byfarahh.com/2013/01/juara-maharaja-lawak-mega-2012.html
216.239.34.21301 Moved Permanently 264 B URL HTTP/1.1 byfarahh.com/2013/01/juara-maharaja-lawak-mega-2012.html
IP 216.239.34.21:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 26224a8a6014b71ca6dcee4cba6e80ae
f707eb9c13113144f4244b46a94da0152a0298ae
6fcbd962f81679326de37e6d654473ea4a3b5a861bb7d52440337a98ebb8f17a
Analyzer Verdict Alert fortinet Malware
GET /2013/01/juara-maharaja-lawak-mega-2012.html HTTP/1.1
Host: byfarahh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Location: http://www.byfarahh.com/2013/01/juara-maharaja-lawak-mega-2012.html
Date: Sat, 14 Jan 2023 09:44:01 GMT
Content-Type: text/html; charset=UTF-8
Server: ghs
Content-Length: 264
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 0643dc6b6fed33b3537160b6bb77bcbf
aa43bd1fbb30d2219f3285c1ee4991ffb33562c5
f137438e30e0d69cba77ca2eb736687873e4a9c06cf88d23c6d55ea930fde09f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F137438E30E0D69CBA77CA2EB736687873E4A9C06CF88D23C6D55EA930FDE09F"
Last-Modified: Sat, 14 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2667
Expires: Sat, 14 Jan 2023 10:28:28 GMT
Date: Sat, 14 Jan 2023 09:44:01 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a8b4f1afb0e830b797238d34ab9254aa
e011acef3d05c959a65205d53b651ecd18a889fe
f7ceff5b4fda083c7449b7298c232224cf48a632dcb87233b646790de207d49c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F7CEFF5B4FDA083C7449B7298C232224CF48A632DCB87233B646790DE207D49C"
Last-Modified: Thu, 12 Jan 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2538
Expires: Sat, 14 Jan 2023 10:26:19 GMT
Date: Sat, 14 Jan 2023 09:44:01 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 64765d3d978fd74d7bc47d55d4f097cf
92eb3f0d55ba99be28105c0b28ef7dd456817f1f
761aab02513e7a0ec55ea59109e88b39cbd4e17df0cd2035aa37a4693f22d1f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "761AAB02513E7A0EC55EA59109E88B39CBD4E17DF0CD2035AA37A4693F22D1F3"
Last-Modified: Thu, 12 Jan 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11349
Expires: Sat, 14 Jan 2023 12:53:10 GMT
Date: Sat, 14 Jan 2023 09:44:01 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 14 Jan 2023 08:48:53 GMT
content-type: application/json
age: 3308
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: Pk997/nVAbsxzTlsZsu55ykwOqXWw3YI74MwwezXxuneqKxO5wOa531AVXKyMYnvFzZjfDt0c8A=
x-amz-request-id: NBF3CD4YC0Z8CZGQ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 14 Jan 2023 09:43:41 GMT
age: 20
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 14 Jan 2023 09:44:02 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Expires, Pragma, Content-Type, Backoff, Last-Modified, Cache-Control, ETag
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 14 Jan 2023 09:17:25 GMT
age: 1597
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
www.byfarahh.com/2013/01/juara-maharaja-lawak-mega-2012.html
142.250.74.19301 Moved Permanently 203 B URL HTTP/1.1 www.byfarahh.com/2013/01/juara-maharaja-lawak-mega-2012.html
IP 142.250.74.19:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 3f704d770792e28070aa8b81ae16ee71
3538aa1e6295a59b64a5863bf16829fb0813f08b
6a8f5cb548a34492f6b4754a38a5a8eb898552f082dfc9cb7a62f5cd6ee82fb7
Analyzer Verdict Alert fortinet Malware
GET /2013/01/juara-maharaja-lawak-mega-2012.html HTTP/1.1
Host: www.byfarahh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Location: https://www.byfarahh.com/2013/01/juara-maharaja-lawak-mega-2012.html
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Sat, 14 Jan 2023 09:44:02 GMT
