firefox.settings.services.mozilla.com/v1/
143.204.55.115200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 99b7d23c1748d0526782b9ff9ea45f09
eadd801a3ba2aa00632c6fb52e1f9125bd6d5b4f
48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 19 Sep 2022 09:57:37 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: FceXCHcRu1rO8IuJ4GC7Bmwk-Z04g7SiqRBVB4vrrOlWi49Dqn9Srw==
Age: 1719
gloriawebsterblog.blogspot.com/2013/07/thermostat-studio-dmv-gks-2005.html
142.250.74.161301 Moved Permanently 216 B URL HTTP/1.1 gloriawebsterblog.blogspot.com/2013/07/thermostat-studio-dmv-gks-2005.html
IP 142.250.74.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 6df222f50d6a955e1cfac0504075749c
8920a3757ed2953f1b8acb51aafd2038ebc9e9f2
c33dea2c642326c6d4fcf50d5f595396ee3f712b3ed23d97d15c0b479d8a34f0
GET /2013/07/thermostat-studio-dmv-gks-2005.html HTTP/1.1
Host: gloriawebsterblog.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Location: https://gloriawebsterblog.blogspot.com/2013/07/thermostat-studio-dmv-gks-2005.html
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Mon, 19 Sep 2022 10:26:16 GMT
Expires: Mon, 19 Sep 2022 10:26:16 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 216
Server: GSE
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 861cfa99de956423d917ed0ddbea4b9c
ad65dbc394b48b04a45c205f56af296c8d008db4
5c706b2718b1698995f4feb91223779aef4bf6dc967c31f9ef9a93873197d5f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5C706B2718B1698995F4FEB91223779AEF4BF6DC967C31F9EF9A93873197D5F9"
Last-Modified: Sun, 18 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2425
Expires: Mon, 19 Sep 2022 11:06:41 GMT
Date: Mon, 19 Sep 2022 10:26:16 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.110200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.110:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Mon, 19 Sep 2022 04:35:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 2MZdm37P5sGaTC-KTHof-s9hPdvYPP-nPfObKVpM2c4JidTNvs9WOA==
age: 21063
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 07566e7f0afe22aa412420cd4521193c
0d7ad3ad7187052880bd11576a49d5ce88faaf6a
f33d32e8d07bd001bf1205deadf439ea3009de7341719f33c1798d41faa71876
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 10:26:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 10:26:16 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.115200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Mon, 19 Sep 2022 10:03:22 GMT
Cache-Control: max-age=3600
Expires: Mon, 19 Sep 2022 10:19:51 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: oQ5KSH-P0rzK48KbhA18WhJyrFRU6hbq4FXeorSGxwzsVMrkI6k3hQ==
Age: 1374
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 07566e7f0afe22aa412420cd4521193c
0d7ad3ad7187052880bd11576a49d5ce88faaf6a
f33d32e8d07bd001bf1205deadf439ea3009de7341719f33c1798d41faa71876
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 10:26:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 5c817aa82ca8ed4a4257fd1e1628b423
7905c62b6bbc582860c07b75eddae371a4b8d02b
dce1783ecfe50c83d30878b48d60e1cf3fe42a3fa4090fb5d318194de73e53d6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6421
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 10:26:16 GMT
Last-Modified: Mon, 19 Sep 2022 08:39:15 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 377cc6ad82bc250b5fc9f7ee68f2e129
6726e0d37fb67318cc5d7b01149e5057ba30ae89
21f4bac878f491505f71aab032a4945a10d381c1510cc129493c0037a54329fc
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6297
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 10:26:17 GMT
Last-Modified: Mon, 19 Sep 2022 08:41:20 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 278
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash eaa8b4aa123f9dd7237c5c51d2f848d9
1082f5f6ef7229ec76f94f3d236f273b26294563
d1ad33dae2fcab5c7d66875f0e7a01cc30e0b3a031606917fa5448c54f84e20d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 10:26:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash ca3ab7a8411ba9c6350d504e65a95cc6
8b39f564b1b1cb1d262cb57b41a4bb5de331087f
cb51d72baec3c84ac94d419aab6d291b7596a9098525471fdb3fbbb6d34aa3db
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 10:26:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b4c60d56295e233734522e5c10011fe7
1d5c5aa26e115098450fc0b364e12996ebbaa4ce
e9e74c1be10004d1660ee10718e2237b752a4ad8f2ab16b8fe4bdec3aa5bf6f5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E9E74C1BE10004D1660EE10718E2237B752A4AD8F2AB16B8FE4BDEC3AA5BF6F5"
Last-Modified: Sat, 17 Sep 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15511
Expires: Mon, 19 Sep 2022 14:44:48 GMT
Date: Mon, 19 Sep 2022 10:26:17 GMT
Connection: keep-alive
gloriawebsterblog.blogspot.com/2013/07/thermostat-studio-dmv-gks-2005.html
142.250.74.161200 OK 66 kB URL HTTP/2 gloriawebsterblog.blogspot.com/2013/07/thermostat-studio-dmv-gks-2005.html
IP 142.250.74.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (56101), with CR, LF line terminators
Hash 5f21840d6b1440531efb9aa93a479494
bbaa63f027dab30e14364a29a66ef3254978e7b4
e08316f427fae9ba67f66b793011ab0013502caf176bdeb4e44f40682b0a6321
GET /2013/07/thermostat-studio-dmv-gks-2005.html HTTP/1.1
Host: gloriawebsterblog.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
expires: Mon, 19 Sep 2022 10:26:16 GMT
date: Mon, 19 Sep 2022 10:26:16 GMT
cache-control: private, max-age=0
last-modified: Wed, 27 Apr 2022 01:21:05 GMT
etag: W/"fa715c564b63b76fbe29bd8733cf72c38b5aecd5ede022ebc5635a0163fc833f"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 65570
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash ca3ab7a8411ba9c6350d504e65a95cc6
8b39f564b1b1cb1d262cb57b41a4bb5de331087f
cb51d72baec3c84ac94d419aab6d291b7596a9098525471fdb3fbbb6d34aa3db
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 10:26:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash ca3ab7a8411ba9c6350d504e65a95cc6
8b39f564b1b1cb1d262cb57b41a4bb5de331087f
cb51d72baec3c84ac94d419aab6d291b7596a9098525471fdb3fbbb6d34aa3db
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 10:26:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash ca3ab7a8411ba9c6350d504e65a95cc6
8b39f564b1b1cb1d262cb57b41a4bb5de331087f
cb51d72baec3c84ac94d419aab6d291b7596a9098525471fdb3fbbb6d34aa3db
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 10:26:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 394bcb7d2d03225cc35ac7afed1ca636
f9527034abeec236e7ffacc23473930958e04224
0254137487ef4a909a8c18cd47f5080e989796a5e1fe7873950617953a58c8d7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 10:26:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 377cc6ad82bc250b5fc9f7ee68f2e129
6726e0d37fb67318cc5d7b01149e5057ba30ae89
21f4bac878f491505f71aab032a4945a10d381c1510cc129493c0037a54329fc
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6297
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 10:26:17 GMT
Last-Modified: Mon, 19 Sep 2022 08:41:20 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 278
lh3.googleusercontent.com/blogger_img_proxy/ANbyha38zrrevMLXuIB2gt2_-YvaWGR6ei1Mo3mLu73UQJkSpLGuHI8ZTVUiHKml6zu5yedAXfxB-xXvtOb3-dCIUXlT7Wk28CgLUWHTGBeF3A3wMOAhDvxkVHm1RrbH-t_ORiLMzRMSrdA=s0-d
142.250.74.1404 Not Found 1.7 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha38zrrevMLXuIB2gt2_-YvaWGR6ei1Mo3mLu73UQJkSpLGuHI8ZTVUiHKml6zu5yedAXfxB-xXvtOb3-dCIUXlT7Wk28CgLUWHTGBeF3A3wMOAhDvxkVHm1RrbH-t_ORiLMzRMSrdA=s0-d
IP 142.250.74.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1136)
Hash 5103ad55b90e2fee874db2e40e7bbc8d
a0fdb8c95db80cf25d3d779e0792feb05e716ebd
a645cb9d379d2541d1bc4259f09c3c0c721b3986ec2c0b635b966b44cb41a64c
GET /blogger_img_proxy/ANbyha38zrrevMLXuIB2gt2_-YvaWGR6ei1Mo3mLu73UQJkSpLGuHI8ZTVUiHKml6zu5yedAXfxB-xXvtOb3-dCIUXlT7Wk28CgLUWHTGBeF3A3wMOAhDvxkVHm1RrbH-t_ORiLMzRMSrdA=s0-d HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gloriawebsterblog.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 19 Sep 2022 10:26:17 GMT
server: fife
content-length: 1727
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6f0747f732f05e110f9fe9938de620d3
d4e9a55014187d0d2af174e5c27d03cc10c6cb05
32a866308c9d930c425a8ced1974039a409528cb4a0bd07bfbe4d8cd39be9742
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 10:26:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lh3.googleusercontent.com/blogger_img_proxy/ANbyha1b0nyb6lt65gZFrJZPkHs5uQNE1xLQLG500cS_DN_QQFafbOisuGlStCPskBW-qltC5HkReIddMhaXXC2vy6O5Tz1o-0FvmYjfrdKRWc1rNasZBGsEbG4ZCYAPW0fgx-9KQZEHnqhi5rUH_yLon-Uu=w100
142.250.74.1404 Not Found 1.7 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha1b0nyb6lt65gZFrJZPkHs5uQNE1xLQLG500cS_DN_QQFafbOisuGlStCPskBW-qltC5HkReIddMhaXXC2vy6O5Tz1o-0FvmYjfrdKRWc1rNasZBGsEbG4ZCYAPW0fgx-9KQZEHnqhi5rUH_yLon-Uu=w100
IP 142.250.74.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1136)
Hash ad96e5badfecf281fae59fe5ce36defe
5fe4623d16ce5936b6668edba3194d7a853aa40a
6c743773000a6400e00535e46e88255a7662ff481a8a675ec860f17c67abab03
GET /blogger_img_proxy/ANbyha1b0nyb6lt65gZFrJZPkHs5uQNE1xLQLG500cS_DN_QQFafbOisuGlStCPskBW-qltC5HkReIddMhaXXC2vy6O5Tz1o-0FvmYjfrdKRWc1rNasZBGsEbG4ZCYAPW0fgx-9KQZEHnqhi5rUH_yLon-Uu=w100 HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gloriawebsterblog.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 19 Sep 2022 10:26:17 GMT
server: fife
content-length: 1740
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.blogger.com/static/v1/jsbin/3262169375-comment_from_post_iframe.js
216.58.207.201200 OK 6.5 kB URL HTTP/2 www.blogger.com/static/v1/jsbin/3262169375-comment_from_post_iframe.js
IP 216.58.207.201:0
File type ASCII text, with very long lines (1264)
Hash 30af015884191ce4fe52ce1e707baed9
faa1418efa036704d31eb90f4fbd82de456b81b7
0456cf81299c957c8e54dabb00b4d6d96b76be729b1e112d478b34ba56d8059d
GET /static/v1/jsbin/3262169375-comment_from_post_iframe.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gloriawebsterblog.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 6499
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 18 Sep 2022 18:36:04 GMT
expires: Mon, 18 Sep 2023 18:36:04 GMT
cache-control: public, max-age=31536000
last-modified: Sun, 18 Sep 2022 02:49:24 GMT
content-type: text/javascript
age: 57013
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
142.250.74.170200 OK 34 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
IP 142.250.74.170:0
File type ASCII text, with very long lines (32077)
Hash fd2b58574f9637ba7ef639267349d848
6eda5ea93f549ceb5693f6f1c038893fa56a510d
75627d4b97e5e6294a8f88f5eeaf9b616696dc8600db9701c47ef05f067880ec
GET /ajax/libs/jquery/1.12.4/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gloriawebsterblog.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33951
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 14 Sep 2022 15:58:28 GMT
expires: Thu, 14 Sep 2023 15:58:28 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
age: 412069
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/blogger_img_proxy/ANbyha3EXKOL0CGygmIfC-QHQ59750u13brw8HsH8wbK7o53TFndO8FGMLTCBsgBMdotFaC0CTflgaVCFnVG2xa97vcyww8zidapMYzwSjn0nPp1uzTOrRdC-f8z8CbaORcW1oZvjEdp0j3TWmtf9vdL96Bxz2d4yQqRZuKQzXo3YfGjGF9D3DFfEI4D76jjGfRxwYrh4ciPex7heYObaX0FlMUWtjW4MAEG8OwIE1tauowJa5lK2hx9qqAP1GNQxzLglBph0CjEOT-xER-RkkYHvRvOOxnm-ztXs2SJu9Dd5vVHFP1Pl-Sdu38=w100
142.250.74.1404 Not Found 1.9 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha3EXKOL0CGygmIfC-QHQ59750u13brw8HsH8wbK7o53TFndO8FGMLTCBsgBMdotFaC0CTflgaVCFnVG2xa97vcyww8zidapMYzwSjn0nPp1uzTOrRdC-f8z8CbaORcW1oZvjEdp0j3TWmtf9vdL96Bxz2d4yQqRZuKQzXo3YfGjGF9D3DFfEI4D76jjGfRxwYrh4ciPex7heYObaX0FlMUWtjW4MAEG8OwIE1tauowJa5lK2hx9qqAP1GNQxzLglBph0CjEOT-xER-RkkYHvRvOOxnm-ztXs2SJu9Dd5vVHFP1Pl-Sdu38=w100
IP 142.250.74.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1136)
Hash 8f19a980d05433ab3a4ddc284dd95703
bdd586441c88fdc41d975a20e2a986f86c68468f
162183924658fc3bba45c7e070077b530cc5742a1e8620558c21a5914f2e23cd
GET /blogger_img_proxy/ANbyha3EXKOL0CGygmIfC-QHQ59750u13brw8HsH8wbK7o53TFndO8FGMLTCBsgBMdotFaC0CTflgaVCFnVG2xa97vcyww8zidapMYzwSjn0nPp1uzTOrRdC-f8z8CbaORcW1oZvjEdp0j3TWmtf9vdL96Bxz2d4yQqRZuKQzXo3YfGjGF9D3DFfEI4D76jjGfRxwYrh4ciPex7heYObaX0FlMUWtjW4MAEG8OwIE1tauowJa5lK2hx9qqAP1GNQxzLglBph0CjEOT-xER-RkkYHvRvOOxnm-ztXs2SJu9Dd5vVHFP1Pl-Sdu38=w100 HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gloriawebsterblog.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 19 Sep 2022 10:26:17 GMT
server: fife
content-length: 1899
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash eaa8b4aa123f9dd7237c5c51d2f848d9
1082f5f6ef7229ec76f94f3d236f273b26294563
d1ad33dae2fcab5c7d66875f0e7a01cc30e0b3a031606917fa5448c54f84e20d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 10:26:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.blogger.com/static/v1/widgets/3753684042-widgets.js
216.58.207.201200 OK 57 kB URL HTTP/2 www.blogger.com/static/v1/widgets/3753684042-widgets.js
IP 216.58.207.201:0
File type ASCII text, with very long lines (2221)
Hash 9310029f33929201831992bd74c13953
092fc9b60b0fcc7e24b80eb89f40178e91effb98
ed0ad17efb3c922e7bc8feffa0a5718d2ad226c44f2bb183b6ad163684f3b982
GET /static/v1/widgets/3753684042-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gloriawebsterblog.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 57039
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 15 Sep 2022 01:53:41 GMT
expires: Fri, 15 Sep 2023 01:53:41 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 08 Sep 2022 20:54:17 GMT
content-type: text/javascript
age: 376356
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 394bcb7d2d03225cc35ac7afed1ca636
f9527034abeec236e7ffacc23473930958e04224
0254137487ef4a909a8c18cd47f5080e989796a5e1fe7873950617953a58c8d7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 10:26:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
44.240.140.78101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.240.140.78:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: OCjZIQ9ofu13d6uZohPd1w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 2E3sg685XH9rnZj9i8nTVLaZ8IU=
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
142.250.74.34200 OK 58 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
IP 142.250.74.34:0
File type ASCII text, with very long lines (2903)
Hash b11a4c880f3f0c75f9ed6a1228e5bf6f
a9ce466180cb51ac5d6b3bb271b9ae3554da0c5e
fdc1d6327d27ff8e07357c9a65e12253abc57202bd72b814deff6fc80deced3b
GET /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gloriawebsterblog.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding, Origin
date: Mon, 19 Sep 2022 10:26:17 GMT
expires: Mon, 19 Sep 2022 10:26:17 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 4247054690276329404
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 57997
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/blogger_img_proxy/ANbyha1hH43bJJ542M-1JN9v3engFK6hSHD38Spe0WPD4vqrXyg9ySzw2zlcwsVp-0dNqNICHnBsvr7ysEkw6HdTJWhLZlM4im9wBqEoo7U-5kEPQOTe_5_PJWpGvGp0rv4JNXHB8nHIZ0w0iFdCtWVWozWOLozbPQF0f5I579HSAt9IEskA4uG3hDYEtiV8xXgVJitFboOEZ49ikuPg_Vk4G4vIrwqvZcqqnsrtfoqkVZ5KF8AogFmmvrM28sxXAP2rsmw=s0-d
142.250.74.1404 Not Found 1.8 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha1hH43bJJ542M-1JN9v3engFK6hSHD38Spe0WPD4vqrXyg9ySzw2zlcwsVp-0dNqNICHnBsvr7ysEkw6HdTJWhLZlM4im9wBqEoo7U-5kEPQOTe_5_PJWpGvGp0rv4JNXHB8nHIZ0w0iFdCtWVWozWOLozbPQF0f5I579HSAt9IEskA4uG3hDYEtiV8xXgVJitFboOEZ49ikuPg_Vk4G4vIrwqvZcqqnsrtfoqkVZ5KF8AogFmmvrM28sxXAP2rsmw=s0-d
IP 142.250.74.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1136)
Hash bb7a9142b724b9f3bcd49a0edce336af
bcbf31f866f8a5641640aead67b7d8c73120e4e3
2dedf987b3008d5d549b33c4081045ce8eeb8d6d781a6adef7292980137850a5
GET /blogger_img_proxy/ANbyha1hH43bJJ542M-1JN9v3engFK6hSHD38Spe0WPD4vqrXyg9ySzw2zlcwsVp-0dNqNICHnBsvr7ysEkw6HdTJWhLZlM4im9wBqEoo7U-5kEPQOTe_5_PJWpGvGp0rv4JNXHB8nHIZ0w0iFdCtWVWozWOLozbPQF0f5I579HSAt9IEskA4uG3hDYEtiV8xXgVJitFboOEZ49ikuPg_Vk4G4vIrwqvZcqqnsrtfoqkVZ5KF8AogFmmvrM28sxXAP2rsmw=s0-d HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gloriawebsterblog.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 19 Sep 2022 10:26:17 GMT
server: fife
content-length: 1847
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6f0747f732f05e110f9fe9938de620d3
d4e9a55014187d0d2af174e5c27d03cc10c6cb05
32a866308c9d930c425a8ced1974039a409528cb4a0bd07bfbe4d8cd39be9742
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 10:26:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lh3.googleusercontent.com/blogger_img_proxy/ANbyha1uF0f6Xskrf2ecN61AhiIcL4Nb1nC9tDq0TqOetLzldpeNT0CohZiOP2Pm2rxgGFv2uoSV3jeWKyPxPM8uH3vma7vYTY3JEgFs0_hXG7TvQJjH7-8u_9S5L1ZwtdH1AviODMw2XPsSbs-WxRogvO08XzJ1kQlmfSJQfaYFgbzVnXlWGLK46N64dz8T-gLUYrf3aKwG5teWjPuZO5INuZ9R0jYT_qi50J64nF3d3lb0Kv_Rd6ZAgwGwW4nLzA=w100
142.250.74.1200 OK 4.6 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha1uF0f6Xskrf2ecN61AhiIcL4Nb1nC9tDq0TqOetLzldpeNT0CohZiOP2Pm2rxgGFv2uoSV3jeWKyPxPM8uH3vma7vYTY3JEgFs0_hXG7TvQJjH7-8u_9S5L1ZwtdH1AviODMw2XPsSbs-WxRogvO08XzJ1kQlmfSJQfaYFgbzVnXlWGLK46N64dz8T-gLUYrf3aKwG5teWjPuZO5INuZ9R0jYT_qi50J64nF3d3lb0Kv_Rd6ZAgwGwW4nLzA=w100
IP 142.250.74.1:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x142, components 3\012- data
Hash b91980c9be67b286cce8b9ef5f2f202f
3174c9e868aae96399817efa4bf42dfa68bf69e7
86a3cfeb1c811a511fb4a1e2efe1c03dd0d7d954e810352d5ef23cd6a071be7b
GET /blogger_img_proxy/ANbyha1uF0f6Xskrf2ecN61AhiIcL4Nb1nC9tDq0TqOetLzldpeNT0CohZiOP2Pm2rxgGFv2uoSV3jeWKyPxPM8uH3vma7vYTY3JEgFs0_hXG7TvQJjH7-8u_9S5L1ZwtdH1AviODMw2XPsSbs-WxRogvO08XzJ1kQlmfSJQfaYFgbzVnXlWGLK46N64dz8T-gLUYrf3aKwG5teWjPuZO5INuZ9R0jYT_qi50J64nF3d3lb0Kv_Rd6ZAgwGwW4nLzA=w100 HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gloriawebsterblog.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
expires: Tue, 20 Sep 2022 10:26:17 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Mon, 19 Sep 2022 10:26:17 GMT
server: fife
content-length: 4610
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash bc9a811cbf8395794e9506724cfd26e7
ef8569e244af83b67cdd63de0232e0a6e485ee60
9b4cef8120d9169cb594f2972604549781be924a7181800380b8118bda765ae6
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 19 Sep 2022 10:26:17 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 15 Sep 2022 23:32:39 GMT
Expires: Thu, 22 Sep 2022 23:32:38 GMT
Etag: "ef8569e244af83b67cdd63de0232e0a6e485ee60"
Cache-Control: max-age=305780,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74d19f4a0ef8b51d-OSL
lh3.googleusercontent.com/blogger_img_proxy/ANbyha0WodaoQKQBGUz2arrU6aL2EKNQcdgJmJexlR3BXZmbUgcb2XsojGPZlZjY-RqDBuAHl-WZvq9kYTCZL7dTjyK3JJJrgHgcmpcfDhoNL51azCf6BUT7gZ2eJ-nnAv40fw=w100
142.250.74.1404 Not Found 1.7 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha0WodaoQKQBGUz2arrU6aL2EKNQcdgJmJexlR3BXZmbUgcb2XsojGPZlZjY-RqDBuAHl-WZvq9kYTCZL7dTjyK3JJJrgHgcmpcfDhoNL51azCf6BUT7gZ2eJ-nnAv40fw=w100
IP 142.250.74.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1136)
Hash 963a910f224ac01a7461abf7400e17e4
9dc96fe6f0dbb1edceea8d8591b117685afe400d
bf4a1b49dc8900e8d0e1a1a49fc8e53d7d68a7c4c1d45414aebb568914f936fd
GET /blogger_img_proxy/ANbyha0WodaoQKQBGUz2arrU6aL2EKNQcdgJmJexlR3BXZmbUgcb2XsojGPZlZjY-RqDBuAHl-WZvq9kYTCZL7dTjyK3JJJrgHgcmpcfDhoNL51azCf6BUT7gZ2eJ-nnAv40fw=w100 HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gloriawebsterblog.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 19 Sep 2022 10:26:17 GMT
server: fife
content-length: 1718
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.libble.de/bestanden2/html/199772/bg6.png
141.95.47.168301 Moved Permanently 176 B URL HTTP/2 www.libble.de/bestanden2/html/199772/bg6.png
IP 141.95.47.168:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 8db72400027170e8bed80185c45ea16e
f413bd256d4b030b8ef9a49e94c316eb68e0cc7a
06f2653606bac39cd93aa168f85b3151cd50c55a0a60422793a7d28e1becaee1
GET /bestanden2/html/199772/bg6.png HTTP/1.1
Host: www.libble.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gloriawebsterblog.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
