.74.105:0
File type ASCII text, with very long lines (30596)
Hash 6f46e6f68353c7911fe34f31faa1518f
ea4dbfa2f87c18e9c51c59a32dfa9afb9c2c3472
0be7e26374fcff6f423b88e5f2a05d1cfdcb56abb4a78fa125e391989782ae0f
GET /static/v1/widgets/55013136-widget_css_bundle.css HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://tattoos-girl-fish-chinas-news.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 6620
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 22 Nov 2022 20:32:38 GMT
expires: Wed, 22 Nov 2023 20:32:38 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 22 Nov 2022 12:53:21 GMT
content-type: text/css
age: 51661
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.blogger.com/static/v1/jsbin/3469866930-comment_from_post_iframe.js
142.250.74.105200 OK 6.6 kB URL HTTP/2 www.blogger.com/static/v1/jsbin/3469866930-comment_from_post_iframe.js
IP 142.250.74.105:0
File type ASCII text, with very long lines (1441)
Hash f60e5037324bf7fd2256c16929886f09
aae4b1aea3737e0268e3578dd1d0e7cfe6c6d66b
71846da8d45274b77549b110389ab3dbcb8ce042051b5c39547909c1c343dfde
GET /static/v1/jsbin/3469866930-comment_from_post_iframe.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://tattoos-girl-fish-chinas-news.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 6573
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 22 Nov 2022 18:59:43 GMT
expires: Wed, 22 Nov 2023 18:59:43 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Nov 2022 19:52:12 GMT
content-type: text/javascript
age: 57236
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
i225.photobucket.com/albums/dd66/sct11/OffRoadDec10041.jpg
143.204.55.73301 Moved Permanently 167 B URL HTTP/1.1 i225.photobucket.com/albums/dd66/sct11/OffRoadDec10041.jpg
IP 143.204.55.73:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash f5d40b7259645010f9a248858ad14178
b3051d17a6ec8c9e166bf09a62b48261ab86957b
7f5007068d2b56ea9735e2490d60cff2e72cae312024ac1f6c91158eba47d05d
GET /albums/dd66/sct11/OffRoadDec10041.jpg HTTP/1.1
Host: i225.photobucket.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tattoos-girl-fish-chinas-news.blogspot.com/
HTTP/1.1 301 Moved Permanently
Server: CloudFront
Date: Wed, 23 Nov 2022 10:53:39 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Location: https://i225.photobucket.com/albums/dd66/sct11/OffRoadDec10041.jpg
X-Cache: Redirect from cloudfront
Via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 9L0qfp5-YOd0LkFuIXYKCZQ5noqgIFqkM45tx_w7jRPye2BSLOUeBQ==
Vary: Origin
superficiaaal.files.wordpress.com/2011/04/03_29_11-lil_wayne-crap_eyewear_beach_party3.jpg%3Fw%3D640%26h%3D358
192.0.72.24301 Moved Permanently 162 B URL HTTP/1.1 superficiaaal.files.wordpress.com/2011/04/03_29_11-lil_wayne-crap_eyewear_beach_party3.jpg%3Fw%3D640%26h%3D358
IP 192.0.72.24:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /2011/04/03_29_11-lil_wayne-crap_eyewear_beach_party3.jpg%3Fw%3D640%26h%3D358 HTTP/1.1
Host: superficiaaal.files.wordpress.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tattoos-girl-fish-chinas-news.blogspot.com/
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 23 Nov 2022 10:53:39 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://superficiaaal.files.wordpress.com/2011/04/03_29_11-lil_wayne-crap_eyewear_beach_party3.jpg%3Fw%3D640%26h%3D358
www.blogger.com/static/v1/widgets/2342155703-widgets.js
142.250.74.105200 OK 57 kB URL HTTP/2 www.blogger.com/static/v1/widgets/2342155703-widgets.js
IP 142.250.74.105:0
File type ASCII text, with very long lines (2221)
Hash 1217c8e34acb09c7cea97bae4d386ea1
55ee17703d0a7710943e93913bacb49220d98b4b
c2f23437ab938096bf8b40de8b08c4f27bb880b7ef8588481ec5ccc08b58870b
GET /static/v1/widgets/2342155703-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://tattoos-girl-fish-chinas-news.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 56726
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 21 Nov 2022 16:02:03 GMT
expires: Tue, 21 Nov 2023 16:02:03 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Nov 2022 00:52:59 GMT
content-type: text/javascript
age: 154296
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
apis.google.com/js/platform.js
142.250.74.174200 OK 21 kB URL HTTP/2 apis.google.com/js/platform.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1279)
Hash 7ac44ef24e267df17ff72f195b252806
62db12d9ce11a576ccd7fa3544d851c5fd42f3b7
aae7897e7b55999c1b3166309381d19ac488dced51e14071339d8b193a686a61
GET /js/platform.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://tattoos-girl-fish-chinas-news.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 20984
date: Wed, 23 Nov 2022 10:53:39 GMT
expires: Wed, 23 Nov 2022 10:53:39 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "7446758f13887885"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
resources.blogblog.com/img/icon18_edit_allbkg.gif
142.250.74.105200 OK 162 B URL HTTP/2 resources.blogblog.com/img/icon18_edit_allbkg.gif
IP 142.250.74.105:0
File type GIF image data, version 89a, 18 x 18\012- data
Hash c991641178ff05adf0d004298b5eafa9
d8f6ce8ecd92b86d49849360f6b81ceb10b4c941
ca9848e6006cfec8f9ffa29433ade8152204bdb95579200831c6dc0f53dff70b
GET /img/icon18_edit_allbkg.gif HTTP/1.1
Host: resources.blogblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://tattoos-girl-fish-chinas-news.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 162
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 22 Nov 2022 14:43:55 GMT
expires: Tue, 29 Nov 2022 14:43:55 GMT
cache-control: public, max-age=604800
last-modified: Mon, 21 Nov 2022 15:52:34 GMT
content-type: image/gif
age: 72584
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.hall-of-fame-sport.de/media/athletes/9_picture_shortinfo.jpg
185.48.220.137301 Moved Permanently 280 B URL HTTP/1.1 www.hall-of-fame-sport.de/media/athletes/9_picture_shortinfo.jpg
IP 185.48.220.137:0
ASN #30742 Bremen Briteline GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 01af276a74f1ffe30e41dcf58117df2f
bceec88995204b91e43cc5719a4d0bc427a1d47b
ff75b174a77487032724b404a04c749ff9fc65fef886fdb2864b12ed53c0b643
GET /media/athletes/9_picture_shortinfo.jpg HTTP/1.1
Host: www.hall-of-fame-sport.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tattoos-girl-fish-chinas-news.blogspot.com/
HTTP/1.1 301 Moved Permanently
Date: Wed, 23 Nov 2022 10:53:39 GMT
Server: Apache
Location: https://www.hall-of-fame-sport.de/media/athletes/9_picture_shortinfo.jpg
Content-Length: 280
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
newyorkguitarfestival.files.wordpress.com/2010/01/justin.jpg
192.0.72.27301 Moved Permanently 162 B URL HTTP/1.1 newyorkguitarfestival.files.wordpress.com/2010/01/justin.jpg
IP 192.0.72.27:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /2010/01/justin.jpg HTTP/1.1
Host: newyorkguitarfestival.files.wordpress.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tattoos-girl-fish-chinas-news.blogspot.com/
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 23 Nov 2022 10:53:39 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://newyorkguitarfestival.files.wordpress.com/2010/01/justin.jpg
hq.ellf.ru/2006/06/hq/2006-06-21-Jessica.Biel.HQ.1.jpg
80.93.177.211301 Moved Permanently 162 B URL HTTP/1.1 hq.ellf.ru/2006/06/hq/2006-06-21-Jessica.Biel.HQ.1.jpg
IP 80.93.177.211:0
ASN #50340 OOO Network of data-centers Selectel
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /2006/06/hq/2006-06-21-Jessica.Biel.HQ.1.jpg HTTP/1.1
Host: hq.ellf.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tattoos-girl-fish-chinas-news.blogspot.com/
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 23 Nov 2022 10:53:40 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://www.ellf.ru/2006/06/hq/2006-06-21-Jessica.Biel.HQ.1.jpg
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 2158a9300fe45b9c7eb9f8bee64fd5a8
efc67da3b98aa908a9493a352701f55eac794728
101dcb3cccef1a365cbae9a0034dd15e3ac1717fd28aa846555b80195502f249
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 10:53:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash eb52164d651f5f45416e873aec29eb04
405b29bb7e7cd4367cf82988f8603e53db65f139
ed885e05db822ff30fe951e10b6d4f21e574d053939afca792992a1549a15301
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1520
Cache-Control: max-age=167913
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 10:53:40 GMT
Etag: "637de2ad-1d7"
Expires: Fri, 25 Nov 2022 09:32:13 GMT
Last-Modified: Wed, 23 Nov 2022 09:06:53 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 8069f5e67c25fc0b7388ba5d4decd8c9
64a85ba44c80ea206f4382f573c3d61e4f607ccf
7587cd04333ddf1cff15ae219cb8fca0618786a9fe4cee989975f4d50889e72a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 10:53:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 2158a9300fe45b9c7eb9f8bee64fd5a8
efc67da3b98aa908a9493a352701f55eac794728
