r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 5ceaca9fd4ad000cb435820812fc69c8
8168397aaf7b572c89a9c83f46c0b65e4ac509f2
9c4e52e7e17158307d752db0bc3d1fbedae4f305cc301fd73b260f73ab796492
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9C4E52E7E17158307D752DB0BC3D1FBEDAE4F305CC301FD73B260F73AB796492"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10864
Expires: Wed, 07 Dec 2022 14:58:08 GMT
Date: Wed, 07 Dec 2022 11:57:04 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash a0abf10fb7e96c1c98dacf2f013a68b4
acdd839bce85eadc78a8e821e32e00a958d5c0c8
b85d98f8df05431777d96c767ce4c152302ec3f653cdf6e61c8c3fa9574f3255
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B85D98F8DF05431777D96C767CE4C152302EC3F653CDF6E61C8C3FA9574F3255"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7576
Expires: Wed, 07 Dec 2022 14:03:20 GMT
Date: Wed, 07 Dec 2022 11:57:04 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash f83c5e33ba42e312ee398848bbb711f5
caa1fd23b1fbbe883292ded04404c1cfd861eb09
106d08fba45f1e13f85b4b5abc456594878494238933e54b6a06e21ed8a52bc9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5097
Cache-Control: max-age=86351
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 11:57:04 GMT
Etag: "638f19f6-1d7"
Expires: Thu, 08 Dec 2022 11:56:15 GMT
Last-Modified: Tue, 06 Dec 2022 10:31:18 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: XTNHHWRS49GApMEKr4mYIid3dXouUYz+aUbfkZB5cDulrTMkUdkjifx8hl2FmKmZZ5VzgyeabYU=
x-amz-request-id: B8AC5VWGF41VKW10
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 07 Dec 2022 11:47:29 GMT
age: 575
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 07 Dec 2022 11:20:28 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2196
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 11:57:04 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
normakethis.blogspot.com/2022/03/hp-laserjet-p1606dn-windows-10-driver.html
172.217.21.161301 Moved Permanently 221 B URL HTTP/1.1 normakethis.blogspot.com/2022/03/hp-laserjet-p1606dn-windows-10-driver.html
IP 172.217.21.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 187613badc607ed1f103963d54034040
8d3cb15ed6960e2a2dd7ecc206253c87250337ee
569ff0f85d228273a8aa2259e2f5660369bcd9a9856a6e3dd6ad0ac22187fbf1
GET /2022/03/hp-laserjet-p1606dn-windows-10-driver.html HTTP/1.1
Host: normakethis.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Location: https://normakethis.blogspot.com/2022/03/hp-laserjet-p1606dn-windows-10-driver.html
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Wed, 07 Dec 2022 11:57:04 GMT
Expires: Wed, 07 Dec 2022 11:57:04 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 221
Server: GSE
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 07 Dec 2022 11:11:20 GMT
cache-control: public,max-age=3600
age: 2744
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash cbcd8c53639a6546d9152b265b407f1f
f166ecb2a63e819c03ba476d2640a0b27838d7d4
3e69252575b020da03c0cf3b5734084cf9d73f44ecfa743b00e2976c53013b66
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 11:57:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 053aff7451e55d4269dd9610ab070f3f
b3376256d11d159b0c7280ba1515b78d7d9e12ca
24114ca560fe70d03185bd66985603fd5a03dc310aa9a8ea7a7b3723ed46ce3e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5095
Cache-Control: max-age=167680
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 11:57:05 GMT
Etag: "639057aa-1d7"
Expires: Fri, 09 Dec 2022 10:31:45 GMT
Last-Modified: Wed, 07 Dec 2022 09:06:50 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
52.39.96.8101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.39.96.8:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: P9o0BRVez9fwch3JzUq0lw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 4O9s9wrzfQmzCdQaQf2xbsA6RIw=
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash cbcd8c53639a6546d9152b265b407f1f
f166ecb2a63e819c03ba476d2640a0b27838d7d4
3e69252575b020da03c0cf3b5734084cf9d73f44ecfa743b00e2976c53013b66
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 11:57:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
normakethis.blogspot.com/2022/03/hp-laserjet-p1606dn-windows-10-driver.html
172.217.21.161200 OK 27 kB URL HTTP/2 normakethis.blogspot.com/2022/03/hp-laserjet-p1606dn-windows-10-driver.html
IP 172.217.21.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (42945)
Hash e63f3d60ac2afd24cd8c1cd4bee9a36f
2719fd45cb6c0082a9ba7a9d058fc28fad77774e
b01f2c83aa21e8be89a708047c36045fff6dd9667420172f0e44050ebaa9af05
GET /2022/03/hp-laserjet-p1606dn-windows-10-driver.html HTTP/1.1
Host: normakethis.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
expires: Wed, 07 Dec 2022 11:57:05 GMT
date: Wed, 07 Dec 2022 11:57:05 GMT
cache-control: private, max-age=0
last-modified: Fri, 04 Nov 2022 02:42:53 GMT
etag: W/"beb3f2197fb1bbabee1f09d44bc09c096e7cda76632e4b380298bcafac308f0f"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 26567
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 3025b4c51fa49b1cfb04323171de5be1
2e90e313500f8c8614913c7adb2451f11a2e097e
4bc8b08368c851da85093a4e4c054555aa6091ad97f042e971ab106f511f033e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4849
Cache-Control: max-age=159912
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 11:57:05 GMT
Etag: "63903a48-117"
Expires: Fri, 09 Dec 2022 08:22:17 GMT
Last-Modified: Wed, 07 Dec 2022 07:01:28 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 3074a66f6d9b2e2af9b41ec0e2f4e2db
942e2c49b3848f11da966937f5914c62aed24bce
7c3b21b91aab06aff58cc56ce4b7273a7d320df8b0b4ad685c660e03ba0b72aa
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 11:57:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdnjs.cloudflare.com/ajax/libs/jquery/3.5.0/jquery.min.js
104.17.24.14200 OK 28 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery/3.5.0/jquery.min.js
IP 104.17.24.14:0
File type ASCII text, with very long lines (65451)
Hash 391678ecd81abb89d767676563d04a0d
ca95c965bf5453f22a77969f650d82cc0495aedc
0688a8577842e3019d1880c5e32bf44ab58a93592218886291e05eb8a1907c7b
GET /ajax/libs/jquery/3.5.0/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://normakethis.blogspot.com
Connection: keep-alive
Referer: https://normakethis.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 11:57:05 GMT
content-type: application/javascript; charset=utf-8
content-length: 27964
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-15d95"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1147351
expires: Mon, 27 Nov 2023 11:57:05 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bQraCu2vscvI1KoRDW0avfdxpfQzwyu8yaFwe9H2%2Fyme1VKRncDTPSWG2Pd%2FPS1pwFDHzgi%2FWkTmKUQiYqzV4Z%2Bzd4FizrqbXdkmfTKazQg8QtUb9pVZLkp86wXmJL%2Ft3VeZsryv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 775d14eff82eb503-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
i0.wp.com/hpprinterseries.net/wp-content/uploads/2019/02/HP-LaserJet-Pro-P1606dn-Printer.jpg?w=250&ssl=1
192.0.77.2200 OK 6.3 kB URL HTTP/2 i0.wp.com/hpprinterseries.net/wp-content/uploads/2019/02/HP-LaserJet-Pro-P1606dn-Printer.jpg?w=250&ssl=1
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 250x250, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 50c7b86adca2968a923400138ec707ba
cf8a35608228bbe8b5c4afa501d5228a6eb26052
17ba0a4be610148ce8199776fc235be83585e6496df13d376d054af4d988b80d
GET /hpprinterseries.net/wp-content/uploads/2019/02/HP-LaserJet-Pro-P1606dn-Printer.jpg?w=250&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://normakethis.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 11:57:05 GMT
content-type: image/webp
content-length: 6316
last-modified: Fri, 04 Nov 2022 12:05:51 GMT
expires: Mon, 04 Nov 2024 00:05:51 GMT
cache-control: public, max-age=63115200
link: <https://hpprinterseries.net/wp-content/uploads/2019/02/HP-LaserJet-Pro-P1606dn-Printer.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "58f804cd6070efb5"
vary: Accept
x-nc: MISS arn 2
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 3ba8392a35e279a05f632a48d38b831f
49fcabcfff2128fb4a87164981595ec9f813f2f6
b82849af3ed3e533f08673c23a3412582bccf9022402a7050d750a96cdf82dad
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 11:57:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
142.250.74.138200 OK 34 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
IP 142.250.74.138:0
File type ASCII text, with very long lines (32077)
Hash fd2b58574f9637ba7ef639267349d848
6eda5ea93f549ceb5693f6f1c038893fa56a510d
75627d4b97e5e6294a8f88f5eeaf9b616696dc8600db9701c47ef05f067880ec
GET /ajax/libs/jquery/1.12.4/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://normakethis.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33951
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 18:51:00 GMT
expires: Thu, 30 Nov 2023 18:51:00 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 579965
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 3025b4c51fa49b1cfb04323171de5be1
2e90e313500f8c8614913c7adb2451f11a2e097e
4bc8b08368c851da85093a4e4c054555aa6091ad97f042e971ab106f511f033e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4849
Cache-Control: max-age=159912
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 11:57:05 GMT
Etag: "63903a48-117"
Expires: Fri, 09 Dec 2022 08:22:17 GMT
Last-Modified: Wed, 07 Dec 2022 07:01:28 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash bb1e9989d8b84caf9deb2787b93c5b8f
c7e1ee0f110ec05534c96739d938554ed38635c5
8754dec16a0563ac7d78422ccc53976adba9506615982f1a70aba79256750a4c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 11:57:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
4.bp.blogspot.com/-O3EpVMWcoKw/WxY6-6I4--I/AAAAAAAAB2s/KzC0FqUQtkMdw7VzT6oOR_8vbZO6EJc-ACK4BGAYYCw/w680/nth.png
142.250.74.161200 OK 3.7 kB URL HTTP/2 4.bp.blogspot.com/-O3EpVMWcoKw/WxY6-6I4--I/AAAAAAAAB2s/KzC0FqUQtkMdw7VzT6oOR_8vbZO6EJc-ACK4BGAYYCw/w680/nth.png
IP 142.250.74.161:0
File type PNG image data, 680 x 349, 8-bit/color RGB, non-interlaced\012- data
Hash 6b640c8cb090eea4724a53b0c320b08f
92d00a5cdd667c0157a40e442cc9dd1485cdb290
fd7739e2674c5fe13e0a51140a51189b82c5bbaf087c18a04d30b62fad9648a8
GET /-O3EpVMWcoKw/WxY6-6I4--I/AAAAAAAAB2s/KzC0FqUQtkMdw7VzT6oOR_8vbZO6EJc-ACK4BGAYYCw/w680/nth.png HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://normakethis.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="nth.png"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 3725
x-xss-protection: 0
date: Wed, 07 Dec 2022 10:32:24 GMT
expires: Wed, 17 Nov 2021 17:55:03 GMT
cache-control: public, max-age=86400, no-transform
age: 5081
etag: "v76c"
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
1.bp.blogspot.com/-z8MkISWV03Q/YA8T596r2_I/AAAAAAAAAlM/9ZxRBELQmj09tIVPzFhL_4xo9Fo_oXougCNcBGAsYHQ/s341/cooltext374902050871409.png
142.250.74.161200 OK 12 kB URL HTTP/2 1.bp.blogspot.com/-z8MkISWV03Q/YA8T596r2_I/AAAAAAAAAlM/9ZxRBELQmj09tIVPzFhL_4xo9Fo_oXougCNcBGAsYHQ/s341/cooltext374902050871409.png
IP 142.250.74.161:0
File type PNG image data, 341 x 74, 8-bit/color RGBA, non-interlaced\012- data
Hash 26d842dbad6e9a8c5b54e782c0d27d6a
19852a857e7aadc465eb3283cddbfcec6bcfcc38
b42da531c08519e93ae2c1b9fce5a0f7a36db0cdb944c397a768d683bd0b5706
GET /-z8MkISWV03Q/YA8T596r2_I/AAAAAAAAAlM/9ZxRBELQmj09tIVPzFhL_4xo9Fo_oXougCNcBGAsYHQ/s341/cooltext374902050871409.png HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://normakethis.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="cooltext374902050871409.png"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 11453
x-xss-protection: 0
date: Wed, 07 Dec 2022 10:35:41 GMT
expires: Wed, 17 Nov 2021 17:42:43 GMT
cache-control: public, max-age=86400, no-transform
age: 4884
etag: "v254"
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash bb1e9989d8b84caf9deb2787b93c5b8f
c7e1ee0f110ec05534c96739d938554ed38635c5
8754dec16a0563ac7d78422ccc53976adba9506615982f1a70aba79256750a4c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 11:57:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 9e83e23c9303fc167d2b23bceba4f304
cc712e67770a00bcc9901a6881f5b1cd343cf054
16378fd60ce4fb8ead3bbc313e6ae0166f68d532d40c586f8c71cb6cd1a91f50
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 11:57:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.blogger.com/static/v1/jsbin/3469866930-comment_from_post_iframe.js
142.250.74.41200 OK 6.6 kB URL HTTP/2 www.blogger.com/static/v1/jsbin/3469866930-comment_from_post_iframe.js
IP 142.250.74.41:0
File type ASCII text, with very long lines (1441)
Hash f60e5037324bf7fd2256c16929886f09
aae4b1aea3737e0268e3578dd1d0e7cfe6c6d66b
71846da8d45274b77549b110389ab3dbcb8ce042051b5c39547909c1c343dfde
GET /static/v1/jsbin/3469866930-comment_from_post_iframe.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://normakethis.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 6573
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Dec 2022 13:44:05 GMT
expires: Wed, 06 Dec 2023 13:44:05 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 06 Dec 2022 04:51:45 GMT
content-type: text/javascript
age: 79981
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 3074a66f6d9b2e2af9b41ec0e2f4e2db
942e2c49b3848f11da966937f5914c62aed24bce
7c3b21b91aab06aff58cc56ce4b7273a7d320df8b0b4ad685c660e03ba0b72aa
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 11:57:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 3074a66f6d9b2e2af9b41ec0e2f4e2db
942e2c49b3848f11da966937f5914c62aed24bce
7c3b21b91aab06aff58cc56ce4b7273a7d320df8b0b4ad685c660e03ba0b72aa
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 11:57:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.blogger.com/static/v1/widgets/2342155703-widgets.js
142.250.74.41200 OK 157 kB URL HTTP/2 www.blogger.com/static/v1/widgets/2342155703-widgets.js
IP 142.250.74.41:0
File type ASCII text, with very long lines (2221)
Size 157 kB (156915 bytes)
Hash 64d62574443f9d2148012af05abf60ac
16fc9b9b71eb94dbfdc15da12e9b3f21dfe1636e
c752966435826f865df5163012e3066bd9f0339b1959098323533be261741246
GET /static/v1/widgets/2342155703-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://normakethis.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 156915
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Dec 2022 05:43:30 GMT
expires: Wed, 06 Dec 2023 05:43:30 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 05 Dec 2022 08:51:54 GMT
content-type: text/javascript
age: 108816
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 3ba8392a35e279a05f632a48d38b831f
49fcabcfff2128fb4a87164981595ec9f813f2f6
b82849af3ed3e533f08673c23a3412582bccf9022402a7050d750a96cdf82dad
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 11:57:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 3ba8392a35e279a05f632a48d38b831f
49fcabcfff2128fb4a87164981595ec9f813f2f6
b82849af3ed3e533f08673c23a3412582bccf9022402a7050d750a96cdf82dad
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 11:57:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
142.250.74.35200 OK 17 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 16740, version 1.0\012- data
Hash e43b535855a4ae53bd5b07a6eeb3bf67