content-type: text/html; charset=UTF-8
location: https://www.libble.de/bestanden2/html/199772/bg6.png/
server: Microsoft-IIS/10.0
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 19 Sep 2022 10:26:18 GMT
content-length: 176
X-Firefox-Spdy: h2
lh3.googleusercontent.com/blogger_img_proxy/ANbyha157qdeJMJdaLxZ15O1g874fLdJ26X44lGP9zIwFNAthwJaszTlmoYRticeNHJJLY4wc6hzVX2ymx3z5VAPESmKAlfEjT3A1cNCMjl1CtIbMUmUUaXE8oVbxdHN4xozOBaNsNvhp_Dx8vVfjR_JI75xJLXgAXaAg5M7V_1YQW1ThxP9IPbcBgNYlWo=s0-d
142.250.74.1404 Not Found 1.8 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha157qdeJMJdaLxZ15O1g874fLdJ26X44lGP9zIwFNAthwJaszTlmoYRticeNHJJLY4wc6hzVX2ymx3z5VAPESmKAlfEjT3A1cNCMjl1CtIbMUmUUaXE8oVbxdHN4xozOBaNsNvhp_Dx8vVfjR_JI75xJLXgAXaAg5M7V_1YQW1ThxP9IPbcBgNYlWo=s0-d
IP 142.250.74.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1136)
Hash e465e5edebe92c0573386ea122203c77
195d727e7020e909a9fce8e17127f6df92e026a7
c5b45bcc7282bb756012229ae38d239cc139e1a1bc5f88a24868a6d68a0685ae
GET /blogger_img_proxy/ANbyha157qdeJMJdaLxZ15O1g874fLdJ26X44lGP9zIwFNAthwJaszTlmoYRticeNHJJLY4wc6hzVX2ymx3z5VAPESmKAlfEjT3A1cNCMjl1CtIbMUmUUaXE8oVbxdHN4xozOBaNsNvhp_Dx8vVfjR_JI75xJLXgAXaAg5M7V_1YQW1ThxP9IPbcBgNYlWo=s0-d HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gloriawebsterblog.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 19 Sep 2022 10:26:17 GMT
server: fife
content-length: 1775
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/blogger_img_proxy/ANbyha0B4EBxrCurjcdXNuy0Njoy7tluIrtDkVkWQWzBkyU6_G6uBMWLkvS1Etp_glj527tMaFMseW8QjW3Z-NqQlHI2fpWqY7hXFH5R0ZmOHvxjl-8G1yirLarfNXnZe5v35c80=s0-d
142.250.74.1404 Not Found 1.7 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha0B4EBxrCurjcdXNuy0Njoy7tluIrtDkVkWQWzBkyU6_G6uBMWLkvS1Etp_glj527tMaFMseW8QjW3Z-NqQlHI2fpWqY7hXFH5R0ZmOHvxjl-8G1yirLarfNXnZe5v35c80=s0-d
IP 142.250.74.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1136)
Hash 7d59fa6ad1512206c23b530b8772fa25
b4b6b49ad602cf60fd86bed225cf34da139e9d0d
4f99821069fa6d915bac44dc36402021e22dde35b11c4297fccece918328d5d0
GET /blogger_img_proxy/ANbyha0B4EBxrCurjcdXNuy0Njoy7tluIrtDkVkWQWzBkyU6_G6uBMWLkvS1Etp_glj527tMaFMseW8QjW3Z-NqQlHI2fpWqY7hXFH5R0ZmOHvxjl-8G1yirLarfNXnZe5v35c80=s0-d HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gloriawebsterblog.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 19 Sep 2022 10:26:17 GMT
server: fife
content-length: 1720
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/blogger_img_proxy/ANbyha0B4EBxrCurjcdXNuy0Njoy7tluIrtDkVkWQWzBkyU6_G6uBMWLkvS1Etp_glj527tMaFMseW8QjW3Z-NqQlHI2fpWqY7hXFH5R0ZmOHvxjl-8G1yirLarfNXnZe5v35c80=w100
142.250.74.1404 Not Found 1.7 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha0B4EBxrCurjcdXNuy0Njoy7tluIrtDkVkWQWzBkyU6_G6uBMWLkvS1Etp_glj527tMaFMseW8QjW3Z-NqQlHI2fpWqY7hXFH5R0ZmOHvxjl-8G1yirLarfNXnZe5v35c80=w100
IP 142.250.74.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1136)
Hash 1ab04f63f174435c466194d55cd8e4eb
3bd8ad6cff62f02195cfff864810cbe53bb7955d
86d5ccc5024e69709fa2d459a946eed87d1d8eaa8271e96b32d0389bf652fe6e
GET /blogger_img_proxy/ANbyha0B4EBxrCurjcdXNuy0Njoy7tluIrtDkVkWQWzBkyU6_G6uBMWLkvS1Etp_glj527tMaFMseW8QjW3Z-NqQlHI2fpWqY7hXFH5R0ZmOHvxjl-8G1yirLarfNXnZe5v35c80=w100 HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gloriawebsterblog.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 19 Sep 2022 10:26:17 GMT
server: fife
content-length: 1720
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash aad908edf74261d104d243e46fc1f960
58d761a305af77368e5e63095e2f23e8106815d9
cfa553aa992c8a3bb986d917d533db973a3d09324cca36a21a31b342eb91fb2d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CFA553AA992C8A3BB986D917D533DB973A3D09324CCA36A21A31B342EB91FB2D"
Last-Modified: Sun, 18 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3070
Expires: Mon, 19 Sep 2022 11:17:27 GMT
Date: Mon, 19 Sep 2022 10:26:17 GMT
Connection: keep-alive
www.libble.de/bestanden2/html/199772/bg6.png/
141.95.47.168404 Not Found 6.8 kB URL HTTP/2 www.libble.de/bestanden2/html/199772/bg6.png/
IP 141.95.47.168:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF, LF line terminators
Hash 710ba1bb16e50d60230457e405e97be5
2cee330df45678067c247d7826a028944dbc067d
d14b0765ecdcc48ea394436c2eec840f3965f17912839a3b2f58441f29bc0999
GET /bestanden2/html/199772/bg6.png/ HTTP/1.1
Host: www.libble.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gloriawebsterblog.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
cache-control: no-cache
content-type: text/html; charset=utf-8
server: Microsoft-IIS/10.0
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
date: Mon, 19 Sep 2022 10:26:18 GMT
content-length: 6818
X-Firefox-Spdy: h2
lh3.googleusercontent.com/blogger_img_proxy/ANbyha053sQi3txHlv7Dz_XsudARJ-NGUhqEgPlb6_bszWx5fxB7_LEKKWHpC-Me2YEnJ_7kPac38Ql7Dxf6I3G_GcjGUWGXUdGrq-Eb_XS8gA5cA8gmXGw=w100
142.250.74.1404 Not Found 1.7 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha053sQi3txHlv7Dz_XsudARJ-NGUhqEgPlb6_bszWx5fxB7_LEKKWHpC-Me2YEnJ_7kPac38Ql7Dxf6I3G_GcjGUWGXUdGrq-Eb_XS8gA5cA8gmXGw=w100
IP 142.250.74.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1136)
Hash 3e314add6b74a9e455bcb4a5aa9506aa
0d3ee0814c8a922dc1c2fdcd6e547b3d0d34494b
a6a94f669a27553ae57f043d806c825d8225eaec5b261070cde5864f2048570b
GET /blogger_img_proxy/ANbyha053sQi3txHlv7Dz_XsudARJ-NGUhqEgPlb6_bszWx5fxB7_LEKKWHpC-Me2YEnJ_7kPac38Ql7Dxf6I3G_GcjGUWGXUdGrq-Eb_XS8gA5cA8gmXGw=w100 HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gloriawebsterblog.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 19 Sep 2022 10:26:17 GMT
server: fife
content-length: 1703
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
p79283.clksite.com/adServe/banners?tid=79283_127088_20
173.192.101.24301 Moved Permanently 162 B URL HTTP/2 p79283.clksite.com/adServe/banners?tid=79283_127088_20
IP 173.192.101.24:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /adServe/banners?tid=79283_127088_20 HTTP/1.1
Host: p79283.clksite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gloriawebsterblog.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Mon, 19 Sep 2022 10:26:17 GMT
content-type: text/html
content-length: 162
location: https://mybetterck.com/adServe/banners?tid=79283_127088_20
X-Firefox-Spdy: h2
lh3.googleusercontent.com/blogger_img_proxy/ANbyha3gPedqWKYwxMrpwNV-fAdia5EKMKI5DresF8Y9HRgFfdUO7Cm9Ml78a9QrDiT1hk8rNdknsXachxiExu4v8TBmMlsIYFa6rtwdXrdIW4ltEUFr2n_Nxan8eMehAhoEMrjU=s0-d
142.250.74.1200 OK 112 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha3gPedqWKYwxMrpwNV-fAdia5EKMKI5DresF8Y9HRgFfdUO7Cm9Ml78a9QrDiT1hk8rNdknsXachxiExu4v8TBmMlsIYFa6rtwdXrdIW4ltEUFr2n_Nxan8eMehAhoEMrjU=s0-d
IP 142.250.74.1:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, description=SONY DSC , software=Picasa], baseline, precision 8, 800x893, components 3\012- data
Size 112 kB (112222 bytes)
Hash c25901b7488e29624750ae7b316a99d9
eaac53530f372c8a0a3fe94e48a70eeb96a341af
87cd5873b3d944b7f3757d2412fd434fd5d924697373f01f6271fe48df582cb0
GET /blogger_img_proxy/ANbyha3gPedqWKYwxMrpwNV-fAdia5EKMKI5DresF8Y9HRgFfdUO7Cm9Ml78a9QrDiT1hk8rNdknsXachxiExu4v8TBmMlsIYFa6rtwdXrdIW4ltEUFr2n_Nxan8eMehAhoEMrjU=s0-d HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gloriawebsterblog.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
expires: Tue, 20 Sep 2022 10:26:17 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: attachment;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Mon, 19 Sep 2022 10:26:17 GMT
server: fife
content-length: 112222
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pl15416977.passtechusa.com/fa/ef/ab/faefab53a3c6a8b843aabc1fbff50729.js
192.243.61.227200 OK 20 kB URL HTTP/1.1 pl15416977.passtechusa.com/fa/ef/ab/faefab53a3c6a8b843aabc1fbff50729.js
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with very long lines (59384), with no line terminators
Hash f97b2cf6d6bda799a64d850bc53fb591
b14a436e638fda8bcd9629dc757f085fd30c0c0f
fb326813685a95da210bc61e0dbcdc7fe9c1c71c9e1f0cbc1be2ca4b3a216125
GET /fa/ef/ab/faefab53a3c6a8b843aabc1fbff50729.js HTTP/1.1
Host: pl15416977.passtechusa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gloriawebsterblog.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Mon, 19 Sep 2022 10:26:17 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: c9a05f92b1a7156c489e8283f7e4c7f5
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
pl15417053.passtechusa.com/3125a33b04387fdcde3ae56138391d25/invoke.js
192.243.59.12200 OK 9.3 kB URL HTTP/1.1 pl15417053.passtechusa.com/3125a33b04387fdcde3ae56138391d25/invoke.js
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type Unicode text, UTF-8 text, with very long lines (25074), with no line terminators
Hash 703c6c422f9d7ac389537ac494f6cee0
29571280fa9999c7897fe911882b90a993e8bbb3
98ee258fa5569020379a1e415354a06918d83642b7ba68027345464c9aaf176a
GET /3125a33b04387fdcde3ae56138391d25/invoke.js HTTP/1.1
Host: pl15417053.passtechusa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gloriawebsterblog.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Mon, 19 Sep 2022 10:26:17 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ea386d2a83de2be72351ce7585ff49a5
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
lh3.googleusercontent.com/blogger_img_proxy/ANbyha1Z-juJccwtYuMq0qr6iNZSGkfXAgwl8W0KDmJobqIovSB6-oGSTpqLMY_dVgRchW8uqN2v6uBk6ZIXzgHvsPUJcY96ZJsq8eTs7OU3b4aR-aJgqr7UrCGADdJ3PrM=s0-d
142.250.74.1200 OK 344 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha1Z-juJccwtYuMq0qr6iNZSGkfXAgwl8W0KDmJobqIovSB6-oGSTpqLMY_dVgRchW8uqN2v6uBk6ZIXzgHvsPUJcY96ZJsq8eTs7OU3b4aR-aJgqr7UrCGADdJ3PrM=s0-d
IP 142.250.74.1:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1181x1371, components 3\012- data
Size 344 kB (343512 bytes)
Hash 8748cda55e9732f21bb44a81a4be4b2e
44fcde26878493230e1a54e778ff1ee838e9ca5a
fcebf2c6e93a76711521cc87db9e8fca1683c6f4fdf939993b72840cd22f2359
GET /blogger_img_proxy/ANbyha1Z-juJccwtYuMq0qr6iNZSGkfXAgwl8W0KDmJobqIovSB6-oGSTpqLMY_dVgRchW8uqN2v6uBk6ZIXzgHvsPUJcY96ZJsq8eTs7OU3b4aR-aJgqr7UrCGADdJ3PrM=s0-d HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gloriawebsterblog.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
expires: Tue, 20 Sep 2022 10:26:17 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: attachment;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Mon, 19 Sep 2022 10:26:17 GMT
server: fife
content-length: 343512
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 45f95aa258ab932ac2f8a33ff7944ffe
8f52b66e897dab7cb160d481886805ea216f407f
de4fd2aaa566b601e82c38806ec8ea84110b1d63f15efe48186f5bcf70847488
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 10:26:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lh3.googleusercontent.com/blogger_img_proxy/ANbyha3C2hUiMc-WDGN1cBJhduKiQfGNjhkWWf_msC44-YPAjcgrrNI_Swdg3xNLGsjWW9MmUFyzR_dj1JOjU3PICCAsntBBnYvxpGThEU_51dGZi1Pu2v8_ZEULu_MXRDR-89NNDjmU9w2p-BWMBMzaNFUZfWYCevCbzqxH=w100
142.250.74.1200 OK 4.4 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha3C2hUiMc-WDGN1cBJhduKiQfGNjhkWWf_msC44-YPAjcgrrNI_Swdg3xNLGsjWW9MmUFyzR_dj1JOjU3PICCAsntBBnYvxpGThEU_51dGZi1Pu2v8_ZEULu_MXRDR-89NNDjmU9w2p-BWMBMzaNFUZfWYCevCbzqxH=w100
IP 142.250.74.1:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x132, components 3\012- data
Hash 7a7784171c30b88da20a3a318d4270bc
f130431f2c2ecfd3ae8d993bd4994660c68d39a1
42070447f719587402b906de303ba7700a14aed33453f40711f0d62107b4ecf3
GET /blogger_img_proxy/ANbyha3C2hUiMc-WDGN1cBJhduKiQfGNjhkWWf_msC44-YPAjcgrrNI_Swdg3xNLGsjWW9MmUFyzR_dj1JOjU3PICCAsntBBnYvxpGThEU_51dGZi1Pu2v8_ZEULu_MXRDR-89NNDjmU9w2p-BWMBMzaNFUZfWYCevCbzqxH=w100 HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gloriawebsterblog.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
expires: Tue, 20 Sep 2022 10:26:17 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Mon, 19 Sep 2022 10:26:17 GMT
server: fife
content-length: 4372
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pushsar.com/zone?pub=0&zone_id=3260284&is_mobile=false&domain=gloriawebsterblog.blogspot.com&var=&ymid=&var_3=
139.45.197.251200 OK 695 B URL HTTP/2 pushsar.com/zone?pub=0&zone_id=3260284&is_mobile=false&domain=gloriawebsterblog.blogspot.com&var=&ymid=&var_3=
IP 139.45.197.251:0
File type JSON data\012- , ASCII text, with very long lines (694)
Hash f8aee210a1a8e0478b2f236da3865084
f5c8e137c23b1797de5f9308cddd6eaaa63747fb
ad90e6dd58456fffcc50b71a961aef31ef1aa7523d1cf6ea1facd069873191c0
GET /zone?pub=0&zone_id=3260284&is_mobile=false&domain=gloriawebsterblog.blogspot.com&var=&ymid=&var_3= HTTP/1.1
Host: pushsar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gloriawebsterblog.blogspot.com/
Origin: https://gloriawebsterblog.blogspot.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 10:26:17 GMT
content-type: application/json; charset=utf-8
content-length: 695
x-trace-id: 04e76c84260227e56e760b8bf022b89d
access-control-allow-origin: https://gloriawebsterblog.blogspot.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash a9323cf0781cad0d5ac23f0c81c105b1
772d0218be53da9f875bb96a287c904976c296da
5c808b03cd8dd26275f12a850d8a36b467246c1461ea65a4c717acb04f2ca722
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 10:26:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtm.js?id=GTM-KZVXZJS
142.250.74.72200 OK 45 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-KZVXZJS
IP 142.250.74.72:0
File type ASCII text, with very long lines (1720)
Hash 220466c1ae430e72f81973af9003597b
2dccdd88bd664c789f2c05f70cc45055be4dac2f
90150ac5b88a1840ec3f1cd0fe3cc9ae994cc86984923321ebe58de822e50be5
GET /gtm.js?id=GTM-KZVXZJS HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gloriawebsterblog.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 19 Sep 2022 10:26:17 GMT
expires: Mon, 19 Sep 2022 10:26:17 GMT
cache-control: private, max-age=900
last-modified: Mon, 19 Sep 2022 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 45067
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash a9323cf0781cad0d5ac23f0c81c105b1
772d0218be53da9f875bb96a287c904976c296da
5c808b03cd8dd26275f12a850d8a36b467246c1461ea65a4c717acb04f2ca722
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 10:26:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash 9fc04c55e695731dd8b9e69a36ef1c76
e5267f385dcab77d6dcd11e86267c0ae55e59bc4
f5558100b1c676f1a3495e560e3495a832b3b94c7acf8a032002f3fc18862d1e
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 19 Sep 2022 10:26:17 GMT
Last-Modified: Mon, 19 Sep 2022 08:40:50 GMT
Server: ECS (bsa/EB17)
X-Cache: Miss from cloudfront
Via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: pub740ReL9BgmLObwogu9aaoUBNgEjC-L_xHJ0R0nwc2DuY3H98P9g==
Age: 6327
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
142.250.74.163200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://gloriawebsterblog.blogspot.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 13 Sep 2022 08:31:01 GMT
expires: Wed, 13 Sep 2023 08:31:01 GMT
cache-control: public, max-age=31536000
age: 525316
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 45f95aa258ab932ac2f8a33ff7944ffe
8f52b66e897dab7cb160d481886805ea216f407f
de4fd2aaa566b601e82c38806ec8ea84110b1d63f15efe48186f5bcf70847488
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 10:26:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
simplewebanalysis.com/stats
3.64.106.196200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 3.64.106.196:0
File type ASCII text, with no line terminators
Hash 3fae1372d79308a3c4e844465581780d
2c6b76f08b950bb9eb56eb7fcda9dc0e710a34c6
47fa333714fe01a240208a4a9654d5f44eebb9115e87f4a095d95d6fbc03ddd7
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://gloriawebsterblog.blogspot.com
Connection: keep-alive
Referer: https://gloriawebsterblog.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 19 Sep 2022 10:26:17 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://gloriawebsterblog.blogspot.com
access-control-allow-credentials: true
set-cookie: uid_id2=c2e00114-b564-4b0c-a8f9-b12924b96be8:2:1; expires=Thu, 16 Sep 2032 10:26:17 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 344 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6c07385c50686aadb74ceb7b61dc0584
a3c65ae2e25cc51da72a503fccad276a0cfc1810
d647fdbbd4238a04d493edeca66a2b70568b003b578b7ef7f005d3b4200a6242
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "D647FDBBD4238A04D493EDECA66A2B70568B003B578B7EF7F005D3B4200A6242"
Last-Modified: Sun, 18 Sep 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7604
Expires: Mon, 19 Sep 2022 12:33:02 GMT
Date: Mon, 19 Sep 2022 10:26:18 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash a9323cf0781cad0d5ac23f0c81c105b1
772d0218be53da9f875bb96a287c904976c296da
5c808b03cd8dd26275f12a850d8a36b467246c1461ea65a4c717acb04f2ca722
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 10:26:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash fbd77a92459a14dc073409c69b64ee8f
a3742353701b1a9f784156ef6474b21ea6f419e3
b82572816d5a046f2263159c54107d5f89d7936b5fb07134b945452566a011eb
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 19 Sep 2022 10:26:18 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 16 Sep 2022 07:20:07 GMT
Expires: Fri, 23 Sep 2022 07:20:06 GMT
Etag: "a3742353701b1a9f784156ef6474b21ea6f419e3"
Cache-Control: max-age=333828,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74d19f4d6bf3b51d-OSL
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 56f5d7f608e25d64207135f045f988cb
901eb59372ae330ae85e1384da93479b21ae1082
1910daea79e5a9d04829a91e432dfa56f45a80a3e14a8cf667fec73af9fd3d29
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gloriawebsterblog.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20006
date: Mon, 19 Sep 2022 08:41:12 GMT
expires: Mon, 19 Sep 2022 10:41:12 GMT
cache-control: public, max-age=7200
age: 6306
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google-analytics.com/j/collect?v=1&_v=j96&a=715039464&t=pageview&_s=1&dl=https%3A%2F%2Fgloriawebsterblog.blogspot.com%2F2013%2F07%2Fthermostat-studio-dmv-gks-2005.html&ul=en-us&de=UTF-8&dt=Thermostat%20Studio%20Dmv%20Gks%202005&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=YEBAAEABAAAAAC~&jid=1788871461&gjid=1280564582&cid=1409684333.1663583159&tid=UA-143192270-4&_gid=551488321.1663583159&_r=1>m=2wg9e0KZVXZJS&z=1872372261
142.250.74.174200 OK 1 B URL HTTP/2 www.google-analytics.com/j/collect?v=1&_v=j96&a=715039464&t=pageview&_s=1&dl=https%3A%2F%2Fgloriawebsterblog.blogspot.com%2F2013%2F07%2Fthermostat-studio-dmv-gks-2005.html&ul=en-us&de=UTF-8&dt=Thermostat%20Studio%20Dmv%20Gks%202005&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=YEBAAEABAAAAAC~&jid=1788871461&gjid=1280564582&cid=1409684333.1663583159&tid=UA-143192270-4&_gid=551488321.1663583159&_r=1>m=2wg9e0KZVXZJS&z=1872372261
IP 142.250.74.174:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?v=1&_v=j96&a=715039464&t=pageview&_s=1&dl=https%3A%2F%2Fgloriawebsterblog.blogspot.com%2F2013%2F07%2Fthermostat-studio-dmv-gks-2005.html&ul=en-us&de=UTF-8&dt=Thermostat%20Studio%20Dmv%20Gks%202005&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=YEBAAEABAAAAAC~&jid=1788871461&gjid=1280564582&cid=1409684333.1663583159&tid=UA-143192270-4&_gid=551488321.1663583159&_r=1>m=2wg9e0KZVXZJS&z=1872372261 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://gloriawebsterblog.blogspot.com
Connection: keep-alive
Referer: https://gloriawebsterblog.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://gloriawebsterblog.blogspot.com
date: Mon, 19 Sep 2022 10:26:18 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pushsar.com/custom
139.45.197.251200 OK 0 B IP 139.45.197.251:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
OPTIONS /custom HTTP/1.1
Host: pushsar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://gloriawebsterblog.blogspot.com/