101dcb3cccef1a365cbae9a0034dd15e3ac1717fd28aa846555b80195502f249
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 10:53:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i45.tinypic.com/rss9so.jpg
143.204.55.100301 Moved Permanently 0 B URL HTTP/1.1 i45.tinypic.com/rss9so.jpg
IP 143.204.55.100:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /rss9so.jpg HTTP/1.1
Host: i45.tinypic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tattoos-girl-fish-chinas-news.blogspot.com/
HTTP/1.1 301 Moved Permanently
Content-Length: 0
Connection: keep-alive
Date: Wed, 23 Nov 2022 10:53:41 GMT
Location: http://tinypic.com/images/goodbye.jpg
Server: AmazonS3
X-Cache: Miss from cloudfront
Via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: hh2skXiqmXSAit3_Ep5DUAYu73g19ooQ_gVAPJRke2UpnFfKbwEvLA==
pagead2.googlesyndication.com/pagead/js/google_top_exp.js
142.250.74.34200 OK 67 B URL HTTP/1.1 pagead2.googlesyndication.com/pagead/js/google_top_exp.js
IP 142.250.74.34:0
Hash 9bbc3ca32ec951a484589ce0e6b4db73
753d6f6183b33b2dee5dde2208fca91c17f5bb13
b8f16a16d2a7ea39a9cc079fdbe3af7d31393d62a853668bdd549e0a0311cb3c
GET /pagead/js/google_top_exp.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tattoos-girl-fish-chinas-news.blogspot.com/
HTTP/1.1 200 OK
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: cafe
Content-Length: 67
X-XSS-Protection: 0
Date: Wed, 23 Nov 2022 08:04:05 GMT
Expires: Wed, 07 Dec 2022 08:04:05 GMT
Cache-Control: public, max-age=1209600
ETag: 13036835877489095579
Content-Type: text/javascript; charset=UTF-8
Age: 10175
colorlines.com/assets_c/2010/12/victoriasecret_2010_1-thumb-640xauto-1692.jpg
35.170.209.141301 Moved Permanently 162 B URL HTTP/1.1 colorlines.com/assets_c/2010/12/victoriasecret_2010_1-thumb-640xauto-1692.jpg
IP 35.170.209.141:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /assets_c/2010/12/victoriasecret_2010_1-thumb-640xauto-1692.jpg HTTP/1.1
Host: colorlines.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tattoos-girl-fish-chinas-news.blogspot.com/
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 23 Nov 2022 10:53:40 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://colorlines.com/assets_c/2010/12/victoriasecret_2010_1-thumb-640xauto-1692.jpg
abouthollywod.com/wp-content/uploads/2011/03/carmen-electra-in-bikini-nacked.jpg
75.2.18.233400 Bad Request 20 B URL HTTP/1.1 abouthollywod.com/wp-content/uploads/2011/03/carmen-electra-in-bikini-nacked.jpg
IP 75.2.18.233:0
File type ASCII text, with no line terminators
Hash 64b3d0bcb16e406cdd665ec49fefb7f1
8da5d8ac9123e50bbd4293b111f6f640f864256b
cfe229c58e25f36ffab9053add1dcfdf3abe1cb26b7b0a3d22e9514f757b98d5
GET /wp-content/uploads/2011/03/carmen-electra-in-bikini-nacked.jpg HTTP/1.1
Host: abouthollywod.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tattoos-girl-fish-chinas-news.blogspot.com/
HTTP/1.1 400 Bad Request
Date: Wed, 23 Nov 2022 10:53:40 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
X-Blocked: 11015.10
images4.wikia.nocookie.net/__cb20110728043343/fallingskies/images/8/8a/0002.jpg
74.120.188.194200 OK 8.7 kB URL HTTP/1.1 images4.wikia.nocookie.net/__cb20110728043343/fallingskies/images/8/8a/0002.jpg
IP 74.120.188.194:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 200x133, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 757fe0a2368c30662a3b5840fe0744ed
57ae23c1ecde29f466c373b521a295c10c2e83ec
2f88f83bc047a7f648e9538d00b81e1779c65f5fdab12777cc4b347681973435
GET /__cb20110728043343/fallingskies/images/8/8a/0002.jpg HTTP/1.1
Host: images4.wikia.nocookie.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tattoos-girl-fish-chinas-news.blogspot.com/
HTTP/1.1 200 OK
date: Wed, 23 Nov 2022 10:53:40 GMT
surrogate-key: caeace49003f6e030c0f68404447feb530cf31ed wiki-fallingskies thumblr scale-to-width
content-disposition: inline; filename="0002.webp"; filename*=UTF-8''0002.webp
content-type: image/webp
etag: CLyMw7GU+/UCEAE=
x-thumbnailer: Thumblr
access-control-allow-origin: *
access-control-allow-headers: Range
content-length: 8658
x-envoy-upstream-service-time: 70
x-cacheable: YES
age: 0
vary: Accept
x-cache: ORIGIN, MISS
timing-allow-origin: *
cache-control: max-age=31536000, public
x-served-by: thumblr-5d8c9f94c9-w2wj7, wk-cdn-f2
x-cache-hits: ORIGIN, 0
accept-ranges: bytes
www.walterfilm.com/bmz_cache/7/7545616b890f3dd50027b369a0752beb.image.438x680.jpg
104.196.138.223301 Moved Permanently 162 B URL HTTP/1.1 www.walterfilm.com/bmz_cache/7/7545616b890f3dd50027b369a0752beb.image.438x680.jpg
IP 104.196.138.223:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /bmz_cache/7/7545616b890f3dd50027b369a0752beb.image.438x680.jpg HTTP/1.1
Host: www.walterfilm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tattoos-girl-fish-chinas-news.blogspot.com/
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 23 Nov 2022 10:53:40 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://www.walterfilm.com/bmz_cache/7/7545616b890f3dd50027b369a0752beb.image.438x680.jpg
images3.wikia.nocookie.net/__cb20110728045960/fallingskies/images/2/20/0004-3.jpg
74.120.188.204200 OK 5.5 kB URL HTTP/1.1 images3.wikia.nocookie.net/__cb20110728045960/fallingskies/images/2/20/0004-3.jpg
IP 74.120.188.204:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 200x133, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 500e3d8d570471798718a8f0d40b6d75
d48cbe8c58ca3457ba06a821f6ce37d6ef7cd00e
6dca1174ef53278fe726b8480de1791a38c65e010a53df558eb0fa5089ee9890
GET /__cb20110728045960/fallingskies/images/2/20/0004-3.jpg HTTP/1.1
Host: images3.wikia.nocookie.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tattoos-girl-fish-chinas-news.blogspot.com/
HTTP/1.1 200 OK
date: Wed, 23 Nov 2022 10:53:40 GMT
surrogate-key: de0584bce3724a775cceb86c8102390286c6192f wiki-fallingskies thumblr scale-to-width
content-disposition: inline; filename="0004-3.webp"; filename*=UTF-8''0004-3.webp
content-type: image/webp
etag: CMqJvLGU+/UCEAE=
x-thumbnailer: Thumblr
access-control-allow-origin: *
access-control-allow-headers: Range
content-length: 5494
x-envoy-upstream-service-time: 94
x-cacheable: YES
age: 0
vary: Accept
x-cache: ORIGIN, MISS
timing-allow-origin: *
cache-control: max-age=31536000, public
x-served-by: thumblr-5d8c9f94c9-ch9zw, wk-cdn-f5
x-cache-hits: ORIGIN, 0
accept-ranges: bytes
tinypic.com/images/goodbye.jpg
143.204.55.79200 OK 16 kB URL HTTP/1.1 tinypic.com/images/goodbye.jpg
IP 143.204.55.79:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x300, components 3\012- data
Hash 32af06ac4b80d728f7e4c8780eb6b6d7
dd3198f4361e94f2c3606474e04a629e42402d02
f610dc2752e938d77dab1c4e9fb1f0f7f53b25e527d130ce4e034b7de09da053
GET /images/goodbye.jpg HTTP/1.1
Host: tinypic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://tattoos-girl-fish-chinas-news.blogspot.com/
Connection: keep-alive
HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 15616
Connection: keep-alive
Last-Modified: Wed, 18 Sep 2019 21:23:53 GMT
Server: AmazonS3
Date: Wed, 23 Nov 2022 01:34:49 GMT
ETag: "32af06ac4b80d728f7e4c8780eb6b6d7"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: WdtoKaJL-pddgbQJanJ0t2RbYbtXdOsSYXtzyGfPAgzGBDXvV0hzgw==
Age: 33532
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 41c8fba8ec3768a7354e8d2d721e8222
fb08d460294c94eb848e681999d022327b01b617
3b89551f16d2769965c87fa45075ac034c79950ccd9558e7984a1d2255854640
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3B89551F16D2769965C87FA45075AC034C79950CCD9558E7984A1D2255854640"
Last-Modified: Tue, 22 Nov 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8909
Expires: Wed, 23 Nov 2022 13:22:09 GMT
Date: Wed, 23 Nov 2022 10:53:40 GMT
Connection: keep-alive
www.theautochannel.com/news/2006/05/27/008817.1-lg.jpg
104.21.18.153302 Found 284 B URL HTTP/1.1 www.theautochannel.com/news/2006/05/27/008817.1-lg.jpg
IP 104.21.18.153:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Hash 3962e547e0fe5608bc96a8fef0f15f2e
98fe6d58e8a92f7e92025bbf65998bfb3f44767b
4e82a11b851ec32165d5f27dc2605bb17d6e7c577574498ff84aa3b124162644
GET /news/2006/05/27/008817.1-lg.jpg HTTP/1.1
Host: www.theautochannel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tattoos-girl-fish-chinas-news.blogspot.com/
HTTP/1.1 302 Found
Date: Wed, 23 Nov 2022 10:53:40 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: public, max-age=2592000
Display: staticcontent_sol
Location: https://www.theautochannel.com/news/2006/05/27/008817.1-lg.jpg
Pagespeed: off
Response: 302
Vary: Accept-Encoding,Origin
X-Ez-Minify-Html: 14.97% 284 / 334
X-Ezoic-Cdn: Bypass
X-Middleton-Display: staticcontent_sol
X-Middleton-Response: 302
X-Origin-Cache-Control:
CF-Cache-Status: BYPASS
Set-Cookie: ezCMPCCS=false; Path=/; Domain=theautochannel.com; Expires=Thu, 23 Nov 2023 10:53:40 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=icjnb0NyfouYVWQPX0D6uGY7tTDgltOoj%2BB6mpFfS0dwi5EsyGyQAntKgTEgEHUOSCOqA10SVc%2BNUc38vPVymHAm%2FJzgFtNEDwYLTZb7vVz5jeyVbMxxEHKhn66n7gSb%2Fpy%2F2268Z9uE"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 76e95cc4b8e5b4fa-OSL