6507312d9491156036316484bf8dc41e8b52ddd9
b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681
GET /s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://normakethis.blogspot.com
Connection: keep-alive
Referer: https://normakethis.blogspot.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 05 Dec 2022 18:52:55 GMT
expires: Tue, 05 Dec 2023 18:52:55 GMT
cache-control: public, max-age=31536000
age: 147851
last-modified: Mon, 15 Aug 2022 18:14:44 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash ec6ece82a7cb8faa3ba171efae3a9eda
7ee75fba9a9d1078960f7834d71961c38f514b82
301d0c4d73b444369e488ee4f78b3a994a9168ec6c6d46cd7f3448722a841a2e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 11:57:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.blogger.com/dyn-css/authorization.css?targetBlogID=1988639142399070797&zx=d767b092-b2a4-43ce-b8bb-054e898ef8b7
142.250.74.41200 OK 21 B URL HTTP/2 www.blogger.com/dyn-css/authorization.css?targetBlogID=1988639142399070797&zx=d767b092-b2a4-43ce-b8bb-054e898ef8b7
IP 142.250.74.41:0
File type very short file (no magic)
Hash a62e4d501434033d5d177e67d3aafdd0
34f7300c9ed47334cf10826d57af785321e3138b
b0cabcbfed4b1830ab1956efbd2eec32289a968323cb854a47ef98360ed0f522
GET /dyn-css/authorization.css?targetBlogID=1988639142399070797&zx=d767b092-b2a4-43ce-b8bb-054e898ef8b7 HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://normakethis.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 07 Dec 2022 11:57:06 GMT
last-modified: Wed, 07 Dec 2022 11:57:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-length: 21
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash ec6ece82a7cb8faa3ba171efae3a9eda
7ee75fba9a9d1078960f7834d71961c38f514b82
301d0c4d73b444369e488ee4f78b3a994a9168ec6c6d46cd7f3448722a841a2e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 11:57:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash bb1e9989d8b84caf9deb2787b93c5b8f
c7e1ee0f110ec05534c96739d938554ed38635c5
8754dec16a0563ac7d78422ccc53976adba9506615982f1a70aba79256750a4c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 11:57:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/opensans/v34/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
142.250.74.35200 OK 48 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 47952, version 1.0\012- data
Hash 17b406b7b8caa297435fa358e194f5a1
e2132f0e97781af56fa966c0fabb49132f2af203
84161c46238fff2c6920ebc28f02cddd7b710cf3d1107853f540b084320f6afd
GET /s/opensans/v34/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://normakethis.blogspot.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 47952
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 05 Dec 2022 18:56:13 GMT
expires: Tue, 05 Dec 2023 18:56:13 GMT
cache-control: public, max-age=31536000
age: 147653
last-modified: Mon, 15 Aug 2022 18:22:41 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.TQQmGErnW_U.es5.O/am=cw6AQA/d=1/excm=_b,_r,_tp,commentformiframeview/ed=1/dg=0/wt=2/rs=AEy-KP014YXSaYzc1U59WVFr0d4_uKMFSA/m=_b,_tp,_r
142.250.74.41200 OK 64 kB URL HTTP/2 www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.TQQmGErnW_U.es5.O/am=cw6AQA/d=1/excm=_b,_r,_tp,commentformiframeview/ed=1/dg=0/wt=2/rs=AEy-KP014YXSaYzc1U59WVFr0d4_uKMFSA/m=_b,_tp,_r
IP 142.250.74.41:0
File type ASCII text, with very long lines (599)
Hash 6fa00257bc631e57bf52dbb7ab0077b6
e851547e0a7f0b13935edcafa0b00c6b296bda9c
3a6bf7d15b9ad6741421584caf54e15e0328fbde2c818f9d1c69d80727822d23
GET /_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.TQQmGErnW_U.es5.O/am=cw6AQA/d=1/excm=_b,_r,_tp,commentformiframeview/ed=1/dg=0/wt=2/rs=AEy-KP014YXSaYzc1U59WVFr0d4_uKMFSA/m=_b,_tp,_r HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/blogger-boq-js-css-signers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="boq-infra/blogger-boq-js-css-signers"
report-to: {"group":"boq-infra/blogger-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/blogger-boq-js-css-signers"}]}
content-length: 63859
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Dec 2022 04:00:39 GMT
expires: Thu, 07 Dec 2023 04:00:39 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 06 Dec 2022 07:10:10 GMT
content-type: text/javascript; charset=UTF-8
age: 28587
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
stackpath.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
104.18.10.207200 OK 77 kB URL HTTP/2 stackpath.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
IP 104.18.10.207:0
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
GET /font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://normakethis.blogspot.com
Connection: keep-alive
Referer: https://stackpath.bootstrapcdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 11:57:06 GMT
content-type: font/woff2
content-length: 77160
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: "af7ae505a9eed503f8b8e6982036873e"
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 08/17/2022 18:20:14
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 752
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 10d7265129236e243f18fb1a3de68cda
cdn-cache: HIT
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 775d14f15aadb529-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash ec6ece82a7cb8faa3ba171efae3a9eda
7ee75fba9a9d1078960f7834d71961c38f514b82
301d0c4d73b444369e488ee4f78b3a994a9168ec6c6d46cd7f3448722a841a2e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 11:57:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
104.18.10.207200 OK 32 kB URL HTTP/2 stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
IP 104.18.10.207:0
File type ASCII text, with very long lines (30837)
Hash bfa82965e9762ac3ab7aea04011a8567
62705347d51bfcd47957926f5bc1cdca6e7b9080
a58e7c73195003c97cae525ea4e300ff43816b77f288983a44677866fc67d0ad
GET /font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://normakethis.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 11:57:05 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 11/15/2021 21:49:00
cdn-proxyver: 1.0
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 723
cdn-status: 200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-requestid: 2729ae8f2fc6c761bdc17d91cc795f58
cdn-cache: HIT
cf-cache-status: HIT
age: 15860979
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 775d14efeac8b4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.blogger.com/comment/frame/1988639142399070797?po=4568230353804493255&hl=en&skin=contempo&blogspotRpcToken=67851
142.250.74.41200 OK 120 kB URL HTTP/2 www.blogger.com/comment/frame/1988639142399070797?po=4568230353804493255&hl=en&skin=contempo&blogspotRpcToken=67851
IP 142.250.74.41:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (33820)
Size 120 kB (120312 bytes)
Hash 0771075514cbb6783f2569b7c31ef1b5
cf244834dce863f566ee7ff3c759722ac20eb794
f0a17dbc1502775577efc339cf64fa99deb7a0e49355962334383e26f4b045b2
GET /comment/frame/1988639142399070797?po=4568230353804493255&hl=en&skin=contempo&blogspotRpcToken=67851 HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://normakethis.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-ua-compatible: IE=edge
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 07 Dec 2022 11:57:06 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-security-policy: script-src 'nonce-BYciCyPcgLA_V7p6qVOiCw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/BloggerCommentUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/BloggerCommentUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/BloggerCommentUi/cspreport
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="BloggerCommentUi"
cross-origin-resource-policy: same-site
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"BloggerCommentUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/BloggerCommentUi/external"}]}
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
set-cookie: NID=511=NB_p6oTkGqVrC1MItwzrzk943W3_fQQywhiNP3BXl9SU4-HE73AZ3rc6Tur7GNshw08xGv2b6UCUZGZCwjzxQc1pbRFk0Mz8ijTKnysaEdcWk1_up-qEAGgynWKJLdowscJAxi5a77YTsKTqgd-Zam_6CeJ-0Lxp8xuRD11pObo; expires=Thu, 08-Jun-2023 11:57:06 GMT; path=/; domain=.blogger.com; Secure; HttpOnly
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/blogger_img_proxy/ANbyha3w0_Fe82m9d9f10R2MM8A4gB7rAGVLmp9gG5AdaB5wEUeilFcnvU5HYJs8TRgNkfIhD9ZjfL5hcYIRWYeOatXcHZRy83swDYOXehJgb4C4oi0FaVvZcPeUDqY7BhiXnQJsnCm6yewd2zo69upiG2FDWwLs4nQT9QQ1u7h9eWPhPvsLP1Zu5w=w680
142.250.74.97200 OK 43 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha3w0_Fe82m9d9f10R2MM8A4gB7rAGVLmp9gG5AdaB5wEUeilFcnvU5HYJs8TRgNkfIhD9ZjfL5hcYIRWYeOatXcHZRy83swDYOXehJgb4C4oi0FaVvZcPeUDqY7BhiXnQJsnCm6yewd2zo69upiG2FDWwLs4nQT9QQ1u7h9eWPhPvsLP1Zu5w=w680
IP 142.250.74.97:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 680x425, components 3\012- data
Hash 8c1feb514403c28ec3839cf694c3c13f
6088d9060e4527d688d1c5dbb7b3aced01f356c7
0f6664bd8751b068898858d5fd0e54fa7a2fed0b1ba2bd9e09f6cf5642ee79b4
GET /blogger_img_proxy/ANbyha3w0_Fe82m9d9f10R2MM8A4gB7rAGVLmp9gG5AdaB5wEUeilFcnvU5HYJs8TRgNkfIhD9ZjfL5hcYIRWYeOatXcHZRy83swDYOXehJgb4C4oi0FaVvZcPeUDqY7BhiXnQJsnCm6yewd2zo69upiG2FDWwLs4nQT9QQ1u7h9eWPhPvsLP1Zu5w=w680 HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://normakethis.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
date: Wed, 07 Dec 2022 11:57:06 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 43279
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 9e83e23c9303fc167d2b23bceba4f304
cc712e67770a00bcc9901a6881f5b1cd343cf054
16378fd60ce4fb8ead3bbc313e6ae0166f68d532d40c586f8c71cb6cd1a91f50
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 11:57:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2685
Expires: Wed, 07 Dec 2022 12:41:51 GMT
Date: Wed, 07 Dec 2022 11:57:06 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2685
Expires: Wed, 07 Dec 2022 12:41:51 GMT
Date: Wed, 07 Dec 2022 11:57:06 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2685
Expires: Wed, 07 Dec 2022 12:41:51 GMT
Date: Wed, 07 Dec 2022 11:57:06 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2685
Expires: Wed, 07 Dec 2022 12:41:51 GMT
Date: Wed, 07 Dec 2022 11:57:06 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 9084a518c70ad57bb3226fb519b648fd
79348ebe6f5900a035d4d65e08a7409fd9708f15
f0c6b0f66c31aa7cb2d2808eb4c04c3681d48e731efc8cbba0f3fef1d218ce7b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 11:57:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51c41646-4c8f-4a18-bf60-2b67be5db8d0.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51c41646-4c8f-4a18-bf60-2b67be5db8d0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 604a4132da78a0c013b5818644adb121
ddf982c6ff7a0d8e5376c119b6642fe7e0ba8566
eecab519c33596c67f2d2021dfd1af24e7fd8f2ed403f99b4ba0c265c08a259f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51c41646-4c8f-4a18-bf60-2b67be5db8d0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8701
x-amzn-requestid: 653284c3-ee7f-45f1-9513-3a6c81e1d6e3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cm3-2HRWIAMFjfg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638c39f8-6f8969a26787a9463ba6c2ec;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 06:11:04 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: cmRvAOLmk_xZC4RKdin-lozUNeK9-icqkzsQmSjP9scXnnCLxkvJ5A==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 22:01:53 GMT
age: 50113
etag: "ddf982c6ff7a0d8e5376c119b6642fe7e0ba8566"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F01b6b798-4c76-47d4-ae22-c8967b0f2c5c.jpeg
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F01b6b798-4c76-47d4-ae22-c8967b0f2c5c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9fda84db003d0cfc70d73dcb6a3763dd
5c54b4ca3db1c975b3ad7f780f0ebdc867fc2ef4
f00aa6b88dd85164d8f6ee685937a3ca8039b98b442a2e6aede1c4c421b4fc4c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F01b6b798-4c76-47d4-ae22-c8967b0f2c5c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8997
x-amzn-requestid: 54d7ed8c-119c-4583-929c-fd053524814c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csT_8F78IAMFY6Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e66cc-3d9816725e7e0b1b3404bc4a;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:46:52 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: FjScmvs74slr4Mr8vhQLRNh-88KqMx4L1FwNKdBwbUUPDuu1ivOuoQ==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 21:47:20 GMT
age: 50986
etag: "5c54b4ca3db1c975b3ad7f780f0ebdc867fc2ef4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffe93cbd-4506-4ab1-b0ea-94eabecae7b9.jpeg
34.120.237.76200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffe93cbd-4506-4ab1-b0ea-94eabecae7b9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 210b27f5f6310d8fad640acce3d9ae0e
08d241e56622cb900754d95bc5d58ed8826d9f32
64410e13759cdfa24976dcba0c64aca27edc3ee56358f344e55f60793422e3ea
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffe93cbd-4506-4ab1-b0ea-94eabecae7b9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6557
x-amzn-requestid: 0232ddcd-8274-431e-a55e-8298fbfd6dfc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cmcuMG6bIAMFUng=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638c0e5a-3cc17121425f87321ce7ae7e;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 03:04:58 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: va_vly0iX6rzm_aTWrryPRjoTWlI-_0m6rpS6VrTx-nsd71dk1cSZw==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 08:32:51 GMT
age: 12255
etag: "08d241e56622cb900754d95bc5d58ed8826d9f32"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feeb81330-af0b-4cc3-bd0e-591ba064667a.jpeg
34.120.237.76200 OK 7.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feeb81330-af0b-4cc3-bd0e-591ba064667a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c9257f2e3b9bd1b3aa262b0f4bf57968
4bcdd6ecd63834aa1010faf19457a97f37ae99fa
9afd592279c51b533b3bf72a860cf4a8f2bc6cf01b07d1ab6f11f0ff302e0ef6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feeb81330-af0b-4cc3-bd0e-591ba064667a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7392
x-amzn-requestid: f4b6890a-7a8f-48f8-b2af-365cb5f681e4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cpwREFiXoAMFSMw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d60d3-009e524f30c72d0629c877bb;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 03:09:07 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: C0-H0LUbxaxMEXoDf6PXEFAvVTj2D9K2M7eshRo39QzAAWSk2ubepA==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 03:15:41 GMT
age: 31285
etag: "4bcdd6ecd63834aa1010faf19457a97f37ae99fa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b15136d60fd0a5e0f657a4f5c75d540f
36082b7329d473829178f280cb71a83b1531e486
79478269b1f5dcfd1e45ccd4264fa44805b37c5c8fec820bcbd2fa1689dfbbd8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11224
x-amzn-requestid: 938de0b8-1055-4416-9ad7-162ab5f4db9f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csUINEwdoAMFuOw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e6701-38b079ef341bb17e567de773;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:47:45 GMT