Origin: https://gloriawebsterblog.blogspot.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 10:26:18 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://gloriawebsterblog.blogspot.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f9b05b7c43546f06c93928b88d68f07f
a84534dc755a1cb3e22a7798ec38faa2c5c5ab82
5ddaa6d4d566563b691f37d51b9c0321f1b96abf5607280197844149737bff0c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5DDAA6D4D566563B691F37D51B9C0321F1B96ABF5607280197844149737BFF0C"
Last-Modified: Mon, 19 Sep 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14917
Expires: Mon, 19 Sep 2022 14:34:55 GMT
Date: Mon, 19 Sep 2022 10:26:18 GMT
Connection: keep-alive
pushsar.com/custom
139.45.197.251200 OK 39 B IP 139.45.197.251:0
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Analyzer Verdict Alert fortinet Malware
POST /custom HTTP/1.1
Host: pushsar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gloriawebsterblog.blogspot.com/
Content-Type: application/json
Origin: https://gloriawebsterblog.blogspot.com
Content-Length: 436
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 10:26:18 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 238ab9da427b23f4f4a60889e31c72ef
access-control-allow-origin: https://gloriawebsterblog.blogspot.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 75925b52065e8c40d078aee85c947946
72219bfe4412de462135af38de924431a60cd5f5
e4931e694c717412c066464f1c206f1049ebe3fa70270dd550c84129e49b68bb
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 19 Sep 2022 10:26:18 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 19 Sep 2022 06:25:21 GMT
Expires: Mon, 26 Sep 2022 06:25:20 GMT
Etag: "72219bfe4412de462135af38de924431a60cd5f5"
Cache-Control: max-age=589741,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74d19f4feebab51d-OSL
my.rtmark.net/gid.js?pub=0&userId=dae6e5e62777430dad1eedb3c9eb0cb1&zoneId=3260284&checkDuplicate=true&ymid=&var=
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?pub=0&userId=dae6e5e62777430dad1eedb3c9eb0cb1&zoneId=3260284&checkDuplicate=true&ymid=&var=
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash d6be4c6988091cb06d50116cfeda5469
83df988224f5d5dd2db909f2503b28a812e1594f
ab8c64e451bd458f2854ecd8b3b2fb2195c2af2c4183dd4175f458408de9635c
GET /gid.js?pub=0&userId=dae6e5e62777430dad1eedb3c9eb0cb1&zoneId=3260284&checkDuplicate=true&ymid=&var= HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gloriawebsterblog.blogspot.com/
Origin: https://gloriawebsterblog.blogspot.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 10:26:18 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://gloriawebsterblog.blogspot.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=dae6e5e62777430dad1eedb3c9eb0cb1; expires=Tue, 19 Sep 2023 10:26:18 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 344 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6c07385c50686aadb74ceb7b61dc0584
a3c65ae2e25cc51da72a503fccad276a0cfc1810
d647fdbbd4238a04d493edeca66a2b70568b003b578b7ef7f005d3b4200a6242
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "D647FDBBD4238A04D493EDECA66A2B70568B003B578B7EF7F005D3B4200A6242"
Last-Modified: Sun, 18 Sep 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7604
Expires: Mon, 19 Sep 2022 12:33:02 GMT
Date: Mon, 19 Sep 2022 10:26:18 GMT
Connection: keep-alive
wadmargincling.com/pixel/purst?dl=0&th=0&sc=0&rs=1801&rd=1801&fd=916&bv=22.8.v.1&tmpl=70
192.243.59.12200 OK 0 B URL HTTP/1.1 wadmargincling.com/pixel/purst?dl=0&th=0&sc=0&rs=1801&rd=1801&fd=916&bv=22.8.v.1&tmpl=70
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel/purst?dl=0&th=0&sc=0&rs=1801&rd=1801&fd=916&bv=22.8.v.1&tmpl=70 HTTP/1.1
Host: wadmargincling.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gloriawebsterblog.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Mon, 19 Sep 2022 10:26:18 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
fonts.gstatic.com/s/opensans/v34/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
142.250.74.163200 OK 48 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 47952, version 1.0\012- data
Hash 17b406b7b8caa297435fa358e194f5a1
e2132f0e97781af56fa966c0fabb49132f2af203
84161c46238fff2c6920ebc28f02cddd7b710cf3d1107853f540b084320f6afd
GET /s/opensans/v34/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://gloriawebsterblog.blogspot.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 47952
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 12 Sep 2022 18:59:14 GMT
expires: Tue, 12 Sep 2023 18:59:14 GMT
cache-control: public, max-age=31536000
age: 574024
last-modified: Mon, 15 Aug 2022 18:22:41 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 85aa2dcaf76d25900c78356e5e1c254f
46cd66c9921a162c9e67cfa7d85bc82e5967d531
741815f43b76661b9edde512bc9061cb4bc659b297e7d822bf8e68e5aac9d23d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "741815F43B76661B9EDDE512BC9061CB4BC659B297E7D822BF8E68E5AAC9D23D"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9790
Expires: Mon, 19 Sep 2022 13:09:28 GMT
Date: Mon, 19 Sep 2022 10:26:18 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 56433b6932f28a949ac82fec1caa9e99
017c5a1ccc0f6e68fd60a9d0658c0526b81b4156
a6fe9208db3d30b3a81378a59aa588480ab2080c33f1d0921752c2dfdc76d1fd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 10:26:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 85aa2dcaf76d25900c78356e5e1c254f
46cd66c9921a162c9e67cfa7d85bc82e5967d531
741815f43b76661b9edde512bc9061cb4bc659b297e7d822bf8e68e5aac9d23d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "741815F43B76661B9EDDE512BC9061CB4BC659B297E7D822BF8E68E5AAC9D23D"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9790
Expires: Mon, 19 Sep 2022 13:09:28 GMT
Date: Mon, 19 Sep 2022 10:26:18 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd460ce9f-ea5c-436e-8b02-8ec8233b9681.jpeg
34.120.237.76200 OK 5.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd460ce9f-ea5c-436e-8b02-8ec8233b9681.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e4098577adb98eae5ba4a8b5e143df71
b0ad467f2837d103f8a96fb732bd34176c4c7110
83aa54020ffc684690dfb58d78608411de38ab02fee50808a8243c6b388e77c0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd460ce9f-ea5c-436e-8b02-8ec8233b9681.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5064
x-amzn-requestid: 985dbd5b-3e8a-4e22-a974-1effa6c99112
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YrOS8FyBoAMFrCQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632790df-201df5494f1513b91eefe9d5;Sampled=0
x-amzn-remapped-date: Sun, 18 Sep 2022 21:42:55 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: RWcHVQkq3COqcWuVRgOdpVDi7VFrdjpu4q-NU0D3iod1B58xF4K_Yw==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 21:51:55 GMT
age: 45263
etag: "b0ad467f2837d103f8a96fb732bd34176c4c7110"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 85aa2dcaf76d25900c78356e5e1c254f
46cd66c9921a162c9e67cfa7d85bc82e5967d531
741815f43b76661b9edde512bc9061cb4bc659b297e7d822bf8e68e5aac9d23d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "741815F43B76661B9EDDE512BC9061CB4BC659B297E7D822BF8E68E5AAC9D23D"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9790
Expires: Mon, 19 Sep 2022 13:09:28 GMT
Date: Mon, 19 Sep 2022 10:26:18 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 85aa2dcaf76d25900c78356e5e1c254f
46cd66c9921a162c9e67cfa7d85bc82e5967d531
741815f43b76661b9edde512bc9061cb4bc659b297e7d822bf8e68e5aac9d23d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "741815F43B76661B9EDDE512BC9061CB4BC659B297E7D822BF8E68E5AAC9D23D"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9790
Expires: Mon, 19 Sep 2022 13:09:28 GMT
Date: Mon, 19 Sep 2022 10:26:18 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9e998cc5-16fd-41d0-80c4-f7b6ce93932c.jpeg
34.120.237.76200 OK 5.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9e998cc5-16fd-41d0-80c4-f7b6ce93932c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5b174f977a78acf5f28935f44cac702d
7deb4e0fc838bcfffb532ff1f92f4036b35571f2
7e87fe13d3127a1c8e89f72c1455349d9edcb89eeb2a9b103d191095ddc69751
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9e998cc5-16fd-41d0-80c4-f7b6ce93932c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5570
x-amzn-requestid: a20f5fb2-9c4a-4124-bc27-6b7cf99c5a73
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yn64FEKXoAMFbzw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63263e99-0edcfdf505c4467b31355e71;Sampled=0
x-amzn-remapped-date: Sat, 17 Sep 2022 21:39:38 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Jp6TEMqaAAIs3jUsysER2sqaEob7LrzeR0vwp5I-gWSZsPxaFW4Vlg==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 21:49:39 GMT
age: 45399
etag: "7deb4e0fc838bcfffb532ff1f92f4036b35571f2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
clksite.com/adServe/banners?tid=79283_127088_2&pause=5
173.192.101.24301 Moved Permanently 162 B URL HTTP/2 clksite.com/adServe/banners?tid=79283_127088_2&pause=5
IP 173.192.101.24:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /adServe/banners?tid=79283_127088_2&pause=5 HTTP/1.1
Host: clksite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gloriawebsterblog.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
server: nginx
date: Mon, 19 Sep 2022 10:26:18 GMT
content-type: text/html
content-length: 162
location: https://mybetterck.com/adServe/banners?tid=79283_127088_2&pause=5
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F779fe432-124a-4d1a-8abf-cfb5054b48fd.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F779fe432-124a-4d1a-8abf-cfb5054b48fd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 87bddc1f919e51c976d5377040861ea6
f5bf6c28f20414c7dd3ac1098defc46d3d68fd99
28541ca828b6358c8e6081e9f2022e7ad18a8adcb3df09a3fa079f32c08fcda6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F779fe432-124a-4d1a-8abf-cfb5054b48fd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10721
x-amzn-requestid: fadb4327-7392-42be-9167-16dd28876400
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YeIqeEg2IAMF-XA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632254a9-45261b545b58382717b63418;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 22:24:41 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 5nlB_PBHKyP0p9rF3pJiwnoiSXxYvRSVLDNPcg9x_2i-N04HaRH8fA==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 b13f158bdf9805ca47e07c0c35870c12.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Sep 2022 04:31:06 GMT
age: 21312
etag: "f5bf6c28f20414c7dd3ac1098defc46d3d68fd99"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F928a31e7-ade8-4c58-8c67-53db1e3d019e.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F928a31e7-ade8-4c58-8c67-53db1e3d019e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 65ee14de38a7fcd768ede2f1915c74e4
85119aaf7195d59efc55e36d026bd026060195aa
62569b46e8af692f1d95d707ffdca24075ff6c68e68e13159ab7798b30a7755b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F928a31e7-ade8-4c58-8c67-53db1e3d019e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11712
x-amzn-requestid: d4547112-6faa-472e-ade1-bbbda9c3bea4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YrOSTFiXIAMFiLA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632790db-151bae0c351a94a40c48bfbc;Sampled=0
x-amzn-remapped-date: Sun, 18 Sep 2022 21:42:51 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: uRrPwbwQ6oBOYhMmxs6YquvIEBKaAC51d98J_5MWYkh-Q8Qg1LVdiw==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 21:52:21 GMT
age: 45237
etag: "85119aaf7195d59efc55e36d026bd026060195aa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
pushsar.com/pfe/current/universal.min.js?v=3.1.394
139.45.197.251200 OK 47 kB URL HTTP/2 pushsar.com/pfe/current/universal.min.js?v=3.1.394
IP 139.45.197.251:0
Hash ce868411a771de19efff08db79233570
119bcc4e70d21000e761430ec1818baace7f2f62
b0949fad6669288f73072f3edffd3f08704b690788141b3e5d0d4cbaeffff685
GET /pfe/current/universal.min.js?v=3.1.394 HTTP/1.1
Host: pushsar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gloriawebsterblog.blogspot.com/
Origin: https://gloriawebsterblog.blogspot.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 10:26:17 GMT
content-type: application/javascript
last-modified: Fri, 16 Sep 2022 10:36:49 GMT
etag: W/"632451c1-1fafa"
access-control-allow-origin: https://gloriawebsterblog.blogspot.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e5b5676-18df-4d43-8bbd-b85ffe4f1a94.jpeg
34.120.237.76200 OK 5.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e5b5676-18df-4d43-8bbd-b85ffe4f1a94.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1105b56cf779b6df1cbd081bbd0cda50
58c5d6f8ba1d3236d788ac55ff7cb2ec7863fb5c
10c1f0433baf51e06565ff905688075aaba8fec0a8b3f9cef34168e297f94c2c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e5b5676-18df-4d43-8bbd-b85ffe4f1a94.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5866
x-amzn-requestid: 3a7db39d-cd4f-486f-954b-39fc7464706c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YrNeAE67IAMFSoQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63278f8c-66a419ac7fbd977f5f41061b;Sampled=0
x-amzn-remapped-date: Sun, 18 Sep 2022 21:37:16 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: TdVz72qdwMdsuW1WsOq1qEZk2vmbXJlbppLTTsZ9PlrmN7GEph0dyQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 21:51:43 GMT
age: 45275
etag: "58c5d6f8ba1d3236d788ac55ff7cb2ec7863fb5c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd6582596-5079-44f5-a869-65c8766f7d1a.jpeg
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd6582596-5079-44f5-a869-65c8766f7d1a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash da8b8819fc21dcfb224ce0e7ecdc6772
e460ad4376cd118a6fe8b6b050af9398117d9531
9d0cf5fe17040e6c494d1596c24f01501babff37c95caa47d048b5e1aefa7697
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd6582596-5079-44f5-a869-65c8766f7d1a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9901
x-amzn-requestid: e1792a3b-1893-48a6-8d01-463050259dc2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YiGMYE3IoAMFgvQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6323ea4f-42ab13411e65943538101b11;Sampled=0
x-amzn-remapped-date: Fri, 16 Sep 2022 03:15:27 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: XmcyJv7bahHB4wMjFmgvh2fEkJJYLPhRrISZ_DczSErdEQjXIxWUvg==
via: 1.1 0800f067ff646622f3e8e507cb9b52e8.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Sep 2022 03:58:21 GMT
age: 23277
etag: "e460ad4376cd118a6fe8b6b050af9398117d9531"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 56433b6932f28a949ac82fec1caa9e99
017c5a1ccc0f6e68fd60a9d0658c0526b81b4156
a6fe9208db3d30b3a81378a59aa588480ab2080c33f1d0921752c2dfdc76d1fd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 10:26:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://gloriawebsterblog.blogspot.com
Connection: keep-alive
Referer: https://gloriawebsterblog.blogspot.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 14 Sep 2022 19:34:08 GMT
expires: Thu, 14 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 399130
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/html/r20220914/r20190131/zrt_lookup.html
142.250.74.98200 OK 4.4 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/html/r20220914/r20190131/zrt_lookup.html
IP 142.250.74.98:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1731)
Hash 682bf699cccbc0ff817e1fcb7b95262a
11ad3edf0008f52b733c2d6d7199e1f052318d58
bd42f773d589f85cf6884d7893746d5d4e0c082f78e1c80511cf3aefa1c69a0f
GET /pagead/html/r20220914/r20190131/zrt_lookup.html HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gloriawebsterblog.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4420
x-xss-protection: 0
date: Mon, 19 Sep 2022 03:52:54 GMT
expires: Mon, 03 Oct 2022 03:52:54 GMT
cache-control: public, max-age=1209600
age: 23604
etag: 9671129459699598864
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.libble.de/bestanden2/html/199772/bg6.png/
141.95.47.168404 Not Found 6.8 kB URL HTTP/2 www.libble.de/bestanden2/html/199772/bg6.png/
IP 141.95.47.168:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF, LF line terminators
Hash 0280f46fa1051850e17f228a55b97bd3
d8aef1bf906c37e9cf3bf5fa2d88c2c6b6932bdf
090baab72ae855ac20602d29b72c95f726e0a6fa6d634d77a8ea579412626644
GET /bestanden2/html/199772/bg6.png/ HTTP/1.1
Host: www.libble.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gloriawebsterblog.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
cache-control: no-cache
content-type: text/html; charset=utf-8
server: Microsoft-IIS/10.0
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
date: Mon, 19 Sep 2022 10:26:19 GMT
content-length: 6818
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.163200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 17 Sep 2022 12:31:58 GMT
expires: Sun, 17 Sep 2023 12:31:58 GMT
cache-control: public, max-age=31536000
age: 165260
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxP.ttf
142.250.74.163200 OK 21 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxP.ttf
IP 142.250.74.163:0
File type TrueType Font data, 18 tables, 1st "GDEF", 8 names, Microsoft, language 0x409, Copyright 2011 Google Inc. All Rights Reserved.RobotoRegularVersion 2.137; 2017Roboto-Regularhtt\012- data
Hash 776741f74c745ce6e549befb01db1d6d
47cc22e349ebc7a35a8dd3c397924ed59493641b
784d79bd9a3bdfb3e6866567633309410f43631b42ce67a328ee5963fc9a6a0f
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxP.ttf HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
Origin: https://www.blogger.com
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 20776
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 14 Sep 2022 08:32:51 GMT
expires: Thu, 14 Sep 2023 08:32:51 GMT
cache-control: public, max-age=31536000
age: 438807
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/ttf
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 5cd63cb6d6ee0c229d42c30cea96385b
39b42291f5264020f2bb6f40bff517618aae0bcd
078d712d379fb57dce7db2075f83a1f4c65571e520f2cdbeccac3ddc008b05a4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 10:26:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash fd6f5d48a8eb6a76f7c699a235f6ed95
6dfe5af37fa0c7a6ed073d73d8be6e23ec4e1cc4
a7239c791a93ecf634d1afef2a09feae30f46decdbfa039403bd10394e444d56
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 10:26:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.com/adsid/integrator.js?domain=gloriawebsterblog.blogspot.com
142.250.74.66200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=gloriawebsterblog.blogspot.com
IP 142.250.74.66:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=gloriawebsterblog.blogspot.com HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gloriawebsterblog.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Mon, 19 Sep 2022 10:26:19 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
partner.googleadservices.com/gampad/cookie.js?domain=gloriawebsterblog.blogspot.com&callback=_gfp_s_&client=ca-pub-7358382177708738
172.217.21.162200 OK 201 B URL HTTP/2 partner.googleadservices.com/gampad/cookie.js?domain=gloriawebsterblog.blogspot.com&callback=_gfp_s_&client=ca-pub-7358382177708738
IP 172.217.21.162:0
File type ASCII text, with no line terminators
Hash c2413c9a523e6c5441bb47156472c2f4
8c1af5fad85595c60b8d062f4f8ad5360cf6daa9
383aead90379e2b903543d620daa14f2f2c57f99441198a508773e2bc2c54e7a
GET /gampad/cookie.js?domain=gloriawebsterblog.blogspot.com&callback=_gfp_s_&client=ca-pub-7358382177708738 HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gloriawebsterblog.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Mon, 19 Sep 2022 10:26:19 GMT
server: cafe
cache-control: private
content-length: 201
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.no/adsid/integrator.js?domain=gloriawebsterblog.blogspot.com
142.250.74.66200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=gloriawebsterblog.blogspot.com