alt-svc: h2=":443"; ma=60
www.histomobile.com/histomob/internet/46/375807.jpg
52.42.30.1301 Moved Permanently 0 B URL HTTP/1.1 www.histomobile.com/histomob/internet/46/375807.jpg
IP 52.42.30.1:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /histomob/internet/46/375807.jpg HTTP/1.1
Host: www.histomobile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tattoos-girl-fish-chinas-news.blogspot.com/
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 23 Nov 2022 10:53:40 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.4.3
Location: https://usedautobillofsale.com/histomobile.htm
X-Request-Id: 37e893455874f180c0dc7cca073d6109
www.blogger.com/img/logo-16.png
142.250.74.105200 OK 279 B URL HTTP/1.1 www.blogger.com/img/logo-16.png
IP 142.250.74.105:0
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 5ffecab6c722bb0adc3fce8d83b27993
0e59b05d3da526e82bb4f5d47c5d94e2a318dafb
cca664ca16fde285160e80eae6ba4501c27b1dd1ce09aec1e84caa74b5baff53
GET /img/logo-16.png HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tattoos-girl-fish-chinas-news.blogspot.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 279
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 23 Nov 2022 04:27:52 GMT
Expires: Wed, 30 Nov 2022 04:27:52 GMT
Cache-Control: public, max-age=604800
Last-Modified: Tue, 22 Nov 2022 07:51:00 GMT
Content-Type: image/png
Age: 23148
www.internetcelebrity.org/albums/wpw-20081027/76463_CarlaGugino10182008SpikeTVScreamAwards09_122_103lo.jpg
89.46.108.32200 OK 815 kB URL HTTP/1.1 www.internetcelebrity.org/albums/wpw-20081027/76463_CarlaGugino10182008SpikeTVScreamAwards09_122_103lo.jpg
IP 89.46.108.32:0
File type JPEG image data, JFIF standard 1.00, resolution (DPI), density 300x300, segment length 16, comment: "LEAD Technologies Inc. V1.01", baseline, precision 8, 2439x3600, components 3\012- data
Size 815 kB (814709 bytes)
Hash 85c3576933d419f8a546eeb13b13ee96
6eae058143788bd9ed3461ad5ee1dff43769c4fd
a59e6781b6cad7be2a2a3ee546013a7049b1c5c81423dd4a58c597d4cfad7aeb
GET /albums/wpw-20081027/76463_CarlaGugino10182008SpikeTVScreamAwards09_122_103lo.jpg HTTP/1.1
Host: www.internetcelebrity.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tattoos-girl-fish-chinas-news.blogspot.com/
HTTP/1.1 200 OK
Server: aruba-proxy
Date: Wed, 23 Nov 2022 10:53:40 GMT
Content-Type: image/jpeg
Content-Length: 814709
Connection: keep-alive
Last-Modified: Mon, 27 Oct 2008 00:27:51 GMT
Accept-Ranges: bytes
X-ServerName: ipvsproxy145.ad.aruba.it
www.wallpaperextreme.com/Celebrities/Ana-Hickmann/Ana-Hickmann-59.JPG
107.187.243.200200 OK 803 B URL HTTP/1.1 www.wallpaperextreme.com/Celebrities/Ana-Hickmann/Ana-Hickmann-59.JPG
IP 107.187.243.200:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, Non-ISO extended-ASCII text, with CRLF line terminators
Hash 98896767a53d7df5cbef1e7461ffde08
833c866d163f5b8ab10a14d53fe27a592fbefb2c
84d3c9732e04ea7dacc061739302bed596712db1fee433ac5546db546777b0c4
GET /Celebrities/Ana-Hickmann/Ana-Hickmann-59.JPG HTTP/1.1
Host: www.wallpaperextreme.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tattoos-girl-fish-chinas-news.blogspot.com/
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 23 Nov 2022 10:53:41 GMT
Content-Type: text/html
Content-Length: 803
Connection: keep-alive
www.hall-of-fame-sport.de/media/athletes/9_picture_shortinfo.jpg
185.48.220.137404 Not Found 5.9 kB URL HTTP/1.1 www.hall-of-fame-sport.de/media/athletes/9_picture_shortinfo.jpg
IP 185.48.220.137:0
ASN #30742 Bremen Briteline GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1978)
Hash 568c3b04b48ee0b9755c931a717664a6
3784b23471a0ef72a1c015647e3c5ff7ab3343c4
011e7139b2e9fab05a3e9281bc2f1de77031415cc0960125c4d3c8da4c5bfd25
GET /media/athletes/9_picture_shortinfo.jpg HTTP/1.1
Host: www.hall-of-fame-sport.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://tattoos-girl-fish-chinas-news.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 404 Not Found
Date: Wed, 23 Nov 2022 10:53:40 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, Keep-Alive
Expect-CT: enforce,max-age=2592000,report-uri="https://www.hall-of-fame-sport.de/report"
X-Content-Type-Options: nosniff
Cache-Control: no-cache, no-store, must-revalidate
Keep-Alive: timeout=15, max=100
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
1.bp.blogspot.com/-_YyKf7rgOEM/TWaat__GYYI/AAAAAAAAAa4/4n1SUXa3gEY/s1600/ana-hickmann2010.jpg
142.250.74.161200 OK 148 kB URL HTTP/1.1 1.bp.blogspot.com/-_YyKf7rgOEM/TWaat__GYYI/AAAAAAAAAa4/4n1SUXa3gEY/s1600/ana-hickmann2010.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Google], baseline, precision 8, 1280x1024, components 3\012- data
Size 148 kB (147626 bytes)
Hash d48293769303387df7a3c857eacc64da
d8103d55b429d0a2d6d8ba4b3516528f54d02ea3
323cff19382ad70767c6a1e3ae2349c4f95de2a82dc143ec8ec03f9fc33a4c92
GET /-_YyKf7rgOEM/TWaat__GYYI/AAAAAAAAAa4/4n1SUXa3gEY/s1600/ana-hickmann2010.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tattoos-girl-fish-chinas-news.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v1ae"
Expires: Thu, 24 Nov 2022 10:53:40 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="ana-hickmann2010.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Wed, 23 Nov 2022 10:53:40 GMT
Server: fife
Content-Length: 147626
X-XSS-Protection: 0
push.services.mozilla.com/
35.82.48.240101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.82.48.240:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: P+bO2jErPnqZ66Faf1gPXA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: FMGfn5aujSDhuRgmP8xw8SvPtcA=
2.bp.blogspot.com/_ul77FgPIZZQ/TVJ7GDhhj8I/AAAAAAAAGWI/1YJ8qawRRDE/s1600/rescatando%252Ba%252BJack%252BShephard.jpg
142.250.74.161200 OK 322 kB URL HTTP/1.1 2.bp.blogspot.com/_ul77FgPIZZQ/TVJ7GDhhj8I/AAAAAAAAGWI/1YJ8qawRRDE/s1600/rescatando%252Ba%252BJack%252BShephard.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Google], baseline, precision 8, 1417x1417, components 3\012- data
Size 322 kB (322206 bytes)
Hash d11b64da3c48f37ade0005b2a6933080
2c6517b3afab810da127853560ad854c6d91573a
e46095678ecc9e6534586322292d0a11291b9e996cf06195281557a855fb45d9
GET /_ul77FgPIZZQ/TVJ7GDhhj8I/AAAAAAAAGWI/1YJ8qawRRDE/s1600/rescatando%252Ba%252BJack%252BShephard.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tattoos-girl-fish-chinas-news.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v1962"
Expires: Thu, 24 Nov 2022 10:53:40 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="rescatando a Jack Shephard.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Wed, 23 Nov 2022 10:53:40 GMT
Server: fife
Content-Length: 322206
X-XSS-Protection: 0
keywebtracker.com/?if=1&scr_w=1280&scr_h=1024&blog=http%3A//tattoos-girl-fish-chinas-news.blogspot.com/2011/09/carmen-christian-singer-carmen.html&ref=&l=celebrity
69.162.80.55200 OK 633 B URL HTTP/1.1 keywebtracker.com/?if=1&scr_w=1280&scr_h=1024&blog=http%3A//tattoos-girl-fish-chinas-news.blogspot.com/2011/09/carmen-christian-singer-carmen.html&ref=&l=celebrity
IP 69.162.80.55:0
ASN #46475 LIMESTONENETWORKS
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (633), with no line terminators
Hash aba0ab3ad61c311229fa77d12094e467
2d348fc2fbc13ba4895454fa6b3bbb74f21db7b9
e3cf0b40b2d4b7c2235e08b44a773fdd2e7fccd8dac49b700c2891af8024057e
GET /?if=1&scr_w=1280&scr_h=1024&blog=http%3A//tattoos-girl-fish-chinas-news.blogspot.com/2011/09/carmen-christian-singer-carmen.html&ref=&l=celebrity HTTP/1.1
Host: keywebtracker.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tattoos-girl-fish-chinas-news.blogspot.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
accept-ch: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 633
content-type: text/html; charset=utf-8
date: Wed, 23 Nov 2022 10:53:39 GMT
server: nginx
set-cookie: sid=171d86dc-6b1d-11ed-8d22-a6c15108ed4e; path=/; domain=.keywebtracker.com; expires=Mon, 11 Dec 2090 14:07:47 GMT; max-age=2147483647; HttpOnly
1.bp.blogspot.com/_Zm-2hX05Nfg/TBBm9L7iqpI/AAAAAAAAAa0/oi9gLC8d0EI/s1600/vlcsnap-2010-06-09-23h11m52s3.png
142.250.74.161200 OK 442 kB URL HTTP/1.1 1.bp.blogspot.com/_Zm-2hX05Nfg/TBBm9L7iqpI/AAAAAAAAAa0/oi9gLC8d0EI/s1600/vlcsnap-2010-06-09-23h11m52s3.png
IP 142.250.74.161:0
File type PNG image data, 720 x 540, 8-bit/color RGB, non-interlaced\012- data
Size 442 kB (442081 bytes)
Hash be9316a34221567641dbe44d86f93686
6fbddd10fd8af06bad56bb8746d68cabfea0c65f
2ced41ffda05c3e6f74ef32d40bd773b05d6bb3a7659860a2263eb7c17f48de7
GET /_Zm-2hX05Nfg/TBBm9L7iqpI/AAAAAAAAAa0/oi9gLC8d0EI/s1600/vlcsnap-2010-06-09-23h11m52s3.png HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tattoos-girl-fish-chinas-news.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v1ad"