x-amz-cf-pop: YVR50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tGtiCE9C3j0BUruNaFN2j1mKxCSouLmocmTXpmLMBJaLNyVwkXu1gQ==
via: 1.1 f0ac467993db44dbfc36b778dfcaf73c.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 20:49:34 GMT
age: 54452
etag: "36082b7329d473829178f280cb71a83b1531e486"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0d5b6cef-6b79-466f-a8bf-5f3864c9b0e7.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0d5b6cef-6b79-466f-a8bf-5f3864c9b0e7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c9f7b9c77a99173619ee85d0cfa8e2f8
05ba0fab4533b9837dd8558ffa5eb168e974d2b3
17184aca15041d2770fe14397fc0ab87e5f8e9f910b557031ba7fbf1349b0b9c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0d5b6cef-6b79-466f-a8bf-5f3864c9b0e7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11464
x-amzn-requestid: 04d9e95d-563e-4258-934e-add82f95a638
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cdGysEDmIAMFSIQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638851aa-426e37fb562dc25b3449311b;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 07:03:06 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: RspslnJzOcAHAL--VTgFJkFxb1PvLM6OHJmJUsdOKocI5ZPmJSLdoA==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 07:16:43 GMT
age: 16823
etag: "05ba0fab4533b9837dd8558ffa5eb168e974d2b3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.google.com/recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu
142.250.74.132200 OK 665 B URL HTTP/2 www.google.com/recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu
IP 142.250.74.132:0
File type ASCII text, with very long lines (1034), with no line terminators
Hash 34e37af4d526255a20a2056cd5f4addf
bcac186d6a49539e69a3f67aa08d0188966f5623
51a2c479b272414cb9d7e1ec62edffbad01217068b73d516d33cb8f26a4fc634
GET /recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Wed, 07 Dec 2022 11:57:06 GMT
date: Wed, 07 Dec 2022 11:57:06 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 665
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash cd6dabd083ee1c237c8ea3ba38cc48d5
bbe4420bf1c0fe0d5621336865563418d2f16f39
c9314cdac13bc2ea94505f473538ab4d5c0a940dfbc2f5447e6f22a5af580572
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 11:57:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js
142.250.74.99200 OK 163 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js
IP 142.250.74.99:0
File type ASCII text, with very long lines (730)
Size 163 kB (162976 bytes)
Hash 79d18cf4265108d7cecca1bf4ada6109
e51d0285a545381d4c39e9e0292a650ffeeecbb9
59ce7253f371df0833c3f72d4748ef812002b90a49413c56d0ca7c40bb5a0ab6
GET /recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
Origin: https://www.blogger.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 162976
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Dec 2022 11:16:35 GMT
expires: Thu, 07 Dec 2023 11:16:35 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 14 Nov 2022 03:01:59 GMT
content-type: text/javascript
age: 2431
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash cd6dabd083ee1c237c8ea3ba38cc48d5
bbe4420bf1c0fe0d5621336865563418d2f16f39
c9314cdac13bc2ea94505f473538ab4d5c0a940dfbc2f5447e6f22a5af580572
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 11:57:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
play.google.com/log?format=json&hasfast=true
216.58.207.238200 OK 131 B URL HTTP/2 play.google.com/log?format=json&hasfast=true
IP 216.58.207.238:0
File type JSON data\012- , ASCII text, with no line terminators
Hash babb6f090aeebc6f421624475b4aefff
06079b7547949822c118224e51604f4c5ebf80c8
b2fe8b91f31edc7284cc9690e90dd4a38d985598374df68967d917590beb55dd
POST /log?format=json&hasfast=true HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
Content-Type: application/x-www-form-urlencoded;charset=utf-8
Content-Length: 1528
Origin: https://www.blogger.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://www.blogger.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web
content-type: text/plain; charset=UTF-8
content-encoding: gzip
date: Wed, 07 Dec 2022 11:57:07 GMT
server: Playlog
cache-control: private
content-length: 131
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: __Secure-ENID=8.SE=xF5zvt2wXLj2d9psj3vmUBFmXLNEtRlzWR9jt8qbjdZ92oZF5uphzgCzDvN6YuihZgCD9AK8mwcm2ghv3k5cqk32C-9WqDGen_DAcSjSdxjE6f8kQd3O3osF3nleLGMvP-UvVFkiAeyFePfxwzh8SGx1lIlfM7PDs_YqpZ5DFgI; expires=Sun, 07-Jan-2024 04:15:25 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=lax
CONSENT=PENDING+886; expires=Fri, 06-Dec-2024 11:57:07 GMT; path=/; domain=.google.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 07 Dec 2022 11:57:07 GMT
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 724a2e265cdcf2483e04acd76abc9079
f27ce00524735d0c6edfd35efef2b29fa1c4b8bb
f8d2a57a79a37c31b7e6a3494a4088780b7b7dfcd37d4e6681ad13e6104ae137
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F8D2A57A79A37C31B7E6A3494A4088780B7B7DFCD37D4E6681AD13E6104AE137"
Last-Modified: Tue, 06 Dec 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21563
Expires: Wed, 07 Dec 2022 17:56:30 GMT
Date: Wed, 07 Dec 2022 11:57:07 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 724a2e265cdcf2483e04acd76abc9079
f27ce00524735d0c6edfd35efef2b29fa1c4b8bb
f8d2a57a79a37c31b7e6a3494a4088780b7b7dfcd37d4e6681ad13e6104ae137
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F8D2A57A79A37C31B7E6A3494A4088780B7B7DFCD37D4E6681AD13E6104AE137"
Last-Modified: Tue, 06 Dec 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Wed, 07 Dec 2022 17:57:07 GMT
Date: Wed, 07 Dec 2022 11:57:07 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 90f86808117ce4f34d31a3223e47d8c7
da157503e5b6af1c87ea1190100da4254e6088e3
c76b8e5846ea0ba4da0c49f2f2a8505af0835ace5bc2c886abccd8285cb6d051
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C76B8E5846EA0BA4DA0C49F2F2A8505AF0835ACE5BC2C886ABCCD8285CB6D051"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3917
Expires: Wed, 07 Dec 2022 13:02:25 GMT
Date: Wed, 07 Dec 2022 11:57:08 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash bc282fe64ee2b1e148dd9774e96e233d
1b94f5bc10d2d983103a214df7754c6169e47d47
0ab71c8aa2a43a719f41457f865c5cd23d347b47c2406c3640634445f2773084
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0AB71C8AA2A43A719F41457F865C5CD23D347B47C2406C3640634445F2773084"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10348
Expires: Wed, 07 Dec 2022 14:49:36 GMT
Date: Wed, 07 Dec 2022 11:57:08 GMT
Connection: keep-alive
flickerbridge.com/a3265d7de32d253cd424ed9f866ca5ad/invoke.js
173.233.137.36200 OK 9.3 kB URL HTTP/1.1 flickerbridge.com/a3265d7de32d253cd424ed9f866ca5ad/invoke.js
IP 173.233.137.36:0
File type Unicode text, UTF-8 text, with very long lines (25082), with no line terminators
Hash edccf61bd3f15b73440799894cfee379
1901314241c6700c189210f0158c2a290a3004f2
ad1eb38fd0099d0b38b8699eeb4e30bee24dec81c705e3576bbf558b15eaf9cc
GET /a3265d7de32d253cd424ed9f866ca5ad/invoke.js HTTP/1.1
Host: flickerbridge.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://normakethis.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 07 Dec 2022 11:57:08 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 1b0d5f49a11b88e6f4b1b6ff85ec5a47
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
flickerbridge.com/31/26/a1/3126a16d065a43e1a24e98403026adf1.js
173.233.137.36200 OK 13 kB URL HTTP/1.1 flickerbridge.com/31/26/a1/3126a16d065a43e1a24e98403026adf1.js
IP 173.233.137.36:0
File type ASCII text, with very long lines (37128), with no line terminators
Hash 01333d79fe213bcca864fd539c93509b
47ab5c8b2f7f4556c07ccb4034a42844ecd002a3
a3b796b95a89b55ec7293ab80ac4746667000149af9ed7f461f8af61536cc83e
GET /31/26/a1/3126a16d065a43e1a24e98403026adf1.js HTTP/1.1
Host: flickerbridge.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://normakethis.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 07 Dec 2022 11:57:08 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 894865842d520b8ab21b24cc7e4778c5
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
www.lif.co.id/social
49.12.77.16307 Temporary Redirect 471 B IP 49.12.77.16:0
ASN #24940 Hetzner Online GmbH
Hash 975d829b6c1182baa9059ef46ba71c89
4cad25f5dc5997779e9bde153551bf7fa3481938
5a23467d164713da6a0ba9cff3d114780c255f12696ad50c3efc214c8895ee64
GET /social HTTP/1.1
Host: www.lif.co.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://normakethis.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 307 Temporary Redirect
server: nginx
date: Wed, 07 Dec 2022 11:57:08 GMT
content-type: text/html; charset=UTF-8
location: https://flickerbridge.com/31/26/a1/3126a16d065a43e1a24e98403026adf1.js
set-cookie: prli_click_1=social; expires=Fri, 06-Jan-2023 11:57:08 GMT; Max-Age=2592000; path=/
prli_visitor=63907f942e604; expires=Thu, 07-Dec-2023 11:57:08 GMT; Max-Age=31536000; path=/
x-robots-tag: noindex, nofollow
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
expires: Mon, 07 Jul 1777 07:07:07 GMT
x-redirect-powered-by: Pretty Link Pro Developer 3.2.7 http://prettylink.com
x-redirect-by: WordPress
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.33.119.27200 OK 345 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash d5ec94a04d79a44bd54d220a80f789ba
56296c85e756283c4d7c90d6c327bc815c105b6d
c82e514bd4836dd8f600a005575285d5938d20af9a78d108bbe746e041a35abc
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "C82E514BD4836DD8F600A005575285D5938D20AF9A78D108BBE746E041A35ABC"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7525
Expires: Wed, 07 Dec 2022 14:02:34 GMT
Date: Wed, 07 Dec 2022 11:57:09 GMT
Connection: keep-alive
simplewebanalysis.com/stats
52.28.211.11200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 52.28.211.11:0
File type ASCII text, with no line terminators
Hash f932b5edc65b35ef38c4b443462f3de4
1ff78cd2e91b570680ce3a89b7f65125bdcbc585
cccb24e8c02c70d1b474f387d0fc99dffac7310682515e4576a39d1f3e49d743
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://normakethis.blogspot.com
Connection: keep-alive
Referer: https://normakethis.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 11:57:09 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://normakethis.blogspot.com
access-control-allow-credentials: true
set-cookie: uid_id2=0c1e9c92-2c33-4529-988d-bd0e93776741:1:1; expires=Sat, 04 Dec 2032 11:57:09 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash 975d829b6c1182baa9059ef46ba71c89
4cad25f5dc5997779e9bde153551bf7fa3481938
5a23467d164713da6a0ba9cff3d114780c255f12696ad50c3efc214c8895ee64
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=96232
Date: Wed, 07 Dec 2022 11:57:09 GMT
Etag: "638f4418-1d7"
Expires: Thu, 08 Dec 2022 14:41:01 GMT
Last-Modified: Tue, 06 Dec 2022 13:31:04 GMT
Server: ECS (nyb/1D19)
X-Cache: Miss from cloudfront
Via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: poBo3KMrxIFXOIHy8aHWITwAqewpW0az_r2Dss3a_Mqh1Yj3OFvhbg==
Age: 4197
simplewebanalysis.com/stats
52.28.211.11200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 52.28.211.11:0
File type ASCII text, with no line terminators
Hash 25acab43ccc97790fc53a8b55355b756
4ade5021a0ca3c44d2708605dbef43a50a533ecf
27f0fd2452fa644939e65c8c83df62b5295c1a5b701e372aad1776c88ffbfd4b
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://normakethis.blogspot.com
Connection: keep-alive
Referer: https://normakethis.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 11:57:09 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://normakethis.blogspot.com
access-control-allow-credentials: true
set-cookie: uid_id2=a897b6ef-ddd4-4bc0-8a6d-4f6f44e2bffe:1:1; expires=Sat, 04 Dec 2032 11:57:09 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVc.ttf
142.250.74.35200 OK 21 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVc.ttf
IP 142.250.74.35:0
File type TrueType Font data, 18 tables, 1st "GDEF", 14 names, Microsoft, language 0x409, Copyright 2020 The Open Sans Project Authors (https://github.com/googlefonts/opensans)Open SansR\012- data
Hash 63f124cc58fb3f1e5e04b2961edc0f7b
a7e225ab157af0246fbc151ffe513c0b555032c5
484be1fa4b0ddf5a535046b293963ce7cfe6f2659f50309d7bdb6399a732637d
GET /s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVc.ttf HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
Origin: https://www.blogger.com
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 21006
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Dec 2022 09:56:45 GMT
expires: Wed, 06 Dec 2023 09:56:45 GMT
cache-control: public, max-age=31536000
age: 93624
last-modified: Mon, 15 Aug 2022 18:14:44 GMT
content-type: font/ttf
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.33.119.27200 OK 345 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash d5ec94a04d79a44bd54d220a80f789ba
56296c85e756283c4d7c90d6c327bc815c105b6d
c82e514bd4836dd8f600a005575285d5938d20af9a78d108bbe746e041a35abc
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "C82E514BD4836DD8F600A005575285D5938D20AF9A78D108BBE746E041A35ABC"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7525
Expires: Wed, 07 Dec 2022 14:02:34 GMT
Date: Wed, 07 Dec 2022 11:57:09 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 829a1a6da37a40eec7612d24b634bf1a
261806d76ba28a42586ab3fb8a006b5d32319f20
e6b2f7c64bbcfbd58816a8aa49ab8bb0a8ae8328b6fe463ac4a4625226ac6dd1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E6B2F7C64BBCFBD58816A8AA49AB8BB0A8AE8328B6FE463AC4A4625226AC6DD1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17113
Expires: Wed, 07 Dec 2022 16:42:22 GMT
Date: Wed, 07 Dec 2022 11:57:09 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 4572d87a1e0ec8c2d53b33a39b06f02a
f6d469af83db717e1a691532052868c7925b2fe0
546f530032e8c8cd6e51d1adb173e194cef6610ee425b44fa57bdd153aaab079
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "546F530032E8C8CD6E51D1ADB173E194CEF6610EE425B44FA57BDD153AAAB079"
Last-Modified: Tue, 06 Dec 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2552
Expires: Wed, 07 Dec 2022 12:39:41 GMT
Date: Wed, 07 Dec 2022 11:57:09 GMT
Connection: keep-alive
hopefullyapricot.com/ntv.json?key=a3265d7de32d253cd424ed9f866ca5ad&vstc=2
192.243.59.20200 OK 8.5 kB URL HTTP/1.1 hopefullyapricot.com/ntv.json?key=a3265d7de32d253cd424ed9f866ca5ad&vstc=2
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type JSON data\012- , ASCII text, with very long lines (8453), with no line terminators
Hash 52a4d0697e8b766fd795aefa2570255e
7c7f66e5470352bf273ebe6dda6738c667249cfa
b25b5481c304b2eaf6db133a5d0504ca1fcaebe30d76ae439601cea9f54127ef
GET /ntv.json?key=a3265d7de32d253cd424ed9f866ca5ad&vstc=2 HTTP/1.1
Host: hopefullyapricot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://normakethis.blogspot.com
Connection: keep-alive
Referer: https://normakethis.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Wed, 07 Dec 2022 11:57:09 GMT
Content-Type: application/json
Content-Length: 8453
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://normakethis.blogspot.com
Access-Control-Allow-Origin: https://normakethis.blogspot.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=16711417; expires=Thu, 08 Dec 2022 11:57:09 GMT; secure; SameSite=None
pdhtkv=true; expires=Thu, 08 Dec 2022 11:57:09 GMT; secure; SameSite=None