IP 142.250.74.66:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=gloriawebsterblog.blogspot.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gloriawebsterblog.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Mon, 19 Sep 2022 10:26:19 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c7d20aa961a1a60534f23224d764adbf
84562370a8e1234d7241dc1101ca368867aa7bbd
3b320a81e9b4e543f6e0a5e3695951fcd810460faecf1cfaf3ac4476de4674f2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3B320A81E9B4E543F6E0A5E3695951FCD810460FAECF1CFAF3AC4476DE4674F2"
Last-Modified: Sat, 17 Sep 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11117
Expires: Mon, 19 Sep 2022 13:31:36 GMT
Date: Mon, 19 Sep 2022 10:26:19 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 5cd63cb6d6ee0c229d42c30cea96385b
39b42291f5264020f2bb6f40bff517618aae0bcd
078d712d379fb57dce7db2075f83a1f4c65571e520f2cdbeccac3ddc008b05a4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 10:26:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash fd6f5d48a8eb6a76f7c699a235f6ed95
6dfe5af37fa0c7a6ed073d73d8be6e23ec4e1cc4
a7239c791a93ecf634d1afef2a09feae30f46decdbfa039403bd10394e444d56
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 10:26:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lh3.googleusercontent.com/blogger_img_proxy/ANbyha3Vp_bRCr4tT08A0BJF9DlVrUhRAofTQP3weynNwFB73RlWwU3D6FRQ0vxtAvJoctwCrHPX5Y3EzGmw3AGdhW_iU1DKJiqDACDm571BfCXAoWOOZGd3CBBB4EBu5p3wVtmEH1MLud5OIbVsb5M_EQLZSUhqfZVbMkUdyNHj504yHucGfvrJRBKU0Bti9w=w100
142.250.74.1404 Not Found 1.8 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha3Vp_bRCr4tT08A0BJF9DlVrUhRAofTQP3weynNwFB73RlWwU3D6FRQ0vxtAvJoctwCrHPX5Y3EzGmw3AGdhW_iU1DKJiqDACDm571BfCXAoWOOZGd3CBBB4EBu5p3wVtmEH1MLud5OIbVsb5M_EQLZSUhqfZVbMkUdyNHj504yHucGfvrJRBKU0Bti9w=w100
IP 142.250.74.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1136)
Hash 6a0624b78dffb136f167712e264dd948
216f3aaf8cb7fe8468a55a511a49b2487e963735
3986c15176f2f0b12c2583dc5c97a9488ef4d098fc7c054987efb77550a307fc
GET /blogger_img_proxy/ANbyha3Vp_bRCr4tT08A0BJF9DlVrUhRAofTQP3weynNwFB73RlWwU3D6FRQ0vxtAvJoctwCrHPX5Y3EzGmw3AGdhW_iU1DKJiqDACDm571BfCXAoWOOZGd3CBBB4EBu5p3wVtmEH1MLud5OIbVsb5M_EQLZSUhqfZVbMkUdyNHj504yHucGfvrJRBKU0Bti9w=w100 HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gloriawebsterblog.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 19 Sep 2022 10:26:19 GMT
server: fife
content-length: 1778
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/blogger_img_proxy/ANbyha1Maf__ZgYLc1JdR2ZPWbNE4NhmKA0Gj923Gp2HpB1TXjfywvh1tRZOy2n5p9OfZOKcpCv303Bbl2NFAQRpNqnhH28g4HxS4tOhYb9lyDkz9Nx9takoRoyS1BSkufXUVyMP3ZYAvtwPUzrXWgE2r2cbn-yVTFaRGw=s0-d
142.250.74.1404 Not Found 1.8 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha1Maf__ZgYLc1JdR2ZPWbNE4NhmKA0Gj923Gp2HpB1TXjfywvh1tRZOy2n5p9OfZOKcpCv303Bbl2NFAQRpNqnhH28g4HxS4tOhYb9lyDkz9Nx9takoRoyS1BSkufXUVyMP3ZYAvtwPUzrXWgE2r2cbn-yVTFaRGw=s0-d
IP 142.250.74.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1136)
Hash b2429b2da63c2020670d4306ca78bfb3
9e0ae692c58a1237667d78395c6557f1508f8686
2fa22276bf8b234243fc6710e0cff9777da8e6f2fffe0c8bb587abbfa3a434fd
GET /blogger_img_proxy/ANbyha1Maf__ZgYLc1JdR2ZPWbNE4NhmKA0Gj923Gp2HpB1TXjfywvh1tRZOy2n5p9OfZOKcpCv303Bbl2NFAQRpNqnhH28g4HxS4tOhYb9lyDkz9Nx9takoRoyS1BSkufXUVyMP3ZYAvtwPUzrXWgE2r2cbn-yVTFaRGw=s0-d HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gloriawebsterblog.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 19 Sep 2022 10:26:19 GMT
server: fife
content-length: 1750
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash ef491d15a0bde5279fa4fc8b426a9941
efd17fcc768356192e7ff660ecf77b5ca845ef77
43b144675694707debd0125a8e2a0acbc2a53ab34e33df0071ae8f0a2d0bfc05
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 10:26:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
mybetterck.com/adServe/banners?tid=79283_127088_2&pause=5
108.168.193.189200 OK 32 kB URL HTTP/2 mybetterck.com/adServe/banners?tid=79283_127088_2&pause=5
IP 108.168.193.189:0
Hash 8d032b7042c268da9a78e2a7bf3465af
9537aa791c8f73981e8beed60428d82c4d870b8a
5b677d5d9a4e2d3386159313efde716a2e23d524334740abf1c6fdaed2717d0d
GET /adServe/banners?tid=79283_127088_2&pause=5 HTTP/1.1
Host: mybetterck.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gloriawebsterblog.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 10:26:18 GMT
content-type: text/javascript;charset=utf-8
vary: Accept-Encoding
cache-control: no-cache
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 4ee5c6443c11da4a5cf7ea801cd0c62f
e742a7ee1cbedf1a23a82361f3873dbc165f927c
e3682e49ed03efcf590a500154380807b54433f8344923e9017994bdf0d46924
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 10:26:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu
142.250.74.164200 OK 668 B URL HTTP/2 www.google.com/recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu
IP 142.250.74.164:0
File type ASCII text, with very long lines (1034), with no line terminators
Hash a885189cd9a522cfaaac98af1a03b512
a4045ce6f8d8e14582bb5245694d73b40da7f0f7
6afe80cbbc72285aa8f73e7d64bdeb755148410a8ec6c0eb13df255548ef17ad
GET /recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Mon, 19 Sep 2022 10:26:19 GMT
date: Mon, 19 Sep 2022 10:26:19 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 668
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash ef491d15a0bde5279fa4fc8b426a9941
efd17fcc768356192e7ff660ecf77b5ca845ef77
43b144675694707debd0125a8e2a0acbc2a53ab34e33df0071ae8f0a2d0bfc05
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 10:26:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
concernederase.com/ntv.json?key=3125a33b04387fdcde3ae56138391d25&vstc=4&uuid=c2e00114-b564-4b0c-a8f9-b12924b96be8%3A2%3A1&custom=%7B%22d37e3bc4%22%3A%22b%22%7D
192.243.61.227200 OK 17 kB URL HTTP/1.1 concernederase.com/ntv.json?key=3125a33b04387fdcde3ae56138391d25&vstc=4&uuid=c2e00114-b564-4b0c-a8f9-b12924b96be8%3A2%3A1&custom=%7B%22d37e3bc4%22%3A%22b%22%7D
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
File type JSON data\012- , ASCII text, with very long lines (17207), with no line terminators
Hash dc63a660c6cf9a037aee24f7852977e1
75c180c5c4af99fe7c6114dba4741858ed73c3a8
93a2ea72bd13e38ad07ecbaa819cb1471d4a61e7e5eb423b9cfabc558b7fc7e4
GET /ntv.json?key=3125a33b04387fdcde3ae56138391d25&vstc=4&uuid=c2e00114-b564-4b0c-a8f9-b12924b96be8%3A2%3A1&custom=%7B%22d37e3bc4%22%3A%22b%22%7D HTTP/1.1
Host: concernederase.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://gloriawebsterblog.blogspot.com
Connection: keep-alive
Referer: https://gloriawebsterblog.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Mon, 19 Sep 2022 10:26:19 GMT
Content-Type: application/json
Content-Length: 17207
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://gloriawebsterblog.blogspot.com
Access-Control-Allow-Origin: https://gloriawebsterblog.blogspot.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=15316554; expires=Tue, 20 Sep 2022 10:26:19 GMT; secure; SameSite=None
uid_id2=c2e00114-b564-4b0c-a8f9-b12924b96be8:2:1; expires=Mon, 26 Sep 2022 10:26:19 GMT; secure; SameSite=None
pdhtkv=true; expires=Tue, 20 Sep 2022 10:26:19 GMT; secure; SameSite=None
uncs=1; expires=Tue, 20 Sep 2022 10:26:19 GMT; secure; SameSite=None
pdhtkv49=true; expires=Tue, 20 Sep 2022 10:26:19 GMT; secure; SameSite=None
uncs49=1; expires=Tue, 20 Sep 2022 10:26:19 GMT; secure; SameSite=None
nlec3125a33b04387fdcde3ae56138391d25=[2106764,2229214,2229212,2229213]; expires=Mon, 19 Sep 2022 10:26:24 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 7d0428b31936043967705ad9385cb413
Strict-Transport-Security: max-age=0; includeSubdomains
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
216.58.211.10200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 216.58.211.10:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Mon, 19 Sep 2022 10:26:19 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/zmiYzsHi8INTJBWt2QZC9aM5/recaptcha__en.js
142.250.74.163200 OK 158 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/zmiYzsHi8INTJBWt2QZC9aM5/recaptcha__en.js
IP 142.250.74.163:0
File type ASCII text, with very long lines (581)
Size 158 kB (157726 bytes)
Hash 6519c7c04cf32a57b1c5ee45a73c233e
4939bb921988e9eb13780cc2244f3099776e9bfb
8352dd4e3e0fe82562cdc280c020fc31d2c6d054f7ead441a3b18de8ef04401b
GET /recaptcha/releases/zmiYzsHi8INTJBWt2QZC9aM5/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
Origin: https://www.blogger.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 157726
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 14 Sep 2022 05:37:29 GMT
expires: Thu, 14 Sep 2023 05:37:29 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 14 Sep 2022 00:24:01 GMT
content-type: text/javascript
age: 449330
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
216.58.211.10200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 216.58.211.10:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 454d54bd60bbb9773ec2a4835f0660e5
2b26c4cb5d2c78ba4d16b845a45540f437ec485b
0993f4c44455011cc7df29dc6b945649529d71f19c08d3c982a7d4b184985ad5
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Mon, 19 Sep 2022 10:26:19 GMT
server: ESF
cache-control: private
content-length: 30978
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 70f9595d3ff69b7cd89b24b56abdd7cc
09027fbaa6dfd33a97e836cd136c840f9ee763a2
44a5ee6a5a97426191dbbaf4e7a3d0ee154e1f192dd3c3cb3a11d74a702061eb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 10:26:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
yt3.ggpht.com/ytc/AMLnZu-ZNxsbf_TBpvIP9UQbu-aKqtuQ5bsOTSs9W0Ia=s68-c-k-c0x00ffffff-no-rj
142.250.74.161200 OK 2.2 kB URL HTTP/2 yt3.ggpht.com/ytc/AMLnZu-ZNxsbf_TBpvIP9UQbu-aKqtuQ5bsOTSs9W0Ia=s68-c-k-c0x00ffffff-no-rj
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 68x68, components 3\012- data
Hash 7b8cc0b5cf89c795418e71e4da519ba6
e9342608e0a5f8654439e4ecb608897b7b0535e5
571759aaf068ac32d24047270d4d8640236b0504748a96eaea58044ac559a6b1
GET /ytc/AMLnZu-ZNxsbf_TBpvIP9UQbu-aKqtuQ5bsOTSs9W0Ia=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v3e"
expires: Tue, 20 Sep 2022 10:26:19 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Mon, 19 Sep 2022 10:26:19 GMT
server: fife
content-length: 2209
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
i.ytimg.com/vi/VbkjyCKfoPk/hqdefault.jpg
142.250.74.54200 OK 10 kB URL HTTP/2 i.ytimg.com/vi/VbkjyCKfoPk/hqdefault.jpg
IP 142.250.74.54:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x360, components 3\012- data
Hash 73e80be07687bbffe4b5f30eca255cf8
f69b7eb7527c0087c36f8c8728f27ef2db974f80
539d7e7f63100c1ee1b77072254314d568723b14195fc1e20211670894393292
GET /vi/VbkjyCKfoPk/hqdefault.jpg HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/jpeg
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 10161
date: Mon, 19 Sep 2022 10:26:19 GMT
expires: Mon, 19 Sep 2022 12:26:19 GMT
cache-control: public, max-age=7200
etag: "0"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 70f9595d3ff69b7cd89b24b56abdd7cc
09027fbaa6dfd33a97e836cd136c840f9ee763a2
44a5ee6a5a97426191dbbaf4e7a3d0ee154e1f192dd3c3cb3a11d74a702061eb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 10:26:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 38e7657af6b426db96e62cd44eeac911
b4d04a3abfd994a7eec215cbf57a08f060cea29d
24b0ee3343ba885318db8e2fc0bdbb63bad3c1bd81c09042c21a5aa93db98487
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1015
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 10:26:19 GMT
Last-Modified: Mon, 19 Sep 2022 10:09:24 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
connect.facebook.net/en_US/sdk.js
157.240.200.14200 OK 1.7 kB URL HTTP/2 connect.facebook.net/en_US/sdk.js
IP 157.240.200.14:0
File type ASCII text, with very long lines (1961)
Hash bfe40f5c8c882542e4dca0664c0ab5de
7a77db303e33efbb9fc7ac8f5ca0b60498c6dd78
1f6f91dce061dc030fc956f6ecec9630fa2986c878129dcca1aecbe57dc28c13
GET /en_US/sdk.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gloriawebsterblog.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 1ca40d27bce0167b721992754c0e9f98
etag: "d087712b380812c7fd98ca0576e56ea7"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Mon, 19 Sep 2022 10:33:57 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: v+QPXIyIJULk3KBmTAq13g==
x-fb-debug: Dlu6qhC0YXlg4FIs0hD3cJwOY+iOw/PxkGo4/V9jNKdzzGnsEQ6WYpCdTMxSoxQ5fe2KMQNSON1vL/0wJaDQMQ==
content-length: 1687
x-fb-trip-id: 1679558926
date: Mon, 19 Sep 2022 10:26:19 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6d6ffcd34ebb9c5735324c443c4f6c1c
05f11f097726b8c635078be3230646ef1dfc5c3f
8b0a865aeb8bc0c51bb6d8695f769c62dfa91a0ba1119d551ef13f384fa3034f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8B0A865AEB8BC0C51BB6D8695F769C62DFA91A0BA1119D551EF13F384FA3034F"
Last-Modified: Fri, 16 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8309
Expires: Mon, 19 Sep 2022 12:44:48 GMT
Date: Mon, 19 Sep 2022 10:26:19 GMT
Connection: keep-alive
p79283.mycdn.co/banners/script/ui_tag_143-0.js
151.139.128.11200 OK 66 kB URL HTTP/2 p79283.mycdn.co/banners/script/ui_tag_143-0.js
IP 151.139.128.11:0
File type ASCII text, with very long lines (1632)
Hash 797eb25f42a10ba24ac7c66f236ccf1f
c0f82cca4ed826633c1b062fccd247dee8172de7
b77fbc2b0a7902a4de275889bf3efc9d28df62d513ea5ef54f0e95c68b30a7f3
GET /banners/script/ui_tag_143-0.js HTTP/1.1
Host: p79283.mycdn.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gloriawebsterblog.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 19 Sep 2022 10:26:19 GMT
content-encoding: gzip
content-length: 66518
content-type: application/javascript
last-modified: Sun, 05 Dec 2021 08:29:13 GMT
accept-ranges: bytes
server: nginx
etag: W/"61ac7859-48cdf"
cache-control: max-age=172800
x-hw: 1663583179.cds012.sk1.hn,1663583179.cds255.sk1.c
X-Firefox-Spdy: h2
p79283.mycdn.co/banners/bounce/bounce-tag_80.2-1.js
151.139.128.11200 OK 18 kB URL HTTP/2 p79283.mycdn.co/banners/bounce/bounce-tag_80.2-1.js
IP 151.139.128.11:0
File type ASCII text, with very long lines (47097)
Hash 3c50756d4811b2134a5753ad4bff7535
d3927bff2e0de7fe55f3ad4670109a4cd18dd436
2ca9a059be99fff8e6616e04dc20f4d35e06cc5812eea9abcc9e717ad6dd1ca1
GET /banners/bounce/bounce-tag_80.2-1.js HTTP/1.1
Host: p79283.mycdn.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gloriawebsterblog.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 10:26:19 GMT
etag: "1561375996"
content-encoding: gzip
content-length: 17978
content-type: application/javascript
last-modified: Mon, 24 Jun 2019 11:33:16 GMT
accept-ranges: bytes
server: nginx
cache-control: max-age=172800
x-hw: 1663583179.cds012.sk1.hn,1663583179.cds242.sk1.c
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 38e7657af6b426db96e62cd44eeac911
b4d04a3abfd994a7eec215cbf57a08f060cea29d
24b0ee3343ba885318db8e2fc0bdbb63bad3c1bd81c09042c21a5aa93db98487
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1015
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 10:26:19 GMT
Last-Modified: Mon, 19 Sep 2022 10:09:24 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
www.gstatic.com/recaptcha/releases/zmiYzsHi8INTJBWt2QZC9aM5/recaptcha__en.js
142.250.74.163200 OK 158 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/zmiYzsHi8INTJBWt2QZC9aM5/recaptcha__en.js
IP 142.250.74.163:0
File type ASCII text, with very long lines (581)
Size 158 kB (157726 bytes)
Hash 6519c7c04cf32a57b1c5ee45a73c233e
4939bb921988e9eb13780cc2244f3099776e9bfb
8352dd4e3e0fe82562cdc280c020fc31d2c6d054f7ead441a3b18de8ef04401b
GET /recaptcha/releases/zmiYzsHi8INTJBWt2QZC9aM5/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 157726
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 14 Sep 2022 05:37:29 GMT
expires: Thu, 14 Sep 2023 05:37:29 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 14 Sep 2022 00:24:01 GMT
content-type: text/javascript
age: 449330
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
s10.histats.com/js15_as.js
46.105.201.240200 OK 4.4 kB URL HTTP/2 s10.histats.com/js15_as.js
IP 46.105.201.240:0
File type HTML document, ASCII text, with very long lines (11440), with no line terminators
Hash ed192092c129db6123a3397855f42619
067e9b8e26cf6246eb84c6b9cf3da0c192ce7b3e
998fff486a7fb38b6ed445edc36c9b317b70950cd39efcf4012ca641312fcee1
GET /js15_as.js HTTP/1.1
Host: s10.histats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gloriawebsterblog.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 19 Sep 2022 10:25:34 GMT
etag: "-375139978"
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
x-request-id: 271287705
content-type: text/javascript
content-encoding: br
x-cdn-pop: rbx1
x-cdn-pop-ip: 51.254.41.128/25
x-cacheable: Matched cache
accept-ranges: bytes
content-length: 4364
X-Firefox-Spdy: h2
pbs.twimg.com/profile_images/682983821696983040/fdd5RT8K_400x400.jpg
151.101.84.159404 Not Found 0 B URL HTTP/2 pbs.twimg.com/profile_images/682983821696983040/fdd5RT8K_400x400.jpg
IP 151.101.84.159:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /profile_images/682983821696983040/fdd5RT8K_400x400.jpg HTTP/1.1
Host: pbs.twimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gloriawebsterblog.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
cache-control: max-age=3600, must-revalidate
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
strict-transport-security: max-age=631138519
access-control-allow-origin: *
access-control-expose-headers: Content-Length
x-content-type-options: nosniff
content-type: image/jpeg
accept-ranges: bytes
date: Mon, 19 Sep 2022 10:26:19 GMT
x-cache: MISS, MISS
x-tw-cdn: FT
x-served-by: cache-lhr7364-LHR, cache-bma1656-BMA, cache-tw-ZZZ1
server-timing: x-cache;desc=MISS, x-tw-cdn;desc=FT
content-length: 0
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/api2/logo_48.png
142.250.74.163200 OK 2.2 kB URL HTTP/2 www.gstatic.com/recaptcha/api2/logo_48.png
IP 142.250.74.163:0
File type PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash ef9941290c50cd3866e2ba6b793f010d
4736508c795667dcea21f8d864233031223b7832
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
GET /recaptcha/api2/logo_48.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gstatic.com/recaptcha/releases/zmiYzsHi8INTJBWt2QZC9aM5/styles__ltr.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 2228
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 12 Sep 2022 20:02:15 GMT
expires: Mon, 19 Sep 2022 20:02:15 GMT
cache-control: public, max-age=604800
age: 570245
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 16 Sep 2022 00:48:31 GMT
expires: Sat, 16 Sep 2023 00:48:31 GMT
cache-control: public, max-age=31536000
age: 293869
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
p79283.mycdn.co/uicomp/styles/dist/143-0/it-ui-comp-37.css
151.139.128.11200 OK 4.3 kB URL HTTP/2 p79283.mycdn.co/uicomp/styles/dist/143-0/it-ui-comp-37.css
IP 151.139.128.11:0
File type ASCII text, with very long lines (24042), with no line terminators
Hash 0b6679d2787e40f2af3e9df77e308861
9bfdd1105489174391bb6f8b766c2ae8b99efd70
b5f486fe7d1f52e773696468c9248008b54b1567563c5529a3dbdee01a72b6ee
GET /uicomp/styles/dist/143-0/it-ui-comp-37.css HTTP/1.1
Host: p79283.mycdn.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gloriawebsterblog.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 10:26:20 GMT
content-encoding: gzip
content-length: 4285
content-type: text/css
last-modified: Sun, 05 Dec 2021 13:57:51 GMT
accept-ranges: bytes
server: nginx
etag: W/"61acc55f-5dea"
cache-control: max-age=315360000
x-hw: 1663583180.cds012.sk1.hn,1663583180.cds237.sk1.c
X-Firefox-Spdy: h2
connect.facebook.net/en_US/sdk.js?hash=c732fd12b27855bdd25a96ab5a872740
157.240.200.14200 OK 89 kB URL HTTP/2 connect.facebook.net/en_US/sdk.js?hash=c732fd12b27855bdd25a96ab5a872740
IP 157.240.200.14:0
File type ASCII text, with very long lines (18602)
Hash ba964ff2ccf6af4eb6d23a2235a8d152
93d35f080a87defed85364b63ae4e1dcccaba604
da279934809643b452e7e003c92acd0d6fd71fa61dd59a8bfabb2f4bf461dd02
GET /en_US/sdk.js?hash=c732fd12b27855bdd25a96ab5a872740 HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://gloriawebsterblog.blogspot.com