Expires: Sat, 14 Jan 2023 09:44:02 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 203
Server: GSE
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b1e3535cab3c1ac295b1412126a9325c
d1bdf1b8663817ae34b6182db29d6b20666779e7
90c4ecd4b0782647fd78110b5bacfb73d2b05aae4de789a90318574407dfb565
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6574
Cache-Control: max-age=90738
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 09:44:02 GMT
Etag: "63c11f26-1d7"
Expires: Sun, 15 Jan 2023 10:56:20 GMT
Last-Modified: Fri, 13 Jan 2023 09:06:46 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/s/gts1d4/FnhXvglGIGs
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/FnhXvglGIGs
IP 142.250.74.131:0
Hash 2bf36f38eb5ea436ba05a644ed30d930
9296e70fa0246755737903b088fb495c54811480
74f81b2117e17ea58638bc2054d599b9ba0bf9ccf26d80846ef097d3b7f6be28
POST /s/gts1d4/FnhXvglGIGs HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 09:44:02 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
35.163.1.35101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.163.1.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: ocSZ8Ixl+kitkY3vo8e24w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: O0Nd9yw9pWxx9kssU19n8zYSJQ0=
www.byfarahh.com/2013/01/juara-maharaja-lawak-mega-2012.html
142.250.74.19200 OK 38 kB URL HTTP/2 www.byfarahh.com/2013/01/juara-maharaja-lawak-mega-2012.html
IP 142.250.74.19:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1166)
Hash d92cd60e0361b56074eab311467e5d1c
db1a332f7c79e0e90f861c7f87b111d0f2acd47c
a21451d797628b8ccc596d3c40d25488d99d8d49596d504944a3d5dbcf76628a
Analyzer Verdict Alert fortinet Malware
GET /2013/01/juara-maharaja-lawak-mega-2012.html HTTP/1.1
Host: www.byfarahh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests
content-security-policy-report-only: default-src https: blob: data: 'unsafe-inline' 'unsafe-eval'; report-uri https://www.blogger.com/cspreport
content-type: text/html; charset=UTF-8
expires: Sat, 14 Jan 2023 09:44:03 GMT
date: Sat, 14 Jan 2023 09:44:03 GMT
cache-control: private, max-age=0
last-modified: Sat, 14 Jan 2023 08:07:26 GMT
etag: W/"7d76ac474a712e99d7b518e4133998de969b3e95eeb9293c272d969c3b6212f3"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 37806
server: GSE
X-Firefox-Spdy: h2
www.byfarahh.com/js/cookienotice.js
142.250.74.19200 OK 2.0 kB URL HTTP/2 www.byfarahh.com/js/cookienotice.js
IP 142.250.74.19:0
Hash c4e1ed83d89245089b8a1203be20a377
f3940e1215b89300ef97d57a25993f25243b8688
afa801a129ff6fc98533118275db8a7d4a38fc91f8ab55ed4c19b864255e68d2
Analyzer Verdict Alert fortinet Malware
GET /js/cookienotice.js HTTP/1.1
Host: www.byfarahh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.byfarahh.com/2013/01/juara-maharaja-lawak-mega-2012.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 2026
date: Sat, 14 Jan 2023 09:44:03 GMT
expires: Sat, 21 Jan 2023 09:44:03 GMT
cache-control: public, max-age=604800
last-modified: Fri, 13 Jan 2023 12:51:58 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js
104.17.25.14200 OK 27 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js
IP 104.17.25.14:0
File type ASCII text, with very long lines (32065)
Hash 63827323c175768ccb0e8ed54589a3e5
9760e238d6ecced66396798559f70593793d801e
196f9479a27db836a2a7454e222f0cb52d4eeb162e0a50e69401ba1a8d81b564
GET /ajax/libs/jquery/2.2.4/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.byfarahh.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 14 Jan 2023 09:44:03 GMT
content-type: application/javascript; charset=utf-8
content-length: 26909
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-14e4a"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 9310503