uncs=1; expires=Thu, 08 Dec 2022 11:57:09 GMT; secure; SameSite=None
pdhtkv49=true; expires=Thu, 08 Dec 2022 11:57:09 GMT; secure; SameSite=None
uncs49=1; expires=Thu, 08 Dec 2022 11:57:09 GMT; secure; SameSite=None
nleca3265d7de32d253cd424ed9f866ca5ad=[2229214,2229212]; expires=Wed, 07 Dec 2022 11:57:14 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a0605704914cc3ff3b56914fed9ec310
Strict-Transport-Security: max-age=0; includeSubdomains
hygieneretorted.com/sbar.json?key=3126a16d065a43e1a24e98403026adf1&uuid=a897b6ef-ddd4-4bc0-8a6d-4f6f44e2bffe%3A1%3A1
173.233.137.52200 OK 3.6 kB URL HTTP/1.1 hygieneretorted.com/sbar.json?key=3126a16d065a43e1a24e98403026adf1&uuid=a897b6ef-ddd4-4bc0-8a6d-4f6f44e2bffe%3A1%3A1
IP 173.233.137.52:0
File type JSON data\012- , ASCII text, with very long lines (6184), with no line terminators
Hash 85e0f77a3e8817baa666af3a53986725
12b60ec50a39528b39abf0afe6f100f10441a7bb
9f19cc0e870dc36d3fc1b69a63693c0ea54b33b4c3be12dcf50c99b3276d4939
GET /sbar.json?key=3126a16d065a43e1a24e98403026adf1&uuid=a897b6ef-ddd4-4bc0-8a6d-4f6f44e2bffe%3A1%3A1 HTTP/1.1
Host: hygieneretorted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://normakethis.blogspot.com
Connection: keep-alive
Referer: https://normakethis.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 07 Dec 2022 11:57:10 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://normakethis.blogspot.com
Access-Control-Allow-Origin: https://normakethis.blogspot.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=16570266; expires=Thu, 08 Dec 2022 11:57:09 GMT; secure; SameSite=None
uid_id2=a897b6ef-ddd4-4bc0-8a6d-4f6f44e2bffe:1:1; expires=Wed, 14 Dec 2022 11:57:09 GMT; secure; SameSite=None
pdhtkv=true; expires=Thu, 08 Dec 2022 11:57:10 GMT; secure; SameSite=None
uncs=1; expires=Thu, 08 Dec 2022 11:57:10 GMT; secure; SameSite=None
pdhtkv29=true; expires=Thu, 08 Dec 2022 11:57:10 GMT; secure; SameSite=None
uncs29=1; expires=Thu, 08 Dec 2022 11:57:10 GMT; secure; SameSite=None
slec3126a16d065a43e1a24e98403026adf1=[3078195]; expires=Wed, 07 Dec 2022 11:57:15 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: dae5636b88e407c600c7690aca828b1f
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
hygieneretorted.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz4scxR%2BtTvLliwgBRRQFYQ4eFNzZ7pme2RlzEGOMROPukkT2XNVVPVtudVVTVT09uxcXA5Lj6EHEU%2B%2Bb3SxqEPMHSGTWS1gIZDyEPbh%2FgyAGDx5kZkcGP1D1%2BfGq4L1X9flecUpCFPRk%2FSOzI5Wiy616WHt9Q2puSldbvVWLwnp4qbYhdTu%2BVBtMN9t%2FKwpb9fCN2vsi2TLLjTAKwyiMalelFakZLM9QyPxeN6p3w3rcqEetGAP7394VARwNwPun5HlIPvnf5sP7kMkYOvvxinBb3uRvvpcVinpj0eeHH%2BstbUqNbFGmNkCqD%2BenYdyEkK%2FPwejDuQKY%2Fv5UAZickOBJBKYP5zTB%2BgdnTJmC0GD8WZT9MYQaQ9IxEnMbkj8mQMKxugad3V01tqTbZyidohNy4ekfkOWEXPjtBejsh8tKDmo3jSq8NNphkFaQgzFkb4y8OILfCSDLIyT%2BM0j%2BiCw%2FvQ6d7a85ZSD5yWu0011hbZEucc7jpZgl4VKHtvlSnLbTOBYNlqZiZpGUY8h0DCWGoC5AMV0yQJEGKPIAGT%2Bp0VY3DcOVlKXNZidOkqTZTJJWp81bvBl30hBFMtUwhM%2BHSNQQid1FbnexJYewxc9wmxUcD%2BA8QZ9XKAVB6QhKSlBKgtITlP3qgCvXcNVdrlzBonluzHOzGhnf26MHxveEJnv5KXluZtzfT77BljipNaNGm0ZtHrZbNG6KiDZi0e3EYTNstClPIzhZQbpzM5k7ckJe%2FPIZ5HJCzj%2F6AIwewakjJPI8aPEqaDlaaYSgm6O4E2JHP3DeGt3bFNR6JqiXuldnyvRcbnw9MRm4qZD7C%2FDbwZ46JS%2FPqNX%2FakIkx2QeSGyF3Fb4RP5C0FN3RjdMSfZvmNKR%2B2u5l5ncodP3vumpF8F3H4rt0lh%2B7YobfvtOMgWm5b1bwvnrVHOpe458f1lyLuxVYxNBfrrmNgRbL9zm5cLqIr%2B%2B%2Fu7Va1luhXPS6DGofHzxIhI5If9%2F%2BOfsJ790%2BgqkHcMWFbJiwVSaIyT5Lly%2BmDlDYNWiZ3mAsqhGtsEWQyUJlFj0lFVw4vjB7%2F9eWtR77g56NgD1t6GzCn1boa8qUDWEK86PfG6P3%2F61OQswFYyYssE%2BU1Z9cWatkyc10UrDVIQNwdIuS1doyLtp3GW0G4kV1qIRvJskw0%2B%2F%2BgcAAP%2F%2FAQAA%2F%2F%2Ba7e7aoQQAAA%3D%3D
173.233.137.52200 OK 7 B URL HTTP/1.1 hygieneretorted.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz4scxR%2BtTvLliwgBRRQFYQ4eFNzZ7pme2RlzEGOMROPukkT2XNVVPVtudVVTVT09uxcXA5Lj6EHEU%2B%2Bb3SxqEPMHSGTWS1gIZDyEPbh%2FgyAGDx5kZkcGP1D1%2BfGq4L1X9flecUpCFPRk%2FSOzI5Wiy616WHt9Q2puSldbvVWLwnp4qbYhdTu%2BVBtMN9t%2FKwpb9fCN2vsi2TLLjTAKwyiMalelFakZLM9QyPxeN6p3w3rcqEetGAP7394VARwNwPun5HlIPvnf5sP7kMkYOvvxinBb3uRvvpcVinpj0eeHH%2BstbUqNbFGmNkCqD%2BenYdyEkK%2FPwejDuQKY%2Fv5UAZickOBJBKYP5zTB%2BgdnTJmC0GD8WZT9MYQaQ9IxEnMbkj8mQMKxugad3V01tqTbZyidohNy4ekfkOWEXPjtBejsh8tKDmo3jSq8NNphkFaQgzFkb4y8OILfCSDLIyT%2BM0j%2BiCw%2FvQ6d7a85ZSD5yWu0011hbZEucc7jpZgl4VKHtvlSnLbTOBYNlqZiZpGUY8h0DCWGoC5AMV0yQJEGKPIAGT%2Bp0VY3DcOVlKXNZidOkqTZTJJWp81bvBl30hBFMtUwhM%2BHSNQQid1FbnexJYewxc9wmxUcD%2BA8QZ9XKAVB6QhKSlBKgtITlP3qgCvXcNVdrlzBonluzHOzGhnf26MHxveEJnv5KXluZtzfT77BljipNaNGm0ZtHrZbNG6KiDZi0e3EYTNstClPIzhZQbpzM5k7ckJe%2FPIZ5HJCzj%2F6AIwewakjJPI8aPEqaDlaaYSgm6O4E2JHP3DeGt3bFNR6JqiXuldnyvRcbnw9MRm4qZD7C%2FDbwZ46JS%2FPqNX%2FakIkx2QeSGyF3Fb4RP5C0FN3RjdMSfZvmNKR%2B2u5l5ncodP3vumpF8F3H4rt0lh%2B7YobfvtOMgWm5b1bwvnrVHOpe458f1lyLuxVYxNBfrrmNgRbL9zm5cLqIr%2B%2B%2Fu7Va1luhXPS6DGofHzxIhI5If9%2F%2BOfsJ790%2BgqkHcMWFbJiwVSaIyT5Lly%2BmDlDYNWiZ3mAsqhGtsEWQyUJlFj0lFVw4vjB7%2F9eWtR77g56NgD1t6GzCn1boa8qUDWEK86PfG6P3%2F61OQswFYyYssE%2BU1Z9cWatkyc10UrDVIQNwdIuS1doyLtp3GW0G4kV1qIRvJskw0%2B%2F%2BgcAAP%2F%2FAQAA%2F%2F%2Ba7e7aoQQAAA%3D%3D
IP 173.233.137.52:0
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSz4scxR%2BtTvLliwgBRRQFYQ4eFNzZ7pme2RlzEGOMROPukkT2XNVVPVtudVVTVT09uxcXA5Lj6EHEU%2B%2Bb3SxqEPMHSGTWS1gIZDyEPbh%2FgyAGDx5kZkcGP1D1%2BfGq4L1X9flecUpCFPRk%2FSOzI5Wiy616WHt9Q2puSldbvVWLwnp4qbYhdTu%2BVBtMN9t%2FKwpb9fCN2vsi2TLLjTAKwyiMalelFakZLM9QyPxeN6p3w3rcqEetGAP7394VARwNwPun5HlIPvnf5sP7kMkYOvvxinBb3uRvvpcVinpj0eeHH%2BstbUqNbFGmNkCqD%2BenYdyEkK%2FPwejDuQKY%2Fv5UAZickOBJBKYP5zTB%2BgdnTJmC0GD8WZT9MYQaQ9IxEnMbkj8mQMKxugad3V01tqTbZyidohNy4ekfkOWEXPjtBejsh8tKDmo3jSq8NNphkFaQgzFkb4y8OILfCSDLIyT%2BM0j%2BiCw%2FvQ6d7a85ZSD5yWu0011hbZEucc7jpZgl4VKHtvlSnLbTOBYNlqZiZpGUY8h0DCWGoC5AMV0yQJEGKPIAGT%2Bp0VY3DcOVlKXNZidOkqTZTJJWp81bvBl30hBFMtUwhM%2BHSNQQid1FbnexJYewxc9wmxUcD%2BA8QZ9XKAVB6QhKSlBKgtITlP3qgCvXcNVdrlzBonluzHOzGhnf26MHxveEJnv5KXluZtzfT77BljipNaNGm0ZtHrZbNG6KiDZi0e3EYTNstClPIzhZQbpzM5k7ckJe%2FPIZ5HJCzj%2F6AIwewakjJPI8aPEqaDlaaYSgm6O4E2JHP3DeGt3bFNR6JqiXuldnyvRcbnw9MRm4qZD7C%2FDbwZ46JS%2FPqNX%2FakIkx2QeSGyF3Fb4RP5C0FN3RjdMSfZvmNKR%2B2u5l5ncodP3vumpF8F3H4rt0lh%2B7YobfvtOMgWm5b1bwvnrVHOpe458f1lyLuxVYxNBfrrmNgRbL9zm5cLqIr%2B%2B%2Fu7Va1luhXPS6DGofHzxIhI5If9%2F%2BOfsJ790%2BgqkHcMWFbJiwVSaIyT5Lly%2BmDlDYNWiZ3mAsqhGtsEWQyUJlFj0lFVw4vjB7%2F9eWtR77g56NgD1t6GzCn1boa8qUDWEK86PfG6P3%2F61OQswFYyYssE%2BU1Z9cWatkyc10UrDVIQNwdIuS1doyLtp3GW0G4kV1qIRvJskw0%2B%2F%2BgcAAP%2F%2FAQAA%2F%2F%2Ba7e7aoQQAAA%3D%3D HTTP/1.1
Host: hygieneretorted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://normakethis.blogspot.com/
Cookie: u_pl=16570266; uid_id2=a897b6ef-ddd4-4bc0-8a6d-4f6f44e2bffe:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec3126a16d065a43e1a24e98403026adf1=[3078195]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 07 Dec 2022 11:57:10 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a6aaa855f21ed0eb18bb0a751929f8a5
Strict-Transport-Security: max-age=0; includeSubdomains
hopefullyapricot.com/65/aa/28/65aa283021630dfd9030555c4c61a78c.js
192.243.59.20200 OK 29 kB URL HTTP/1.1 hopefullyapricot.com/65/aa/28/65aa283021630dfd9030555c4c61a78c.js
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (65536), with no line terminators
Hash 2970c051c61d6dd72a16f63bfa1c77bd
29a88e0f3ed9cf7ee7500b517e6500ead40ca381
4c2efcdf892b8a5fcedeb56b25e4f526ee6ed092d99bded639085f7c3fe29a53
GET /65/aa/28/65aa283021630dfd9030555c4c61a78c.js HTTP/1.1
Host: hopefullyapricot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://normakethis.blogspot.com/
Cookie: u_pl=16711417; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1; nleca3265d7de32d253cd424ed9f866ca5ad=[2229214,2229212]
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Wed, 07 Dec 2022 11:57:10 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 00b36d71833c3ee0ce8d063ad002f0a5
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash cfd3928701da1ef5225a67f860223a33
569b3e0e4766bac5e501cce2d9bf1fa5f14d11d4
b62de05099102ddd47a6cdf88953fedd174f6778c1c70060ce6d51c48762d9cb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2070
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 11:57:10 GMT
Etag: "638f0919-117"
Last-Modified: Wed, 07 Dec 2022 11:22:40 GMT
Server: ECS (amb/6BA9)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash cfd3928701da1ef5225a67f860223a33
569b3e0e4766bac5e501cce2d9bf1fa5f14d11d4
b62de05099102ddd47a6cdf88953fedd174f6778c1c70060ce6d51c48762d9cb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2070
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 11:57:10 GMT
Last-Modified: Wed, 07 Dec 2022 11:22:40 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash cfd3928701da1ef5225a67f860223a33
569b3e0e4766bac5e501cce2d9bf1fa5f14d11d4
b62de05099102ddd47a6cdf88953fedd174f6778c1c70060ce6d51c48762d9cb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5363
Cache-Control: max-age=168707
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 11:57:10 GMT
Etag: "63905aa6-117"
Expires: Fri, 09 Dec 2022 10:48:57 GMT
Last-Modified: Wed, 07 Dec 2022 09:19:34 GMT
Server: ECS (amb/6B74)
X-Cache: HIT
Content-Length: 279
www.lif.co.id/native
49.12.77.16307 Temporary Redirect 7 B IP 49.12.77.16:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
GET /native HTTP/1.1
Host: www.lif.co.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://normakethis.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 307 Temporary Redirect
server: nginx
date: Wed, 07 Dec 2022 11:57:08 GMT
content-type: text/html; charset=UTF-8
location: https://flickerbridge.com/a3265d7de32d253cd424ed9f866ca5ad/invoke.js
set-cookie: prli_click_3=native; expires=Fri, 06-Jan-2023 11:57:08 GMT; Max-Age=2592000; path=/
prli_visitor=63907f942b2f8; expires=Thu, 07-Dec-2023 11:57:08 GMT; Max-Age=31536000; path=/
x-robots-tag: noindex, nofollow
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
expires: Mon, 07 Jul 1777 07:07:07 GMT
x-redirect-powered-by: Pretty Link Pro Developer 3.2.7 http://prettylink.com
x-redirect-by: WordPress
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash ea6d8022d3d0fcb1a655c111694efb3c
0565f1dae70afb9f7d231824a488de4f262218f0
198fc3e66c5d81029e6781d76d0eb5bf8a3c8ae92aa3aa6a7f0fda6d95658a76
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "198FC3E66C5D81029E6781D76D0EB5BF8A3C8AE92AA3AA6A7F0FDA6D95658A76"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10307
Expires: Wed, 07 Dec 2022 14:48:57 GMT
Date: Wed, 07 Dec 2022 11:57:10 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash cfd3928701da1ef5225a67f860223a33
569b3e0e4766bac5e501cce2d9bf1fa5f14d11d4
b62de05099102ddd47a6cdf88953fedd174f6778c1c70060ce6d51c48762d9cb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2070
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 11:57:10 GMT
Etag: "638f0919-117"
Last-Modified: Wed, 07 Dec 2022 11:22:40 GMT
Server: ECS (amb/6BA9)
X-Cache: HIT
Content-Length: 279
hopefullyapricot.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz4tcRRetNzMffOpGRQTBReNCFKTnvdfd091mEYwxEo0zYxKZdb2q6p5y6lU9qur165mNo4GQZRMQ1NWb0zMZjIOYP8Af9LgJg4H0RgZ09q6FoJsg3WlovVD33lPnLs65VTf38jMSIqen6x%2BYHakUXW5Uw8prG1JzU7jK6vVKFFbDc5UNqVfq5yr9SbK9N6OwUQ1fr7wr2JZZjsMoDKMwqlySVnRMf3nKQmZH7ajaDqv1uBo16ujb%2F2KXB3A0AO%2Bdkech%2Bfh%2Fm%2FfvQbIRdPrdReG2vMneeCfNFfXGoscPP9Jb2hQa6bzt2AAdfTibhnFjQr5YgNGHMwcwvf2JAyRyTIJfIyT6cCYTSe%2FgidJEQWgk%2FBkUvRGEGkHSEZi5AckfEoBxrK5Bp3dWjS3o9hOWTtgxWXr0J2QxJku%2FvwCdfntByX7lmlG5l0Y79DslZH8E2R0hy4%2FhdwLI4hjMfwbJH5DlR1eg0%2F01pwwkL6fupRxBdkZQYgDqAuSTIwPknQB5FiDlpxXaaHfCsNlJOrVaq84Yq9UYa7RWeIPX6q1OiJxN5A3gswGYGoDZXWR2F1tyAJv%2FBLdZwvEAzo9J8OEuerxEIQgKR1BQgkISFJ6g6JUHXLnYlXe4cnkSzWo8q7VyaHx3jx4Y3xWa7GVn5LnpXh4%2F%2Fhtb4rRCa%2FFKgze5qMU8btQYr8d1wdud1soKow3K4WQJ6RamVnfkmLx4%2BylkckwWH7yHhB7DqWMwuQiaR6DFsBmHoJvDeivEjv7ReWt0d1NQ6xNBvdTdaqJM12XGV5lJwU2JzC%2FBbwd76oy8NJX2yuIZBDs5f%2Fflo%2F9Hr%2F4BZktktsTH8meCrro1vGoKsn%2FVFI7cW8u8TOUOnTznNU%2B9WLz7vtgujOWXL7rB12%2BxCTFpj64L569QzaXuOvLNBcm5sJeMZYJ8f9ltiGQ9d5sXcqvz7Mr625cup5kVzkmjR6Dy4dpfYHJMlj79YfpRn%2F3lJqQdweYl0vyEzALSHINlu3DZXL0zBFbNZ5IsQJGXQxsn80slCZSYY5qUcP%2FCybzfc7fQtQug%2FgZ0WqJnS%2FRUCaoGcPnTQ5%2FZk%2FP3v5zEV0jUwjBRdmE%2FUVbdnq52kn6Dk6eVRlQXraTVZJwngvGoGddatTCMOa832yJqw7sxG3zy%2BT8AAAD%2F%2FwEAAP%2F%2FmDP9cIUEAAA%3D
192.243.59.20200 OK 7 B URL HTTP/1.1 hopefullyapricot.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz4tcRRetNzMffOpGRQTBReNCFKTnvdfd091mEYwxEo0zYxKZdb2q6p5y6lU9qur165mNo4GQZRMQ1NWb0zMZjIOYP8Af9LgJg4H0RgZ09q6FoJsg3WlovVD33lPnLs65VTf38jMSIqen6x%2BYHakUXW5Uw8prG1JzU7jK6vVKFFbDc5UNqVfq5yr9SbK9N6OwUQ1fr7wr2JZZjsMoDKMwqlySVnRMf3nKQmZH7ajaDqv1uBo16ujb%2F2KXB3A0AO%2Bdkech%2Bfh%2Fm%2FfvQbIRdPrdReG2vMneeCfNFfXGoscPP9Jb2hQa6bzt2AAdfTibhnFjQr5YgNGHMwcwvf2JAyRyTIJfIyT6cCYTSe%2FgidJEQWgk%2FBkUvRGEGkHSEZi5AckfEoBxrK5Bp3dWjS3o9hOWTtgxWXr0J2QxJku%2FvwCdfntByX7lmlG5l0Y79DslZH8E2R0hy4%2FhdwLI4hjMfwbJH5DlR1eg0%2F01pwwkL6fupRxBdkZQYgDqAuSTIwPknQB5FiDlpxXaaHfCsNlJOrVaq84Yq9UYa7RWeIPX6q1OiJxN5A3gswGYGoDZXWR2F1tyAJv%2FBLdZwvEAzo9J8OEuerxEIQgKR1BQgkISFJ6g6JUHXLnYlXe4cnkSzWo8q7VyaHx3jx4Y3xWa7GVn5LnpXh4%2F%2Fhtb4rRCa%2FFKgze5qMU8btQYr8d1wdud1soKow3K4WQJ6RamVnfkmLx4%2BylkckwWH7yHhB7DqWMwuQiaR6DFsBmHoJvDeivEjv7ReWt0d1NQ6xNBvdTdaqJM12XGV5lJwU2JzC%2FBbwd76oy8NJX2yuIZBDs5f%2Fflo%2F9Hr%2F4BZktktsTH8meCrro1vGoKsn%2FVFI7cW8u8TOUOnTznNU%2B9WLz7vtgujOWXL7rB12%2BxCTFpj64L569QzaXuOvLNBcm5sJeMZYJ8f9ltiGQ9d5sXcqvz7Mr625cup5kVzkmjR6Dy4dpfYHJMlj79YfpRn%2F3lJqQdweYl0vyEzALSHINlu3DZXL0zBFbNZ5IsQJGXQxsn80slCZSYY5qUcP%2FCybzfc7fQtQug%2FgZ0WqJnS%2FRUCaoGcPnTQ5%2FZk%2FP3v5zEV0jUwjBRdmE%2FUVbdnq52kn6Dk6eVRlQXraTVZJwngvGoGddatTCMOa832yJqw7sxG3zy%2BT8AAAD%2F%2FwEAAP%2F%2FmDP9cIUEAAA%3D
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSz4tcRRetNzMffOpGRQTBReNCFKTnvdfd091mEYwxEo0zYxKZdb2q6p5y6lU9qur165mNo4GQZRMQ1NWb0zMZjIOYP8Af9LgJg4H0RgZ09q6FoJsg3WlovVD33lPnLs65VTf38jMSIqen6x%2BYHakUXW5Uw8prG1JzU7jK6vVKFFbDc5UNqVfq5yr9SbK9N6OwUQ1fr7wr2JZZjsMoDKMwqlySVnRMf3nKQmZH7ajaDqv1uBo16ujb%2F2KXB3A0AO%2Bdkech%2Bfh%2Fm%2FfvQbIRdPrdReG2vMneeCfNFfXGoscPP9Jb2hQa6bzt2AAdfTibhnFjQr5YgNGHMwcwvf2JAyRyTIJfIyT6cCYTSe%2FgidJEQWgk%2FBkUvRGEGkHSEZi5AckfEoBxrK5Bp3dWjS3o9hOWTtgxWXr0J2QxJku%2FvwCdfntByX7lmlG5l0Y79DslZH8E2R0hy4%2FhdwLI4hjMfwbJH5DlR1eg0%2F01pwwkL6fupRxBdkZQYgDqAuSTIwPknQB5FiDlpxXaaHfCsNlJOrVaq84Yq9UYa7RWeIPX6q1OiJxN5A3gswGYGoDZXWR2F1tyAJv%2FBLdZwvEAzo9J8OEuerxEIQgKR1BQgkISFJ6g6JUHXLnYlXe4cnkSzWo8q7VyaHx3jx4Y3xWa7GVn5LnpXh4%2F%2Fhtb4rRCa%2FFKgze5qMU8btQYr8d1wdud1soKow3K4WQJ6RamVnfkmLx4%2BylkckwWH7yHhB7DqWMwuQiaR6DFsBmHoJvDeivEjv7ReWt0d1NQ6xNBvdTdaqJM12XGV5lJwU2JzC%2FBbwd76oy8NJX2yuIZBDs5f%2Fflo%2F9Hr%2F4BZktktsTH8meCrro1vGoKsn%2FVFI7cW8u8TOUOnTznNU%2B9WLz7vtgujOWXL7rB12%2BxCTFpj64L569QzaXuOvLNBcm5sJeMZYJ8f9ltiGQ9d5sXcqvz7Mr625cup5kVzkmjR6Dy4dpfYHJMlj79YfpRn%2F3lJqQdweYl0vyEzALSHINlu3DZXL0zBFbNZ5IsQJGXQxsn80slCZSYY5qUcP%2FCybzfc7fQtQug%2FgZ0WqJnS%2FRUCaoGcPnTQ5%2FZk%2FP3v5zEV0jUwjBRdmE%2FUVbdnq52kn6Dk6eVRlQXraTVZJwngvGoGddatTCMOa832yJqw7sxG3zy%2BT8AAAD%2F%2FwEAAP%2F%2FmDP9cIUEAAA%3D HTTP/1.1
Host: hopefullyapricot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://normakethis.blogspot.com/
Cookie: u_pl=16711417; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1; nleca3265d7de32d253cd424ed9f866ca5ad=[2229214,2229212]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Wed, 07 Dec 2022 11:57:10 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: c4f78e47a0601851562b3bd7324793e3