Connection: keep-alive
Referer: https://gloriawebsterblog.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: dafc8a2d8b5c305a5a762f9ecd82794a
etag: "ca042f756b74bb3281310aeb5bb39312"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Tue, 19 Sep 2023 08:27:26 GMT
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: upZP8sz2r0620joiNajRUg==
x-fb-debug: 9pIANPFYZfs+DCGPrW4MtnDaqva7dByC/v79V3j5hj0do4r1n/PDeg4aHDsS+m1uEMTbDYy43IrTpWzzNWEYyw==
content-length: 88690
x-fb-trip-id: 1679558926
date: Mon, 19 Sep 2022 10:26:20 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
p0.mycdn.co/script/rhpop_80.2-1.js
151.139.128.11200 OK 66 kB URL HTTP/2 p0.mycdn.co/script/rhpop_80.2-1.js
IP 151.139.128.11:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 09e3c9fd728bd70195df4959e1939318
48a3bf31ac94a8953fbac35fe24429627a4dfdc6
1646395d33527884fa33bee0fe7217e079a4905c2c34332e4195a144e5d8e248
GET /script/rhpop_80.2-1.js HTTP/1.1
Host: p0.mycdn.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gloriawebsterblog.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 10:26:20 GMT
content-encoding: gzip
content-length: 65719
content-type: application/javascript
last-modified: Mon, 24 Jun 2019 11:33:16 GMT
accept-ranges: bytes
server: nginx
etag: W/"5d10b4fc-2b75b"
cache-control: max-age=172800
x-hw: 1663583180.cds012.sk1.hn,1663583180.cds260.sk1.c
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1dda2f509b35096bdf9b6e1cc1da591d
66b905dc8cb287116baf729c8257e9bc4818a893
e689276fc859ff5caf4c891494eec2dc26e67743edb4ae0518a2f2c39e233e0e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E689276FC859FF5CAF4C891494EEC2DC26E67743EDB4AE0518A2F2C39E233E0E"
Last-Modified: Sun, 18 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3518
Expires: Mon, 19 Sep 2022 11:24:58 GMT
Date: Mon, 19 Sep 2022 10:26:20 GMT
Connection: keep-alive
banquetunarmedgrater.com/advertisers.js
173.233.137.44200 OK 0 B URL HTTP/1.1 banquetunarmedgrater.com/advertisers.js
IP 173.233.137.44:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /advertisers.js HTTP/1.1
Host: banquetunarmedgrater.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gloriawebsterblog.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 19 Sep 2022 10:26:20 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: db2f3cb6bde33b1900594cac2ea9fb57
Strict-Transport-Security: max-age=0; includeSubdomains
p79283.mycdn.co/uicomp/styles/dist/143-0/it-banner-frame.css
151.139.128.11200 OK 677 B URL HTTP/2 p79283.mycdn.co/uicomp/styles/dist/143-0/it-banner-frame.css
IP 151.139.128.11:0
File type ASCII text, with very long lines (2136), with no line terminators
Hash fa17ea81a636e40076e7686b07c1a81e
a99b3ee96dcff98c7a745bdcdcd07ff5828657bd
6dfcfbd0b066d800e83028c8a3b60e48377cb8b78437817fe9dfc022ee286a99
GET /uicomp/styles/dist/143-0/it-banner-frame.css HTTP/1.1
Host: p79283.mycdn.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 10:26:20 GMT
content-encoding: gzip
content-length: 677
content-type: text/css
last-modified: Sun, 05 Dec 2021 08:51:43 GMT
accept-ranges: bytes
server: nginx
etag: W/"61ac7d9f-858"
cache-control: max-age=315360000
x-hw: 1663583180.cds012.sk1.hn,1663583180.cds066.sk1.c
X-Firefox-Spdy: h2
s4.histats.com/stats/0.php?4398274&@f16&@g1&@h1&@i1&@j1663583160752&@k0&@l1&@mThermostat%20Studio%20Dmv%20Gks%202005&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:171029124&@b3:1663583161&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fgloriawebsterblog.blogspot.com%2F2013%2F07%2Fthermostat-studio-dmv-gks-2005.html&@w
192.99.8.28200 OK 50 B URL HTTP/1.1 s4.histats.com/stats/0.php?4398274&@f16&@g1&@h1&@i1&@j1663583160752&@k0&@l1&@mThermostat%20Studio%20Dmv%20Gks%202005&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:171029124&@b3:1663583161&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fgloriawebsterblog.blogspot.com%2F2013%2F07%2Fthermostat-studio-dmv-gks-2005.html&@w
IP 192.99.8.28:0
File type ASCII text, with no line terminators
Hash f04b355c694e52794f315d90ef09a1d9
9d960f0f2df3d72e7245276f0da77c164a312103
09395b138a66a7a0d1fdd2ea65c1b46efc7c209ec14591aaa6ca8509fc99df24
GET /stats/0.php?4398274&@f16&@g1&@h1&@i1&@j1663583160752&@k0&@l1&@mThermostat%20Studio%20Dmv%20Gks%202005&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:171029124&@b3:1663583161&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fgloriawebsterblog.blogspot.com%2F2013%2F07%2Fthermostat-studio-dmv-gks-2005.html&@w HTTP/1.1
Host: s4.histats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gloriawebsterblog.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 19 Sep 2022 10:26:20 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 50
Connection: close
s4.histats.com/stats/0.php?3293280&@f16&@g1&@h1&@i1&@j1663583160752&@k0&@l1&@mThermostat%20Studio%20Dmv%20Gks%202005&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:193043156&@b3:1663583161&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fgloriawebsterblog.blogspot.com%2F2013%2F07%2Fthermostat-studio-dmv-gks-2005.html&@w
192.99.8.28200 OK 50 B URL HTTP/1.1 s4.histats.com/stats/0.php?3293280&@f16&@g1&@h1&@i1&@j1663583160752&@k0&@l1&@mThermostat%20Studio%20Dmv%20Gks%202005&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:193043156&@b3:1663583161&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fgloriawebsterblog.blogspot.com%2F2013%2F07%2Fthermostat-studio-dmv-gks-2005.html&@w
IP 192.99.8.28:0
File type ASCII text, with no line terminators
Hash 03143113b1e0d0b733bdf18f180b78f3
db05ecdbc113a0147a6fc8ca5ce26116b6ce18b5
f9b09db7af09c979ccd90f4d1131b28d9b6c1da7f28d218f0e1d1b14ea7267bf
GET /stats/0.php?3293280&@f16&@g1&@h1&@i1&@j1663583160752&@k0&@l1&@mThermostat%20Studio%20Dmv%20Gks%202005&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:193043156&@b3:1663583161&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fgloriawebsterblog.blogspot.com%2F2013%2F07%2Fthermostat-studio-dmv-gks-2005.html&@w HTTP/1.1
Host: s4.histats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gloriawebsterblog.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 19 Sep 2022 10:26:20 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 50
Connection: close
mybetterck.com/adServe/banners/findBanner?num=1&keyword=%0A%20%0A%20%0A%20Car%20Wikipedia%2C%20the%20free%20encyclopedia.%20Thermostat%3B%20Water%20cooling%3B%20Viscous%20f&tid=79283_127088_20&type=js&ar=b&ts=c&ito=https%3A%2F%2Fp79283.mycdn.co&bs=37&referrer=https%3A%2F%2Fgloriawebsterblog.blogspot.com%2F2013%2F07%2Fthermostat-studio-dmv-gks-2005.html&ap=cmp%3DBANNER%26evp%3DHFz5zNIIs96fzq49jFkHXcQzYObQGwwUVnopfaBNrCxELL9wagvQXCIRjYyEzAIc%26sjv%3D143.1%26ctid%3D0%26th%3D939%26tw%3D1280%26inco%3D0%26tip%3DThermostat%2520Studio%2520Dmv%2520Gks%25202005&pid=79283&popeye=bXg9bnVsbCZteT1udWxsJmN4PW51bGwmY3k9bnVsbCZ3PTEyODAmaD05MzkmYz0xJnM9MSZ0PTEmaT0wJm89MCZzb19mYj0tMSZzb19nbz0tMSZzb19ncD0tMSZzb190dz0tMSZzcD0wMDAwMDAwMDAwMDAxMDAwMDAwMDAwMCZtbV9tbj0wJm1tX2FzPTAmbW1fYWQ9MCZtbV9tdD0wJm1tX3NjPTAmbW1fc2RjPTAmbmNycz0xNg%3D%3D&olive=1&callback=ITC64ao3w8146r
108.168.193.189200 OK 9.0 kB URL HTTP/2 mybetterck.com/adServe/banners/findBanner?num=1&keyword=%0A%20%0A%20%0A%20Car%20Wikipedia%2C%20the%20free%20encyclopedia.%20Thermostat%3B%20Water%20cooling%3B%20Viscous%20f&tid=79283_127088_20&type=js&ar=b&ts=c&ito=https%3A%2F%2Fp79283.mycdn.co&bs=37&referrer=https%3A%2F%2Fgloriawebsterblog.blogspot.com%2F2013%2F07%2Fthermostat-studio-dmv-gks-2005.html&ap=cmp%3DBANNER%26evp%3DHFz5zNIIs96fzq49jFkHXcQzYObQGwwUVnopfaBNrCxELL9wagvQXCIRjYyEzAIc%26sjv%3D143.1%26ctid%3D0%26th%3D939%26tw%3D1280%26inco%3D0%26tip%3DThermostat%2520Studio%2520Dmv%2520Gks%25202005&pid=79283&popeye=bXg9bnVsbCZteT1udWxsJmN4PW51bGwmY3k9bnVsbCZ3PTEyODAmaD05MzkmYz0xJnM9MSZ0PTEmaT0wJm89MCZzb19mYj0tMSZzb19nbz0tMSZzb19ncD0tMSZzb190dz0tMSZzcD0wMDAwMDAwMDAwMDAxMDAwMDAwMDAwMCZtbV9tbj0wJm1tX2FzPTAmbW1fYWQ9MCZtbV9tdD0wJm1tX3NjPTAmbW1fc2RjPTAmbmNycz0xNg%3D%3D&olive=1&callback=ITC64ao3w8146r
IP 108.168.193.189:0
Hash 64eb54b316e5db34212f068f8fb131c6
4158eb3cee142c825d6839a5904fd87edb79ba6b
be9a97bd9e8fe05b8967059630b714c2b2ef5439ba7315c6cc992a6edb13f9d1
GET /adServe/banners/findBanner?num=1&keyword=%0A%20%0A%20%0A%20Car%20Wikipedia%2C%20the%20free%20encyclopedia.%20Thermostat%3B%20Water%20cooling%3B%20Viscous%20f&tid=79283_127088_20&type=js&ar=b&ts=c&ito=https%3A%2F%2Fp79283.mycdn.co&bs=37&referrer=https%3A%2F%2Fgloriawebsterblog.blogspot.com%2F2013%2F07%2Fthermostat-studio-dmv-gks-2005.html&ap=cmp%3DBANNER%26evp%3DHFz5zNIIs96fzq49jFkHXcQzYObQGwwUVnopfaBNrCxELL9wagvQXCIRjYyEzAIc%26sjv%3D143.1%26ctid%3D0%26th%3D939%26tw%3D1280%26inco%3D0%26tip%3DThermostat%2520Studio%2520Dmv%2520Gks%25202005&pid=79283&popeye=bXg9bnVsbCZteT1udWxsJmN4PW51bGwmY3k9bnVsbCZ3PTEyODAmaD05MzkmYz0xJnM9MSZ0PTEmaT0wJm89MCZzb19mYj0tMSZzb19nbz0tMSZzb19ncD0tMSZzb190dz0tMSZzcD0wMDAwMDAwMDAwMDAxMDAwMDAwMDAwMCZtbV9tbj0wJm1tX2FzPTAmbW1fYWQ9MCZtbV9tdD0wJm1tX3NjPTAmbW1fc2RjPTAmbmNycz0xNg%3D%3D&olive=1&callback=ITC64ao3w8146r HTTP/1.1
Host: mybetterck.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gloriawebsterblog.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 10:26:20 GMT
content-type: text/javascript;charset=utf-8
vary: Accept-Encoding
cache-control: no-cache
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
set-cookie: rhid=82047757069; Max-Age=15552000; Expires=Sat, 18-Mar-2023 10:26:20 GMT; Domain=mybetterck.com; Path=/; SameSite=None; secure;
capdata=377567s.1_1663583180; Max-Age=86400; Expires=Tue, 20-Sep-2022 10:26:20 GMT; Domain=mybetterck.com; Path=/adServe; SameSite=None; secure;
content-encoding: gzip
X-Firefox-Spdy: h2
pushsar.com/custom
139.45.197.251200 OK 39 B IP 139.45.197.251:0
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Analyzer Verdict Alert fortinet Malware
POST /custom HTTP/1.1
Host: pushsar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gloriawebsterblog.blogspot.com/
Content-Type: application/json
Origin: https://gloriawebsterblog.blogspot.com
Content-Length: 801
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 10:26:20 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 251d0540da2caa2c04cfcf5ff6437c68
access-control-allow-origin: https://gloriawebsterblog.blogspot.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
www.zuhausewohnen.de/sites/zhw/files/styles/620x413/public/images/richtiges-fach-kuehlschrank.jpg
35.156.39.203301 Moved Permanently 162 B URL HTTP/1.1 www.zuhausewohnen.de/sites/zhw/files/styles/620x413/public/images/richtiges-fach-kuehlschrank.jpg
IP 35.156.39.203:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /sites/zhw/files/styles/620x413/public/images/richtiges-fach-kuehlschrank.jpg HTTP/1.1
Host: www.zuhausewohnen.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 19 Sep 2022 10:14:22 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://www.zuhausewohnen.de/sites/zhw/files/styles/620x413/public/images/richtiges-fach-kuehlschrank.jpg
pushsar.com/pfe/current/defaultSkin.min.js
139.45.197.251200 OK 20 kB URL HTTP/2 pushsar.com/pfe/current/defaultSkin.min.js
IP 139.45.197.251:0
Hash b5f73c5913645a72fe81601db698b837
df5d753a4eb1f7dcb212d74b6eb002125ae2f8be
0fad9e66ea6592cef55038e805b4cf54ee6864c5d78582c1a9c6445439466aa3
GET /pfe/current/defaultSkin.min.js HTTP/1.1
Host: pushsar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gloriawebsterblog.blogspot.com/
Origin: https://gloriawebsterblog.blogspot.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 10:26:20 GMT
content-type: application/javascript
last-modified: Fri, 16 Sep 2022 10:36:49 GMT
etag: W/"632451c1-df63"
access-control-allow-origin: https://gloriawebsterblog.blogspot.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
www.mediadeal.de/images/products/thumb4/img_26507_3.jpg
185.39.221.37301 Moved Permanently 271 B URL HTTP/1.1 www.mediadeal.de/images/products/thumb4/img_26507_3.jpg
IP 185.39.221.37:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash cfe4030b74f3763d31bfb1c38d78e1bc
fb95bb88057208a9a1ef844842c51195f69b9b71
2f7cae02d575cb71ee0378ec10d2ef8bb946f8ae8a8c2f122084ab9ef4e2ae4c
GET /images/products/thumb4/img_26507_3.jpg HTTP/1.1
Host: www.mediadeal.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Date: Mon, 19 Sep 2022 10:26:20 GMT
Server: Apache
Location: https://www.mediadeal.de/images/products/thumb4/img_26507_3.jpg
Content-Length: 271
Keep-Alive: timeout=5, max=250
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
www.photoscala.de/grafik/2008/Foron-MyPhoto.jpg
78.46.9.47301 Moved Permanently 330 B URL HTTP/1.1 www.photoscala.de/grafik/2008/Foron-MyPhoto.jpg
IP 78.46.9.47:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a2fc01e863d36e8b7d4eec5a5935fae2
dffbed536ac1864415b63e8cf560f572d0256fd5
5f8d860297096d9ac657da9363898d09063fe7fab1c5ed92e0b9c1d40a659579
GET /grafik/2008/Foron-MyPhoto.jpg HTTP/1.1
Host: www.photoscala.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Date: Mon, 19 Sep 2022 10:26:20 GMT
Server: Apache
Location: https://www.photoscala.de/grafik/2008/Foron-MyPhoto.jpg
Cache-Control: max-age=0
Expires: Mon, 19 Sep 2022 10:26:20 GMT
Content-Length: 330
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
www.modelvita.com/wp-content/uploads/import/254538-1_org.jpg
136.243.165.14301 Moved Permanently 343 B URL HTTP/1.1 www.modelvita.com/wp-content/uploads/import/254538-1_org.jpg
IP 136.243.165.14:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 2055f7ff75432a26346ad0751f2b3363
fbf45281611884199e4183c7e071154e10a8caef
03ae255cb2d6049abddeefae4834ba843bb25c490063bdb8020a910ab72fdcb5
GET /wp-content/uploads/import/254538-1_org.jpg HTTP/1.1
Host: www.modelvita.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Date: Mon, 19 Sep 2022 10:26:20 GMT
Server: Apache
Location: https://www.modelvita.com/wp-content/uploads/import/254538-1_org.jpg
Content-Length: 343
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
www.kaufsignal.ch/images/gallery/Bilder%252520Produktbeschreibungen/Bauknecht%252520K%2525C3%2525BChlschr%2525C3%2525A4nke/Bauknecht%2525200-Grad-Zone.png
3.120.50.105404 Not Found 123 B URL HTTP/1.1 www.kaufsignal.ch/images/gallery/Bilder%252520Produktbeschreibungen/Bauknecht%252520K%2525C3%2525BChlschr%2525C3%2525A4nke/Bauknecht%2525200-Grad-Zone.png
IP 3.120.50.105:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash c728bf241d9141b8d3100ae5140e09c5
07f0da1bdfadd0354b090781f1e3264ac22b6c39
34f3447a0b669f7c583609861bd783e8940b379cf642df02901cee86233a355a
GET /images/gallery/Bilder%252520Produktbeschreibungen/Bauknecht%252520K%2525C3%2525BChlschr%2525C3%2525A4nke/Bauknecht%2525200-Grad-Zone.png HTTP/1.1
Host: www.kaufsignal.ch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 404 Not Found
Server: nginx
Date: Mon, 19 Sep 2022 10:26:20 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding, Accept-Encoding
Content-Encoding: gzip
www.lax-online.de/images/zoom/993327.jpg
35.246.193.161301 Moved Permanently 339 B URL HTTP/1.1 www.lax-online.de/images/zoom/993327.jpg
IP 35.246.193.161:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash b83f4f25e2a59efd20ecc03130062ebb
f599920db0b1a005c29e8331c8f8eba456e8e14e
d232f6b8d11db58f98727f2c98830dedf114220c6391ba9991ba262af61825c7
GET /images/zoom/993327.jpg HTTP/1.1
Host: www.lax-online.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Date: Mon, 19 Sep 2022 10:26:20 GMT
Server: Apache/2.4.29 (Ubuntu)
Location: https://www.lax-online.de/images/zoom/993327.jpg
Content-Length: 339
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
www.moebelmarkt.de/typo3temp/pics/27983_bild_4_foron_by_ardo_8d5a1cd1c2.jpg
136.243.127.152301 Moved Permanently 359 B URL HTTP/1.1 www.moebelmarkt.de/typo3temp/pics/27983_bild_4_foron_by_ardo_8d5a1cd1c2.jpg
IP 136.243.127.152:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash fe2954f205030665ff703ea5c71a8b1f
69caee67d8bda541f0cdffa1c42d93abb9ebfd53
f17fb2f4417040e470620bbc03c36d6f5a18e313160356d4265e9ff194408554
GET /typo3temp/pics/27983_bild_4_foron_by_ardo_8d5a1cd1c2.jpg HTTP/1.1
Host: www.moebelmarkt.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Date: Mon, 19 Sep 2022 10:26:20 GMT
Server: Apache
Location: https://www.moebelmarkt.de/typo3temp/pics/27983_bild_4_foron_by_ardo_8d5a1cd1c2.jpg
Cache-Control: max-age=0
Expires: Mon, 19 Sep 2022 10:26:20 GMT
Content-Length: 359
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash 9158e5a2f351d3a20cf126f4532d10fa
a96f1fbbc4c168f950d3a2962fd34606c8387a4c
814837c92cf69c22a3dd645201b89781a95613c365ab1c1320ec561607a74d4e
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 19 Sep 2022 10:26:20 GMT
Last-Modified: Mon, 19 Sep 2022 09:00:49 GMT
Server: ECS (dcb/7EC9)
X-Cache: Miss from cloudfront
Via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: RJsCMwjeh8_5y3nLiNWcMZfZML-33HDA_1JMFrMug0_gPWo6KVDFfA==
Age: 5131
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e9645643e1a43d77b51841592522035e
f68948762b7c3e69fab5f71bf690f77b6cd76155
aa340c2215536bc9f307bd8c245f43b792f19dd5ee4b528621054ea8bcac9ca3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AA340C2215536BC9F307BD8C245F43B792F19DD5EE4B528621054EA8BCAC9CA3"
Last-Modified: Sun, 18 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6703
Expires: Mon, 19 Sep 2022 12:18:03 GMT
Date: Mon, 19 Sep 2022 10:26:20 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e9645643e1a43d77b51841592522035e
f68948762b7c3e69fab5f71bf690f77b6cd76155
aa340c2215536bc9f307bd8c245f43b792f19dd5ee4b528621054ea8bcac9ca3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AA340C2215536BC9F307BD8C245F43B792F19DD5EE4B528621054EA8BCAC9CA3"
Last-Modified: Sun, 18 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6703
Expires: Mon, 19 Sep 2022 12:18:03 GMT
Date: Mon, 19 Sep 2022 10:26:20 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e9645643e1a43d77b51841592522035e
f68948762b7c3e69fab5f71bf690f77b6cd76155
aa340c2215536bc9f307bd8c245f43b792f19dd5ee4b528621054ea8bcac9ca3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AA340C2215536BC9F307BD8C245F43B792F19DD5EE4B528621054EA8BCAC9CA3"
Last-Modified: Sun, 18 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6703
Expires: Mon, 19 Sep 2022 12:18:03 GMT
Date: Mon, 19 Sep 2022 10:26:20 GMT
Connection: keep-alive
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash be6e7ea10513e3ec45fd44fcf3daae91
97c8131c72ade43750177807660949b812467a9c
6e4aabc2e9923230ba6abee05aa938d6a59cf0f5224dd04e2af924c87c93b421
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 19 Sep 2022 10:26:20 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 19 Sep 2022 09:26:12 GMT
Expires: Mon, 26 Sep 2022 09:26:11 GMT
Etag: "97c8131c72ade43750177807660949b812467a9c"
Cache-Control: max-age=600590,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74d19f605caeb523-OSL
concernederase.com/65/aa/28/65aa283021630dfd9030555c4c61a78c.js
192.243.61.227200 OK 29 kB URL HTTP/1.1 concernederase.com/65/aa/28/65aa283021630dfd9030555c4c61a78c.js
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (65536), with no line terminators
Hash 9083dda87c3718a887d5a498c08c8153
0d5b8315ec49ba7b8fc336b63a75222b8841c699
5b7e9a47bcb838e7764107fcf1684ff1823be7323d0ad6e3b9da68e372214634
GET /65/aa/28/65aa283021630dfd9030555c4c61a78c.js HTTP/1.1
Host: concernederase.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gloriawebsterblog.blogspot.com/
Cookie: u_pl=15316554; uid_id2=c2e00114-b564-4b0c-a8f9-b12924b96be8:2:1; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1; nlec3125a33b04387fdcde3ae56138391d25=[2106764,2229214,2229212,2229213]
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Mon, 19 Sep 2022 10:26:20 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 82f5638b831a41510af74e7b91d94b23
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
cdn.cloudimagesb.com/cti/28/5d/66/285d66474f8eb1391e6c869128c7a3ea/1628587131.jpg
45.133.44.9200 OK 29 kB URL HTTP/2 cdn.cloudimagesb.com/cti/28/5d/66/285d66474f8eb1391e6c869128c7a3ea/1628587131.jpg