Expires: Thu, 24 Nov 2022 10:53:40 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="vlcsnap-2010-06-09-23h11m52s3.png"
Content-Type: image/png
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Wed, 23 Nov 2022 10:53:40 GMT
Server: fife
Content-Length: 442081
X-XSS-Protection: 0
images.imagestate.com/Watermark/2490605.jpg
209.99.64.70200 OK 196 B URL HTTP/1.1 images.imagestate.com/Watermark/2490605.jpg
IP 209.99.64.70:0
ASN #40034 CONFLUENCE-NETWORK-INC
File type HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8f1f8cad69e837848a06dc69189572bc
ce54ae15a8776744c534d6ac77e9e19b8ee3e7f6
75a3fc170e4d77105298dd4bd6b311b88002882168a9a8a4b8096829377784c4
GET /Watermark/2490605.jpg HTTP/1.1
Host: images.imagestate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tattoos-girl-fish-chinas-news.blogspot.com/
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 10:53:40 GMT
Server: Apache
Referrer-Policy: no-referrer-when-downgrade
Accept-CH: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
Permissions-Policy: ch-ua-platform-version=("https://dts.gnpge.com"), ch-ua-model=("https://dts.gnpge.com")
Cteonnt-Length: 272
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Cache-Control: private
Content-Encoding: gzip
Content-Length: 196
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 523634f5e33b64d08c05415ca377b336
27750bceb120328cf37f0a053115a9b216890885
79be1cbfccc032a1e2ac97b84217f00466649b5a715df45ece301eb3b5b94dc1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 10:53:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
accounts.google.com/ServiceLogin?passive=true&continue=https://www.blogger.com/followers.g?blogID%3D7435199865705255018%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMzMzMzMzMiByMwMDAwMDAqByNmZmZmZmYyByMwMDAwMDA6ByMzMzMzMzNCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50%26pageSize%3D21%26postID%3D2263093228223208958%26origin%3Dhttp://tattoos-girl-fish-chinas-news.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.geaHZXF2-fw.O/d%253D1/rs%253DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/m%253D__features__%26bpli%3D1&followup=https://www.blogger.com/followers.g?blogID%3D7435199865705255018%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMzMzMzMzMiByMwMDAwMDAqByNmZmZmZmYyByMwMDAwMDA6ByMzMzMzMzNCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50%26pageSize%3D21%26postID%3D2263093228223208958%26origin%3Dhttp://tattoos-girl-fish-chinas-news.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.geaHZXF2-fw.O/d%253D1/rs%253DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/m%253D__features__%26bpli%3D1&go=true
216.58.207.237302 Found 497 B URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https://www.blogger.com/followers.g?blogID%3D7435199865705255018%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMzMzMzMzMiByMwMDAwMDAqByNmZmZmZmYyByMwMDAwMDA6ByMzMzMzMzNCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50%26pageSize%3D21%26postID%3D2263093228223208958%26origin%3Dhttp://tattoos-girl-fish-chinas-news.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.geaHZXF2-fw.O/d%253D1/rs%253DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/m%253D__features__%26bpli%3D1&followup=https://www.blogger.com/followers.g?blogID%3D7435199865705255018%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMzMzMzMzMiByMwMDAwMDAqByNmZmZmZmYyByMwMDAwMDA6ByMzMzMzMzNCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50%26pageSize%3D21%26postID%3D2263093228223208958%26origin%3Dhttp://tattoos-girl-fish-chinas-news.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.geaHZXF2-fw.O/d%253D1/rs%253DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/m%253D__features__%26bpli%3D1&go=true
IP 216.58.207.237:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (552)
Hash 31fe81cce84ea304349280152f0692b8
6c77804f17c99c29c3013c6c84dbdcbdfdeb95fe
f3c4a890e7963c1d490fff80f43207b642155aa5fd68259a746cbac1d76868fe
GET /ServiceLogin?passive=true&continue=https://www.blogger.com/followers.g?blogID%3D7435199865705255018%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMzMzMzMzMiByMwMDAwMDAqByNmZmZmZmYyByMwMDAwMDA6ByMzMzMzMzNCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50%26pageSize%3D21%26postID%3D2263093228223208958%26origin%3Dhttp://tattoos-girl-fish-chinas-news.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.geaHZXF2-fw.O/d%253D1/rs%253DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/m%253D__features__%26bpli%3D1&followup=https://www.blogger.com/followers.g?blogID%3D7435199865705255018%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMzMzMzMzMiByMwMDAwMDAqByNmZmZmZmYyByMwMDAwMDA6ByMzMzMzMzNCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50%26pageSize%3D21%26postID%3D2263093228223208958%26origin%3Dhttp://tattoos-girl-fish-chinas-news.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.geaHZXF2-fw.O/d%253D1/rs%253DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/m%253D__features__%26bpli%3D1&go=true HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://tattoos-girl-fish-chinas-news.blogspot.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 23 Nov 2022 10:53:40 GMT
location: https://www.blogger.com/followers.g?blogID=7435199865705255018&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMzMzMzMzMiByMwMDAwMDAqByNmZmZmZmYyByMwMDAwMDA6ByMzMzMzMzNCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50&pageSize=21&postID=2263093228223208958&origin=http%3A%2F%2Ftattoos-girl-fish-chinas-news.blogspot.com%2F&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.geaHZXF2-fw.O%2Fd%3D1%2Frs%3DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ%2Fm%3D__features__&bpli=1
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-security-policy: script-src 'nonce-nVwAAk-hVvrCZBU2Qu4cgg' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 497
server: GSE
set-cookie: __Host-GAPS=1:4UOrhIp_PtVOWfcpTLCHjr-KmfGIpg:3i-HX3GxeRTzdqd5;Path=/;Expires=Fri, 22-Nov-2024 10:53:40 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e3ac81217d928f6accc50b8d73d7c2a8
6798d22b52371b7ada51f34b6e1222f0ce972eef
24c61952b9b838a3f30d4bcf042d156c2816129589515c0c9655ed259f2bf0e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "24C61952B9B838A3F30D4BCF042D156C2816129589515C0C9655ED259F2BF0E7"
Last-Modified: Mon, 21 Nov 2022 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21537
Expires: Wed, 23 Nov 2022 16:52:37 GMT
Date: Wed, 23 Nov 2022 10:53:40 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash ae7674294f5a17ef8761b33ac4dad848
30a771e623dd1e3cb8694bb5f71393aaa9e87b6a
cac85ed50ce25c45d5093aaaa231a0d1cd9667f47bd2312947070ba202c5d96b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 10:53:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 93d9c12c22a694c1fa669e70a477952b
7bfdf3dff7da49524e238053eda7024a252d7133
9ca755e6300c24afe0f1acaa35d15f6e9ac4c85386c64d38551acc535d889685
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=168891
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 10:53:40 GMT
Etag: "637dec6f-118"
Expires: Fri, 25 Nov 2022 09:48:31 GMT
Last-Modified: Wed, 23 Nov 2022 09:48:31 GMT
Server: nginx
Content-Length: 280
i225.photobucket.com/albums/dd66/sct11/OffRoadDec10041.jpg
143.204.55.73200 OK 198 kB URL HTTP/2 i225.photobucket.com/albums/dd66/sct11/OffRoadDec10041.jpg
IP 143.204.55.73:0
File type RIFF (little-endian) data, Web/P image\012- data
Size 198 kB (198478 bytes)
Hash dcfd93b0cdbccc0c19996a322d300d5f
c155a90a7d6a4d98778f0c3356a787d43d3b292d
aa871dbd49395451931dba46757b90ea2995839e2b98842492bf9827154e6d02
GET /albums/dd66/sct11/OffRoadDec10041.jpg HTTP/1.1
Host: i225.photobucket.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://tattoos-girl-fish-chinas-news.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/webp
content-length: 198478
date: Wed, 23 Nov 2022 10:53:40 GMT
cache-control: max-age=31536000, public
content-disposition: inline; filename="OffRoadDec10041.webp"
expires: Thu, 23 Nov 2023 10:53:40 GMT
server: photobucket
x-amzn-trace-id: Root=1-637dfbb4-4bc0b2807415d5f808d2191e
x-request-id: heLMovIznHDwcwX8JqpIm
x-cache: Miss from cloudfront
via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 4Hdhpv-m_HoD_Ho-xlehwOVq3xHsfG_x44gUwCP2GJ31sEZbD4cGaA==
vary: Accept, Origin
X-Firefox-Spdy: h2
www.google.com/recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu
142.250.74.164200 OK 665 B URL HTTP/2 www.google.com/recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu
IP 142.250.74.164:0
File type ASCII text, with very long lines (1034), with no line terminators
Hash 34e37af4d526255a20a2056cd5f4addf
bcac186d6a49539e69a3f67aa08d0188966f5623
51a2c479b272414cb9d7e1ec62edffbad01217068b73d516d33cb8f26a4fc634
GET /recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Wed, 23 Nov 2022 10:53:40 GMT
date: Wed, 23 Nov 2022 10:53:40 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 665