Strict-Transport-Security: max-age=0; includeSubdomains
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash f371fd6cbe04abe5f0d8679af1f2a998
ac95c5a39304a338b963d591a374bd667c836143
bb563352d50a6732df1045dcf54d5242f7609753538c26735456fef24a4692e9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BB563352D50A6732DF1045DCF54D5242F7609753538C26735456FEF24A4692E9"
Last-Modified: Tue, 06 Dec 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7316
Expires: Wed, 07 Dec 2022 13:59:06 GMT
Date: Wed, 07 Dec 2022 11:57:10 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash f371fd6cbe04abe5f0d8679af1f2a998
ac95c5a39304a338b963d591a374bd667c836143
bb563352d50a6732df1045dcf54d5242f7609753538c26735456fef24a4692e9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BB563352D50A6732DF1045DCF54D5242F7609753538C26735456FEF24A4692E9"
Last-Modified: Tue, 06 Dec 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7316
Expires: Wed, 07 Dec 2022 13:59:06 GMT
Date: Wed, 07 Dec 2022 11:57:10 GMT
Connection: keep-alive
cdn.cloudimagesb.com/cti/5d/60/ed/5d60edea793259cd719bfa3d19bcae3e/1628587069.jpg
45.133.44.10200 OK 28 kB URL HTTP/2 cdn.cloudimagesb.com/cti/5d/60/ed/5d60edea793259cd719bfa3d19bcae3e/1628587069.jpg
IP 45.133.44.10:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 321x240, components 3\012- data
Hash f4fabf64be47ce667e0cfc150667b36c
234d722efa06cbedfdad9c1bb497a942997741dd
272b7875492a55c6f53a4e4704e715cc5b3cc4e5093758cbfedd95441bfe98d8
GET /cti/5d/60/ed/5d60edea793259cd719bfa3d19bcae3e/1628587069.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://normakethis.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 11:57:10 GMT
content-type: image/jpeg
content-length: 27606
server: nginx/1.17.6
last-modified: Tue, 10 Aug 2021 09:17:59 GMT
etag: "61124447-6bd6"
expires: Fri, 09 Dec 2022 11:57:10 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
hopefullyapricot.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRitnkTwx0VFBMHD4EEUZNLdM5OZcQ%2BLcY1EYxJ3V3KurqqZlKnuaqqqpye5GF2RPQ4LgnrqvEk2uAZx%2FwB%2FMPGyBBd2LhLQ3D0Li14WmcnAuB90f9%2Br9x3ee1Vf7GfnxEdGzzY%2B0LtSKbpQr%2Fjl1zZlwnVuy2vXy4Ff8S%2BVN2WyWLtU7o1%2Fpvtm4Ncr%2FuvldwXb1guhH%2Fh%2B4AflZWlEW%2FcWJixketwKKi2%2FUgsrQb2Gnnkc28yDpR5495w8D8lHT2zduwvJhkjiH64Iu%2B10%2BsY7caao0wZdfvRRsp3oPEE8G9vGQzs5mm5D2xEhX5Wgk6OpA%2BjuwdgBIjki3u8BouRoKhNR9%2FBCaaQgEkT8GeTdIYQaQtIhmL4ByR8QgHGsrSOJb69pk9OdC5aO2RGZf%2Fg3ZD4i83%2B%2BgCT%2BfknJXvmaVpmTOrHotQvI3hCyM0SancDtepD5CZj7DJLfJwsPV5HEB%2BtWaUheTNxLOYRsD6FEH9R6yMaf9JC1PWSph5iflWm91fb9RjtqV6vNGmOsWmWs3lzkdV6tNds%2BMjaW14dL%2B2CqD2b2kJo9bMs%2BTPYL7FYByz1YNyLeh3vo8gK5IMgtQU4JckmQO4K8WxxyZUNb3ObKZlEw7eG0V4uBdp19eqhdRyRkPz0nz01yefToX2yLszKthot13uCiGvKwXmW8FtYEb7Wbi4uM1imHlQWkLU2s7soRefHWU0jliMzdfw8RPYFVJ2ByDjQLQPNBI%2FRBtwa1po%2Fd5GfrjE46W4IaFwnqZNKpREp3bKpdhekYXBdI3TzcjrevzslLE2mvzP0BwU4v33n5%2BMng1b%2FATIHUFPhY%2FkrQUTcHV3VODq7q3JK766mTsdyl4%2Bu85qgTc3feFzu5Nnzliu1%2F%2BxYbE%2BPx%2BLqwbpUmXCYdS75bkpwLs6wNE%2BTHFbspoo3Mbi1lJsnS1Y23l1fi1AhrpU6GoPLB%2Bj9gckTmP%2F1p8lCf%2Fe1zSDOEyQrE2SmZFqQ%2BAUv3YNOZeqsJjJrtRGkJeVYMTBjNDpUkUGKGaVTA%2Fg9Hs3nf3kTHlEDdDSRxga4p0FUFqOrDZk8PXGpOL9%2F7elzfIFKlQaRM6SBSRt0aR3t%2Bka%2BVZ%2BV6UBPNqNlgnEeC8aARVptV3w85rzVaImjB2RHrf%2FLlfwAAAP%2F%2FAQAA%2F%2F%2BWo2y3hQQAAA%3D%3D
192.243.59.20200 OK 7 B URL HTTP/1.1 hopefullyapricot.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRitnkTwx0VFBMHD4EEUZNLdM5OZcQ%2BLcY1EYxJ3V3KurqqZlKnuaqqqpye5GF2RPQ4LgnrqvEk2uAZx%2FwB%2FMPGyBBd2LhLQ3D0Li14WmcnAuB90f9%2Br9x3ee1Vf7GfnxEdGzzY%2B0LtSKbpQr%2Fjl1zZlwnVuy2vXy4Ff8S%2BVN2WyWLtU7o1%2Fpvtm4Ncr%2FuvldwXb1guhH%2Fh%2B4AflZWlEW%2FcWJixketwKKi2%2FUgsrQb2Gnnkc28yDpR5495w8D8lHT2zduwvJhkjiH64Iu%2B10%2BsY7caao0wZdfvRRsp3oPEE8G9vGQzs5mm5D2xEhX5Wgk6OpA%2BjuwdgBIjki3u8BouRoKhNR9%2FBCaaQgEkT8GeTdIYQaQtIhmL4ByR8QgHGsrSOJb69pk9OdC5aO2RGZf%2Fg3ZD4i83%2B%2BgCT%2BfknJXvmaVpmTOrHotQvI3hCyM0SancDtepD5CZj7DJLfJwsPV5HEB%2BtWaUheTNxLOYRsD6FEH9R6yMaf9JC1PWSph5iflWm91fb9RjtqV6vNGmOsWmWs3lzkdV6tNds%2BMjaW14dL%2B2CqD2b2kJo9bMs%2BTPYL7FYByz1YNyLeh3vo8gK5IMgtQU4JckmQO4K8WxxyZUNb3ObKZlEw7eG0V4uBdp19eqhdRyRkPz0nz01yefToX2yLszKthot13uCiGvKwXmW8FtYEb7Wbi4uM1imHlQWkLU2s7soRefHWU0jliMzdfw8RPYFVJ2ByDjQLQPNBI%2FRBtwa1po%2Fd5GfrjE46W4IaFwnqZNKpREp3bKpdhekYXBdI3TzcjrevzslLE2mvzP0BwU4v33n5%2BMng1b%2FATIHUFPhY%2FkrQUTcHV3VODq7q3JK766mTsdyl4%2Bu85qgTc3feFzu5Nnzliu1%2F%2BxYbE%2BPx%2BLqwbpUmXCYdS75bkpwLs6wNE%2BTHFbspoo3Mbi1lJsnS1Y23l1fi1AhrpU6GoPLB%2Bj9gckTmP%2F1p8lCf%2Fe1zSDOEyQrE2SmZFqQ%2BAUv3YNOZeqsJjJrtRGkJeVYMTBjNDpUkUGKGaVTA%2Fg9Hs3nf3kTHlEDdDSRxga4p0FUFqOrDZk8PXGpOL9%2F7elzfIFKlQaRM6SBSRt0aR3t%2Bka%2BVZ%2BV6UBPNqNlgnEeC8aARVptV3w85rzVaImjB2RHrf%2FLlfwAAAP%2F%2FAQAA%2F%2F%2BWo2y3hQQAAA%3D%3D
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRitnkTwx0VFBMHD4EEUZNLdM5OZcQ%2BLcY1EYxJ3V3KurqqZlKnuaqqqpye5GF2RPQ4LgnrqvEk2uAZx%2FwB%2FMPGyBBd2LhLQ3D0Li14WmcnAuB90f9%2Br9x3ee1Vf7GfnxEdGzzY%2B0LtSKbpQr%2Fjl1zZlwnVuy2vXy4Ff8S%2BVN2WyWLtU7o1%2Fpvtm4Ncr%2FuvldwXb1guhH%2Fh%2B4AflZWlEW%2FcWJixketwKKi2%2FUgsrQb2Gnnkc28yDpR5495w8D8lHT2zduwvJhkjiH64Iu%2B10%2BsY7caao0wZdfvRRsp3oPEE8G9vGQzs5mm5D2xEhX5Wgk6OpA%2BjuwdgBIjki3u8BouRoKhNR9%2FBCaaQgEkT8GeTdIYQaQtIhmL4ByR8QgHGsrSOJb69pk9OdC5aO2RGZf%2Fg3ZD4i83%2B%2BgCT%2BfknJXvmaVpmTOrHotQvI3hCyM0SancDtepD5CZj7DJLfJwsPV5HEB%2BtWaUheTNxLOYRsD6FEH9R6yMaf9JC1PWSph5iflWm91fb9RjtqV6vNGmOsWmWs3lzkdV6tNds%2BMjaW14dL%2B2CqD2b2kJo9bMs%2BTPYL7FYByz1YNyLeh3vo8gK5IMgtQU4JckmQO4K8WxxyZUNb3ObKZlEw7eG0V4uBdp19eqhdRyRkPz0nz01yefToX2yLszKthot13uCiGvKwXmW8FtYEb7Wbi4uM1imHlQWkLU2s7soRefHWU0jliMzdfw8RPYFVJ2ByDjQLQPNBI%2FRBtwa1po%2Fd5GfrjE46W4IaFwnqZNKpREp3bKpdhekYXBdI3TzcjrevzslLE2mvzP0BwU4v33n5%2BMng1b%2FATIHUFPhY%2FkrQUTcHV3VODq7q3JK766mTsdyl4%2Bu85qgTc3feFzu5Nnzliu1%2F%2BxYbE%2BPx%2BLqwbpUmXCYdS75bkpwLs6wNE%2BTHFbspoo3Mbi1lJsnS1Y23l1fi1AhrpU6GoPLB%2Bj9gckTmP%2F1p8lCf%2Fe1zSDOEyQrE2SmZFqQ%2BAUv3YNOZeqsJjJrtRGkJeVYMTBjNDpUkUGKGaVTA%2Fg9Hs3nf3kTHlEDdDSRxga4p0FUFqOrDZk8PXGpOL9%2F7elzfIFKlQaRM6SBSRt0aR3t%2Bka%2BVZ%2BV6UBPNqNlgnEeC8aARVptV3w85rzVaImjB2RHrf%2FLlfwAAAP%2F%2FAQAA%2F%2F%2BWo2y3hQQAAA%3D%3D HTTP/1.1
Host: hopefullyapricot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://normakethis.blogspot.com/
Cookie: u_pl=16711417; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1; nleca3265d7de32d253cd424ed9f866ca5ad=[2229214,2229212]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Wed, 07 Dec 2022 11:57:10 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 83d368dae46758f80dd44d784fa504c6
Strict-Transport-Security: max-age=0; includeSubdomains
cdn.cloudimagesb.com/cti/51/bb/80/51bb807c8b914e3cc08eace2b0587473/1628586935.jpg
45.133.44.10200 OK 30 kB URL HTTP/2 cdn.cloudimagesb.com/cti/51/bb/80/51bb807c8b914e3cc08eace2b0587473/1628586935.jpg
IP 45.133.44.10:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 320x240, components 3\012- data
Hash a87779ccaaa4021b0b4f33812742679a
87322480f885dc0b6463c182b7bdb3eb60ab2592
a8f8dbc930527f94496d5a9883b6034e27a673090a89b518596d6e2b656df96f
GET /cti/51/bb/80/51bb807c8b914e3cc08eace2b0587473/1628586935.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://normakethis.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 11:57:10 GMT
content-type: image/jpeg
content-length: 30127
server: nginx/1.17.6
last-modified: Tue, 10 Aug 2021 09:15:44 GMT
etag: "611243c0-75af"
expires: Fri, 09 Dec 2022 11:57:10 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash cfd3928701da1ef5225a67f860223a33
569b3e0e4766bac5e501cce2d9bf1fa5f14d11d4
b62de05099102ddd47a6cdf88953fedd174f6778c1c70060ce6d51c48762d9cb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 11:57:10 GMT
Etag: "638f0919-117"
Server: ECS (amb/6B91)
Content-Length: 279
hopefullyapricot.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skxR%2BtnuQLX%2FWiIoLgYfAgCjLpnh9Jxj0sruvKakzi7krO1VXVkzLVVU1V9fQkF6MrssdhQVBPnTfJBtcg7h%2FgDyZeluDCzkUCmrtnYdHLIjMZGP1A9%2Bfz6n0O772qz%2FbyMxIip6fr75kdqRRdaNXC6isbUnNTuOrqjWoU1sIL1Q2pF5sXqr3xz3Zfj8JWLXy1%2BrZgW2ahHkZhGIVR9Yq0IjG9hQkLmR21o1o7rDXrtajVRM%2F%2BF7s8gKMBePeMPAvJR%2F%2FbvH8Pkg2h0%2B8uC7flTfbaW2muqDcWXX74gd7SptBIZ2NiAyT6cLoN40aEfFGB0YdTBzDd%2FbEDxHJEgl8jxPpwKhNx9%2BBcaawgNGL%2BFIruEEINIekQzNyE5A8JwDhW16DTO6vGFnT7nKVjdkTmH%2F0JWYzI%2FO%2FPQaffXlKyV71uVO6l0Q69pITsDSE7Q2T5MfxOAFkcg%2FlPIPkDsvBoBTrdX3PKQPJy4l7KIWQyhBJ9UBcgH38yQJ4EyLMAKT%2Bt0lY7CcOlJE4ajeUmY6zRYKy1vMhbvNFcTkLkbCyvD5%2F1wVQfzO4is7vYkn3Y%2FCe4zRKOB3B%2BRIL3d9HlJQpBUDiCghIUkqDwBEW3PODK1V15hyuXx9G016e9UQ6M7%2BzRA%2BM7QpO97Iw8M8nl8eO%2FsSVOq7RRX2zxJS4adV5vNRhv1puCt5PlxUVGW5TDyRLSVSZWd%2BSIPH%2F7CWRyROYevIOYHsOpYzA5B5pHoMVgqR6Cbg6ayyF29I%2FOW6M7m4JaHwvqpe7UYmU6LjO%2BxkwKbkpkfh5%2BO9hTZ%2BSFibSX5n6DYCcX77549P%2Fo5T%2FAbInMlvhQ%2FkzQUbcG10xB9q%2BZwpF7a5mXqdyh4%2Bu87qkXc3ffFduFsfzqZdf%2F%2Bg02Jsbj0Q3h%2FArVXOqOI99ckpwLe8VYJsj3V92GiNdzt3kptzrPVtbfvHI1zaxwTho9BJUP1%2F4CkyMy%2F%2FEPk4f69C%2BfQtohbF4izU%2FItCDNMVi2C5fN1DtDYNVsJ84qKPJyYOvx7FBJAiVmmMYl3L9wPJv33C10bAXU34ROS3Rtia4qQVUfLn9y4DN7cvH%2Bl%2BP6CrGqDGJlK%2Fuxsur2ONqz83ydPK2KVhImIqyLOGnHyRINeTtptmPajsRS3KIRvBux%2Fkef%2FwMAAP%2F%2FAQAA%2F%2F%2BCq%2BJRhQQAAA%3D%3D
192.243.59.20200 OK 7 B URL HTTP/1.1 hopefullyapricot.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skxR%2BtnuQLX%2FWiIoLgYfAgCjLpnh9Jxj0sruvKakzi7krO1VXVkzLVVU1V9fQkF6MrssdhQVBPnTfJBtcg7h%2FgDyZeluDCzkUCmrtnYdHLIjMZGP1A9%2Bfz6n0O772qz%2FbyMxIip6fr75kdqRRdaNXC6isbUnNTuOrqjWoU1sIL1Q2pF5sXqr3xz3Zfj8JWLXy1%2BrZgW2ahHkZhGIVR9Yq0IjG9hQkLmR21o1o7rDXrtajVRM%2F%2BF7s8gKMBePeMPAvJR%2F%2FbvH8Pkg2h0%2B8uC7flTfbaW2muqDcWXX74gd7SptBIZ2NiAyT6cLoN40aEfFGB0YdTBzDd%2FbEDxHJEgl8jxPpwKhNx9%2BBcaawgNGL%2BFIruEEINIekQzNyE5A8JwDhW16DTO6vGFnT7nKVjdkTmH%2F0JWYzI%2FO%2FPQaffXlKyV71uVO6l0Q69pITsDSE7Q2T5MfxOAFkcg%2FlPIPkDsvBoBTrdX3PKQPJy4l7KIWQyhBJ9UBcgH38yQJ4EyLMAKT%2Bt0lY7CcOlJE4ajeUmY6zRYKy1vMhbvNFcTkLkbCyvD5%2F1wVQfzO4is7vYkn3Y%2FCe4zRKOB3B%2BRIL3d9HlJQpBUDiCghIUkqDwBEW3PODK1V15hyuXx9G016e9UQ6M7%2BzRA%2BM7QpO97Iw8M8nl8eO%2FsSVOq7RRX2zxJS4adV5vNRhv1puCt5PlxUVGW5TDyRLSVSZWd%2BSIPH%2F7CWRyROYevIOYHsOpYzA5B5pHoMVgqR6Cbg6ayyF29I%2FOW6M7m4JaHwvqpe7UYmU6LjO%2BxkwKbkpkfh5%2BO9hTZ%2BSFibSX5n6DYCcX77549P%2Fo5T%2FAbInMlvhQ%2FkzQUbcG10xB9q%2BZwpF7a5mXqdyh4%2Bu87qkXc3ffFduFsfzqZdf%2F%2Bg02Jsbj0Q3h%2FArVXOqOI99ckpwLe8VYJsj3V92GiNdzt3kptzrPVtbfvHI1zaxwTho9BJUP1%2F4CkyMy%2F%2FEPk4f69C%2BfQtohbF4izU%2FItCDNMVi2C5fN1DtDYNVsJ84qKPJyYOvx7FBJAiVmmMYl3L9wPJv33C10bAXU34ROS3Rtia4qQVUfLn9y4DN7cvH%2Bl%2BP6CrGqDGJlK%2Fuxsur2ONqz83ydPK2KVhImIqyLOGnHyRINeTtptmPajsRS3KIRvBux%2Fkef%2FwMAAP%2F%2FAQAA%2F%2F%2BCq%2BJRhQQAAA%3D%3D
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skxR%2BtnuQLX%2FWiIoLgYfAgCjLpnh9Jxj0sruvKakzi7krO1VXVkzLVVU1V9fQkF6MrssdhQVBPnTfJBtcg7h%2FgDyZeluDCzkUCmrtnYdHLIjMZGP1A9%2Bfz6n0O772qz%2FbyMxIip6fr75kdqRRdaNXC6isbUnNTuOrqjWoU1sIL1Q2pF5sXqr3xz3Zfj8JWLXy1%2BrZgW2ahHkZhGIVR9Yq0IjG9hQkLmR21o1o7rDXrtajVRM%2F%2BF7s8gKMBePeMPAvJR%2F%2FbvH8Pkg2h0%2B8uC7flTfbaW2muqDcWXX74gd7SptBIZ2NiAyT6cLoN40aEfFGB0YdTBzDd%2FbEDxHJEgl8jxPpwKhNx9%2BBcaawgNGL%2BFIruEEINIekQzNyE5A8JwDhW16DTO6vGFnT7nKVjdkTmH%2F0JWYzI%2FO%2FPQaffXlKyV71uVO6l0Q69pITsDSE7Q2T5MfxOAFkcg%2FlPIPkDsvBoBTrdX3PKQPJy4l7KIWQyhBJ9UBcgH38yQJ4EyLMAKT%2Bt0lY7CcOlJE4ajeUmY6zRYKy1vMhbvNFcTkLkbCyvD5%2F1wVQfzO4is7vYkn3Y%2FCe4zRKOB3B%2BRIL3d9HlJQpBUDiCghIUkqDwBEW3PODK1V15hyuXx9G016e9UQ6M7%2BzRA%2BM7QpO97Iw8M8nl8eO%2FsSVOq7RRX2zxJS4adV5vNRhv1puCt5PlxUVGW5TDyRLSVSZWd%2BSIPH%2F7CWRyROYevIOYHsOpYzA5B5pHoMVgqR6Cbg6ayyF29I%2FOW6M7m4JaHwvqpe7UYmU6LjO%2BxkwKbkpkfh5%2BO9hTZ%2BSFibSX5n6DYCcX77549P%2Fo5T%2FAbInMlvhQ%2FkzQUbcG10xB9q%2BZwpF7a5mXqdyh4%2Bu87qkXc3ffFduFsfzqZdf%2F%2Bg02Jsbj0Q3h%2FArVXOqOI99ckpwLe8VYJsj3V92GiNdzt3kptzrPVtbfvHI1zaxwTho9BJUP1%2F4CkyMy%2F%2FEPk4f69C%2BfQtohbF4izU%2FItCDNMVi2C5fN1DtDYNVsJ84qKPJyYOvx7FBJAiVmmMYl3L9wPJv33C10bAXU34ROS3Rtia4qQVUfLn9y4DN7cvH%2Bl%2BP6CrGqDGJlK%2Fuxsur2ONqz83ydPK2KVhImIqyLOGnHyRINeTtptmPajsRS3KIRvBux%2Fkef%2FwMAAP%2F%2FAQAA%2F%2F%2BCq%2BJRhQQAAA%3D%3D HTTP/1.1
Host: hopefullyapricot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://normakethis.blogspot.com/
Cookie: u_pl=16711417; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1; nleca3265d7de32d253cd424ed9f866ca5ad=[2229214,2229212]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Wed, 07 Dec 2022 11:57:10 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a1569cfdae6e228c00b110c00fed28e8
Strict-Transport-Security: max-age=0; includeSubdomains
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash aa9ebb3cbb2b1b8b6dc38bec40fc3367
c790140794fd9e9b563817f64710c652e1fa16cd
68b169e71cd00d9e5c32d2af3ace7c24b6620a553de3ce8fa5d0d68665ace665
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "68B169E71CD00D9E5C32D2AF3ACE7C24B6620A553DE3CE8FA5D0D68665ACE665"
Last-Modified: Tue, 06 Dec 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5300
Expires: Wed, 07 Dec 2022 13:25:30 GMT
Date: Wed, 07 Dec 2022 11:57:10 GMT
Connection: keep-alive
e1.o.lencr.org/
23.33.119.27200 OK 345 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash e2b76117e448228305ba7e8618948bef
800100603fcc24f32d8a5e8e323e8415afeab545
afcefd68e69b1d09a9cb50beacacbedab49263fc14dd08040c850451a6444830
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "AFCEFD68E69B1D09A9CB50BEACACBEDAB49263FC14DD08040C850451A6444830"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7542
Expires: Wed, 07 Dec 2022 14:02:52 GMT
Date: Wed, 07 Dec 2022 11:57:10 GMT
Connection: keep-alive
cdn.barscreative1.com/sb/notifications/utility/default/us/blog/financeskipper/message_redcircle2/16/index.html
45.133.44.4200 OK 472 B URL HTTP/2 cdn.barscreative1.com/sb/notifications/utility/default/us/blog/financeskipper/message_redcircle2/16/index.html
IP 45.133.44.4:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document, ASCII text
Hash 32c3705849e7c2f020364b3e4524417e
7b6a91f6072d028e2f0e2651a390ac2b631e54cc
5492ce4b05aa0fa00a5d1608e2813cdc0f1a1986928e09b83ff92ed3d3d4720f
GET /sb/notifications/utility/default/us/blog/financeskipper/message_redcircle2/16/index.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://normakethis.blogspot.com
Connection: keep-alive
Referer: https://normakethis.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 11:57:10 GMT
content-type: text/html; charset=utf-8
server: nginx/1.17.6
last-modified: Thu, 12 Aug 2021 09:54:31 GMT
etag: W/"6114efd7-609"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
expires: Wed, 07 Dec 2022 12:57:10 GMT
x-proxy-cache: HIT
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/notifications/utility/default/us/blog/financeskipper/message_redcircle2/16/img/sale3.jpg
172.64.109.13200 OK 65 kB URL HTTP/2 cdn.creative-bars1.com/sb/notifications/utility/default/us/blog/financeskipper/message_redcircle2/16/img/sale3.jpg
IP 172.64.109.13:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=242, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=364], progressive, precision 8, 364x242, components 3\012- data
Hash 61f7b1fa1698507638df7882e2bdfcaf
89134af9a734f4c30d0db01ea36c86895e46b7e3
bc0a583f7e3c834e53d5263ecc90d279b27460ea2e9bce56b7ac6b129eb5849c
GET /sb/notifications/utility/default/us/blog/financeskipper/message_redcircle2/16/img/sale3.jpg HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 11:57:10 GMT