IP 45.133.44.9:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 320x240, components 3\012- data
Hash 76f54f42b70d14a6d6bfe2f8b1945265
197daa3737be8968bf39ff28000663c1c17deeb2
c864fde3026e05a2cc34b4348fa4888d3ae44202179277877d082cadd9971abc
GET /cti/28/5d/66/285d66474f8eb1391e6c869128c7a3ea/1628587131.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gloriawebsterblog.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 19 Sep 2022 10:26:20 GMT
content-type: image/jpeg
content-length: 28852
server: nginx/1.17.6
last-modified: Tue, 10 Aug 2021 09:18:59 GMT
etag: "61124483-70b4"
expires: Wed, 21 Sep 2022 10:26:20 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
ecx.images-amazon.com/images/I/41TFwH1MkcL._SX342_.jpg
143.204.46.75200 OK 6.7 kB URL HTTP/1.1 ecx.images-amazon.com/images/I/41TFwH1MkcL._SX342_.jpg
IP 143.204.46.75:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 342x312, components 3\012- data
Hash 627fb89eb5f9121852824e2b3d23f664
dea0c0ab0ff35733913dc3e5057546aff66093cb
899a6bc7fb1586b36b36b655c4f086cfffe87e2b57bc9311b8c961a2ccba773e
GET /images/I/41TFwH1MkcL._SX342_.jpg HTTP/1.1
Host: ecx.images-amazon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 6727
Connection: keep-alive
Server: Server
Date: Mon, 19 Sep 2022 10:26:20 GMT
X-Amz-IR-Id: e3f2ef73-a780-4680-a81b-5cbba2174c3a
Expires: Sun, 14 Sep 2042 10:26:20 GMT
Cache-Control: max-age=630720000,public
Surrogate-key: x-cache-966 /images/I/41TFwH1MkcL
Timing-Allow-Origin: https://www.amazon.in, https://www.amazon.com
Edge-Cache-Tag: x-cache-966,/images/I/41TFwH1MkcL
Access-Control-Allow-Origin: *
Last-Modified: Fri, 08 Mar 2013 13:32:13 GMT
X-Nginx-Cache-Status: MISS
Accept-Ranges: bytes
X-Cache: Miss from cloudfront
Via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 7Q_hvUX4YSUzAr7ENDMw1EYTrbdLMzD6vc0PvH0aJVi_IjhHeDyr_Q==
cdn.cloudimagesb.com/cti/29/eb/08/29eb08c32bad57ff8c8e14af3a16e9c1/1628586955.jpg
45.133.44.9200 OK 23 kB URL HTTP/2 cdn.cloudimagesb.com/cti/29/eb/08/29eb08c32bad57ff8c8e14af3a16e9c1/1628586955.jpg
IP 45.133.44.9:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 320x240, components 3\012- data
Hash 4452445afb73fab8af9ff308eb667024
130401c47d822426e1cce9981c30d775cba1b576
923b0ac505decd181f473f1fa460f21590777993c3581723f127b032d8c45bdd
GET /cti/29/eb/08/29eb08c32bad57ff8c8e14af3a16e9c1/1628586955.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gloriawebsterblog.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 19 Sep 2022 10:26:20 GMT
content-type: image/jpeg
content-length: 22987
server: nginx/1.17.6
last-modified: Tue, 10 Aug 2021 09:16:05 GMT
etag: "611243d5-59cb"
expires: Wed, 21 Sep 2022 10:26:20 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash be6e7ea10513e3ec45fd44fcf3daae91
97c8131c72ade43750177807660949b812467a9c
6e4aabc2e9923230ba6abee05aa938d6a59cf0f5224dd04e2af924c87c93b421
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 19 Sep 2022 10:26:20 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 19 Sep 2022 09:26:12 GMT
Expires: Mon, 26 Sep 2022 09:26:11 GMT
Etag: "97c8131c72ade43750177807660949b812467a9c"
Cache-Control: max-age=600590,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74d19f604d41b51d-OSL
cdn.cloudimagesb.com/cti/5d/60/ed/5d60edea793259cd719bfa3d19bcae3e/1628587069.jpg
45.133.44.9200 OK 28 kB URL HTTP/2 cdn.cloudimagesb.com/cti/5d/60/ed/5d60edea793259cd719bfa3d19bcae3e/1628587069.jpg
IP 45.133.44.9:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 321x240, components 3\012- data
Hash f4fabf64be47ce667e0cfc150667b36c
234d722efa06cbedfdad9c1bb497a942997741dd
272b7875492a55c6f53a4e4704e715cc5b3cc4e5093758cbfedd95441bfe98d8
GET /cti/5d/60/ed/5d60edea793259cd719bfa3d19bcae3e/1628587069.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gloriawebsterblog.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 19 Sep 2022 10:26:20 GMT
content-type: image/jpeg
content-length: 27606
server: nginx/1.17.6
last-modified: Tue, 10 Aug 2021 09:17:59 GMT
etag: "61124447-6bd6"
expires: Wed, 21 Sep 2022 10:26:20 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.cloudimagesb.com/cti/51/bb/80/51bb807c8b914e3cc08eace2b0587473/1628586935.jpg
45.133.44.9200 OK 30 kB URL HTTP/2 cdn.cloudimagesb.com/cti/51/bb/80/51bb807c8b914e3cc08eace2b0587473/1628586935.jpg
IP 45.133.44.9:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 320x240, components 3\012- data
Hash a87779ccaaa4021b0b4f33812742679a
87322480f885dc0b6463c182b7bdb3eb60ab2592
a8f8dbc930527f94496d5a9883b6034e27a673090a89b518596d6e2b656df96f
GET /cti/51/bb/80/51bb807c8b914e3cc08eace2b0587473/1628586935.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gloriawebsterblog.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 19 Sep 2022 10:26:20 GMT
content-type: image/jpeg
content-length: 30127
server: nginx/1.17.6
last-modified: Tue, 10 Aug 2021 09:15:44 GMT
etag: "611243c0-75af"
expires: Wed, 21 Sep 2022 10:26:20 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash eed36599724b02c61736ef5cebf3040b
aaa01755f0e96615159e0880b9d2e9c7dbe54a0c
017e0bc6c0ca49c88b0e21e1bf3be45c4c83974dc4ba5d90b6057310a5ff8fce
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 10:26:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.produkte24.com/images/catalogs/4154/333_20601.jpg
64.6.97.88200 OK 12 kB URL HTTP/1.1 www.produkte24.com/images/catalogs/4154/333_20601.jpg
IP 64.6.97.88:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 333x236, components 3\012- data
Hash 07751fdc2daa105bb533387ec45cc513
6e23997d879700234fdf391524d707dbf9b47ca8
ff9bb4bab9398856f061fa09a81c68480d789d8bd549a6f223b0c2fcd28c77ca
GET /images/catalogs/4154/333_20601.jpg HTTP/1.1
Host: www.produkte24.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Date: Mon, 19 Sep 2022 10:26:20 GMT
Server: Apache/2
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Wed, 04 Mar 2009 02:56:27 GMT
ETag: "3064-4644232a2ecc0"
Accept-Ranges: bytes
Content-Length: 12388
Keep-Alive: timeout=2, max=100
Content-Type: image/jpeg
www.gorenjeks.com/imagelib/source/gorenje_pristina/banner_011.jpg
195.246.15.53403 Forbidden 199 B URL HTTP/1.1 www.gorenjeks.com/imagelib/source/gorenje_pristina/banner_011.jpg
IP 195.246.15.53:0
ASN #6764 PERFTECH, podjetje za proizvodnjo in uvajanje novih tehnologij, d.o.o.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash bb8f534fbff5ee61a95af9c4740ae043
832e403d42aac1fec93e4f602338544d3fd2e4f1
5b13fb5957b84ef7bb9d0b6cd509c947ff6a37d67efdac2b896ddd3b908aad10
GET /imagelib/source/gorenje_pristina/banner_011.jpg HTTP/1.1
Host: www.gorenjeks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 403 Forbidden
Date: Mon, 19 Sep 2022 10:26:21 GMT
Server: Apache
Content-Length: 199
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
www.kuechen-atlas.de/img/content/tn/sl/4/b/f/37942/vitafresh-zone-kuehlschrank-von-siemens-mit-0-grad-zone.jpg
46.254.142.160200 OK 24 kB URL HTTP/2 www.kuechen-atlas.de/img/content/tn/sl/4/b/f/37942/vitafresh-zone-kuehlschrank-von-siemens-mit-0-grad-zone.jpg
IP 46.254.142.160:0
ASN #51483 SaSG GmbH & Co. KG
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", progressive, precision 8, 400x533, components 3\012- data
Hash 19a3ed77fae4c691a25b49f4816485f0
f8c46a3a768e72451e77fe2b6f772383e9c3d9f9
6e48e24754768a99a192b0246486ebabff87abb60b4804c5df7e46f6bacb64fb
GET /img/content/tn/sl/4/b/f/37942/vitafresh-zone-kuehlschrank-von-siemens-mit-0-grad-zone.jpg HTTP/1.1
Host: www.kuechen-atlas.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gloriawebsterblog.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 10:26:21 GMT
content-type: image/jpeg
content-length: 23735
last-modified: Mon, 31 Aug 2015 09:57:26 GMT
etag: "5cb7-51e9875eecd80"
accept-ranges: bytes
cache-control: must-revalidate, public, max-age=2878400
expires: Fri, 18 Nov 2022 10:26:20 GMT
lt-servername: www.www.kuechen-atlas.de
X-Firefox-Spdy: h2
www.kuechen-atlas.de/img/content/tn/814f0965b351a5a5632ed3cf1ee904f7.jpg
46.254.142.160200 OK 46 kB URL HTTP/2 www.kuechen-atlas.de/img/content/tn/814f0965b351a5a5632ed3cf1ee904f7.jpg
IP 46.254.142.160:0
ASN #51483 SaSG GmbH & Co. KG
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 337x507, components 3\012- data
Hash 3cbb6093b16f4db012116cba67e4a700
97ba06c39705c12e61ac2c0051fa64becc5ae7d6
033d607e397d634f7d9f4b3c0ad8dc92dce2701945ef448bc51bf57645521ec5
GET /img/content/tn/814f0965b351a5a5632ed3cf1ee904f7.jpg HTTP/1.1
Host: www.kuechen-atlas.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gloriawebsterblog.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 10:26:21 GMT
content-type: image/jpeg
content-length: 45575
last-modified: Wed, 09 Dec 2015 14:17:16 GMT
etag: "b207-52677bf4cd300"
accept-ranges: bytes
cache-control: must-revalidate, public, max-age=2878400
expires: Fri, 18 Nov 2022 10:26:21 GMT
lt-servername: www.www.kuechen-atlas.de
X-Firefox-Spdy: h2
tpc.googlesyndication.com/sodar/sodar2.js
142.250.74.33200 OK 6.4 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2.js
IP 142.250.74.33:0
File type ASCII text, with very long lines (1321)
Hash ac906814ed812c4ecdbb624a3bd2f6c3
8e4547eaffaa66a1ee61b36028dbcd7091d0e7de
8ab8cef6156022c4547455defd8252b48b6bcb8b734072849345bb99758705fe
GET /sodar/sodar2.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gloriawebsterblog.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 6386
date: Mon, 19 Sep 2022 10:26:21 GMT
expires: Mon, 19 Sep 2022 10:26:21 GMT
cache-control: private, max-age=3000
etag: "1637097310169751"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 58fa70c00a09095366d22146133729a3
ea1e5c92234236924dc7e8badb47749744af97e8
d3ac9af2ec141d4374cad940246c7c9889dd43497b19041c269c25b589ba58d1
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 19 Sep 2022 10:26:21 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 18 Sep 2022 21:19:54 GMT
Expires: Sun, 25 Sep 2022 21:19:53 GMT
Etag: "ea1e5c92234236924dc7e8badb47749744af97e8"
Cache-Control: max-age=557011,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74d19f618e15b523-OSL
concernederase.com/ren.gif?sid=H4sIAAAAAAAC%2F1SSPYwbRRTHZ%2B9cICgQkAYphYUABYlzdnbttU2KiCQcCoQkSkDQofmyb7jZndXMrte5KiESSkHhggaqvb%2FzASGKoKEAESFfJISuiruTyPWpkRAlsjlx8Ir3Mf9X%2FPSf99l2uU9ClGzvzHt2SxvDjndaYfPYR5SeaJ7TWTlujnvJx0n7RNON3ugnrfC15ttKbNrjUUjDkIa0ua6dGtjx8YUInd%2Fr01Y%2FbLWjFu20MXb%2Fn30ZwLMAcrRPnoeW88bD4Ai0mCFLvzuj%2FGZh89ffSkvDCuswknc%2ByDYzW2VID9uBCzDI7hxsw%2FpH6w9gs1tLXNjRv4tcz0nw6wPw7M4BJPjo5pKTG6gMXD6DajSDMjNoNoOw16HlIwIIifMXkKW3z1tXsSv%2FqGyhzknjzz%2BgqzlpPD6CLL1%2Fyuhx87I1ZaFt5jEe1NDjGfRwhrzcQbG1Al3tQBSfQkuCLK2h5d7LIlJhSGl7jXeS9lqbh2KN9Qb9NU6jftTm%2FYSr3tIYrWfQgxmMmoD5FZQ%2BQKkDlIMAZR4glXtNQSnthlKwsNcXIpZdxRMZUtYdUEbDpIdSLNgnKPIJhJlAuKvI3bWvZdxVMRftbY5NPYErf4HfqOFlAF8QjGSNShFUnqBiBJUmqAqCalTfksZHvr4tjS85PajRQY3rqS2G2%2ByWLYYqI9v5Pnlu6d2TH97BptprxjTqsDjmYTvudQdSSBUz1Ulo3Iv7VEYdeF1D%2BxUwH2BLz8kLmCDXc7Ly0yo424E3OxD6KFhJwappNwrBNqbtXoit7EcvbFHIVAzVhlItbuzQ57ZoCZtC2hp50UBxJdg2%2B%2BTFJVXzlc%2BhxO7Ju0fvPUVffQLhauSuxif6IcHQ3JheshW5eclWnnx%2FIS90qrfY4rcvF6xQq3ffVVcq6%2BTZM37yzZtiISzae%2B8rX5xjmdTZ0JNvT2kplVu3Tijy81n%2FoeIXS79xqnRZmZ%2B7eHr9bJo75b222QxMP7rwF4Sek8a1B8szfnZ%2BH9rN4MoaablLDgLa7kDkV%2BHzQ3pvV%2BHM4Q7PA1RlPXURP3w0msCow5nxGv4%2FMz%2Fst%2F0NDF0EVlxfXu%2FI1RiZGsxM4Munp0Xudk%2F%2B9uUivgI3jSk3rnGTG2e%2BWFo7Jy%2Bt7i%2FS74v0GF7vNbtxHLKk36HdLlNd3o56g4RKxqJ2EiUJi1H4uTh2evdvAAAA%2F%2F8BAAD%2F%2F5wdhNqgBAAA
192.243.61.227200 OK 7 B URL HTTP/1.1 concernederase.com/ren.gif?sid=H4sIAAAAAAAC%2F1SSPYwbRRTHZ%2B9cICgQkAYphYUABYlzdnbttU2KiCQcCoQkSkDQofmyb7jZndXMrte5KiESSkHhggaqvb%2FzASGKoKEAESFfJISuiruTyPWpkRAlsjlx8Ir3Mf9X%2FPSf99l2uU9ClGzvzHt2SxvDjndaYfPYR5SeaJ7TWTlujnvJx0n7RNON3ugnrfC15ttKbNrjUUjDkIa0ua6dGtjx8YUInd%2Fr01Y%2FbLWjFu20MXb%2Fn30ZwLMAcrRPnoeW88bD4Ai0mCFLvzuj%2FGZh89ffSkvDCuswknc%2ByDYzW2VID9uBCzDI7hxsw%2FpH6w9gs1tLXNjRv4tcz0nw6wPw7M4BJPjo5pKTG6gMXD6DajSDMjNoNoOw16HlIwIIifMXkKW3z1tXsSv%2FqGyhzknjzz%2BgqzlpPD6CLL1%2Fyuhx87I1ZaFt5jEe1NDjGfRwhrzcQbG1Al3tQBSfQkuCLK2h5d7LIlJhSGl7jXeS9lqbh2KN9Qb9NU6jftTm%2FYSr3tIYrWfQgxmMmoD5FZQ%2BQKkDlIMAZR4glXtNQSnthlKwsNcXIpZdxRMZUtYdUEbDpIdSLNgnKPIJhJlAuKvI3bWvZdxVMRftbY5NPYErf4HfqOFlAF8QjGSNShFUnqBiBJUmqAqCalTfksZHvr4tjS85PajRQY3rqS2G2%2ByWLYYqI9v5Pnlu6d2TH97BptprxjTqsDjmYTvudQdSSBUz1Ulo3Iv7VEYdeF1D%2BxUwH2BLz8kLmCDXc7Ly0yo424E3OxD6KFhJwappNwrBNqbtXoit7EcvbFHIVAzVhlItbuzQ57ZoCZtC2hp50UBxJdg2%2B%2BTFJVXzlc%2BhxO7Ju0fvPUVffQLhauSuxif6IcHQ3JheshW5eclWnnx%2FIS90qrfY4rcvF6xQq3ffVVcq6%2BTZM37yzZtiISzae%2B8rX5xjmdTZ0JNvT2kplVu3Tijy81n%2FoeIXS79xqnRZmZ%2B7eHr9bJo75b222QxMP7rwF4Sek8a1B8szfnZ%2BH9rN4MoaablLDgLa7kDkV%2BHzQ3pvV%2BHM4Q7PA1RlPXURP3w0msCow5nxGv4%2FMz%2Fst%2F0NDF0EVlxfXu%2FI1RiZGsxM4Munp0Xudk%2F%2B9uUivgI3jSk3rnGTG2e%2BWFo7Jy%2Bt7i%2FS74v0GF7vNbtxHLKk36HdLlNd3o56g4RKxqJ2EiUJi1H4uTh2evdvAAAA%2F%2F8BAAD%2F%2F5wdhNqgBAAA
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
GET /ren.gif?sid=H4sIAAAAAAAC%2F1SSPYwbRRTHZ%2B9cICgQkAYphYUABYlzdnbttU2KiCQcCoQkSkDQofmyb7jZndXMrte5KiESSkHhggaqvb%2FzASGKoKEAESFfJISuiruTyPWpkRAlsjlx8Ir3Mf9X%2FPSf99l2uU9ClGzvzHt2SxvDjndaYfPYR5SeaJ7TWTlujnvJx0n7RNON3ugnrfC15ttKbNrjUUjDkIa0ua6dGtjx8YUInd%2Fr01Y%2FbLWjFu20MXb%2Fn30ZwLMAcrRPnoeW88bD4Ai0mCFLvzuj%2FGZh89ffSkvDCuswknc%2ByDYzW2VID9uBCzDI7hxsw%2FpH6w9gs1tLXNjRv4tcz0nw6wPw7M4BJPjo5pKTG6gMXD6DajSDMjNoNoOw16HlIwIIifMXkKW3z1tXsSv%2FqGyhzknjzz%2BgqzlpPD6CLL1%2Fyuhx87I1ZaFt5jEe1NDjGfRwhrzcQbG1Al3tQBSfQkuCLK2h5d7LIlJhSGl7jXeS9lqbh2KN9Qb9NU6jftTm%2FYSr3tIYrWfQgxmMmoD5FZQ%2BQKkDlIMAZR4glXtNQSnthlKwsNcXIpZdxRMZUtYdUEbDpIdSLNgnKPIJhJlAuKvI3bWvZdxVMRftbY5NPYErf4HfqOFlAF8QjGSNShFUnqBiBJUmqAqCalTfksZHvr4tjS85PajRQY3rqS2G2%2ByWLYYqI9v5Pnlu6d2TH97BptprxjTqsDjmYTvudQdSSBUz1Ulo3Iv7VEYdeF1D%2BxUwH2BLz8kLmCDXc7Ly0yo424E3OxD6KFhJwappNwrBNqbtXoit7EcvbFHIVAzVhlItbuzQ57ZoCZtC2hp50UBxJdg2%2B%2BTFJVXzlc%2BhxO7Ju0fvPUVffQLhauSuxif6IcHQ3JheshW5eclWnnx%2FIS90qrfY4rcvF6xQq3ffVVcq6%2BTZM37yzZtiISzae%2B8rX5xjmdTZ0JNvT2kplVu3Tijy81n%2FoeIXS79xqnRZmZ%2B7eHr9bJo75b222QxMP7rwF4Sek8a1B8szfnZ%2BH9rN4MoaablLDgLa7kDkV%2BHzQ3pvV%2BHM4Q7PA1RlPXURP3w0msCow5nxGv4%2FMz%2Fst%2F0NDF0EVlxfXu%2FI1RiZGsxM4Munp0Xudk%2F%2B9uUivgI3jSk3rnGTG2e%2BWFo7Jy%2Bt7i%2FS74v0GF7vNbtxHLKk36HdLlNd3o56g4RKxqJ2EiUJi1H4uTh2evdvAAAA%2F%2F8BAAD%2F%2F5wdhNqgBAAA HTTP/1.1
Host: concernederase.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gloriawebsterblog.blogspot.com/
Cookie: u_pl=15316554; uid_id2=c2e00114-b564-4b0c-a8f9-b12924b96be8:2:1; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1; nlec3125a33b04387fdcde3ae56138391d25=[2106764,2229214,2229212,2229213]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Mon, 19 Sep 2022 10:26:21 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 3c6683eadbaaea2aad680c9547e9e9dd
Strict-Transport-Security: max-age=0; includeSubdomains
www.zuhausewohnen.de/sites/zhw/files/styles/620x413/public/images/richtiges-fach-kuehlschrank.jpg
35.156.39.203301 Moved Permanently 162 B URL HTTP/2 www.zuhausewohnen.de/sites/zhw/files/styles/620x413/public/images/richtiges-fach-kuehlschrank.jpg
IP 35.156.39.203:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /sites/zhw/files/styles/620x413/public/images/richtiges-fach-kuehlschrank.jpg HTTP/1.1
Host: www.zuhausewohnen.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Mon, 19 Sep 2022 10:14:22 GMT
content-type: text/html
content-length: 162
location: https://zuhausewohnen.de/sites/zhw/files/styles/620x413/public/images/richtiges-fach-kuehlschrank.jpg
X-Firefox-Spdy: h2
cdn.daa.net/images/kuechengeraete/liebherr-biofresh-kuehlschrank_ICBN3356.jpg
143.204.55.36200 OK 90 kB URL HTTP/2 cdn.daa.net/images/kuechengeraete/liebherr-biofresh-kuehlschrank_ICBN3356.jpg
IP 143.204.55.36:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 429x1000, components 3\012- data
Hash 9ba2d5ae66fbdd378dabddded178b894
2f6508200ec7cc8457595c9549aad7b0ced44c8a
046dacbcc28513e1d605e23782f395548e272fdb46ce2d8ffa00d03f31862cff
GET /images/kuechengeraete/liebherr-biofresh-kuehlschrank_ICBN3356.jpg HTTP/1.1
Host: cdn.daa.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gloriawebsterblog.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/jpeg
content-length: 89898
date: Mon, 19 Sep 2022 10:26:21 GMT
last-modified: Tue, 26 Jan 2016 11:46:24 GMT
etag: "9ba2d5ae66fbdd378dabddded178b894"
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: qn5otdIPBuWEmSofZG92mk1CLzvb_Q4VJyNU5sU-wMlKpsg3WXzB9A==
X-Firefox-Spdy: h2
status.thawte.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 241bdefc3076e1944477613ffb4668cb
5cf36f7aac6c3bb4999c005c08571e86cb84754f
ba17713a88788e80c68d13b0e6aaf9f0495fb8b734ce3a342f7eec920738f1ec
POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2980
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 10:26:21 GMT
Last-Modified: Mon, 19 Sep 2022 09:36:41 GMT
Server: ECS (amb/6B9C)
X-Cache: HIT
Content-Length: 471
pushsar.com/custom
139.45.197.251200 OK 39 B IP 139.45.197.251:0
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Analyzer Verdict Alert fortinet Malware
POST /custom HTTP/1.1
Host: pushsar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gloriawebsterblog.blogspot.com/
Content-Type: application/json
Origin: https://gloriawebsterblog.blogspot.com
Content-Length: 437
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 10:26:21 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 311b1ebdeedf9e88862dc544dbb9a45a
access-control-allow-origin: https://gloriawebsterblog.blogspot.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
concernederase.com/ren.gif?sid=H4sIAAAAAAAC%2F1SSPYwbxRvGx3cu%2FvrT8JEGKYWFAAWJc3Z212ubFBFJOBQISZSAoEPzZd9wszurmV2vc1VCpCgFhQsaqPYe5wNChKChABEhXySEThRxdxK5PjUSokQ2Jw7e4v2Y5y1%2Beua9sV3ukwAl2zvzjt3SxrDjnXbQOvYBpSda53RWjlvjXvJhEp9oudFr%2FaQdvNJ6U4lNezwMaBDQgLbWtVMDOz6%2BEKHz%2B33a7gftOGzTToyx%2B%2B%2FsywY8a0CO9smz0HLefNg4Ai1myNJvzii%2FWdj81TfS0rDCOozk3feyzcxWGdLDduAaGGR3D7Zh%2FaP1B7DZ7SUu7OifRa7npPHzA%2FDs7gEk%2BOjWkpMbqAxcPoVqNIMyM2g2g7DXoeUjAgiJ8xeQpXfOW1exK3%2BrbKHOSfOP36GrOWk%2BPoIs%2FfqU0ePWZWvKQtvMYzyooccz6OEMebmDYmsFutqBKD6GlgRZWkPLvRdFqIKA0niNd5J4LeaBWGO9QX%2BN07AfxryfcNVbGqP1DHowg1ETML%2BC0jdQ6gbKQQNl3kAq91qCUtoNpGBBry9EJLuKJzKgrDugjAZJD6VYsE9Q5BMIM4FwV5G7a1%2FIqKsiLuJtjk09gSt%2Fgt%2Bo4WUDviAYyRqVIqg8QcUIKk1QFQTVqL4tjQ99fUcaX3J6UMODGtVTWwy32W1bDFVGtvN98szSuyffvYVNtdeKaNhhUcSDOOp1B1JIFTHVSWjUi%2FpUhh14XUP7FTDfwJaek%2BcwQa7nZOWHVXC2A292IPRRsJKCVdNuGIBtTONegK3sey9sUchUDNWGUm1u7NDntmgLm0LaGnnRRHGlsW32yfNLqhdW96HE7sl7R%2B%2F%2Fj778BMLVyF2Nj%2FRDgqG5Ob1kK3Lrkq08%2BfZCXuhUb7HFb18uWKFW772trlTWybNn%2FOTL18VCWLT331W%2BOMcyqbOhJ1%2Bd0lIqt26dUOTHs%2F59xS%2BWfuNU6bIyP3fx9PrZNHfKe22zGZh%2BdOFPCD0nzWsPlmf89K83oN0MrqyRlrvkIKDtDkR%2BFT4%2FpPd2Fc4c7vB8BVVZT13IDx%2BNJjDqcGa8hv%2FXzA%2F7bX8TQxeCFdeX1ztyNUamBjMT%2BPL%2F0yJ3uyd%2F%2BWwRn4Ob5pQb17zFjTOfzknrpU%2BW%2Fi7Sb4v0GF7vtbpRFLCk36HdLlNdHoe9QUIlY2GchEnCIhR%2BLo6d3v0LAAD%2F%2FwEAAP%2F%2F%2BPr%2FUaAEAAA%3D
192.243.61.227200 OK 7 B URL HTTP/1.1 concernederase.com/ren.gif?sid=H4sIAAAAAAAC%2F1SSPYwbxRvGx3cu%2FvrT8JEGKYWFAAWJc3Z212ubFBFJOBQISZSAoEPzZd9wszurmV2vc1VCpCgFhQsaqPYe5wNChKChABEhXySEThRxdxK5PjUSokQ2Jw7e4v2Y5y1%2Beua9sV3ukwAl2zvzjt3SxrDjnXbQOvYBpSda53RWjlvjXvJhEp9oudFr%2FaQdvNJ6U4lNezwMaBDQgLbWtVMDOz6%2BEKHz%2B33a7gftOGzTToyx%2B%2B%2FsywY8a0CO9smz0HLefNg4Ai1myNJvzii%2FWdj81TfS0rDCOozk3feyzcxWGdLDduAaGGR3D7Zh%2FaP1B7DZ7SUu7OifRa7npPHzA%2FDs7gEk%2BOjWkpMbqAxcPoVqNIMyM2g2g7DXoeUjAgiJ8xeQpXfOW1exK3%2BrbKHOSfOP36GrOWk%2BPoIs%2FfqU0ePWZWvKQtvMYzyooccz6OEMebmDYmsFutqBKD6GlgRZWkPLvRdFqIKA0niNd5J4LeaBWGO9QX%2BN07AfxryfcNVbGqP1DHowg1ETML%2BC0jdQ6gbKQQNl3kAq91qCUtoNpGBBry9EJLuKJzKgrDugjAZJD6VYsE9Q5BMIM4FwV5G7a1%2FIqKsiLuJtjk09gSt%2Fgt%2Bo4WUDviAYyRqVIqg8QcUIKk1QFQTVqL4tjQ99fUcaX3J6UMODGtVTWwy32W1bDFVGtvN98szSuyffvYVNtdeKaNhhUcSDOOp1B1JIFTHVSWjUi%2FpUhh14XUP7FTDfwJaek%2BcwQa7nZOWHVXC2A292IPRRsJKCVdNuGIBtTONegK3sey9sUchUDNWGUm1u7NDntmgLm0LaGnnRRHGlsW32yfNLqhdW96HE7sl7R%2B%2F%2Fj778BMLVyF2Nj%2FRDgqG5Ob1kK3Lrkq08%2BfZCXuhUb7HFb18uWKFW772trlTWybNn%2FOTL18VCWLT331W%2BOMcyqbOhJ1%2Bd0lIqt26dUOTHs%2F59xS%2BWfuNU6bIyP3fx9PrZNHfKe22zGZh%2BdOFPCD0nzWsPlmf89K83oN0MrqyRlrvkIKDtDkR%2BFT4%2FpPd2Fc4c7vB8BVVZT13IDx%2BNJjDqcGa8hv%2FXzA%2F7bX8TQxeCFdeX1ztyNUamBjMT%2BPL%2F0yJ3uyd%2F%2BWwRn4Ob5pQb17zFjTOfzknrpU%2BW%2Fi7Sb4v0GF7vtbpRFLCk36HdLlNdHoe9QUIlY2GchEnCIhR%2BLo6d3v0LAAD%2F%2FwEAAP%2F%2F%2BPr%2FUaAEAAA%3D