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 8069f5e67c25fc0b7388ba5d4decd8c9
64a85ba44c80ea206f4382f573c3d61e4f607ccf
7587cd04333ddf1cff15ae219cb8fca0618786a9fe4cee989975f4d50889e72a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 10:53:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
usedautobillofsale.com/histomobile.htm
51.38.158.32200 OK 12 kB URL HTTP/2 usedautobillofsale.com/histomobile.htm
IP 51.38.158.32:0
Hash 7c85d068a43e5227476494d705d637bb
8bd834bd16c0ee63de4f15bb84b8e6db1a157f8f
7948a3ab541c09ff44599036aaa95a4b004d3bb791135b82388cb6d9cff139bf
GET /histomobile.htm HTTP/1.1
Host: usedautobillofsale.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://tattoos-girl-fish-chinas-news.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 10:53:27 GMT
content-type: text/html; charset=utf-8
content-encoding: gzip
x-request-id: 2a9c0a8d77c9cffb1e3c6fc3debb829f, 2a9c0a8d77c9cffb1e3c6fc3debb829f
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4f22437494cab8f3b1de6d48c3677f43
42461557365b59e300ae356c37b95f652e10dacd
420bc8cc7c6624d9201c6e12fb6478f4a9cf77e90aad033b4d12687968003ccf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 10:53:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
play.google.com/log?format=json&hasfast=true&authuser=0
142.250.74.110200 OK 0 B URL HTTP/2 play.google.com/log?format=json&hasfast=true&authuser=0
IP 142.250.74.110:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Referer: https://www.blogger.com/
Origin: https://www.blogger.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.blogger.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Wed, 23 Nov 2022 10:53:40 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: CONSENT=PENDING+491; expires=Fri, 22-Nov-2024 10:53:40 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 23 Nov 2022 10:53:40 GMT
cache-control: private
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js
142.250.74.163200 OK 163 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js
IP 142.250.74.163:0
File type ASCII text, with very long lines (730)
Size 163 kB (162976 bytes)
Hash 79d18cf4265108d7cecca1bf4ada6109
e51d0285a545381d4c39e9e0292a650ffeeecbb9
59ce7253f371df0833c3f72d4748ef812002b90a49413c56d0ca7c40bb5a0ab6
GET /recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
Origin: https://www.blogger.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 162976
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 10:35:38 GMT
expires: Thu, 23 Nov 2023 10:35:38 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 14 Nov 2022 03:01:59 GMT
content-type: text/javascript
age: 1082
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
play.google.com/log?format=json&hasfast=true&authuser=0
142.250.74.110200 OK 131 B URL HTTP/2 play.google.com/log?format=json&hasfast=true&authuser=0
IP 142.250.74.110:0
File type JSON data\012- , ASCII text, with no line terminators
Hash babb6f090aeebc6f421624475b4aefff
06079b7547949822c118224e51604f4c5ebf80c8
b2fe8b91f31edc7284cc9690e90dd4a38d985598374df68967d917590beb55dd
POST /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
X-Goog-AuthUser: 0
Content-Type: application/x-www-form-urlencoded;charset=utf-8
Content-Length: 2975
Origin: https://www.blogger.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.blogger.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web
content-type: text/plain; charset=UTF-8
content-encoding: gzip
date: Wed, 23 Nov 2022 10:53:40 GMT
server: Playlog
cache-control: private
content-length: 131
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: CONSENT=PENDING+333; expires=Fri, 22-Nov-2024 10:53:40 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 23 Nov 2022 10:53:40 GMT
X-Firefox-Spdy: h2
newyorkguitarfestival.files.wordpress.com/2010/01/justin.jpg
192.0.72.27200 OK 3.1 MB URL HTTP/2 newyorkguitarfestival.files.wordpress.com/2010/01/justin.jpg
IP 192.0.72.27:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=12, manufacturer=Canon, model=Canon EOS REBEL T1i, orientation=upper-left, xresolution=196, yresolution=204, resolutionunit=2, datetime=2009:12:12 22:37:17], baseline, precision 8, 3456x2304, components 3\012- data
Size 3.1 MB (3057430 bytes)
Hash 3ee893a7d6d8e77f7ee01a4e53cf68ad
a9768b5376db827fc075eba8d55fba68be2ca2f4
478584f77df4cdf2f11ea8afa4b9449da89f02706fd5033584de58465c1cc8c7
GET /2010/01/justin.jpg HTTP/1.1
Host: newyorkguitarfestival.files.wordpress.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://tattoos-girl-fish-chinas-news.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 10:53:40 GMT
content-type: image/jpeg
content-length: 3057430
last-modified: Thu, 07 Jan 2010 19:29:49 GMT
expires: Wed, 14 Dec 2022 21:49:34 GMT
x-orig-src: 01_mogdir
accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-origin: https://newyorkguitarfestival.wordpress.com
vary: Origin
x-nc: MISS arn 27 np
x-content-type-options: nosniff
X-Firefox-Spdy: h2
keywebtracker.com/?blog=http%3A%2F%2Ftattoos-girl-fish-chinas-news.blogspot.com%2F2011%2F09%2Fcarmen-christian-singer-carmen.html&ch=1&if=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY2OTIwODAyMCwiaWF0IjoxNjY5MjAwODIwLCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIyc2wzMmpiOWZhcnVuNGE0bW8xbTlrYzEiLCJuYmYiOjE2NjkyMDA4MjAsInRzIjoxNjY5MjAwODIwNDQ2MDM2fQ.859Jc2UajWJS6UpUZPyybPQWPfhzwEZFCymLJ0bRLyE&l=celebrity&ref=&scr_h=1024&scr_w=1280&sid=171d86dc-6b1d-11ed-8d22-a6c15108ed4e
69.162.80.55302 Found 11 B URL HTTP/1.1 keywebtracker.com/?blog=http%3A%2F%2Ftattoos-girl-fish-chinas-news.blogspot.com%2F2011%2F09%2Fcarmen-christian-singer-carmen.html&ch=1&if=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY2OTIwODAyMCwiaWF0IjoxNjY5MjAwODIwLCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIyc2wzMmpiOWZhcnVuNGE0bW8xbTlrYzEiLCJuYmYiOjE2NjkyMDA4MjAsInRzIjoxNjY5MjAwODIwNDQ2MDM2fQ.859Jc2UajWJS6UpUZPyybPQWPfhzwEZFCymLJ0bRLyE&l=celebrity&ref=&scr_h=1024&scr_w=1280&sid=171d86dc-6b1d-11ed-8d22-a6c15108ed4e
IP 69.162.80.55:0
ASN #46475 LIMESTONENETWORKS
File type ASCII text, with no line terminators
Hash 32682312d17c7cbf18e73594f5570319
60e22121bdd0bc71cdb2bae2a3aa577006b2eae9
e55fb1a1d731153e943b68844af12dcce8bfac917c98ffdea64c80da0607dd47
GET /?blog=http%3A%2F%2Ftattoos-girl-fish-chinas-news.blogspot.com%2F2011%2F09%2Fcarmen-christian-singer-carmen.html&ch=1&if=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY2OTIwODAyMCwiaWF0IjoxNjY5MjAwODIwLCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIyc2wzMmpiOWZhcnVuNGE0bW8xbTlrYzEiLCJuYmYiOjE2NjkyMDA4MjAsInRzIjoxNjY5MjAwODIwNDQ2MDM2fQ.859Jc2UajWJS6UpUZPyybPQWPfhzwEZFCymLJ0bRLyE&l=celebrity&ref=&scr_h=1024&scr_w=1280&sid=171d86dc-6b1d-11ed-8d22-a6c15108ed4e HTTP/1.1
Host: keywebtracker.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://keywebtracker.com/?if=1&scr_w=1280&scr_h=1024&blog=http%3A//tattoos-girl-fish-chinas-news.blogspot.com/2011/09/carmen-christian-singer-carmen.html&ref=&l=celebrity
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 11
date: Wed, 23 Nov 2022 10:53:40 GMT
location: http://click-v4.expmdiadi.com/click?i=EMoJDqKOMo8_0
server: nginx
set-cookie: sid=171d86dc-6b1d-11ed-8d22-a6c15108ed4e; path=/; domain=.keywebtracker.com; expires=Mon, 11 Dec 2090 14:07:48 GMT; max-age=2147483647; HttpOnly
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.195200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 19 Nov 2022 12:31:58 GMT
expires: Sun, 19 Nov 2023 12:31:58 GMT
cache-control: public, max-age=31536000
age: 339703
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 17 Nov 2022 21:46:16 GMT
expires: Fri, 17 Nov 2023 21:46:16 GMT
cache-control: public, max-age=31536000
age: 479245
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tattoos-girl-fish-chinas-news.blogspot.com/favicon.ico
142.250.74.161200 OK 412 B URL HTTP/1.1 tattoos-girl-fish-chinas-news.blogspot.com/favicon.ico
IP 142.250.74.161:0
File type MS Windows icon resource - 2 icons, 32x32, 8 bits/pixel, 16x16, 8 bits/pixel\012- data
Hash 501c61a70f5c41181aa050d9110909ca
5b985d5671a7caf686fdfb1df13488c4407f6c9f
c4aaf001607ee331f6871b4dbbf45942b1e197726714fd106e46d70cc10ee97e
GET /favicon.ico HTTP/1.1
Host: tattoos-girl-fish-chinas-news.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tattoos-girl-fish-chinas-news.blogspot.com/2011/09/carmen-christian-singer-carmen.html
HTTP/1.1 200 OK
Content-Type: image/x-icon; charset=UTF-8
Expires: Wed, 23 Nov 2022 10:53:41 GMT
Date: Wed, 23 Nov 2022 10:53:41 GMT
Cache-Control: private, max-age=86400
Last-Modified: Sat, 05 Nov 2022 10:57:18 GMT
ETag: W/"e2f0959536201dd460acee8870a96163eccc24188184b790357528ee3312142a"
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 412
Server: GSE
click-v4.expmdiadi.com/click?i=EMoJDqKOMo8_0
198.134.116.17302 Found 0 B URL HTTP/1.1 click-v4.expmdiadi.com/click?i=EMoJDqKOMo8_0