content-type: image/jpeg
content-length: 64642
last-modified: Thu, 12 Aug 2021 09:52:54 GMT
etag: "6114ef76-fc82"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 1893966
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gdILhwxX%2BYZsTRQep8XRqzwKlR6DGRqq26GLVbZwcVXnLy28qDEKNebNikyUTEgNuzODFskeoCOVBrtQEitljAmcZxggyza4l9GmyYcyVJ0OLNmDAA8QN567tYaYsk0lpmG5KMtooQlK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 775d150e4fa3bc87-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.33.119.27200 OK 345 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash e2b76117e448228305ba7e8618948bef
800100603fcc24f32d8a5e8e323e8415afeab545
afcefd68e69b1d09a9cb50beacacbedab49263fc14dd08040c850451a6444830
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "AFCEFD68E69B1D09A9CB50BEACACBEDAB49263FC14DD08040C850451A6444830"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7542
Expires: Wed, 07 Dec 2022 14:02:52 GMT
Date: Wed, 07 Dec 2022 11:57:10 GMT
Connection: keep-alive
clergymanwonderful.com/pixel/purst?dl=0&th=0&sc=0&rs=6260&rd=6260&fd=281&bv=22.10.v.10&tmpl=136
173.233.139.164200 OK 0 B URL HTTP/1.1 clergymanwonderful.com/pixel/purst?dl=0&th=0&sc=0&rs=6260&rd=6260&fd=281&bv=22.10.v.10&tmpl=136
IP 173.233.139.164:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/purst?dl=0&th=0&sc=0&rs=6260&rd=6260&fd=281&bv=22.10.v.10&tmpl=136 HTTP/1.1
Host: clergymanwonderful.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://normakethis.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 07 Dec 2022 11:57:10 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
hygieneretorted.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Ffinanceskipper%2Fmessage_redcircle2%2F16%2Fjs%2Fscript.js&l=386&fd=348
173.233.137.52200 OK 0 B URL HTTP/1.1 hygieneretorted.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Ffinanceskipper%2Fmessage_redcircle2%2F16%2Fjs%2Fscript.js&l=386&fd=348
IP 173.233.137.52:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Ffinanceskipper%2Fmessage_redcircle2%2F16%2Fjs%2Fscript.js&l=386&fd=348 HTTP/1.1
Host: hygieneretorted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://normakethis.blogspot.com/
Cookie: u_pl=16570266; uid_id2=a897b6ef-ddd4-4bc0-8a6d-4f6f44e2bffe:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec3126a16d065a43e1a24e98403026adf1=[3078195]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 07 Dec 2022 11:57:11 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
cdn.creative-bars1.com/sb/notifications/utility/default/us/blog/financeskipper/message_redcircle2/16/css/style.css
172.64.109.13200 OK 17 kB URL HTTP/2 cdn.creative-bars1.com/sb/notifications/utility/default/us/blog/financeskipper/message_redcircle2/16/css/style.css
IP 172.64.109.13:0
Hash ab24e87c086c8848f575415bcb985a11
302dcf35b4940639f10b4ab96ce618fe096df0d1
bc32467b2f9f6d8f699b67d0577e26bc9401a61326b20adf5525d6bffbdf3514
GET /sb/notifications/utility/default/us/blog/financeskipper/message_redcircle2/16/css/style.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://normakethis.blogspot.com
Connection: keep-alive
Referer: https://normakethis.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 11:57:11 GMT
content-type: text/css
last-modified: Thu, 12 Aug 2021 09:52:52 GMT
etag: W/"6114ef74-e68"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FsmaGTNn25G364dAitmNMk%2BUbhrQgbT9h1O%2FG9MdlfTjZKHWShNXJH%2BkGpm32xwnh5v7chUFf7t6MJ0redA%2Fs5WyHDsxOP%2F%2BwX3ALOn298LPt9V4B1f0%2BQ0Mrx6TS%2BYHQRT%2F0chXKdRN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 775d150e6fb6bc87-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
hygieneretorted.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Ffinanceskipper%2Fmessage_redcircle2%2F16%2Fcss%2Fanimate.css&l=79245&fd=369
173.233.137.52200 OK 0 B URL HTTP/1.1 hygieneretorted.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Ffinanceskipper%2Fmessage_redcircle2%2F16%2Fcss%2Fanimate.css&l=79245&fd=369
IP 173.233.137.52:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Ffinanceskipper%2Fmessage_redcircle2%2F16%2Fcss%2Fanimate.css&l=79245&fd=369 HTTP/1.1
Host: hygieneretorted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://normakethis.blogspot.com/
Cookie: u_pl=16570266; uid_id2=a897b6ef-ddd4-4bc0-8a6d-4f6f44e2bffe:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec3126a16d065a43e1a24e98403026adf1=[3078195]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 07 Dec 2022 11:57:11 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
hygieneretorted.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz2skxR%2Bt3uTLFxEWFFEUhDl4UDCT%2FjW%2F3IMY10g0JmF3JefqqupJmequpqp7epKLwQXZ4%2BhBxFPnTbJBXcT9A2Rl4mUJLOx4WHIwf4MgLh48yExGBj9Q9fnxquC9V%2FX5YXFBXBT0fOsjvS%2BVosuNult7fVumXJe2tnGr5rl191ptW6bN8FqtP9lM7y3PbdTdN2rvC7arl33Xc13P9Wqr0ohY95enKGR2r%2BPVO2499OteI0Tf%2FLe3hQNLHfDeBXkeko%2F%2Ft%2FPwPiQbIU1%2BvC7sbq6zN99LCkVzbdDjJx%2Bnu6kuUyTzMjYO4vRkdhrajgn5%2Bgp0ejJTAN07mihAJMfEeeIhSk9mNBH1ji%2BZRgoiRcSfRdkbQagRJB2B6duQ%2FDEBGMfGJtLk7oY2Jd27ROkEHZPFp39AlmOy%2BNsLSJMfVpTs125qVeRSpxb9uILsjyC7I2TFKfJ9B7I8Bcs%2Fg%2BSPyPLTdaTJ0aZVGpKfv0bbnVbUFPES5zxcCiPmLrVpky%2BFcTMOQ%2BFHcSymFkk5goxHUGIAah0UkyUdFLGDInOQ8PMabXRi123FURwE7ZAxFgSMNdpN3uBB2I5dFGyiYYA8G4CpAZg5QGYOsCsHMMXPsDsVLHdgc4Ier1AKgtISlJSglARlTlD2qmOurG%2Bru1zZIvJm2Z%2FloBrqvHtIj3XeFSk5zC7Ic1Pj%2Fn7yDXbFeS3w%2FCb1mtxtNmgYCI%2F6oei0Qzdw%2FSblsQcrK0h7ZSpzX47Ji18%2Bg0yOycKjDxDRU1h1CiYXQItXQcthy3dBd4Zh28V%2B%2BsDmRqfdHUFNHgmay7Rbj5Tu2kzndaYTcF0hyxeR7zmH6oK8PKVW%2FyuAYGdkFmCmQmYqfCJ%2FIeiqO8MbuiRHN3Rpyf3NLJeJ3KeT976Z01w4330o9kpt%2BNp1O%2Fj2HTYBJuW9W8Lm6zTlMu1a8v2K5FyYVW2YID%2Bt2W0RbRV2Z6UwaZGtb727upZkRlgrdToClY%2BvXgWTY%2FL%2Fh39Of%2FJLF69AmhFMUSEp5kylPgXLDmCz%2BcxqAqPmfZQ5KItqaPxoPlSSQIl5T6MKVpw9%2BP3fS%2FP60N5B1zig%2BW2kSYWeqdBTFagawBYLwzwzZ2%2F%2FGkwDkXKGkTLOUaSM%2BuLSWivPaw0vFO2o3WKcR4Jxr%2BUH7cB1fc7DVkd4HeR2zAaffvUPAAAA%2F%2F8BAAD%2F%2F47lYDyhBAAA
173.233.137.52200 OK 7 B URL HTTP/1.1 hygieneretorted.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz2skxR%2Bt3uTLFxEWFFEUhDl4UDCT%2FjW%2F3IMY10g0JmF3JefqqupJmequpqp7epKLwQXZ4%2BhBxFPnTbJBXcT9A2Rl4mUJLOx4WHIwf4MgLh48yExGBj9Q9fnxquC9V%2FX5YXFBXBT0fOsjvS%2BVosuNult7fVumXJe2tnGr5rl191ptW6bN8FqtP9lM7y3PbdTdN2rvC7arl33Xc13P9Wqr0ohY95enKGR2r%2BPVO2499OteI0Tf%2FLe3hQNLHfDeBXkeko%2F%2Ft%2FPwPiQbIU1%2BvC7sbq6zN99LCkVzbdDjJx%2Bnu6kuUyTzMjYO4vRkdhrajgn5%2Bgp0ejJTAN07mihAJMfEeeIhSk9mNBH1ji%2BZRgoiRcSfRdkbQagRJB2B6duQ%2FDEBGMfGJtLk7oY2Jd27ROkEHZPFp39AlmOy%2BNsLSJMfVpTs125qVeRSpxb9uILsjyC7I2TFKfJ9B7I8Bcs%2Fg%2BSPyPLTdaTJ0aZVGpKfv0bbnVbUFPES5zxcCiPmLrVpky%2BFcTMOQ%2BFHcSymFkk5goxHUGIAah0UkyUdFLGDInOQ8PMabXRi123FURwE7ZAxFgSMNdpN3uBB2I5dFGyiYYA8G4CpAZg5QGYOsCsHMMXPsDsVLHdgc4Ier1AKgtISlJSglARlTlD2qmOurG%2Bru1zZIvJm2Z%2FloBrqvHtIj3XeFSk5zC7Ic1Pj%2Fn7yDXbFeS3w%2FCb1mtxtNmgYCI%2F6oei0Qzdw%2FSblsQcrK0h7ZSpzX47Ji18%2Bg0yOycKjDxDRU1h1CiYXQItXQcthy3dBd4Zh28V%2B%2BsDmRqfdHUFNHgmay7Rbj5Tu2kzndaYTcF0hyxeR7zmH6oK8PKVW%2FyuAYGdkFmCmQmYqfCJ%2FIeiqO8MbuiRHN3Rpyf3NLJeJ3KeT976Z01w4330o9kpt%2BNp1O%2Fj2HTYBJuW9W8Lm6zTlMu1a8v2K5FyYVW2YID%2Bt2W0RbRV2Z6UwaZGtb727upZkRlgrdToClY%2BvXgWTY%2FL%2Fh39Of%2FJLF69AmhFMUSEp5kylPgXLDmCz%2BcxqAqPmfZQ5KItqaPxoPlSSQIl5T6MKVpw9%2BP3fS%2FP60N5B1zig%2BW2kSYWeqdBTFagawBYLwzwzZ2%2F%2FGkwDkXKGkTLOUaSM%2BuLSWivPaw0vFO2o3WKcR4Jxr%2BUH7cB1fc7DVkd4HeR2zAaffvUPAAAA%2F%2F8BAAD%2F%2F47lYDyhBAAA
IP 173.233.137.52:0
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSz2skxR%2Bt3uTLFxEWFFEUhDl4UDCT%2FjW%2F3IMY10g0JmF3JefqqupJmequpqp7epKLwQXZ4%2BhBxFPnTbJBXcT9A2Rl4mUJLOx4WHIwf4MgLh48yExGBj9Q9fnxquC9V%2FX5YXFBXBT0fOsjvS%2BVosuNult7fVumXJe2tnGr5rl191ptW6bN8FqtP9lM7y3PbdTdN2rvC7arl33Xc13P9Wqr0ohY95enKGR2r%2BPVO2499OteI0Tf%2FLe3hQNLHfDeBXkeko%2F%2Ft%2FPwPiQbIU1%2BvC7sbq6zN99LCkVzbdDjJx%2Bnu6kuUyTzMjYO4vRkdhrajgn5%2Bgp0ejJTAN07mihAJMfEeeIhSk9mNBH1ji%2BZRgoiRcSfRdkbQagRJB2B6duQ%2FDEBGMfGJtLk7oY2Jd27ROkEHZPFp39AlmOy%2BNsLSJMfVpTs125qVeRSpxb9uILsjyC7I2TFKfJ9B7I8Bcs%2Fg%2BSPyPLTdaTJ0aZVGpKfv0bbnVbUFPES5zxcCiPmLrVpky%2BFcTMOQ%2BFHcSymFkk5goxHUGIAah0UkyUdFLGDInOQ8PMabXRi123FURwE7ZAxFgSMNdpN3uBB2I5dFGyiYYA8G4CpAZg5QGYOsCsHMMXPsDsVLHdgc4Ier1AKgtISlJSglARlTlD2qmOurG%2Bru1zZIvJm2Z%2FloBrqvHtIj3XeFSk5zC7Ic1Pj%2Fn7yDXbFeS3w%2FCb1mtxtNmgYCI%2F6oei0Qzdw%2FSblsQcrK0h7ZSpzX47Ji18%2Bg0yOycKjDxDRU1h1CiYXQItXQcthy3dBd4Zh28V%2B%2BsDmRqfdHUFNHgmay7Rbj5Tu2kzndaYTcF0hyxeR7zmH6oK8PKVW%2FyuAYGdkFmCmQmYqfCJ%2FIeiqO8MbuiRHN3Rpyf3NLJeJ3KeT976Z01w4330o9kpt%2BNp1O%2Fj2HTYBJuW9W8Lm6zTlMu1a8v2K5FyYVW2YID%2Bt2W0RbRV2Z6UwaZGtb727upZkRlgrdToClY%2BvXgWTY%2FL%2Fh39Of%2FJLF69AmhFMUSEp5kylPgXLDmCz%2BcxqAqPmfZQ5KItqaPxoPlSSQIl5T6MKVpw9%2BP3fS%2FP60N5B1zig%2BW2kSYWeqdBTFagawBYLwzwzZ2%2F%2FGkwDkXKGkTLOUaSM%2BuLSWivPaw0vFO2o3WKcR4Jxr%2BUH7cB1fc7DVkd4HeR2zAaffvUPAAAA%2F%2F8BAAD%2F%2F47lYDyhBAAA HTTP/1.1
Host: hygieneretorted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://normakethis.blogspot.com/
Cookie: u_pl=16570266; uid_id2=a897b6ef-ddd4-4bc0-8a6d-4f6f44e2bffe:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec3126a16d065a43e1a24e98403026adf1=[3078195]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 07 Dec 2022 11:57:11 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 6d20abc36bcc4514af6da95796399f0b
Strict-Transport-Security: max-age=0; includeSubdomains
hygieneretorted.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Ffinanceskipper%2Fmessage_redcircle2%2F16%2Fcss%2Fstyle.css&l=3688&fd=382
173.233.137.52200 OK 0 B URL HTTP/1.1 hygieneretorted.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Ffinanceskipper%2Fmessage_redcircle2%2F16%2Fcss%2Fstyle.css&l=3688&fd=382
IP 173.233.137.52:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Ffinanceskipper%2Fmessage_redcircle2%2F16%2Fcss%2Fstyle.css&l=3688&fd=382 HTTP/1.1
Host: hygieneretorted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://normakethis.blogspot.com/
Cookie: u_pl=16570266; uid_id2=a897b6ef-ddd4-4bc0-8a6d-4f6f44e2bffe:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec3126a16d065a43e1a24e98403026adf1=[3078195]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 07 Dec 2022 11:57:11 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
hygieneretorted.com/pixel/sbs?c=1
173.233.137.52200 OK 0 B URL HTTP/1.1 hygieneretorted.com/pixel/sbs?c=1
IP 173.233.137.52:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel/sbs?c=1 HTTP/1.1
Host: hygieneretorted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://normakethis.blogspot.com/
Cookie: u_pl=16570266; uid_id2=a897b6ef-ddd4-4bc0-8a6d-4f6f44e2bffe:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec3126a16d065a43e1a24e98403026adf1=[3078195]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 07 Dec 2022 11:57:11 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
cdn.idntimes.com/content-images/post/20191222/screen-9-f57c2519eb7ed18fa704feef1e4ff589.jpg
104.21.234.188200 OK 46 kB URL HTTP/2 cdn.idntimes.com/content-images/post/20191222/screen-9-f57c2519eb7ed18fa704feef1e4ff589.jpg
IP 104.21.234.188:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 1000x625, components 3\012- data
Hash 1ca398fa854774c3f4e73bc0c2b877b2
f2263dcfcdf81d4b1814ff8dac5392db663664c5
47d2067ddebf12cc2987306c7035f6470859333a2df3c7b3aa04b77848163658
GET /content-images/post/20191222/screen-9-f57c2519eb7ed18fa704feef1e4ff589.jpg HTTP/1.1
Host: cdn.idntimes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://normakethis.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 11:57:11 GMT
content-type: image/jpeg
content-length: 45875
last-modified: Sun, 22 Dec 2019 04:01:29 GMT
etag: "5dfeea99-b333"
expires: Tue, 21 Jan 2020 04:01:29 GMT
cache-control: no-cache, public
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I9OdJ2PdAiHaIXMRyw0NlgwlwC5FNKa5hmigm999wieTXzm2ZQ5DMC6KR%2Bk3urNynHf%2FxCmDVhZMk3n6XECfBjQbGUhJ0b%2FhlAkyAnuBtmK%2BMmn%2FndiN0pGsPwCZtjhwe1pq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 775d150c2e19719e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash cfd3928701da1ef5225a67f860223a33
569b3e0e4766bac5e501cce2d9bf1fa5f14d11d4
b62de05099102ddd47a6cdf88953fedd174f6778c1c70060ce6d51c48762d9cb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 11:57:11 GMT
Etag: "638f0919-117"
Last-Modified: Wed, 07 Dec 2022 11:57:10 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 279
images.freekaamaal.com/common-images/copied-tick.png
172.104.57.98200 OK 569 B URL HTTP/1.1 images.freekaamaal.com/common-images/copied-tick.png
IP 172.104.57.98:0
File type PNG image data, 32 x 32, 8-bit colormap, non-interlaced\012- data
Hash 442fb453dc20c8b20ca15f985e748658
041281e1ef07f087cf6eb33a8f7babf815e2ff4f
e0cbb4663d7b07b03e833c0607f7e34e76352adc189389c20935edba3d62b3fa
GET /common-images/copied-tick.png HTTP/1.1
Host: images.freekaamaal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://normakethis.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 11:57:11 GMT
Server: Apache
Last-Modified: Thu, 14 Mar 2019 11:49:42 GMT
ETag: "239-5840c8496a17c"
Accept-Ranges: bytes
Content-Length: 569
Cache-Control: max-age=315360000, public
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/png
cdn.idntimes.com/content-images/post/20191222/screen-8-35aeb50a1d530e4345ff483dea8228c0.jpg
104.21.234.188200 OK 50 kB URL HTTP/2 cdn.idntimes.com/content-images/post/20191222/screen-8-35aeb50a1d530e4345ff483dea8228c0.jpg
IP 104.21.234.188:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 1000x625, components 3\012- data
Hash 5bd44cd17bb1177b88b4f5c5b189562b
02c25845f8781c1210cb194750c92884e437f49c
9c7846a22c723b933671aa2bcc8cd02dde9cf83df943d4ef5b3ef738942a93e1
GET /content-images/post/20191222/screen-8-35aeb50a1d530e4345ff483dea8228c0.jpg HTTP/1.1
Host: cdn.idntimes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://normakethis.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 11:57:11 GMT
content-type: image/jpeg
content-length: 50099
last-modified: Sun, 22 Dec 2019 04:00:27 GMT
etag: "5dfeea5b-c3b3"
expires: Tue, 21 Jan 2020 04:00:27 GMT
cache-control: no-cache, public
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m0iKK%2BSX6f9JsjmUO0QEgyuVOb2uh5BoONQLP99NdVF1aB0LpYxL7t%2BWzOqN0FeYv8uwAd7O2MxJ9k03%2FaRrZQNER%2FRCEWP0tpUkulSw%2B8Lm%2Bk9j3%2BlTpfPt2fQDANbJJM2a"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 775d150c3e24719e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.idntimes.com/content-images/post/20191222/flud-screenshot-2019-1200x675-a13cba0faf9d9b2f4f6500599973f4bf.jpg
104.21.234.188200 OK 68 kB URL HTTP/2 cdn.idntimes.com/content-images/post/20191222/flud-screenshot-2019-1200x675-a13cba0faf9d9b2f4f6500599973f4bf.jpg
IP 104.21.234.188:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 1000x563, components 3\012- data
Hash 05dd783276e7e5a01ab0c97cf7ccf916
bc232e9c6bed1313a0d5505083b4a3db51a03226
52f94aa02ade2c5483235b5a8ac8a41809bf5ff54b2f8f64b718a591c6dd2f3b
GET /content-images/post/20191222/flud-screenshot-2019-1200x675-a13cba0faf9d9b2f4f6500599973f4bf.jpg HTTP/1.1
Host: cdn.idntimes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://normakethis.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 11:57:11 GMT
content-type: image/jpeg
content-length: 68392
last-modified: Sun, 22 Dec 2019 03:57:06 GMT