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
GET /ren.gif?sid=H4sIAAAAAAAC%2F1SSPYwbxRvGx3cu%2FvrT8JEGKYWFAAWJc3Z212ubFBFJOBQISZSAoEPzZd9wszurmV2vc1VCpCgFhQsaqPYe5wNChKChABEhXySEThRxdxK5PjUSokQ2Jw7e4v2Y5y1%2Beua9sV3ukwAl2zvzjt3SxrDjnXbQOvYBpSda53RWjlvjXvJhEp9oudFr%2FaQdvNJ6U4lNezwMaBDQgLbWtVMDOz6%2BEKHz%2B33a7gftOGzTToyx%2B%2B%2FsywY8a0CO9smz0HLefNg4Ai1myNJvzii%2FWdj81TfS0rDCOozk3feyzcxWGdLDduAaGGR3D7Zh%2FaP1B7DZ7SUu7OifRa7npPHzA%2FDs7gEk%2BOjWkpMbqAxcPoVqNIMyM2g2g7DXoeUjAgiJ8xeQpXfOW1exK3%2BrbKHOSfOP36GrOWk%2BPoIs%2FfqU0ePWZWvKQtvMYzyooccz6OEMebmDYmsFutqBKD6GlgRZWkPLvRdFqIKA0niNd5J4LeaBWGO9QX%2BN07AfxryfcNVbGqP1DHowg1ETML%2BC0jdQ6gbKQQNl3kAq91qCUtoNpGBBry9EJLuKJzKgrDugjAZJD6VYsE9Q5BMIM4FwV5G7a1%2FIqKsiLuJtjk09gSt%2Fgt%2Bo4WUDviAYyRqVIqg8QcUIKk1QFQTVqL4tjQ99fUcaX3J6UMODGtVTWwy32W1bDFVGtvN98szSuyffvYVNtdeKaNhhUcSDOOp1B1JIFTHVSWjUi%2FpUhh14XUP7FTDfwJaek%2BcwQa7nZOWHVXC2A292IPRRsJKCVdNuGIBtTONegK3sey9sUchUDNWGUm1u7NDntmgLm0LaGnnRRHGlsW32yfNLqhdW96HE7sl7R%2B%2F%2Fj778BMLVyF2Nj%2FRDgqG5Ob1kK3Lrkq08%2BfZCXuhUb7HFb18uWKFW772trlTWybNn%2FOTL18VCWLT331W%2BOMcyqbOhJ1%2Bd0lIqt26dUOTHs%2F59xS%2BWfuNU6bIyP3fx9PrZNHfKe22zGZh%2BdOFPCD0nzWsPlmf89K83oN0MrqyRlrvkIKDtDkR%2BFT4%2FpPd2Fc4c7vB8BVVZT13IDx%2BNJjDqcGa8hv%2FXzA%2F7bX8TQxeCFdeX1ztyNUamBjMT%2BPL%2F0yJ3uyd%2F%2BWwRn4Ob5pQb17zFjTOfzknrpU%2BW%2Fi7Sb4v0GF7vtbpRFLCk36HdLlNdHoe9QUIlY2GchEnCIhR%2BLo6d3v0LAAD%2F%2FwEAAP%2F%2F%2BPr%2FUaAEAAA%3D HTTP/1.1
Host: concernederase.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gloriawebsterblog.blogspot.com/
Cookie: u_pl=15316554; uid_id2=c2e00114-b564-4b0c-a8f9-b12924b96be8:2:1; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1; nlec3125a33b04387fdcde3ae56138391d25=[2106764,2229214,2229212,2229213]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Mon, 19 Sep 2022 10:26:21 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 25dff140181f7e722d11ae3fe01aa246
Strict-Transport-Security: max-age=0; includeSubdomains
www.photoscala.de/grafik/2008/Foron-MyPhoto.jpg
78.46.9.47200 OK 31 kB URL HTTP/2 www.photoscala.de/grafik/2008/Foron-MyPhoto.jpg
IP 78.46.9.47:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 500x228, components 3\012- data
Hash 9f4244a4044947e530a5b7979df5cb93
aa13d99def3e646a49ccde4f43567fa44abd09de
415bf7cffad72297148717a55c0d3dc934e38798f4a9fd88fa4f6b4b1e3b4452
GET /grafik/2008/Foron-MyPhoto.jpg HTTP/1.1
Host: www.photoscala.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Mon, 21 Apr 2008 08:09:40 GMT
accept-ranges: bytes
content-length: 31359
cache-control: max-age=2592000
expires: Wed, 19 Oct 2022 10:26:21 GMT
content-type: image/jpeg
date: Mon, 19 Sep 2022 10:26:21 GMT
server: Apache
X-Firefox-Spdy: h2
concernederase.com/ren.gif?sid=H4sIAAAAAAAC%2F1SSPYwbxRvGx3cu%2FvrT8JEGKYWFAAWJc3Z212ubFBFJOBQISZSAoEPzZd9wszurmV2vc1VCEEpB4YIGqr3H%2BYAQIWgoQETIFwmhE0XcnUSuT42EKJHNiYO32Pd993mKn555P94u90mAku2dectuaWPY8U47aB17j9ITrXM6K8etcS95P4lPtNzolX7SDl5qva7Epj0eBjQIaEBb69qpgR0fX4jQ%2Bb0%2BbfeDdhy2aSfG2P1392UDnjUgR%2FvkaWg5bz5oHIEWM2TpN2eU3yxs%2FvJraWlYYR1G8s472WZmqwzp4ThwDQyyOwduWP9w%2FT5sdmuJCzv6x8j1nDR%2Bvg%2Be3TmABB%2FdXHJyA5WByydQjWZQZgbNZhD2OrR8SAAhcf4CsvT2eesqduVvlS3UOWn%2B8Tt0NSfNR0eQpV%2BfMnrcumxNWWibeYwHNfR4Bj2cIS93UGytQFc7EMWH0JIgS2toufe8CFUQUBqv8U4Sr8U8EGusN%2BivcRr2w5j3E656y2C0nkEPZjBqAuZXUPoGSt1AOWigzBtI5V5LUEq7gRQs6PWFiGRX8UQGlHUHlNEg6aEUC%2FYJinwCYSYQ7ipyd%2B0LGXVVxEW8zbGpJ3DlT%2FAbNbxswBcEI1mjUgSVJ6gYQaUJqoKgGtW3pPGhr29L40tOD3p40KN6aovhNrtli6HKyHa%2BT55aZvf4uzewqfZaEQ07LIp4EEe97kAKqSKmOgmNelGfyrADr2tovwLmG9jSc%2FIMJsj1nKz8sArOduDNDoQ%2BClZSsGraDQOwjWncC7CVfe%2BFLQqZiqHaUKrNjR363BZtYVNIWyMvmiiuNLbNPnl2SfXc6m9QYvfk3aP3%2FkdffAzhauSuxgf6AcHQ3JheshW5eclWnnx7IS90qrfY4rUvF6xQq3ffVFcq6%2BTZM37y5atiISzGe28rX5xjmdTZ0JOvTmkplVu3Tijy41n%2FruIXS79xqnRZmZ%2B7eHr9bJo75b222QxMP7zwJ4Sek%2Ba1%2B8szfvLXj6DdDK6skZa75KCg7Q5EfhU%2BP6T3dhXOHHp4voqqrKcu5Ic%2FjSYw6nBnvIb%2F184P521%2FA0MXghXXl9c7cjVGpgYzE%2Fjy%2F9Mid7snf%2FlsUZ%2BDm%2BaUG9e8yY0zn85J64VPFvnuL0NefB7B671WN4oClvQ7tNtlqsvjsDdIqGQsjJMwSViEws%2FFsdO7fwEAAP%2F%2FAQAA%2F%2F%2BcNrbxoAQAAA%3D%3D
192.243.61.227200 OK 7 B URL HTTP/1.1 concernederase.com/ren.gif?sid=H4sIAAAAAAAC%2F1SSPYwbxRvGx3cu%2FvrT8JEGKYWFAAWJc3Z212ubFBFJOBQISZSAoEPzZd9wszurmV2vc1VCEEpB4YIGqr3H%2BYAQIWgoQETIFwmhE0XcnUSuT42EKJHNiYO32Pd993mKn555P94u90mAku2dectuaWPY8U47aB17j9ITrXM6K8etcS95P4lPtNzolX7SDl5qva7Epj0eBjQIaEBb69qpgR0fX4jQ%2Bb0%2BbfeDdhy2aSfG2P1392UDnjUgR%2FvkaWg5bz5oHIEWM2TpN2eU3yxs%2FvJraWlYYR1G8s472WZmqwzp4ThwDQyyOwduWP9w%2FT5sdmuJCzv6x8j1nDR%2Bvg%2Be3TmABB%2FdXHJyA5WByydQjWZQZgbNZhD2OrR8SAAhcf4CsvT2eesqduVvlS3UOWn%2B8Tt0NSfNR0eQpV%2BfMnrcumxNWWibeYwHNfR4Bj2cIS93UGytQFc7EMWH0JIgS2toufe8CFUQUBqv8U4Sr8U8EGusN%2BivcRr2w5j3E656y2C0nkEPZjBqAuZXUPoGSt1AOWigzBtI5V5LUEq7gRQs6PWFiGRX8UQGlHUHlNEg6aEUC%2FYJinwCYSYQ7ipyd%2B0LGXVVxEW8zbGpJ3DlT%2FAbNbxswBcEI1mjUgSVJ6gYQaUJqoKgGtW3pPGhr29L40tOD3p40KN6aovhNrtli6HKyHa%2BT55aZvf4uzewqfZaEQ07LIp4EEe97kAKqSKmOgmNelGfyrADr2tovwLmG9jSc%2FIMJsj1nKz8sArOduDNDoQ%2BClZSsGraDQOwjWncC7CVfe%2BFLQqZiqHaUKrNjR363BZtYVNIWyMvmiiuNLbNPnl2SfXc6m9QYvfk3aP3%2FkdffAzhauSuxgf6AcHQ3JheshW5eclWnnx7IS90qrfY4rUvF6xQq3ffVFcq6%2BTZM37y5atiISzGe28rX5xjmdTZ0JOvTmkplVu3Tijy41n%2FruIXS79xqnRZmZ%2B7eHr9bJo75b222QxMP7zwJ4Sek%2Ba1%2B8szfvLXj6DdDK6skZa75KCg7Q5EfhU%2BP6T3dhXOHHp4voqqrKcu5Ic%2FjSYw6nBnvIb%2F184P521%2FA0MXghXXl9c7cjVGpgYzE%2Fjy%2F9Mid7snf%2FlsUZ%2BDm%2BaUG9e8yY0zn85J64VPFvnuL0NefB7B671WN4oClvQ7tNtlqsvjsDdIqGQsjJMwSViEws%2FFsdO7fwEAAP%2F%2FAQAA%2F%2F%2BcNrbxoAQAAA%3D%3D
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
GET /ren.gif?sid=H4sIAAAAAAAC%2F1SSPYwbxRvGx3cu%2FvrT8JEGKYWFAAWJc3Z212ubFBFJOBQISZSAoEPzZd9wszurmV2vc1VCEEpB4YIGqr3H%2BYAQIWgoQETIFwmhE0XcnUSuT42EKJHNiYO32Pd993mKn555P94u90mAku2dectuaWPY8U47aB17j9ITrXM6K8etcS95P4lPtNzolX7SDl5qva7Epj0eBjQIaEBb69qpgR0fX4jQ%2Bb0%2BbfeDdhy2aSfG2P1392UDnjUgR%2FvkaWg5bz5oHIEWM2TpN2eU3yxs%2FvJraWlYYR1G8s472WZmqwzp4ThwDQyyOwduWP9w%2FT5sdmuJCzv6x8j1nDR%2Bvg%2Be3TmABB%2FdXHJyA5WByydQjWZQZgbNZhD2OrR8SAAhcf4CsvT2eesqduVvlS3UOWn%2B8Tt0NSfNR0eQpV%2BfMnrcumxNWWibeYwHNfR4Bj2cIS93UGytQFc7EMWH0JIgS2toufe8CFUQUBqv8U4Sr8U8EGusN%2BivcRr2w5j3E656y2C0nkEPZjBqAuZXUPoGSt1AOWigzBtI5V5LUEq7gRQs6PWFiGRX8UQGlHUHlNEg6aEUC%2FYJinwCYSYQ7ipyd%2B0LGXVVxEW8zbGpJ3DlT%2FAbNbxswBcEI1mjUgSVJ6gYQaUJqoKgGtW3pPGhr29L40tOD3p40KN6aovhNrtli6HKyHa%2BT55aZvf4uzewqfZaEQ07LIp4EEe97kAKqSKmOgmNelGfyrADr2tovwLmG9jSc%2FIMJsj1nKz8sArOduDNDoQ%2BClZSsGraDQOwjWncC7CVfe%2BFLQqZiqHaUKrNjR363BZtYVNIWyMvmiiuNLbNPnl2SfXc6m9QYvfk3aP3%2FkdffAzhauSuxgf6AcHQ3JheshW5eclWnnx7IS90qrfY4rUvF6xQq3ffVFcq6%2BTZM37y5atiISzGe28rX5xjmdTZ0JOvTmkplVu3Tijy41n%2FruIXS79xqnRZmZ%2B7eHr9bJo75b222QxMP7zwJ4Sek%2Ba1%2B8szfvLXj6DdDK6skZa75KCg7Q5EfhU%2BP6T3dhXOHHp4voqqrKcu5Ic%2FjSYw6nBnvIb%2F184P521%2FA0MXghXXl9c7cjVGpgYzE%2Fjy%2F9Mid7snf%2FlsUZ%2BDm%2BaUG9e8yY0zn85J64VPFvnuL0NefB7B671WN4oClvQ7tNtlqsvjsDdIqGQsjJMwSViEws%2FFsdO7fwEAAP%2F%2FAQAA%2F%2F%2BcNrbxoAQAAA%3D%3D HTTP/1.1
Host: concernederase.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gloriawebsterblog.blogspot.com/
Cookie: u_pl=15316554; uid_id2=c2e00114-b564-4b0c-a8f9-b12924b96be8:2:1; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1; nlec3125a33b04387fdcde3ae56138391d25=[2106764,2229214,2229212,2229213]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Mon, 19 Sep 2022 10:26:21 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a2c0708852d84d9aaf4a93e41cc1c51d
Strict-Transport-Security: max-age=0; includeSubdomains
concernederase.com/ren.gif?sid=H4sIAAAAAAAC%2F1SSP4wbRRTGx3cuEDT8SYOUwkKAgsQ5O7v22iZFRBIOBUISJSDo0Pyzb7jZndXMrte5KiECpaBwQQPV3uf8gRAhaChARMgXCaETxbk7iVyfGglRIjsnDK%2FY995%2BX%2FHTN%2B%2FT7eKABCjY%2Fpl37JY2hh1vN4PGsQ8oPdE4p9Ni1Bh14w%2Fj1omGG77Wi5vBK403ldi0x8OABgENaGNdO9W3o%2BNzETq716PNXtBshU3abmHk%2Fr%2F7ogbPapDDA%2FIstJzVH9SOQIsp0uS7M8pv5jZ79Y2kMCy3DkN55710M7VlimQ59l0N%2FfTOoRvW763fh01vLXBhh%2F8auZ6R2q%2F3wdM7h5Dgw5sLTm6gUnD5FMrhFMpModkUwl6HlnsEEBLnLyBNbp%2B3rmRXHqtsrs5I%2Fa8%2FocsZqT88gjT59pTRo8Zla4pc29Rj1K%2BgR1PowRRZsYN8awW63IHIP4aWBGlSQcv9F0WogoDS1hpvx621Fg%2FEGuv2e2uchr2wxXsxV91FMFpPoftTGDUG8ysofA2FrqHo11BkNSRyvyEopZ1AChZ0e0JEsqN4LAPKOn3KaBB3UYg5%2Bxh5NoYwYwh3FZm79pWMOiriorXNsanHcMUv8BsVvKzB5wRDWaFUBKUnKBlBqQnKnKAcVrek8aGvbkvjC04Pe3jYo2pi88E2u2XzgUrJdnZAnllk9%2BiHt7Cp9hsRDdssinjQirqdvhRSRUy1Yxp1ox6VYRteV9B%2BBczXsKVn5DmMkekZWflpFZztwJsdCH0UrKBg5aQTBmAbk1Y3wFb6oxc2z2UiBmpDqSY3duAzmzeFTSBthSyvI79S2zYH5PkF1QurD6HE7sm7R%2B89QV9%2BBOEqZK7CR%2FoBwcDcmFyyJbl5yZaefH8hy3Wit9j8tS%2FnLFerd99WV0rr5Nkzfvz162IuzMd77yqfn2Op1OnAk29OaSmVW7dOKPLzWf%2B%2B4hcLv3GqcGmRnbt4ev1skjnlvbbpFEzvXfgbQs9I%2Fdr9xRk%2F%2Ffsn0G4KV1RIil1yWNB2ByK7Cp8t6b1dhTNLD8%2FqKItq4kK%2B%2FGk0gVHLnfEK%2Fj87X87b%2FgYGLgTLry%2Bud%2BgqDE0FZsbwxZOTPHO7J3%2F7Yl5fgpv6hBtXv8mNM5%2FPSOOlz%2Bb5Hsw%2FfzxO2uv9RieKAhb32rTTYarDW2G3H1PJWNiKwzhmEXI%2FE8dO7%2F4DAAD%2F%2FwEAAP%2F%2F29RSx6AEAAA%3D
192.243.61.227200 OK 7 B URL HTTP/1.1 concernederase.com/ren.gif?sid=H4sIAAAAAAAC%2F1SSP4wbRRTGx3cuEDT8SYOUwkKAgsQ5O7v22iZFRBIOBUISJSDo0Pyzb7jZndXMrte5KiECpaBwQQPV3uf8gRAhaChARMgXCaETxbk7iVyfGglRIjsnDK%2FY995%2BX%2FHTN%2B%2FT7eKABCjY%2Fpl37JY2hh1vN4PGsQ8oPdE4p9Ni1Bh14w%2Fj1omGG77Wi5vBK403ldi0x8OABgENaGNdO9W3o%2BNzETq716PNXtBshU3abmHk%2Fr%2F7ogbPapDDA%2FIstJzVH9SOQIsp0uS7M8pv5jZ79Y2kMCy3DkN55710M7VlimQ59l0N%2FfTOoRvW763fh01vLXBhh%2F8auZ6R2q%2F3wdM7h5Dgw5sLTm6gUnD5FMrhFMpModkUwl6HlnsEEBLnLyBNbp%2B3rmRXHqtsrs5I%2Fa8%2FocsZqT88gjT59pTRo8Zla4pc29Rj1K%2BgR1PowRRZsYN8awW63IHIP4aWBGlSQcv9F0WogoDS1hpvx621Fg%2FEGuv2e2uchr2wxXsxV91FMFpPoftTGDUG8ysofA2FrqHo11BkNSRyvyEopZ1AChZ0e0JEsqN4LAPKOn3KaBB3UYg5%2Bxh5NoYwYwh3FZm79pWMOiriorXNsanHcMUv8BsVvKzB5wRDWaFUBKUnKBlBqQnKnKAcVrek8aGvbkvjC04Pe3jYo2pi88E2u2XzgUrJdnZAnllk9%2BiHt7Cp9hsRDdssinjQirqdvhRSRUy1Yxp1ox6VYRteV9B%2BBczXsKVn5DmMkekZWflpFZztwJsdCH0UrKBg5aQTBmAbk1Y3wFb6oxc2z2UiBmpDqSY3duAzmzeFTSBthSyvI79S2zYH5PkF1QurD6HE7sm7R%2B89QV9%2BBOEqZK7CR%2FoBwcDcmFyyJbl5yZaefH8hy3Wit9j8tS%2FnLFerd99WV0rr5Nkzfvz162IuzMd77yqfn2Op1OnAk29OaSmVW7dOKPLzWf%2B%2B4hcLv3GqcGmRnbt4ev1skjnlvbbpFEzvXfgbQs9I%2Fdr9xRk%2F%2Ffsn0G4KV1RIil1yWNB2ByK7Cp8t6b1dhTNLD8%2FqKItq4kK%2B%2FGk0gVHLnfEK%2Fj87X87b%2FgYGLgTLry%2Bud%2BgqDE0FZsbwxZOTPHO7J3%2F7Yl5fgpv6hBtXv8mNM5%2FPSOOlz%2Bb5Hsw%2FfzxO2uv9RieKAhb32rTTYarDW2G3H1PJWNiKwzhmEXI%2FE8dO7%2F4DAAD%2F%2FwEAAP%2F%2F29RSx6AEAAA%3D
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
GET /ren.gif?sid=H4sIAAAAAAAC%2F1SSP4wbRRTGx3cuEDT8SYOUwkKAgsQ5O7v22iZFRBIOBUISJSDo0Pyzb7jZndXMrte5KiECpaBwQQPV3uf8gRAhaChARMgXCaETxbk7iVyfGglRIjsnDK%2FY995%2BX%2FHTN%2B%2FT7eKABCjY%2Fpl37JY2hh1vN4PGsQ8oPdE4p9Ni1Bh14w%2Fj1omGG77Wi5vBK403ldi0x8OABgENaGNdO9W3o%2BNzETq716PNXtBshU3abmHk%2Fr%2F7ogbPapDDA%2FIstJzVH9SOQIsp0uS7M8pv5jZ79Y2kMCy3DkN55710M7VlimQ59l0N%2FfTOoRvW763fh01vLXBhh%2F8auZ6R2q%2F3wdM7h5Dgw5sLTm6gUnD5FMrhFMpModkUwl6HlnsEEBLnLyBNbp%2B3rmRXHqtsrs5I%2Fa8%2FocsZqT88gjT59pTRo8Zla4pc29Rj1K%2BgR1PowRRZsYN8awW63IHIP4aWBGlSQcv9F0WogoDS1hpvx621Fg%2FEGuv2e2uchr2wxXsxV91FMFpPoftTGDUG8ysofA2FrqHo11BkNSRyvyEopZ1AChZ0e0JEsqN4LAPKOn3KaBB3UYg5%2Bxh5NoYwYwh3FZm79pWMOiriorXNsanHcMUv8BsVvKzB5wRDWaFUBKUnKBlBqQnKnKAcVrek8aGvbkvjC04Pe3jYo2pi88E2u2XzgUrJdnZAnllk9%2BiHt7Cp9hsRDdssinjQirqdvhRSRUy1Yxp1ox6VYRteV9B%2BBczXsKVn5DmMkekZWflpFZztwJsdCH0UrKBg5aQTBmAbk1Y3wFb6oxc2z2UiBmpDqSY3duAzmzeFTSBthSyvI79S2zYH5PkF1QurD6HE7sm7R%2B89QV9%2BBOEqZK7CR%2FoBwcDcmFyyJbl5yZaefH8hy3Wit9j8tS%2FnLFerd99WV0rr5Nkzfvz162IuzMd77yqfn2Op1OnAk29OaSmVW7dOKPLzWf%2B%2B4hcLv3GqcGmRnbt4ev1skjnlvbbpFEzvXfgbQs9I%2Fdr9xRk%2F%2Ffsn0G4KV1RIil1yWNB2ByK7Cp8t6b1dhTNLD8%2FqKItq4kK%2B%2FGk0gVHLnfEK%2Fj87X87b%2FgYGLgTLry%2Bud%2BgqDE0FZsbwxZOTPHO7J3%2F7Yl5fgpv6hBtXv8mNM5%2FPSOOlz%2Bb5Hsw%2FfzxO2uv9RieKAhb32rTTYarDW2G3H1PJWNiKwzhmEXI%2FE8dO7%2F4DAAD%2F%2FwEAAP%2F%2F29RSx6AEAAA%3D HTTP/1.1
Host: concernederase.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gloriawebsterblog.blogspot.com/
Cookie: u_pl=15316554; uid_id2=c2e00114-b564-4b0c-a8f9-b12924b96be8:2:1; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1; nlec3125a33b04387fdcde3ae56138391d25=[2106764,2229214,2229212,2229213]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Mon, 19 Sep 2022 10:26:21 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 3e82110c3de2ca526577f6896be453ec
Strict-Transport-Security: max-age=0; includeSubdomains
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 0c0b0ca42facc76c39bf4b11499319e2
6b03a97270a675c5f39b14a08590e13a707c2e4e
3368f205a0b4582f71f1ab3ea4c0ab08f1a29e82118972c69c182adc07f74e3a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3368F205A0B4582F71F1AB3EA4C0AB08F1A29E82118972C69C182ADC07F74E3A"
Last-Modified: Sat, 17 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17994
Expires: Mon, 19 Sep 2022 15:26:15 GMT
Date: Mon, 19 Sep 2022 10:26:21 GMT
Connection: keep-alive
wadmargincling.com/pixel/purst?dl=0&th=0&sc=0&rs=5003&rd=5003&fd=229&bv=22.8.v.2&tmpl=136
192.243.59.12200 OK 0 B URL HTTP/1.1 wadmargincling.com/pixel/purst?dl=0&th=0&sc=0&rs=5003&rd=5003&fd=229&bv=22.8.v.2&tmpl=136
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel/purst?dl=0&th=0&sc=0&rs=5003&rd=5003&fd=229&bv=22.8.v.2&tmpl=136 HTTP/1.1
Host: wadmargincling.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gloriawebsterblog.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Mon, 19 Sep 2022 10:26:21 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
www.wohnmobilforum.de/bilderdienst/up/Dometic-RM-7541L_5ece.jpg
94.130.128.173200 OK 57 kB URL HTTP/2 www.wohnmobilforum.de/bilderdienst/up/Dometic-RM-7541L_5ece.jpg
IP 94.130.128.173:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 721x591, components 3\012- data
Hash 5a4f1e918a79b96ff0a8a82e7bb76fe3
e43908ee257413d806376fb5309d057df9a35594
eea87cbaccbe35e11092e82267352f57afd45f2a97768378b22edfb05d32b0fa
GET /bilderdienst/up/Dometic-RM-7541L_5ece.jpg HTTP/1.1
Host: www.wohnmobilforum.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gloriawebsterblog.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 19 Sep 2022 10:26:21 GMT
server: Apache/2.4.25 (Debian)
x-frame-options: SAMEORIGIN
last-modified: Mon, 11 Jun 2012 07:14:17 GMT
etag: "e252-4c22d19158440-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
strict-transport-security: max-age=15768000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
expires: access plus 1 month
cache-control: max-age=864000, public, must-revalidate
content-length: 56654
content-type: image/jpeg
X-Firefox-Spdy: h2
addresseepaper.com/sfp.js
104.21.235.2200 OK 47 kB URL HTTP/2 addresseepaper.com/sfp.js
IP 104.21.235.2:0
File type Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Hash c742883de79fe72bb78df905a1a53281
04fce975088d903ba85264e236cdb42ef84c5942
99dfea518565a5235927941559c6aee77f8e09ae2d751428d48662488aa3c6a5
GET /sfp.js HTTP/1.1
Host: addresseepaper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gloriawebsterblog.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 19 Sep 2022 10:26:18 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 3de69ffdf3ff57f9011a05310e59102b
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Mon, 19 Sep 2022 10:26:17 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gm%2BkVDIxBtoZP9hUtWg7AB5JRfXB7Jw78PvUML9jVZRSLrifdbQOvFCnOUW5OfkASLLmXWeriWvnuaMQcYm4h03awQ1Xu8AwDkvMS%2BfNxyI4OtEI78Fncqd4Bm44qtELmVI%2F9SA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74d19f4ebbf9e65c-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
216.58.211.10200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 216.58.211.10:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Mon, 19 Sep 2022 10:26:21 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
216.58.211.10200 OK 110 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 216.58.211.10:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 4823d4af4dff7c8975500b2ef43ed72b
5cee6864685b2be6af49b5f8c6bbd0941e62884d
18465e73f48c635f9772f18910dad8eb3be6cd8327830fa048b744d03d553e69
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 1211
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Mon, 19 Sep 2022 10:26:21 GMT
server: ESF
cache-control: private
content-length: 110
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
banquetunarmedgrater.com/advertisers.js
173.233.137.44200 OK 0 B URL HTTP/1.1 banquetunarmedgrater.com/advertisers.js
IP 173.233.137.44:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /advertisers.js HTTP/1.1
Host: banquetunarmedgrater.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gloriawebsterblog.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 19 Sep 2022 10:26:21 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: be5e0bdf62cb6fc410c320bf78a4b03c
Strict-Transport-Security: max-age=0; includeSubdomains
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash e5594f8a9e608b92bd1d363e2e591bb3
b5d59b9445816bf181ee9770a73fd128b58348b1
2524ca9db9efbef802b0f6eceee0c6b5a48306e573cde33e9d25ba29680a2f35
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 19 Sep 2022 10:26:21 GMT
Last-Modified: Mon, 19 Sep 2022 09:53:30 GMT
Server: ECS (dcb/7EA3)
X-Cache: Miss from cloudfront
Via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: LcOwr4yCtFhyCUZOMIpWBign0q5sofm5PmBBeJ_yGCwHfdLKN6hP5g==
Age: 1971
pushsar.com/ntfc.php?p=3260284
139.45.197.251200 OK 61 kB URL HTTP/2 pushsar.com/ntfc.php?p=3260284
IP 139.45.197.251:0
Hash 3750cbb01b95bd11bc9e95662e58eb0d
bc4e7fcb8868089980b701de99c32c8f917c924f
3f58e4d6e05d6519e3bb5686aa1e31a75ff540a73967f7efbd571b3aad2b8602
GET /ntfc.php?p=3260284 HTTP/1.1
Host: pushsar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gloriawebsterblog.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 10:26:17 GMT
content-type: application/javascript
last-modified: Fri, 16 Sep 2022 10:36:49 GMT
etag: W/"632451c1-38a8"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
zuhausewohnen.de/sites/zhw/files/styles/620x413/public/images/richtiges-fach-kuehlschrank.jpg
3.126.242.111301 Moved Permanently 522 B URL HTTP/2 zuhausewohnen.de/sites/zhw/files/styles/620x413/public/images/richtiges-fach-kuehlschrank.jpg
IP 3.126.242.111:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash f23eb00b44b8414ecc67647d9f085b42
e22506e2cf854857c170d127b20f9246ac767bc4
286d8d21f278fe38e4e329ae62ea4372290353f47726e7b67eb13a4cb39d241f
GET /sites/zhw/files/styles/620x413/public/images/richtiges-fach-kuehlschrank.jpg HTTP/1.1
Host: zuhausewohnen.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Mon, 19 Sep 2022 10:26:21 GMT
content-type: text/html; charset=UTF-8
content-length: 522
location: /uploads/media/original/03/8073-richtiges-fach-kuehlschrank.jpg?v=1-0
x-varnish: 186423757
age: 0
x-cache: MISS
X-Firefox-Spdy: h2
zuhausewohnen.de/uploads/media/original/03/8073-richtiges-fach-kuehlschrank.jpg?v=1-0
3.126.242.111200 OK 50 kB URL HTTP/2 zuhausewohnen.de/uploads/media/original/03/8073-richtiges-fach-kuehlschrank.jpg?v=1-0
IP 3.126.242.111:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 1000x750, components 3\012- data
Hash c7e2fe0d52349a21e52691d8728c79b5
c782231ec658506b53737c0e64b165bd0c44af05
83cc1f3aca46e195cd3428f73f2f7391be1355da283e4adae893aab8dc712c96
GET /uploads/media/original/03/8073-richtiges-fach-kuehlschrank.jpg?v=1-0 HTTP/1.1
Host: zuhausewohnen.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 10:26:21 GMT
content-type: image/jpeg
content-length: 50377
last-modified: Mon, 25 Nov 2019 01:54:14 GMT
etag: "5ddb3446-c4c9"
expires: Tue, 19 Sep 2023 10:26:21 GMT
cache-control: max-age=31536000, public
pragma: public
x-varnish: 186517399
age: 0
x-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3560fd0459a75cf29346caa46f7e84a1
f4ddcaf667912056478156ea67a9c16cfdacc0b0
f2f4b9cb192aba52569b22fa34a39420113c1ae958b17b6b59652182ffa10eed
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F2F4B9CB192ABA52569B22FA34A39420113C1AE958B17B6B59652182FFA10EED"
Last-Modified: Sun, 18 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8923