IP 198.134.116.17:0
ASN #27257 WEBAIR-INTERNET
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click?i=EMoJDqKOMo8_0 HTTP/1.1
Host: click-v4.expmdiadi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://keywebtracker.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Cache-Control: no-store
Content-Length: 0
Age: 0
Connection: keep-alive
Location: https://engine.blehcourt.com/Redirect.eng?MediaSegmentId=0&TempMediaId=1e66361b-3fa4-47d9-90cb-a9ccf33ac317&dcid=1_ctx_6e4b418e-08e6-4533-b9e6-d7fecc0b0198&timeZoneOffset=&xml=1&feedId=346
Pragma: no-cache
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f9c354ae2b3d426f25d4705775eb4745
f992310c4da54dbd5dbe45daffd1806f5e3e2afd
ce58b2fb52b79423079803a0e30f48300a1c2c0bcec8e23f92a5446649921a82
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "CE58B2FB52B79423079803A0E30F48300A1C2C0BCEC8E23F92A5446649921A82"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6470
Expires: Wed, 23 Nov 2022 12:41:31 GMT
Date: Wed, 23 Nov 2022 10:53:41 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 611d1eca860866489908506a26bd6a2a
5e8c401f098357cd12889a6e507baf7c8a87772a
e3216e5edd547bc8f6a43780da5a118842b96de96d5cf668af68d8706ceb32e4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E3216E5EDD547BC8F6A43780DA5A118842B96DE96D5CF668AF68D8706CEB32E4"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7094
Expires: Wed, 23 Nov 2022 12:51:55 GMT
Date: Wed, 23 Nov 2022 10:53:41 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 611d1eca860866489908506a26bd6a2a
5e8c401f098357cd12889a6e507baf7c8a87772a
e3216e5edd547bc8f6a43780da5a118842b96de96d5cf668af68d8706ceb32e4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E3216E5EDD547BC8F6A43780DA5A118842B96DE96D5CF668AF68D8706CEB32E4"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7094
Expires: Wed, 23 Nov 2022 12:51:55 GMT
Date: Wed, 23 Nov 2022 10:53:41 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 611d1eca860866489908506a26bd6a2a
5e8c401f098357cd12889a6e507baf7c8a87772a
e3216e5edd547bc8f6a43780da5a118842b96de96d5cf668af68d8706ceb32e4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E3216E5EDD547BC8F6A43780DA5A118842B96DE96D5CF668AF68D8706CEB32E4"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7094
Expires: Wed, 23 Nov 2022 12:51:55 GMT
Date: Wed, 23 Nov 2022 10:53:41 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 611d1eca860866489908506a26bd6a2a
5e8c401f098357cd12889a6e507baf7c8a87772a
e3216e5edd547bc8f6a43780da5a118842b96de96d5cf668af68d8706ceb32e4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E3216E5EDD547BC8F6A43780DA5A118842B96DE96D5CF668AF68D8706CEB32E4"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7094
Expires: Wed, 23 Nov 2022 12:51:55 GMT
Date: Wed, 23 Nov 2022 10:53:41 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 611d1eca860866489908506a26bd6a2a
5e8c401f098357cd12889a6e507baf7c8a87772a
e3216e5edd547bc8f6a43780da5a118842b96de96d5cf668af68d8706ceb32e4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E3216E5EDD547BC8F6A43780DA5A118842B96DE96D5CF668AF68D8706CEB32E4"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7094
Expires: Wed, 23 Nov 2022 12:51:55 GMT
Date: Wed, 23 Nov 2022 10:53:41 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbd46b36d-1888-40f4-b55e-f6905fed9018.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbd46b36d-1888-40f4-b55e-f6905fed9018.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2cdc70ea570bedb3a19294a2e3cfcb1b
c3abc52da2458971b00416c5513894a8b60389f0
71f4c91b66b84d7bff6416d8efd1b95ca3aa3543a25489553d1acb6cd9b77308
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbd46b36d-1888-40f4-b55e-f6905fed9018.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8740
x-amzn-requestid: 7bb62ac1-5774-4e82-8438-9eded7ea71a9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b-JKMGFMIAMFovg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637bef0d-06bd21480b42efd67f62c690;Sampled=0
x-amzn-remapped-date: Mon, 21 Nov 2022 21:35:09 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: FjB6qa579_iDdG_QfQwnlYUEnwv0vZHG0JetZw_gtSVuet7BROTwDw==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 21:49:34 GMT
age: 47047
etag: "c3abc52da2458971b00416c5513894a8b60389f0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe1bda54-5235-4786-bafa-a111a9acd500.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe1bda54-5235-4786-bafa-a111a9acd500.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 448adf31ef3a09f7d8a45e1c038fe1d8
88e9613f90c14dca0b2c0b60103d0c8e4d859cc8
cedf0f3bd94dfde56b90f130fc960fe73d0131594b9b4ff0e8dbbe27d76b0926
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe1bda54-5235-4786-bafa-a111a9acd500.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8000
x-amzn-requestid: 9761ee4c-6da2-4b57-8fab-4d94ec810717
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bn1pXGrCIAMFe3g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63730308-7628d58a621de956205e1f9c;Sampled=0
x-amzn-remapped-date: Tue, 15 Nov 2022 03:10:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: pRbkuC0HMmZTAId5hWCbgs763wEzKLsxSo7iVWlSla5RYqhGxnzMrQ==
via: 1.1 100e7eca600d702a8613a94cb0899fe8.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 21:46:20 GMT
age: 47241
etag: "88e9613f90c14dca0b2c0b60103d0c8e4d859cc8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
34.120.237.76200 OK 4.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 841a4b110022a99ddea6f7bf66df0fa1
126771b86638108050cf57c0d12faa27f80f0edb
240fbffc1f9104433297d3ff7afba2d0b58d7f1b13d9a9260a1bad25216665db
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4309
x-amzn-requestid: 47c2739d-73c5-4d91-914c-fe635cb09772
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b1U8xGxgIAMF-qQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63786851-6fbe19dc5c4c20dd657604e3;Sampled=0
x-amzn-remapped-date: Sat, 19 Nov 2022 05:23:29 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ezHvyK3va4SioabOjSittTiLQRs_Q8k4TPxkiGp_svtZ8omDPTUN-A==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 05:01:14 GMT
age: 21147
etag: "126771b86638108050cf57c0d12faa27f80f0edb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44f9633f-15fe-459e-aebf-06d2b582efa8.jpeg
34.120.237.76200 OK 9.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44f9633f-15fe-459e-aebf-06d2b582efa8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3e8d7af3a5d030774447a0f71c7824f0
663cace8681891ad55943dd0273493aa9474d102
22068df04672281e392caa485259df103d591ab247c3eb5e0ccba10ffd8a9ef0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44f9633f-15fe-459e-aebf-06d2b582efa8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9766
x-amzn-requestid: ca8b7a9f-3c1a-419d-953e-2944bf820e5e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cBcR_Hd4IAMFWUg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637d40d9-4ca5e9b2476a47cd199b9cba;Sampled=0
x-amzn-remapped-date: Tue, 22 Nov 2022 21:36:25 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: gtzOoH3--VR9BQTHvU5vInc6yhBcK0-O1oBbVJpAhpRRqqKY8vAf_g==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 21:45:48 GMT
age: 47273
etag: "663cace8681891ad55943dd0273493aa9474d102"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F45ca81c5-d11a-4d86-a922-dbdce0f6b46c.jpeg
34.120.237.76200 OK 5.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F45ca81c5-d11a-4d86-a922-dbdce0f6b46c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0cc111ba6ae699fca7fbff3490640960
18084197b48ea3b4a143636250396e8791d0285f
34fbba92e665ad371ea2bd1a871251cf0c5b7832d6f4661b21b2cfbd7f786923
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F45ca81c5-d11a-4d86-a922-dbdce0f6b46c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4977
x-amzn-requestid: 3e56de91-7ed1-4b1e-b230-5f19b2cc6601
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bxQKBHzdIAMFpUw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6376c70c-41c572d27999534d3c198372;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 23:43:08 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Or1B6k7o4cYqVXfndjJsKLOV-aYKX8bfHCQIUqNzvofjQSnIf8f04A==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 21:52:42 GMT
age: 46859
etag: "18084197b48ea3b4a143636250396e8791d0285f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0ea68cc-d723-41ae-8bc2-16e2e422e2aa.jpeg
34.120.237.76200 OK 5.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0ea68cc-d723-41ae-8bc2-16e2e422e2aa.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c6380f73d47906bd63b9c48137e4df61
94e053461d2db89e9d08321f26a2555ebcd7e0b9
84144e3c3e7acc7339fd1da9b373f18582734b6f4d235b2aef8c90616ed1c8a7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0ea68cc-d723-41ae-8bc2-16e2e422e2aa.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5914
x-amzn-requestid: 175363fa-bb7a-4c95-8aa4-ebb3f16f3745