etag: "5dfee992-10b28"
expires: Tue, 21 Jan 2020 03:57:06 GMT
cache-control: no-cache, public
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WaWjJ%2BGJ1IBxkQFuFFdS69lBGnnW1a3Idmac3uALSPdsQKYjfeFJAZJvnIho5h7dQs2Ds8xrzl6bht0zOn8Tj%2Fsw%2FfLrPuf%2F8aVOt4JkmZ8g0t1mRm3oEOTqq3io6lguOvZB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 775d150c2e18719e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.idntimes.com/content-images/post/20191222/torrdroid-torrent-downloader-for-pc-b0c03f8bfefb05d52b903f27ac917c01.jpg
104.21.234.188200 OK 62 kB URL HTTP/2 cdn.idntimes.com/content-images/post/20191222/torrdroid-torrent-downloader-for-pc-b0c03f8bfefb05d52b903f27ac917c01.jpg
IP 104.21.234.188:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 840x472, components 3\012- data
Hash 248fc3ef9563bd2e1a2754125885321f
5a8982ea5f28a3f940c71ac9eb1a6c4749e43eb2
e34e277f2c52c5307acd56deff1a5f50e523d2b00c313dd23aa81c7917fb0030
GET /content-images/post/20191222/torrdroid-torrent-downloader-for-pc-b0c03f8bfefb05d52b903f27ac917c01.jpg HTTP/1.1
Host: cdn.idntimes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://normakethis.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 11:57:11 GMT
content-type: image/jpeg
content-length: 61587
last-modified: Sun, 22 Dec 2019 03:59:48 GMT
etag: "5dfeea34-f093"
expires: Tue, 21 Jan 2020 03:59:48 GMT
cache-control: no-cache, public
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n7PMp5y9vlF%2F5nM0Br7d2ZXqPbF5xJnYL7bY1eZqDxFTGx6gIMZ%2BHz8edlspZhl93tt4f61YtpPbBPewz%2Fo%2FfCkdKQXfQxCrdkY8bidDK6mLIw68MoBDzusc6nqf16959b08"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 775d150c3e2b719e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.idntimes.com/content-images/post/20191222/p-frostwire-file-downloader-5by0r4qqfs-4-9cd4879e45e23e7448a1b44ef91f9fc5.jpg
104.21.234.188200 OK 71 kB URL HTTP/2 cdn.idntimes.com/content-images/post/20191222/p-frostwire-file-downloader-5by0r4qqfs-4-9cd4879e45e23e7448a1b44ef91f9fc5.jpg
IP 104.21.234.188:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 1000x625, components 3\012- data
Hash 2d459f0d3e6894d89dd368767d6686ed
98c255433a17a5f9fd53a1908afe0eac3ba79a4b
09b053ed3c619cf03d1eb0ff21e580ac2300e24608fc1cb655e01eff85aaa0c6
GET /content-images/post/20191222/p-frostwire-file-downloader-5by0r4qqfs-4-9cd4879e45e23e7448a1b44ef91f9fc5.jpg HTTP/1.1
Host: cdn.idntimes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://normakethis.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 11:57:11 GMT
content-type: image/jpeg
content-length: 70598
last-modified: Sun, 22 Dec 2019 03:58:01 GMT
etag: "5dfee9c9-113c6"
expires: Tue, 21 Jan 2020 03:58:01 GMT
cache-control: no-cache, public
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZKPP3eLfO9Y0TLbNhk501KD9hdQXIMFCfKeVf0jGY10MkOnqcBgjKuSdYFnszLGYNw56pAYFjIRX%2B%2FvHXJLpQkuHXT4F%2BDk%2BNnr4XkY3qmC0CosVs%2B%2B4YP2E1DdLtxYJAvXb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 775d150c4e44719e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
images.freekaamaal.com/featured_images/small_177458_Untitleddesign(4).png
172.104.57.98200 OK 40 kB URL HTTP/1.1 images.freekaamaal.com/featured_images/small_177458_Untitleddesign(4).png
IP 172.104.57.98:0
File type PNG image data, 235 x 175, 8-bit/color RGBA, non-interlaced\012- data
Hash 575f941559373e5cb11e905f2961d9be
7504f2e3bee03f818d656fd5db3978e13b42b5d6
000539319c1e889f3b3dca59dfd1ba37ab572e033382309148860d1f2fca7693
GET /featured_images/small_177458_Untitleddesign(4).png HTTP/1.1
Host: images.freekaamaal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://normakethis.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 11:57:11 GMT
Server: Apache
Last-Modified: Thu, 27 Jan 2022 10:48:27 GMT
ETag: "9e65-5d68e0eed1927"
Accept-Ranges: bytes
Content-Length: 40549
Cache-Control: max-age=315360000, public
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/png
friendshipmale.com/sfp.js
172.64.162.31200 OK 61 kB URL HTTP/2 friendshipmale.com/sfp.js
IP 172.64.162.31:0
File type Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Hash a2bc5b4332616c77316c989afe1c8d02
6e74f58d95a16c2991633ce16c71a425cd93aa97
03f48decc3392da1298a2f14d894cf64d5243de0ffd238412a9d00d7694653d8
GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://normakethis.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 11:57:09 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: ac6cc76472a6e72e5258c5097e4842eb
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Wed, 07 Dec 2022 11:57:09 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KU7LUAZWC3HiMaq16%2BWbz6gH%2BqcbQy05jY0sdJonRcEMALs1czoSKA48vlfoXW98TX6hizk8W1FVM1OhJt78nJmVMVg8qYJjQT7n76w5axjzmqxYZ6vi6tek6XdzYEsKCObAXDk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 775d1504e85b7509-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.idntimes.com/content-images/post/20191222/screen-5-ac63e94b79d532f64e8766cbb58fc6ec.jpg
104.21.234.188200 OK 79 kB URL HTTP/2 cdn.idntimes.com/content-images/post/20191222/screen-5-ac63e94b79d532f64e8766cbb58fc6ec.jpg
IP 104.21.234.188:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 1000x625, components 3\012- data
Hash b4f13e6919e21732da2f460cb4bbbc97
b59d236fdb96c300e889d7b0839c45770a39cf73
4c5c9236aaf1bd47662c8ef76cd4abe1bd942af416f5c2179141cf376c27053d
GET /content-images/post/20191222/screen-5-ac63e94b79d532f64e8766cbb58fc6ec.jpg HTTP/1.1
Host: cdn.idntimes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://normakethis.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 11:57:11 GMT
content-type: image/jpeg
content-length: 78732
last-modified: Sun, 22 Dec 2019 03:55:35 GMT
etag: "5dfee937-1338c"
expires: Tue, 21 Jan 2020 03:55:35 GMT
cache-control: no-cache, public
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hDjE%2Br4MeHkNBCiK5%2BOYwrFcxHFB5M7XR6cGxN3RhftlNOHUr%2BI07C6iEAoq37hU%2FazEoFFEwSMObriG9EIAN5HZ6ShKFqIurI%2B%2F61mlXVXjTazQ2gpiHhlsU7kq7891z6Vj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 775d150d7f6a719e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
images.freekaamaal.com/featured_images/small_177491_Untitleddesign(3).png
172.104.57.98200 OK 28 kB URL HTTP/1.1 images.freekaamaal.com/featured_images/small_177491_Untitleddesign(3).png
IP 172.104.57.98:0
File type PNG image data, 235 x 175, 8-bit/color RGBA, non-interlaced\012- data
Hash 3016af9b136c120694c967b16b4d590b
0b43df8483df4c53492ae9b290a38867d81a1901
b2fe903212045783a9fbe2d4d27c38aa64a498ed77758a0a49f11fdf274609d9
GET /featured_images/small_177491_Untitleddesign(3).png HTTP/1.1
Host: images.freekaamaal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://normakethis.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 11:57:11 GMT
Server: Apache
Last-Modified: Fri, 28 Jan 2022 11:37:11 GMT
ETag: "6f45-5d6a2db082e33"
Accept-Ranges: bytes
Content-Length: 28485
Cache-Control: max-age=315360000, public
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/png
freekaamaal.com/images/common-images/scroll-arrow.png
172.104.57.98200 OK 213 B URL HTTP/1.1 freekaamaal.com/images/common-images/scroll-arrow.png
IP 172.104.57.98:0
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash d0120afd2c5fb54fdf4639daa4d098b5
b1f201ab30ff815f1ce450bd752eb55333659ad8
6ed481fa2c064fb069b3a0ae3bcabe258db12be09afe0026524c95ab8ecadb6a
GET /images/common-images/scroll-arrow.png HTTP/1.1
Host: freekaamaal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://normakethis.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 11:57:11 GMT
Server: Apache
Last-Modified: Mon, 26 Mar 2018 10:42:51 GMT
ETag: "d5-5684e6f8f27ed"
Accept-Ranges: bytes
Content-Length: 213
Cache-Control: max-age=315360000, public
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/png
images.freekaamaal.com/store-images/244.jpg
172.104.57.98200 OK 20 kB URL HTTP/1.1 images.freekaamaal.com/store-images/244.jpg
IP 172.104.57.98:0
File type PNG image data, 300 x 73, 8-bit/color RGBA, non-interlaced\012- data
Hash 21ed49599477c37795a0352816d67b39
11fe2ee2d1683dcd378d074927fb610ed05abb3a
fe410d3820ed7e110c9ffa2b73199377438322c6a3f1e63d8f9eb0d6884317ac
GET /store-images/244.jpg HTTP/1.1
Host: images.freekaamaal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://normakethis.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 11:57:11 GMT
Server: Apache
Last-Modified: Fri, 02 Jun 2017 09:11:20 GMT
ETag: "4c45-550f68960e979"
Accept-Ranges: bytes
Content-Length: 19525
Cache-Control: max-age=315360000, public
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/jpeg
freekaamaal.com/images/common-images/Login-Popup-Image.jpg
172.104.57.98301 Moved Permanently 274 B URL HTTP/1.1 freekaamaal.com/images/common-images/Login-Popup-Image.jpg
IP 172.104.57.98:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash ead35a463e26c66fd337618b37e72d83
52fbfad82940ff2bd93c49f72927885cdc57db20
bb7bebdcdeeca77ae107866cf5beb3db0380633f66dfdd4dff4039642a1a4d37
GET /images/common-images/Login-Popup-Image.jpg HTTP/1.1
Host: freekaamaal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://normakethis.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Date: Wed, 07 Dec 2022 11:57:11 GMT
Server: Apache
Location: https://freekaamaal.com/images/common-images/login-popup-image.jpg
Content-Length: 274
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
freekaamaal.com/images/common-images/popupicon.png
172.104.57.98200 OK 207 B URL HTTP/1.1 freekaamaal.com/images/common-images/popupicon.png
IP 172.104.57.98:0
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash aef9b76a3cb2196aeda5150c25cb9f43
b3fd8d44f54c3cfdb4bbbfe6ad0d4c30dea748c4
9ab7d40cc161947df9fe63817b08e70e18abcfb22adecb0abcdfb835f80d78c1
GET /images/common-images/popupicon.png HTTP/1.1
Host: freekaamaal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://normakethis.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 11:57:11 GMT
Server: Apache
Last-Modified: Fri, 04 May 2018 09:35:54 GMT
ETag: "cf-56b5e0be35bab"
Accept-Ranges: bytes
Content-Length: 207
Cache-Control: max-age=315360000, public
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/png
cdn.idntimes.com/content-images/post/20191222/1477337285-libretorrentd-faa56deb1ea20784c3577266529631c7.png
104.21.234.188200 OK 132 kB URL HTTP/2 cdn.idntimes.com/content-images/post/20191222/1477337285-libretorrentd-faa56deb1ea20784c3577266529631c7.png
IP 104.21.234.188:0
File type PNG image data, 1000 x 625, 8-bit/color RGBA, non-interlaced\012- data
Size 132 kB (131533 bytes)
Hash a19aaca3e3354d6ba0618b3f26824ee7
cca65cd8e73a48e4a0d9de8740442b0f38d65155
caf1eaafcb3635d79c68ca12abe3be9ef74fc8b850c29dbb105ebb885766631a
GET /content-images/post/20191222/1477337285-libretorrentd-faa56deb1ea20784c3577266529631c7.png HTTP/1.1
Host: cdn.idntimes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://normakethis.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 11:57:11 GMT
content-type: image/png
content-length: 131533
last-modified: Sun, 22 Dec 2019 03:58:34 GMT
etag: "5dfee9ea-201cd"
expires: Tue, 21 Jan 2020 03:58:34 GMT
cache-control: no-cache, public
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MIHqGqK4tQj7I6ArBt1bf71aibdr8pL6qr6Nd%2FXMU8ia1iMMiVNsCjfYYX%2BUUnWQt1pRFcX3cr2eIesc85PDcV6KLp1MxAagnnb34QgKlRFLkzuThYclp1xVs1hZAi0TUZN9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 775d150c7e6c719e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
images.freekaamaal.com/featured_images/small_177467_Untitleddesign.png
172.104.57.98200 OK 71 kB URL HTTP/1.1 images.freekaamaal.com/featured_images/small_177467_Untitleddesign.png
IP 172.104.57.98:0
File type PNG image data, 235 x 175, 8-bit/color RGBA, non-interlaced\012- data
Hash 6fd04c3528dc4a20a6c79f5bbb9b272d
6b07a376f37c78289edc9627172c2103047369d4
bf08c0d904d86f2b95c2148e90399f480380bb647a4f9e63713e4642ce2ec006
GET /featured_images/small_177467_Untitleddesign.png HTTP/1.1
Host: images.freekaamaal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://normakethis.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 11:57:11 GMT
Server: Apache
Last-Modified: Fri, 28 Jan 2022 04:27:49 GMT
ETag: "114b1-5d69cdb7b2df9"
Accept-Ranges: bytes
Content-Length: 70833
Cache-Control: max-age=315360000, public
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/png
images.freekaamaal.com/featured_images/small_177405_jhgfds.JPG
172.104.57.98200 OK 9.2 kB URL HTTP/1.1 images.freekaamaal.com/featured_images/small_177405_jhgfds.JPG
IP 172.104.57.98:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 235x175, components 3\012- data
Hash 1064b54a3c28c3d6ffb7a357dc4ede22
7880622faaff0c079ec23611dcc7c2fb9c1f8e5f
71ce7f1b45d1f0434a0ae6e4660c6fdc24e28665b7e4815f495bb1222f39c09d
GET /featured_images/small_177405_jhgfds.JPG HTTP/1.1
Host: images.freekaamaal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://normakethis.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 11:57:11 GMT
Server: Apache
Last-Modified: Tue, 25 Jan 2022 11:32:15 GMT
ETag: "23cf-5d6666fd8f5f1"
Accept-Ranges: bytes
Content-Length: 9167
Cache-Control: max-age=315360000, public
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/jpeg
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
142.250.74.35200 OK 25 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 142.250.74.35:0
File type PNG image data, 235 x 175, 8-bit/color RGBA, non-interlaced\012- data
Hash 09042ed6792909b8f8206744522d9867
cfe914f7a2391f2f18b5189b306b8526520f00cd
de74c62ecb0869217b040ccee04794c0a2432ea4baef1e90a2018df3baa72e94
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://normakethis.blogspot.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 05 Dec 2022 18:52:41 GMT
expires: Tue, 05 Dec 2023 18:52:41 GMT
cache-control: public, max-age=31536000
age: 147865
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
images.freekaamaal.com/featured_images/small_177296_Untitleddesign(1).png
172.104.57.98200 OK 29 kB URL HTTP/1.1 images.freekaamaal.com/featured_images/small_177296_Untitleddesign(1).png
IP 172.104.57.98:0
File type PNG image data, 235 x 175, 8-bit/color RGBA, non-interlaced\012- data
Hash d2b146e3149388c0bb67f8c2e0b6f5c8
6756d1b7c6e3f0400b1bf9b575cb3fc65cb691d9
3b6047975e44f98ff7afe91f7416e9bad98d00bbf8442bc7c81075ea3ef521ee
GET /featured_images/small_177296_Untitleddesign(1).png HTTP/1.1
Host: images.freekaamaal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://normakethis.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 11:57:11 GMT
Server: Apache
Last-Modified: Fri, 21 Jan 2022 11:17:21 GMT
ETag: "70f7-5d615c3344913"
Accept-Ranges: bytes
Content-Length: 28919
Cache-Control: max-age=315360000, public
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png
images.freekaamaal.com/store-images/30.jpg
172.104.57.98200 OK 3.5 kB URL HTTP/1.1 images.freekaamaal.com/store-images/30.jpg
IP 172.104.57.98:0
File type PNG image data, 92 x 30, 8-bit/color RGBA, non-interlaced\012- data
Hash ab989cdc750094db903a02557fd2f9bd
d49855378cec4b36cbb602c716ff07a19c8d62ec
9c8926e6879b0ed57fc8cc6a86329e395e46a7a13e4cd0456f87ef709f0ef269
GET /store-images/30.jpg HTTP/1.1