Expires: Mon, 19 Sep 2022 12:55:04 GMT
Date: Mon, 19 Sep 2022 10:26:21 GMT
Connection: keep-alive
unseenreport.com/pxf.gif?uuid=c2e00114-b564-4b0c-a8f9-b12924b96be8&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=0&pk=65aa283021630dfd9030555c4c61a78c&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=10
192.243.61.225200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=c2e00114-b564-4b0c-a8f9-b12924b96be8&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=0&pk=65aa283021630dfd9030555c4c61a78c&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=10
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=c2e00114-b564-4b0c-a8f9-b12924b96be8&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=0&pk=65aa283021630dfd9030555c4c61a78c&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=10 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gloriawebsterblog.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Mon, 19 Sep 2022 10:26:21 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: aff7859569c016b619f073933ba5d8bb
Strict-Transport-Security: max-age=0; includeSubdomains
unseenreport.com/pxf.gif?uuid=c2e00114-b564-4b0c-a8f9-b12924b96be8&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=0&pk=faefab53a3c6a8b843aabc1fbff50729&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=10
192.243.61.225200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=c2e00114-b564-4b0c-a8f9-b12924b96be8&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=0&pk=faefab53a3c6a8b843aabc1fbff50729&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=10
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=c2e00114-b564-4b0c-a8f9-b12924b96be8&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=0&pk=faefab53a3c6a8b843aabc1fbff50729&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=10 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gloriawebsterblog.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Mon, 19 Sep 2022 10:26:21 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 1c6730a54b756d7d9119554a79be02b5
Strict-Transport-Security: max-age=0; includeSubdomains
www.care-energy.de/laden/store/thumbnail/4469502088360330/blomberg-knd-9861-x-kuehlschrank-a-/
104.21.48.219301 Moved Permanently 0 B URL HTTP/1.1 www.care-energy.de/laden/store/thumbnail/4469502088360330/blomberg-knd-9861-x-kuehlschrank-a-/
IP 104.21.48.219:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /laden/store/thumbnail/4469502088360330/blomberg-knd-9861-x-kuehlschrank-a-/ HTTP/1.1
Host: www.care-energy.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Date: Mon, 19 Sep 2022 10:26:22 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Redirect-By: WordPress
Location: http://care-energy.de/laden/store/thumbnail/4469502088360330/blomberg-knd-9861-x-kuehlschrank-a-/
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tNlzSbwijDrxlVfsF1WwYazinX798sqIrz%2FUCXxkb4l2SWPJpPKz5t%2FsW1dk26V0tPTA9p10sJKzNH57nXFRYgOZCffCehHIj8lGwpPJygZTGgJtqbQuiTjTKRaaxMZq%2B%2BtcmbI%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 74d19f5f8e670b51-OSL
alt-svc: h2=":443"; ma=60
i.ebayimg.com/00/s/MTAyNFg3Njg%253D/z/oC0AAOSwnH1WYsgS/%2524_9.JPG
8.254.252.212301 Moved Permanently 181 B URL HTTP/1.1 i.ebayimg.com/00/s/MTAyNFg3Njg%253D/z/oC0AAOSwnH1WYsgS/%2524_9.JPG
IP 8.254.252.212:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 9ff6854f822a4e7c08f95334aa16879e
4f02f0fc4506e0f52932cea7c44ea68451fb7ecf
46b9bfad8132d91e0249883178b62a3fc8dc1235ab994d76b2f6804211137167
GET /00/s/MTAyNFg3Njg%253D/z/oC0AAOSwnH1WYsgS/%2524_9.JPG HTTP/1.1
Host: i.ebayimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Date: Mon, 19 Sep 2022 10:26:22 GMT
Content-Type: text/html
Content-Length: 181
Connection: keep-alive
Server: FP6.1.3311.145
Location: https://i.ebayimg.com/00/s/MTAyNFg3Njg%253D/z/oC0AAOSwnH1WYsgS/%2524_9.JPG
X-CDN: LUMN
Strict-Transport-Security: max-age=31536000
i.ebayimg.com/t/Blomberg-KND-9861-X-A-436-Liter-Kuehlschrank-/00/s/MTYwMFg2NDE%253D/z/kNUAAOSwPhdU1c9R/%2524_35.JPG
8.254.252.212301 Moved Permanently 181 B URL HTTP/1.1 i.ebayimg.com/t/Blomberg-KND-9861-X-A-436-Liter-Kuehlschrank-/00/s/MTYwMFg2NDE%253D/z/kNUAAOSwPhdU1c9R/%2524_35.JPG
IP 8.254.252.212:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 9ff6854f822a4e7c08f95334aa16879e
4f02f0fc4506e0f52932cea7c44ea68451fb7ecf
46b9bfad8132d91e0249883178b62a3fc8dc1235ab994d76b2f6804211137167
GET /t/Blomberg-KND-9861-X-A-436-Liter-Kuehlschrank-/00/s/MTYwMFg2NDE%253D/z/kNUAAOSwPhdU1c9R/%2524_35.JPG HTTP/1.1
Host: i.ebayimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Date: Mon, 19 Sep 2022 10:26:22 GMT
Content-Type: text/html
Content-Length: 181
Connection: keep-alive
Server: FP6.1.3311.145
Location: https://i.ebayimg.com/t/Blomberg-KND-9861-X-A-436-Liter-Kuehlschrank-/00/s/MTYwMFg2NDE%253D/z/kNUAAOSwPhdU1c9R/%2524_35.JPG
X-CDN: LUMN
Strict-Transport-Security: max-age=31536000
i.ebayimg.com/00/s/MTMyMVg4MTA%253D/z/caoAAOSwpdpVbYIB/%2524_1.JPG
8.254.252.212301 Moved Permanently 181 B URL HTTP/1.1 i.ebayimg.com/00/s/MTMyMVg4MTA%253D/z/caoAAOSwpdpVbYIB/%2524_1.JPG
IP 8.254.252.212:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 9ff6854f822a4e7c08f95334aa16879e
4f02f0fc4506e0f52932cea7c44ea68451fb7ecf
46b9bfad8132d91e0249883178b62a3fc8dc1235ab994d76b2f6804211137167
GET /00/s/MTMyMVg4MTA%253D/z/caoAAOSwpdpVbYIB/%2524_1.JPG HTTP/1.1
Host: i.ebayimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Date: Mon, 19 Sep 2022 10:26:22 GMT
Content-Type: text/html
Content-Length: 181
Connection: keep-alive
Server: FP6.1.3311.145
Location: https://i.ebayimg.com/00/s/MTMyMVg4MTA%253D/z/caoAAOSwpdpVbYIB/%2524_1.JPG
X-CDN: LUMN
Strict-Transport-Security: max-age=31536000
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 91098ca65f01084377e560826d7f90e4
3f9bb38aa96beb283f71c6b79ece912a90168624
61201c64f0fea1ba992c11b35e2830475b3fb5572bc1ce146824d50fbcd106b8
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 19 Sep 2022 10:26:22 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 19 Sep 2022 07:47:39 GMT
Expires: Mon, 26 Sep 2022 07:47:38 GMT
Etag: "3f9bb38aa96beb283f71c6b79ece912a90168624"
Cache-Control: max-age=594675,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74d19f6ab8f5b523-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 91098ca65f01084377e560826d7f90e4
3f9bb38aa96beb283f71c6b79ece912a90168624
61201c64f0fea1ba992c11b35e2830475b3fb5572bc1ce146824d50fbcd106b8
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 19 Sep 2022 10:26:22 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 19 Sep 2022 07:47:39 GMT
Expires: Mon, 26 Sep 2022 07:47:38 GMT
Etag: "3f9bb38aa96beb283f71c6b79ece912a90168624"
Cache-Control: max-age=594675,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74d19f6abde7b51d-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 91098ca65f01084377e560826d7f90e4
3f9bb38aa96beb283f71c6b79ece912a90168624
61201c64f0fea1ba992c11b35e2830475b3fb5572bc1ce146824d50fbcd106b8
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 19 Sep 2022 10:26:22 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 19 Sep 2022 07:47:39 GMT
Expires: Mon, 26 Sep 2022 07:47:38 GMT
Etag: "3f9bb38aa96beb283f71c6b79ece912a90168624"
Cache-Control: max-age=594675,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74d19f6ac8a4b50f-OSL
ssli.ebayimg.com/00/s/MTAyNFg3Njg%253D/z/ABsAAOSwYaFWg7sz/%2524_9.JPG
104.110.11.65200 OK 1.4 kB URL HTTP/2 ssli.ebayimg.com/00/s/MTAyNFg3Njg%253D/z/ABsAAOSwYaFWg7sz/%2524_9.JPG
IP 104.110.11.65:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 80x80, components 3\012- data
Hash 7e38a78e5dc8f67ae17b6eb76a25348c
4dcb57651a75abfd07fb36c70c6c5108c49bdb34
a567462f4edd496bdf5cd00da5bbde64131c283e3cf396bfd58c0fac26b13d9a
GET /00/s/MTAyNFg3Njg%253D/z/ABsAAOSwYaFWg7sz/%2524_9.JPG HTTP/1.1
Host: ssli.ebayimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gloriawebsterblog.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
rlogid: t6q4%7Cjfaofpse%3D9vjdq4%7Cjfaofpse*aqpi%7B%28rbpv6612-1835548df32-0x112
x-ebay-c-version: 1.0.0
x-ebay-c-extension: responsecode=404,responsemessage=Image Not Found
last-modified: Mon, 19 Sep 2022 10:26:22 GMT
access-control-allow-origin: *
cache-control: max-age=0,no-store,no-cache
content-type: image/jpeg
content-length: 1359
server: ebay-proxy-server
x-envoy-upstream-service-time: 152
x-ebay-pop-id: UFES2-DUS-zoe-anycast
date: Mon, 19 Sep 2022 10:26:22 GMT
set-cookie: ebay=%5Esbf%3D%23%5E;Domain=.ebay.com;Path=/; Secure
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
i.ebayimg.com/t/Blomberg-KND-9861-X-A-436-Liter-Kuehlschrank-/00/s/MTYwMFg2NDE%253D/z/kNUAAOSwPhdU1c9R/%2524_35.JPG
8.254.252.212200 OK 1.4 kB URL HTTP/2 i.ebayimg.com/t/Blomberg-KND-9861-X-A-436-Liter-Kuehlschrank-/00/s/MTYwMFg2NDE%253D/z/kNUAAOSwPhdU1c9R/%2524_35.JPG
IP 8.254.252.212:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 80x80, components 3\012- data
Hash 7e38a78e5dc8f67ae17b6eb76a25348c
4dcb57651a75abfd07fb36c70c6c5108c49bdb34
a567462f4edd496bdf5cd00da5bbde64131c283e3cf396bfd58c0fac26b13d9a
GET /t/Blomberg-KND-9861-X-A-436-Liter-Kuehlschrank-/00/s/MTYwMFg2NDE%253D/z/kNUAAOSwPhdU1c9R/%2524_35.JPG HTTP/1.1
Host: i.ebayimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 19 Sep 2022 10:26:22 GMT
content-type: image/jpeg
content-length: 1359
rlogid: t6q4%7Cjfaofpse%3D9vjdq4%7Cjfaofpse*gg2%3Ee%28rbpv6612-1835548dfdc-0x115
x-ebay-c-version: 1.0.0
x-ebay-c-extension: responsecode=404,responsemessage=Image Not Found
last-modified: Mon, 19 Sep 2022 10:26:22 GMT
access-control-allow-origin: *
cache-control: no-store, max-age=0, no-cache
set-cookie: ebay=%5Esbf%3D%23%5E;Domain=.ebay.com;Path=/; Secure
server: ebay-proxy-server
x-envoy-upstream-service-time: 149
x-ebay-pop-id: UFES2-FRA-zoe-anycast
x-cdn: LUMN
strict-transport-security: max-age=31536000
age: 0
accept-ranges: bytes
X-Firefox-Spdy: h2
i.ebayimg.com/00/s/MTMyMVg4MTA%253D/z/caoAAOSwpdpVbYIB/%2524_1.JPG
8.254.252.212200 OK 1.4 kB URL HTTP/2 i.ebayimg.com/00/s/MTMyMVg4MTA%253D/z/caoAAOSwpdpVbYIB/%2524_1.JPG
IP 8.254.252.212:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 80x80, components 3\012- data
Hash 7e38a78e5dc8f67ae17b6eb76a25348c
4dcb57651a75abfd07fb36c70c6c5108c49bdb34
a567462f4edd496bdf5cd00da5bbde64131c283e3cf396bfd58c0fac26b13d9a
GET /00/s/MTMyMVg4MTA%253D/z/caoAAOSwpdpVbYIB/%2524_1.JPG HTTP/1.1
Host: i.ebayimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 19 Sep 2022 10:26:22 GMT
content-type: image/jpeg
content-length: 1359
rlogid: t6q4%7Cjfaofpse%3D9vjdq4%7Cjfaofpse*t3l3a%28rbpv6612-1835548dfe0-0x119
x-ebay-c-version: 1.0.0
x-ebay-c-extension: responsecode=404,responsemessage=Image Not Found
last-modified: Mon, 19 Sep 2022 10:26:22 GMT
access-control-allow-origin: *
cache-control: no-store, max-age=0, no-cache
set-cookie: ebay=%5Esbf%3D%23%5E;Domain=.ebay.com;Path=/; Secure
server: ebay-proxy-server
x-envoy-upstream-service-time: 157
x-ebay-pop-id: UFES2-FRA-zoe-anycast
x-cdn: LUMN
strict-transport-security: max-age=31536000
age: 0
accept-ranges: bytes
X-Firefox-Spdy: h2
i.ebayimg.com/00/s/MTAyNFg3Njg%253D/z/oC0AAOSwnH1WYsgS/%2524_9.JPG
8.254.252.212200 OK 1.4 kB URL HTTP/2 i.ebayimg.com/00/s/MTAyNFg3Njg%253D/z/oC0AAOSwnH1WYsgS/%2524_9.JPG
IP 8.254.252.212:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 80x80, components 3\012- data
Hash 7e38a78e5dc8f67ae17b6eb76a25348c
4dcb57651a75abfd07fb36c70c6c5108c49bdb34
a567462f4edd496bdf5cd00da5bbde64131c283e3cf396bfd58c0fac26b13d9a
GET /00/s/MTAyNFg3Njg%253D/z/oC0AAOSwnH1WYsgS/%2524_9.JPG HTTP/1.1
Host: i.ebayimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 19 Sep 2022 10:26:22 GMT
content-type: image/jpeg
content-length: 1359
rlogid: t6q4%7Cjfaofpse%3D9vjdq4%7Cjfaofpse*is%60l1%28rbpv6770-1835548dff3-0x14c
x-ebay-c-version: 1.0.0
x-ebay-c-extension: responsecode=404,responsemessage=Image Not Found
last-modified: Mon, 19 Sep 2022 10:26:22 GMT
access-control-allow-origin: *
cache-control: no-store, max-age=0, no-cache
set-cookie: ebay=%5Esbf%3D%23%5E;Domain=.ebay.com;Path=/; Secure
server: ebay-proxy-server
x-envoy-upstream-service-time: 181
x-ebay-pop-id: UFES2-FRA-zoe-anycast
x-cdn: LUMN
strict-transport-security: max-age=31536000
age: 0
accept-ranges: bytes
X-Firefox-Spdy: h2
www.modelvita.com/wp-content/uploads/import/254538-1_org.jpg
136.243.165.14404 Not Found 0 B URL HTTP/2 www.modelvita.com/wp-content/uploads/import/254538-1_org.jpg
IP 136.243.165.14:0
ASN #24940 Hetzner Online GmbH
GET /wp-content/uploads/import/254538-1_org.jpg HTTP/1.1
Host: www.modelvita.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
date: Mon, 19 Sep 2022 10:26:21 GMT
server: Apache
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://www.modelvita.com/wp-json/>; rel="https://api.w.org/"
content-type: text/html; charset=UTF-8
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/zmiYzsHi8INTJBWt2QZC9aM5/styles__ltr.css
142.250.74.163200 OK 0 B URL HTTP/2 www.gstatic.com/recaptcha/releases/zmiYzsHi8INTJBWt2QZC9aM5/styles__ltr.css
IP 142.250.74.163:0
GET /recaptcha/releases/zmiYzsHi8INTJBWt2QZC9aM5/styles__ltr.css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 24251
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 14 Sep 2022 05:19:12 GMT
expires: Thu, 14 Sep 2023 05:19:12 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 14 Sep 2022 00:24:01 GMT
content-type: text/css
age: 450427
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.moebelmarkt.de/typo3temp/pics/27983_bild_4_foron_by_ardo_8d5a1cd1c2.jpg
136.243.127.152404 Not Found 0 B URL HTTP/2 www.moebelmarkt.de/typo3temp/pics/27983_bild_4_foron_by_ardo_8d5a1cd1c2.jpg
IP 136.243.127.152:0
ASN #24940 Hetzner Online GmbH
GET /typo3temp/pics/27983_bild_4_foron_by_ardo_8d5a1cd1c2.jpg HTTP/1.1
Host: www.moebelmarkt.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
date: Mon, 19 Sep 2022 10:26:21 GMT
server: Apache
cache-control: must-revalidate, no-cache, no-store, private
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade, strict-origin-when-cross-origin
permissions-policy: interest-cohort=()
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
contao-cache: miss
age: 0
set-cookie: PHPSESSID=54b1296bf22441f7f7045838d4db5cd8; path=/; secure; httponly
csrf_https-contao_csrf_token=xrlgrChnZmJZtURdWicYxEZp_T98epZXrudn2UCxvC8; path=/; secure; httponly; samesite=lax
content-length: 15193
content-type: text/html; charset=utf-8
X-Firefox-Spdy: h2
www.lax-online.de/images/zoom/993327.jpg
35.246.193.161404 Not Found 0 B URL HTTP/1.1 www.lax-online.de/images/zoom/993327.jpg
IP 35.246.193.161:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
GET /images/zoom/993327.jpg HTTP/1.1
Host: www.lax-online.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 404 Not Found
Date: Mon, 19 Sep 2022 10:26:21 GMT
Server: Apache/2.4.29 (Ubuntu)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
X-Content-Digest: en43847c3fd867bf63d2244654d2eb67d6fa902e222b9424c9d40175d1bc7b7334
Content-Length: 164445
Age: 1550
Cache-Control: no-cache, private
Set-Cookie: session-1=e80226254d20e7776e8a5cd7a5760326c93c46d1c2b6e54c35e1a4f3519df693; path=/; secure; HttpOnly
x-cache-context-hash=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
nocache=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
www.mediadeal.de/images/products/thumb4/img_26507_3.jpg
185.39.221.37404 Not Found 0 B URL HTTP/1.1 www.mediadeal.de/images/products/thumb4/img_26507_3.jpg
IP 185.39.221.37:0
GET /images/products/thumb4/img_26507_3.jpg HTTP/1.1
Host: www.mediadeal.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 404 Not Found
Date: Mon, 19 Sep 2022 10:26:21 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
X-Content-Digest: en3cb4ee009a442324ee4b811a76306ed850373d8e3b6c2cacb7c2f5ef6200c402
Age: 502
Cache-Control: no-cache, private
Set-Cookie: session-1=d7854337dbb00fdf84aa67c3f2dd10bd5752fb83f664fda286217593612dee54; path=/; secure; HttpOnly
x-cache-context-hash=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
nocache=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
Content-Length: 101770
Vary: User-Agent
Keep-Alive: timeout=5, max=250
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
104.18.10.207200 OK 0 B URL HTTP/2 stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
IP 104.18.10.207:0
GET /font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gloriawebsterblog.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 19 Sep 2022 10:26:17 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 11/15/2021 21:49:00
cdn-proxyver: 1.0
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 723
cdn-status: 200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-requestid: 2729ae8f2fc6c761bdc17d91cc795f58
cdn-cache: HIT
cf-cache-status: HIT
age: 9029931
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 74d19f48ab65fac0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open+Sans:400,400i,700,700i
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans:400,400i,700,700i
IP 142.250.74.10:0
GET /css?family=Open+Sans:400,400i,700,700i HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gloriawebsterblog.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 19 Sep 2022 10:26:17 GMT
date: Mon, 19 Sep 2022 10:26:17 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
beta.mybetterck.com/adServe/banners?tid=79283_127088_1&tagid=2
108.168.193.189200 OK 0 B URL HTTP/2 beta.mybetterck.com/adServe/banners?tid=79283_127088_1&tagid=2
IP 108.168.193.189:0
GET /adServe/banners?tid=79283_127088_1&tagid=2 HTTP/1.1
Host: beta.mybetterck.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gloriawebsterblog.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 10:26:18 GMT
content-type: text/javascript;charset=utf-8
vary: Accept-Encoding
cache-control: no-cache
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
www.youtube.com/embed/VbkjyCKfoPk
142.250.74.142200 OK 0 B URL HTTP/2 www.youtube.com/embed/VbkjyCKfoPk
IP 142.250.74.142:0
GET /embed/VbkjyCKfoPk HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gloriawebsterblog.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 19 Sep 2022 10:26:18 GMT
strict-transport-security: max-age=31536000
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=cLJatL6J8_k; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=e98ORzFi1kk; Domain=.youtube.com; Expires=Sat, 18-Mar-2023 10:26:18 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+261; expires=Wed, 18-Sep-2024 10:26:18 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
mybetterck.com/adServe/banners?tid=79283_127088_20
108.168.193.189200 OK 0 B URL HTTP/2 mybetterck.com/adServe/banners?tid=79283_127088_20
IP 108.168.193.189:0
GET /adServe/banners?tid=79283_127088_20 HTTP/1.1
Host: mybetterck.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gloriawebsterblog.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 10:26:18 GMT
content-type: text/javascript;charset=utf-8
vary: Accept-Encoding
cache-control: no-cache
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
care-energy.de/laden/store/thumbnail/4469502088360330/blomberg-knd-9861-x-kuehlschrank-a-/
172.67.156.175404 Not Found 0 B URL HTTP/1.1 care-energy.de/laden/store/thumbnail/4469502088360330/blomberg-knd-9861-x-kuehlschrank-a-/
IP 172.67.156.175:0
GET /laden/store/thumbnail/4469502088360330/blomberg-knd-9861-x-kuehlschrank-a-/ HTTP/1.1
Host: care-energy.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 404 Not Found
Date: Mon, 19 Sep 2022 10:26:22 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <https://care-energy.de/wp-json/>; rel="https://api.w.org/"
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e%2BFWEQbcWIPTxTdHUw94JxTABZOOq4DaEYl74iGOqWLnAJGu6E2Vl4swDRiak2Y0cM78uO%2BuPAX%2FrrxQv8YPwDdzemxjT5VAHxItyor82lRTKmaCXPumGwqTy2ZATvxqeA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 74d19f689ca71bfa-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60