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b1lI3HaqIAMFmTA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63788238-1bb736b52bbae37c5e19486f;Sampled=0
x-amzn-remapped-date: Sat, 19 Nov 2022 07:14:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 39Lmple6qq9vrKeKJ4lcditVdK5XfRFtv3Cs0_R8B7pVDYPiRAGFtg==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 22:13:08 GMT
age: 45633
etag: "94e053461d2db89e9d08321f26a2555ebcd7e0b9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 93d9c12c22a694c1fa669e70a477952b
7bfdf3dff7da49524e238053eda7024a252d7133
9ca755e6300c24afe0f1acaa35d15f6e9ac4c85386c64d38551acc535d889685
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1
Cache-Control: max-age=168891
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 10:53:41 GMT
Etag: "637dec6f-118"
Expires: Fri, 25 Nov 2022 09:48:32 GMT
Last-Modified: Wed, 23 Nov 2022 09:48:31 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 280
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f9c354ae2b3d426f25d4705775eb4745
f992310c4da54dbd5dbe45daffd1806f5e3e2afd
ce58b2fb52b79423079803a0e30f48300a1c2c0bcec8e23f92a5446649921a82
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "CE58B2FB52B79423079803A0E30F48300A1C2C0BCEC8E23F92A5446649921A82"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6470
Expires: Wed, 23 Nov 2022 12:41:31 GMT
Date: Wed, 23 Nov 2022 10:53:41 GMT
Connection: keep-alive
engine.blehcourt.com/Redirect.eng?MediaSegmentId=0&TempMediaId=1e66361b-3fa4-47d9-90cb-a9ccf33ac317&dcid=1_ctx_6e4b418e-08e6-4533-b9e6-d7fecc0b0198&timeZoneOffset=&xml=1&feedId=346&qachk=true&isifr=true&ww=1&wh=1
104.18.19.53302 Found 183 B URL HTTP/2 engine.blehcourt.com/Redirect.eng?MediaSegmentId=0&TempMediaId=1e66361b-3fa4-47d9-90cb-a9ccf33ac317&dcid=1_ctx_6e4b418e-08e6-4533-b9e6-d7fecc0b0198&timeZoneOffset=&xml=1&feedId=346&qachk=true&isifr=true&ww=1&wh=1
IP 104.18.19.53:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 933c494ff5a16740e91f8b2159b0a9f8
de57aeafcb0fc1db15a575920c3629bd1da59a88
088be8550aad57fedaebbc327550559cdb527f8e4ccfdd9850f8380ed9dbcc5c
GET /Redirect.eng?MediaSegmentId=0&TempMediaId=1e66361b-3fa4-47d9-90cb-a9ccf33ac317&dcid=1_ctx_6e4b418e-08e6-4533-b9e6-d7fecc0b0198&timeZoneOffset=&xml=1&feedId=346&qachk=true&isifr=true&ww=1&wh=1 HTTP/1.1
Host: engine.blehcourt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://engine.blehcourt.com/Redirect.eng?MediaSegmentId=0&TempMediaId=1e66361b-3fa4-47d9-90cb-a9ccf33ac317&dcid=1_ctx_6e4b418e-08e6-4533-b9e6-d7fecc0b0198&timeZoneOffset=&xml=1&feedId=346
Cookie: IKSR={}; INF_DFL8=false; IUID=f466be05-b7ed-4818-b92f-67817409e98d; ISSH=6778CD; VMI=; IPLH=#{}; IPLH_Q=#[]; CHN=#[]; MSSH=#{}; MSRH=#{}; ILP=null; ILPLU=#1/1/0001 12:00:00 AM; ILEALC=#1/1/0001 12:00:00 AM; ILMPF=#False; IPMPLU=#; IPMUID=#; BSWUID=#; IBL=#[]; IPLSH=#{}; IPLSH_Q=#[]; IZH=#{}; IZH_Q=#[]; IMCH=#{}; IMCH_Q=#[]; IMH=#{}; IMH_Q=#[]; ISH=#{}; ISH_Q=#[]; ISPH=#{}; ISPH_Q=#[]; ICH=#{}; ICH_Q=#[]
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 302 Found
date: Wed, 23 Nov 2022 10:53:42 GMT
content-type: text/html; charset=utf-8
content-length: 183
location: https://www.adsupplyads.net/_adunits/pageunder/index.html?source=d
cache-control: private, no-transform
access-control-allow-origin: *
p3p: CP="CAO PSA OUR IND"
set-cookie: IKSR={}; path=/; SameSite=None; secure
INF_DFL8=false; path=/; SameSite=None; secure
IUID=f466be05-b7ed-4818-b92f-67817409e98d; expires=Tue, 23-Nov-2032 10:53:41 GMT; path=/; SameSite=None; secure
ISSH=6778CD; path=/; SameSite=None; secure
VMI=c08fb6f9-ae50-4417-90d8-d3a1ca675780; path=/; SameSite=None; secure
IPLH=#{"100497":[{"SId":"6778CD","D":"22/11/23T2:53:41"}]}; expires=Tue, 23-Nov-2032 10:53:41 GMT; path=/; SameSite=None; secure; HttpOnly
IPLH_Q=#[100497]; expires=Tue, 23-Nov-2032 10:53:41 GMT; path=/; SameSite=None; secure; HttpOnly
CHN=#[]; expires=Tue, 23-Nov-2032 10:53:41 GMT; path=/; SameSite=None; secure; HttpOnly
MSSH=#{}; expires=Tue, 23-Nov-2032 10:53:41 GMT; path=/; SameSite=None; secure; HttpOnly
MSRH=#{}; expires=Tue, 23-Nov-2032 10:53:41 GMT; path=/; SameSite=None; secure; HttpOnly
ILP=null; expires=Tue, 23-Nov-2032 10:53:41 GMT; path=/; SameSite=None; secure
ILPLU=#1/1/0001 12:00:00 AM; expires=Tue, 23-Nov-2032 10:53:41 GMT; path=/; SameSite=None; secure; HttpOnly
ILEALC=#1/1/0001 12:00:00 AM; expires=Tue, 23-Nov-2032 10:53:41 GMT; path=/; SameSite=None; secure; HttpOnly
ILMPF=#False; expires=Wed, 23-Nov-2022 14:53:41 GMT; path=/; SameSite=None; secure; HttpOnly
IPMPLU=#; expires=Tue, 23-Nov-2032 10:53:41 GMT; path=/; SameSite=None; secure; HttpOnly
IPMUID=#; expires=Tue, 23-Nov-2032 10:53:41 GMT; path=/; SameSite=None; secure; HttpOnly
BSWUID=#; expires=Tue, 23-Nov-2032 10:53:41 GMT; path=/; SameSite=None; secure; HttpOnly
IKSR={}; path=/; SameSite=None; secure
IBL=#[]; expires=Tue, 23-Nov-2032 10:53:41 GMT; path=/; SameSite=None; secure; HttpOnly
IPLSH=#{}; expires=Tue, 23-Nov-2032 10:53:41 GMT; path=/; SameSite=None; secure; HttpOnly
IPLSH_Q=#[]; expires=Tue, 23-Nov-2032 10:53:41 GMT; path=/; SameSite=None; secure; HttpOnly
IZH=#{"73309":[{"SId":"6778CD","D":"22/11/23T2:53:41"}]}; expires=Tue, 23-Nov-2032 10:53:41 GMT; path=/; SameSite=None; secure; HttpOnly
IZH_Q=#[73309]; expires=Tue, 23-Nov-2032 10:53:41 GMT; path=/; SameSite=None; secure; HttpOnly
IMCH=#{}; expires=Tue, 23-Nov-2032 10:53:41 GMT; path=/; SameSite=None; secure; HttpOnly
IMCH_Q=#[]; expires=Tue, 23-Nov-2032 10:53:41 GMT; path=/; SameSite=None; secure; HttpOnly
IMH=#{}; expires=Tue, 23-Nov-2032 10:53:41 GMT; path=/; SameSite=None; secure; HttpOnly
IMH_Q=#[]; expires=Tue, 23-Nov-2032 10:53:41 GMT; path=/; SameSite=None; secure; HttpOnly
ISH=#{}; expires=Tue, 23-Nov-2032 10:53:41 GMT; path=/; SameSite=None; secure; HttpOnly
ISH_Q=#[]; expires=Tue, 23-Nov-2032 10:53:41 GMT; path=/; SameSite=None; secure; HttpOnly
ISPH=#{"20923":[{"SId":"6778CD","D":"22/11/23T2:53:41"}]}; expires=Tue, 23-Nov-2032 10:53:41 GMT; path=/; SameSite=None; secure; HttpOnly
ISPH_Q=#[20923]; expires=Tue, 23-Nov-2032 10:53:41 GMT; path=/; SameSite=None; secure; HttpOnly
ICH=#{"51079":[{"SId":"6778CD","D":"22/11/23T2:53:41"}]}; expires=Tue, 23-Nov-2032 10:53:41 GMT; path=/; SameSite=None; secure; HttpOnly
ICH_Q=#[51079]; expires=Tue, 23-Nov-2032 10:53:41 GMT; path=/; SameSite=None; secure; HttpOnly
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 76e95cd0cc8db50f-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash de18b92145b9b12f35d4147b95b7070d
a78620cb157b5ee724c82b5ae25bfeafc57c2992
b389a73d2affb058ab113b1f8bdad61e6f084afe63ab9ce91e2e8231f141c587
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2057
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 10:53:42 GMT
Etag: "637c8337-118"
Last-Modified: Wed, 23 Nov 2022 10:19:25 GMT
Server: ECS (amb/6BAD)
X-Cache: HIT
Content-Length: 280
www.adsupplyads.net/_adunits/pageunder/index.html?source=d
104.26.2.12302 Found 0 B URL HTTP/2 www.adsupplyads.net/_adunits/pageunder/index.html?source=d
IP 104.26.2.12:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /_adunits/pageunder/index.html?source=d HTTP/1.1
Host: www.adsupplyads.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://engine.blehcourt.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Wed, 23 Nov 2022 10:53:42 GMT
content-length: 0
location: https://is.gd/defaultinfad
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N5WWy%2B8hDX%2FwpEeI3ChCk2Iw73lkqxRyXHaNKZVlIzzsokxSBcJSRT71bUWu3anKHY7QsO2imPnNORRZri0iKknVvd%2Bm%2Bpn3NdTg2ZQLE9anaOLAGCzWjKgllUs76S0E57VMjFs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76e95cd23c75b4f9-OSL
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 875b9fa3779a1062bcf99172d4101abe
899129bc5db1dca4896774598400c90431ef2c4a
8485e7d4b67ae05e2144024630fdd37d3e081954d7e06621e5c367fd3ab72518
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6347
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 10:53:42 GMT
Last-Modified: Wed, 23 Nov 2022 09:07:55 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 280
is.gd/defaultinfad
104.25.234.53301 Moved Permanently 30 kB IP 104.25.234.53:0
Hash d94bd6706c9ca73aed0faaf28d39a93c
2ff58d9f277e131fb2028154a8cfb426224efcfe
bcdc9352d1fbd04ad9c4a48208aaa802b1f8e3701dc0251772bb259c382f0538
GET /defaultinfad HTTP/1.1
Host: is.gd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://engine.blehcourt.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Wed, 23 Nov 2022 10:53:42 GMT
content-type: text/html; charset=UTF-8
location: https://www.who.int/emergencies/diseases/novel-coronavirus-2019
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 76e95cd31e58b51b-OSL
X-Firefox-Spdy: h2
www.theautochannel.com/news/2006/05/27/008817.1-lg.jpg
104.21.18.153200 OK 0 B URL HTTP/2 www.theautochannel.com/news/2006/05/27/008817.1-lg.jpg
IP 104.21.18.153:0