Host: images.freekaamaal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://normakethis.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 11:57:12 GMT
Server: Apache
Last-Modified: Fri, 22 Dec 2017 10:45:42 GMT
ETag: "dc8-560eb849ebf77"
Accept-Ranges: bytes
Content-Length: 3528
Cache-Control: max-age=315360000, public
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/jpeg
images.freekaamaal.com/featured_images/small_177425_Untitleddesign(2).png
172.104.57.98200 OK 70 kB URL HTTP/1.1 images.freekaamaal.com/featured_images/small_177425_Untitleddesign(2).png
IP 172.104.57.98:0
File type PNG image data, 235 x 175, 8-bit/color RGBA, non-interlaced\012- data
Hash f26d727c823a979c4a4955c004212516
79c8350e56d489757a030875cec67eb1d1ecf0b4
ecb336b739307dd8c94f42f4c63146f5257d5cf2795a1dfd1d5e2e0c6b2db5de
GET /featured_images/small_177425_Untitleddesign(2).png HTTP/1.1
Host: images.freekaamaal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://normakethis.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 11:57:11 GMT
Server: Apache
Last-Modified: Wed, 26 Jan 2022 09:51:31 GMT
ETag: "110b5-5d6792574bc59"
Accept-Ranges: bytes
Content-Length: 69813
Cache-Control: max-age=315360000, public
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png
images.freekaamaal.com/featured_images/small_169176_hgfd.jpg
172.104.57.98200 OK 18 kB URL HTTP/1.1 images.freekaamaal.com/featured_images/small_169176_hgfd.jpg
IP 172.104.57.98:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 235x175, components 3\012- data
Hash 09078b3a731c2b1bf3273b08768d4bcb
051807beb61075d2c91b62bf2afdde9984c32826
8120e554369f817b5d69c98f89c15187e49d8e55ca5087ad4287b1b0f0cb2d87
GET /featured_images/small_169176_hgfd.jpg HTTP/1.1
Host: images.freekaamaal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://normakethis.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 11:57:12 GMT
Server: Apache
Last-Modified: Sun, 21 Feb 2021 05:59:53 GMT
ETag: "449c-5bbd264e3e047"
Accept-Ranges: bytes
Content-Length: 17564
Cache-Control: max-age=315360000, public
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/jpeg
images.freekaamaal.com/featured_images/small_167990_slider3-min.jpg
172.104.57.98200 OK 21 kB URL HTTP/1.1 images.freekaamaal.com/featured_images/small_167990_slider3-min.jpg
IP 172.104.57.98:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 235x175, components 3\012- data
Hash e4bb37f38ce1c6a5ae3750866757b83e
345587364fc9941cb8d3e9a0860bae58e1cf1347
4bec5a6bd05ddf4c3e064c7017a93633ed019f3d29fa505e22df0f669e7718d8
GET /featured_images/small_167990_slider3-min.jpg HTTP/1.1
Host: images.freekaamaal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://normakethis.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 11:57:12 GMT
Server: Apache
Last-Modified: Tue, 29 Dec 2020 06:32:06 GMT
ETag: "5122-5b7948ca76e4d"
Accept-Ranges: bytes
Content-Length: 20770
Cache-Control: max-age=315360000, public
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/jpeg
images.freekaamaal.com/featured_images/small_177449_1.png
172.104.57.98200 OK 82 kB URL HTTP/1.1 images.freekaamaal.com/featured_images/small_177449_1.png
IP 172.104.57.98:0
File type PNG image data, 235 x 175, 8-bit/color RGBA, non-interlaced\012- data
Hash 74d3e574fcf0296d209b82d1a52ec93e
a1f291a8bac19a02eabe7b736c972ffac5b9696e
278180a89af6def5f95c610beee32e19495e5ff2ea84f121250949f7afcde1d5
GET /featured_images/small_177449_1.png HTTP/1.1
Host: images.freekaamaal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://normakethis.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 11:57:11 GMT
Server: Apache
Last-Modified: Thu, 27 Jan 2022 07:26:56 GMT
ETag: "13e73-5d68b3e3879e3"
Accept-Ranges: bytes
Content-Length: 81523
Cache-Control: max-age=315360000, public
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png
freekaamaal.com/images/common-images/login-popup-image.jpg
172.104.57.98200 OK 17 kB URL HTTP/1.1 freekaamaal.com/images/common-images/login-popup-image.jpg
IP 172.104.57.98:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 272x248, components 3\012- data
Hash 3b28ae48c61bfdc5e1b2ad5ee1c4cbd2
2bb8b3485719e05dd09dd05716a70f15e97f160b
e2b93854a7b0459125a261294796f531b4aee80c105485fb810ee8a078156768
GET /images/common-images/login-popup-image.jpg HTTP/1.1
Host: freekaamaal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://normakethis.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 11:57:12 GMT
Server: Apache
Last-Modified: Fri, 04 May 2018 09:29:21 GMT
ETag: "419b-56b5df4771097"
Accept-Ranges: bytes
Content-Length: 16795
Cache-Control: max-age=315360000, public
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/jpeg
images.freekaamaal.com/featured_images/small_160680_sdrtyuiopiuytre.jpg
172.104.57.98200 OK 5.8 kB URL HTTP/1.1 images.freekaamaal.com/featured_images/small_160680_sdrtyuiopiuytre.jpg
IP 172.104.57.98:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 235x175, components 3\012- data
Hash 21ddba79a4db82d57fcba173742791de
698d242a2eb4f00debc95a5703341dc6af0597b4
fb94c69ea8a6f4425d16d59812b15a9d31d802a4c846be6a8f2ded1356d3bf56
GET /featured_images/small_160680_sdrtyuiopiuytre.jpg HTTP/1.1
Host: images.freekaamaal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://normakethis.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 11:57:12 GMT
Server: Apache
Last-Modified: Tue, 17 Dec 2019 07:18:34 GMT
ETag: "167e-599e122d34b83"
Accept-Ranges: bytes
Content-Length: 5758
Cache-Control: max-age=315360000, public
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/jpeg
images.freekaamaal.com/featured_images/small_166394_nbvcnb.jpg
172.104.57.98200 OK 12 kB URL HTTP/1.1 images.freekaamaal.com/featured_images/small_166394_nbvcnb.jpg
IP 172.104.57.98:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 235x175, components 3\012- data
Hash 4f28a34c61e7d36c26735ac01faa1556
1da89484792648c92f25f9e3de0c7f405aa933ea
8df10d5e7494d49d6eed1bc365a24260196e1a085605e8f29d08026ce79d865a
GET /featured_images/small_166394_nbvcnb.jpg HTTP/1.1
Host: images.freekaamaal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://normakethis.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 11:57:12 GMT
Server: Apache
Last-Modified: Mon, 12 Oct 2020 09:50:35 GMT
ETag: "30eb-5b1763ad9e025"
Accept-Ranges: bytes
Content-Length: 12523
Cache-Control: max-age=315360000, public
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/jpeg
images.freekaamaal.com/featured_images/Screenshot-1647.png
172.104.57.98200 OK 105 kB URL HTTP/1.1 images.freekaamaal.com/featured_images/Screenshot-1647.png
IP 172.104.57.98:0
File type PNG image data, 336 x 256, 8-bit/color RGBA, non-interlaced\012- data
Size 105 kB (105012 bytes)
Hash 17315fef4e5412d851009283746fe64d
e5782452af2d3a4018efec44168afaa4a4f907c4
805a8a91f2ca86cdd4b7f1425814052f49a663300ef6e9031c49d30f7b04885d
GET /featured_images/Screenshot-1647.png HTTP/1.1
Host: images.freekaamaal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://normakethis.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 11:57:12 GMT
Server: Apache
Last-Modified: Fri, 02 Jun 2017 09:12:45 GMT
ETag: "19a34-550f68e7443b7"
Accept-Ranges: bytes
Content-Length: 105012
Cache-Control: max-age=315360000, public
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png
images.freekaamaal.com/featured_images/small_165392_jhgf.JPG
172.104.57.98200 OK 6.6 kB URL HTTP/1.1 images.freekaamaal.com/featured_images/small_165392_jhgf.JPG
IP 172.104.57.98:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 235x175, components 3\012- data
Hash 9cd6eacadfa26f0b9dc0c54b6d003643
b7c178464db5de8e201f7e13b12f1be5ee74c060
712fb3da4249fdf7e140c5d3ae17c3e72226a818dd0ed244776432daea4abd1d
GET /featured_images/small_165392_jhgf.JPG HTTP/1.1
Host: images.freekaamaal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://normakethis.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 11:57:12 GMT
Server: Apache
Last-Modified: Tue, 25 Aug 2020 06:00:25 GMT
ETag: "19c4-5adad6b5b17df"
Accept-Ranges: bytes
Content-Length: 6596
Cache-Control: max-age=315360000, public
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/jpeg
images.freekaamaal.com/featured_images/small_164926_jhgfhgf.JPG
172.104.57.98200 OK 13 kB URL HTTP/1.1 images.freekaamaal.com/featured_images/small_164926_jhgfhgf.JPG
IP 172.104.57.98:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 235x175, components 3\012- data
Hash d8fe82b97e7d05eab432b89b056fa464
cfbf051996dd491fcafe6a7bab9c1f96fa5dbc12
720dd90e5fe4c286a28be74c2324709d2f1cfc140719697858e6e3c1ca8059bc
GET /featured_images/small_164926_jhgfhgf.JPG HTTP/1.1
Host: images.freekaamaal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://normakethis.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 11:57:12 GMT
Server: Apache
Last-Modified: Tue, 04 Aug 2020 10:27:08 GMT
ETag: "3106-5ac0ab283fe4f"
Accept-Ranges: bytes
Content-Length: 12550
Cache-Control: max-age=315360000, public
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/jpeg
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 93cd4106946bc499c4dbdfcab6ea7718
5628412fd5319f549699b48bc27ff0f2f334e6bd
9b471a64f51d01dc302ad60957ad702f536d4e2682ee9a594fe2253e1101d909
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9B471A64F51D01DC302AD60957AD702F536D4E2682EE9A594FE2253E1101D909"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3961
Expires: Wed, 07 Dec 2022 13:03:14 GMT
Date: Wed, 07 Dec 2022 11:57:13 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d44205a852cedc47da2373b3542f2ca0
884e5d2d7ef372a86e7edc3f8c1dc63a3b4fbe82
f2adb5b3e4b05ad953d43f483497243ae66c148f2af8f39473ddc6fcf2623bb9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4641
Cache-Control: max-age=94162
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 11:57:13 GMT
Etag: "638f3a4a-1d7"
Expires: Thu, 08 Dec 2022 14:06:35 GMT
Last-Modified: Tue, 06 Dec 2022 12:49:14 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
s10.histats.com/js15_as.js
46.105.201.240200 OK 4.4 kB URL HTTP/2 s10.histats.com/js15_as.js
IP 46.105.201.240:0
File type HTML document, ASCII text, with very long lines (11440), with no line terminators
Hash ed192092c129db6123a3397855f42619
067e9b8e26cf6246eb84c6b9cf3da0c192ce7b3e
998fff486a7fb38b6ed445edc36c9b317b70950cd39efcf4012ca641312fcee1
GET /js15_as.js HTTP/1.1
Host: s10.histats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://normakethis.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 11:49:05 GMT
etag: "-375139978"
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
x-request-id: 651919749
content-type: application/javascript; charset=UTF-8
content-encoding: br
x-cdn-pop: sbg
x-cdn-pop-ip: 137.74.120.0/27
x-cacheable: Matched cache
accept-ranges: bytes
content-length: 4364
X-Firefox-Spdy: h2
connect.facebook.net/en_US/sdk.js
157.240.247.8200 OK 1.7 kB URL HTTP/2 connect.facebook.net/en_US/sdk.js
IP 157.240.247.8:0
File type ASCII text, with very long lines (1957)
Hash 1ebf4d2b464731fb0925b11303c956ab
d5f5ed019e49872f01fe2dff729298198715c6e5
537d7ae864e73db426a27007b5ab7daac026a42ac84ce4dd4238ed9de35dc220
GET /en_US/sdk.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://normakethis.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: d1e897836c4d9a4733f9fb31e7b54085
etag: "1194fcf98458fd4f7dfd862c986cb9f2"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Wed, 07 Dec 2022 12:12:35 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: Hr9NK0ZHMfsJJbETA8lWqw==
x-fb-debug: 2SI3eUPPjr7o+zLs7xFbEWH7/fc3drl6GZ4RhrEVoHtOVcncxqyjOpGGMHq5EK1tiC5jvGQEKNn3h0r68lXBQA==
priority: u=3,i
content-length: 1687
x-fb-trip-id: 1679558926
date: Wed, 07 Dec 2022 11:57:13 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
images.freekaamaal.com/featured_images/small_166122_Untitled.png
172.104.57.98200 OK 73 kB URL HTTP/1.1 images.freekaamaal.com/featured_images/small_166122_Untitled.png
IP 172.104.57.98:0
File type PNG image data, 235 x 175, 8-bit/color RGBA, non-interlaced\012- data
Hash 0603359c22609dbee9a019c07cb72e2f
9c0ae2d54a5e2f6e465ddd0d3bcbab4bed33da44
dea484db92cc8bf1189cb030bab63c2788170f2e65ba64bd2751c2725a71e845
GET /featured_images/small_166122_Untitled.png HTTP/1.1
Host: images.freekaamaal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://normakethis.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 11:57:12 GMT
Server: Apache
Last-Modified: Tue, 29 Sep 2020 07:16:27 GMT
ETag: "11cb0-5b06e8fbd6759"
Accept-Ranges: bytes
Content-Length: 72880
Cache-Control: max-age=315360000, public
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/png
fonts.googleapis.com/css?family=Open+Sans:400,400i,600,600i,700,700i
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans:400,400i,600,600i,700,700i
IP 142.250.74.106:0
GET /css?family=Open+Sans:400,400i,600,600i,700,700i HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://normakethis.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 07 Dec 2022 11:57:05 GMT
date: Wed, 07 Dec 2022 11:57:05 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/notifications/utility/default/us/blog/financeskipper/message_redcircle2/16/js/script.js
172.64.109.13200 OK 0 B URL HTTP/2 cdn.creative-bars1.com/sb/notifications/utility/default/us/blog/financeskipper/message_redcircle2/16/js/script.js
IP 172.64.109.13:0
GET /sb/notifications/utility/default/us/blog/financeskipper/message_redcircle2/16/js/script.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://normakethis.blogspot.com
Connection: keep-alive
Referer: https://normakethis.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 11:57:10 GMT
content-type: application/javascript
last-modified: Thu, 12 Aug 2021 09:52:54 GMT
etag: W/"6114ef76-182"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9loGrMnkkw1jvdXqc46e2BVWJq%2B7s7BEclu0cboHtFkCsn8htzHop0EyrII4S8t2qxjH%2BjD%2Fk75SSKMbHZCox9EYGz3kOVFtbzi5BjmaoxYC53pWyc82iPX5%2B57JVp4lZDtDfSkP%2B5rc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 775d150e3f98bc87-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 0 B IP 142.250.74.131:0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 11:57:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.creative-bars1.com/sb/notifications/utility/default/us/blog/financeskipper/message_redcircle2/16/css/animate.css
172.64.109.13200 OK 0 B URL HTTP/2 cdn.creative-bars1.com/sb/notifications/utility/default/us/blog/financeskipper/message_redcircle2/16/css/animate.css
IP 172.64.109.13:0
GET /sb/notifications/utility/default/us/blog/financeskipper/message_redcircle2/16/css/animate.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://normakethis.blogspot.com
Connection: keep-alive
Referer: https://normakethis.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 11:57:11 GMT
content-type: text/css
last-modified: Thu, 12 Aug 2021 09:52:53 GMT
etag: W/"6114ef75-1358d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1m811tVsc00qbvEgXGlXjtSm6%2BbimjzWhNyXTE%2FuYbqegY5c4ptDfgA0Mi5kloFFDjnDn%2Bj8tRiy6L29sR10Z3NZOlOjGKnITLaAOdTDUUWH6UqfXNScQKt5saQGLH7wXYRMeUtwn6KA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 775d150e3f93bc87-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2