GET /news/2006/05/27/008817.1-lg.jpg HTTP/1.1
Host: www.theautochannel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://tattoos-girl-fish-chinas-news.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 23 Nov 2022 10:53:41 GMT
content-type: image/jpeg
cache-control: public, max-age=604800
display: staticcontent_sol
etag: W/"68e4d-414c42fbe7880-gzip"
expires: Thu, 24 Nov 2022 10:53:41 GMT
last-modified: Mon, 21 Nov 2022 21:43:37 GMT
response: 200
vary: Accept-Encoding,Referer,Origin
x-ezoic-cdn: Bypass
x-middleton-display: staticcontent_sol
x-middleton-response: 200
x-origin-cache-control: max-age=86400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=naLT0e8QC%2F3F%2FI5mK3ygnswLf7b1dRIGn1YKBgHAtHDjY%2Bpw%2FaLQ11664Hd7arYoxpYj%2F7s4bX806Pgtx%2F6yNHMOxSOVZXLEyh2KcRYh5x6damtzDazQR25QLrXHkJVdUGES8PiAUsUd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76e95cc9bf06b4fa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
engine.blehcourt.com/Redirect.eng?MediaSegmentId=0&TempMediaId=1e66361b-3fa4-47d9-90cb-a9ccf33ac317&dcid=1_ctx_6e4b418e-08e6-4533-b9e6-d7fecc0b0198&timeZoneOffset=&xml=1&feedId=346
104.18.19.53200 OK 0 B URL HTTP/2 engine.blehcourt.com/Redirect.eng?MediaSegmentId=0&TempMediaId=1e66361b-3fa4-47d9-90cb-a9ccf33ac317&dcid=1_ctx_6e4b418e-08e6-4533-b9e6-d7fecc0b0198&timeZoneOffset=&xml=1&feedId=346
IP 104.18.19.53:0
GET /Redirect.eng?MediaSegmentId=0&TempMediaId=1e66361b-3fa4-47d9-90cb-a9ccf33ac317&dcid=1_ctx_6e4b418e-08e6-4533-b9e6-d7fecc0b0198&timeZoneOffset=&xml=1&feedId=346 HTTP/1.1
Host: engine.blehcourt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://keywebtracker.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 23 Nov 2022 10:53:41 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
cache-control: private, no-transform
content-encoding: gzip
p3p: CP="CAO PSA OUR IND"
access-control-allow-origin: *
set-cookie: IKSR={}; path=/; SameSite=None; secure
INF_DFL8=false; path=/; SameSite=None; secure
IUID=f466be05-b7ed-4818-b92f-67817409e98d; expires=Tue, 23-Nov-2032 10:53:41 GMT; path=/; SameSite=None; secure
ISSH=6778CD; path=/; SameSite=None; secure
VMI=; path=/; SameSite=None; secure
IPLH=#{}; expires=Tue, 23-Nov-2032 10:53:41 GMT; path=/; SameSite=None; secure; HttpOnly
IPLH_Q=#[]; expires=Tue, 23-Nov-2032 10:53:41 GMT; path=/; SameSite=None; secure; HttpOnly
CHN=#[]; expires=Tue, 23-Nov-2032 10:53:41 GMT; path=/; SameSite=None; secure; HttpOnly
MSSH=#{}; expires=Tue, 23-Nov-2032 10:53:41 GMT; path=/; SameSite=None; secure; HttpOnly
MSRH=#{}; expires=Tue, 23-Nov-2032 10:53:41 GMT; path=/; SameSite=None; secure; HttpOnly
ILP=null; expires=Tue, 23-Nov-2032 10:53:41 GMT; path=/; SameSite=None; secure
ILPLU=#1/1/0001 12:00:00 AM; expires=Tue, 23-Nov-2032 10:53:41 GMT; path=/; SameSite=None; secure; HttpOnly
ILEALC=#1/1/0001 12:00:00 AM; expires=Tue, 23-Nov-2032 10:53:41 GMT; path=/; SameSite=None; secure; HttpOnly
ILMPF=#False; expires=Wed, 23-Nov-2022 14:53:41 GMT; path=/; SameSite=None; secure; HttpOnly
IPMPLU=#; expires=Tue, 23-Nov-2032 10:53:41 GMT; path=/; SameSite=None; secure; HttpOnly
IPMUID=#; expires=Tue, 23-Nov-2032 10:53:41 GMT; path=/; SameSite=None; secure; HttpOnly
BSWUID=#; expires=Tue, 23-Nov-2032 10:53:41 GMT; path=/; SameSite=None; secure; HttpOnly
IKSR={}; path=/; SameSite=None; secure
IBL=#[]; expires=Tue, 23-Nov-2032 10:53:41 GMT; path=/; SameSite=None; secure; HttpOnly
IPLSH=#{}; expires=Tue, 23-Nov-2032 10:53:41 GMT; path=/; SameSite=None; secure; HttpOnly
IPLSH_Q=#[]; expires=Tue, 23-Nov-2032 10:53:41 GMT; path=/; SameSite=None; secure; HttpOnly
IZH=#{}; expires=Tue, 23-Nov-2032 10:53:41 GMT; path=/; SameSite=None; secure; HttpOnly
IZH_Q=#[]; expires=Tue, 23-Nov-2032 10:53:41 GMT; path=/; SameSite=None; secure; HttpOnly
IMCH=#{}; expires=Tue, 23-Nov-2032 10:53:41 GMT; path=/; SameSite=None; secure; HttpOnly
IMCH_Q=#[]; expires=Tue, 23-Nov-2032 10:53:41 GMT; path=/; SameSite=None; secure; HttpOnly
IMH=#{}; expires=Tue, 23-Nov-2032 10:53:41 GMT; path=/; SameSite=None; secure; HttpOnly
IMH_Q=#[]; expires=Tue, 23-Nov-2032 10:53:41 GMT; path=/; SameSite=None; secure; HttpOnly
ISH=#{}; expires=Tue, 23-Nov-2032 10:53:41 GMT; path=/; SameSite=None; secure; HttpOnly
ISH_Q=#[]; expires=Tue, 23-Nov-2032 10:53:41 GMT; path=/; SameSite=None; secure; HttpOnly
ISPH=#{}; expires=Tue, 23-Nov-2032 10:53:41 GMT; path=/; SameSite=None; secure; HttpOnly
ISPH_Q=#[]; expires=Tue, 23-Nov-2032 10:53:41 GMT; path=/; SameSite=None; secure; HttpOnly
ICH=#{}; expires=Tue, 23-Nov-2032 10:53:41 GMT; path=/; SameSite=None; secure; HttpOnly
ICH_Q=#[]; expires=Tue, 23-Nov-2032 10:53:41 GMT; path=/; SameSite=None; secure; HttpOnly
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 76e95ccf6aedb50f-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.walterfilm.com/404-error/
104.196.138.223200 OK 0 B URL HTTP/2 www.walterfilm.com/404-error/
IP 104.196.138.223:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
GET /404-error/ HTTP/1.1
Host: www.walterfilm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://tattoos-girl-fish-chinas-news.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 10:53:42 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
link: <https://www.walterfilm.com/wp-json/>; rel="https://api.w.org/", <https://www.walterfilm.com/wp-json/wp/v2/pages/17808>; rel="alternate"; type="application/json", <https://www.walterfilm.com/?p=17808>; rel=shortlink
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
set-cookie: HttpOnly; Secure; SameSite=Strict;
x-permitted-cross-domain-policies: none
feature-policy: camera 'none'
strict-transport-security: max-age=15768000; includeSubDomains; preload;
expect-ct: enforce
content-encoding: br
X-Firefox-Spdy: h2
www.banzaj.pl/pictures/kultura/film/aktorzy/Michelle_Pfeifer/julie_newmar_catwoman.jpg
188.165.16.14200 OK 0 B URL HTTP/1.1 www.banzaj.pl/pictures/kultura/film/aktorzy/Michelle_Pfeifer/julie_newmar_catwoman.jpg
IP 188.165.16.14:0
GET /pictures/kultura/film/aktorzy/Michelle_Pfeifer/julie_newmar_catwoman.jpg HTTP/1.1
Host: www.banzaj.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tattoos-girl-fish-chinas-news.blogspot.com/
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 10:53:41 GMT
Server: Apache
Last-Modified: Fri, 13 Dec 2013 17:17:10 GMT
ETag: "2e9be-4ed6da1e1f180"
Accept-Ranges: bytes
Content-Length: 190910
Connection: close
Content-Type: image/jpeg
colorlines.com/assets_c/2010/12/victoriasecret_2010_1-thumb-640xauto-1692.jpg
35.170.209.141404 Not Found 0 B URL HTTP/2 colorlines.com/assets_c/2010/12/victoriasecret_2010_1-thumb-640xauto-1692.jpg
IP 35.170.209.141:0
GET /assets_c/2010/12/victoriasecret_2010_1-thumb-640xauto-1692.jpg HTTP/1.1
Host: colorlines.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://tattoos-girl-fish-chinas-news.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
server: nginx
content-type: text/html; charset=UTF-8
x-powered-by: PHP/8.1.12
link: <https://colorlines.com/wp-json/>; rel="https://api.w.org/"
strict-transport-security: max-age=15768000; includeSubDomains
date: Wed, 23 Nov 2022 10:53:41 GMT
x-page-speed: 1.13.35.2-0
cache-control: max-age=0, no-cache
content-encoding: br
X-Firefox-Spdy: h2
superficiaaal.files.wordpress.com/2011/04/03_29_11-lil_wayne-crap_eyewear_beach_party3.jpg%3Fw%3D640%26h%3D358
192.0.72.24404 Not Found 0 B URL HTTP/2 superficiaaal.files.wordpress.com/2011/04/03_29_11-lil_wayne-crap_eyewear_beach_party3.jpg%3Fw%3D640%26h%3D358
IP 192.0.72.24:0
GET /2011/04/03_29_11-lil_wayne-crap_eyewear_beach_party3.jpg%3Fw%3D640%26h%3D358 HTTP/1.1
Host: superficiaaal.files.wordpress.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://tattoos-girl-fish-chinas-news.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
server: nginx
date: Wed, 23 Nov 2022 10:53:40 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
x-reason: 0010
X-Firefox-Spdy: h2
www.walterfilm.com/bmz_cache/7/7545616b890f3dd50027b369a0752beb.image.438x680.jpg
104.196.138.223302 Found 0 B URL HTTP/2 www.walterfilm.com/bmz_cache/7/7545616b890f3dd50027b369a0752beb.image.438x680.jpg
IP 104.196.138.223:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
GET /bmz_cache/7/7545616b890f3dd50027b369a0752beb.image.438x680.jpg HTTP/1.1
Host: www.walterfilm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://tattoos-girl-fish-chinas-news.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Wed, 23 Nov 2022 10:53:41 GMT
content-type: text/html; charset=UTF-8
location: https://www.walterfilm.com/404-error/
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
x-redirect-by: WordPress
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
set-cookie: HttpOnly; Secure; SameSite=Strict;
x-permitted-cross-domain-policies: none
feature-policy: camera 'none'
strict-transport-security: max-age=15768000; includeSubDomains; preload;
expect-ct: enforce
X-Firefox-Spdy: h2