expires: Thu, 04 Jan 2024 09:44:03 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GSZPfajtTPO9WP8Jr6O6DKeRAomrtj5mkE07LPMcFlJAw66VkgIWRfmvuYNfgLt7wDJOxRQ1TDN54ttkKb0coHvI2lKSJTIPngW4SRbqK1AFATUicHychcaXquepPabeNJGaEjNA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 78956e4d1b320b61-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash b23cfe41da645dfdc123983950c234ca
4df65541611724ca62e1aaf364b7ba1e32090aa4
f779873dbc8f5ce9ed3e446639a7681cf7e4365d3bd46224221179e4537f1103
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 09:44:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.7.2/css/all.min.css
104.17.25.14200 OK 9.6 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/font-awesome/5.7.2/css/all.min.css
IP 104.17.25.14:0
File type ASCII text, with very long lines (54456), with no line terminators
Hash db3073b8a4840f07986467070abda4de
fe9151b62eaeb233f697b0184a604e7b86b94d57
39ad1d3a336056549d10681ccdd8e711c4d40c9f00e7d4816ab08003b2dc3761
GET /ajax/libs/font-awesome/5.7.2/css/all.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.byfarahh.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 14 Jan 2023 09:44:03 GMT
content-type: text/css; charset=utf-8
content-length: 9592
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e60-d4b8"
last-modified: Mon, 04 May 2020 16:10:08 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 5410582
expires: Thu, 04 Jan 2024 09:44:03 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MQaMpH2h41w9nNZyCQQlZ6lre4o4DGfU6DRjAt171vcj5UZX0kCNU1fY2Uq%2Fua0PevpZrDg%2FrDQhsq1QUyJ%2BVIMNcxYzebF99A2H7r59ybHBeABgQWz0t%2BRio4k5g4X2wEotiwOx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 78956e4d1b2f0b61-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/OwlCarousel2/2.0.0-beta.2.4/owl.carousel.min.js
104.17.25.14200 OK 9.7 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/OwlCarousel2/2.0.0-beta.2.4/owl.carousel.min.js
IP 104.17.25.14:0
File type ASCII text, with very long lines (32130)
Hash 95325af25d159ae7aab1c9f3d494982b
87517fdf5df473de27379c9e9cba328169b98e11
f4c6f88eb66cfd7428954767a5196c12331656ac552986ae43691a5d074ed67e
GET /ajax/libs/OwlCarousel2/2.0.0-beta.2.4/owl.carousel.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.byfarahh.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 14 Jan 2023 09:44:03 GMT
content-type: application/javascript; charset=utf-8
content-length: 9746
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03cf0-a8e8"
last-modified: Mon, 04 May 2020 16:04:00 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 12401058
expires: Thu, 04 Jan 2024 09:44:03 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z2Q2NALCJxMaACEvI3O0%2FoDpZEF%2Fv%2B2XS%2BDTjOw%2BVBaOHzJTDtUtBmnM%2BM3nt2K2b9ce%2F6c3WsgLT1CoqlkOEFhvmAlmOQYpM8mnNPIwYmOnA5bRHL925x3TNr6vGRi8kQ%2BCknME"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 78956e4d1b370b61-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash b23cfe41da645dfdc123983950c234ca
4df65541611724ca62e1aaf364b7ba1e32090aa4
f779873dbc8f5ce9ed3e446639a7681cf7e4365d3bd46224221179e4537f1103
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 09:44:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
1.bp.blogspot.com/-tdSYSSDUqik/YXN_v62DSkI/AAAAAAAAcP8/vS-GCoCV7a8p7zPzjhBsmX45OZTAw8gwQCLcBGAsYHQ/s60/instagram%2Blogo.png
142.250.74.161200 OK 1.6 kB URL HTTP/2 1.bp.blogspot.com/-tdSYSSDUqik/YXN_v62DSkI/AAAAAAAAcP8/vS-GCoCV7a8p7zPzjhBsmX45OZTAw8gwQCLcBGAsYHQ/s60/instagram%2Blogo.png
IP 142.250.74.161:0
File type PNG image data, 60 x 60, 8-bit/color RGB, non-interlaced\012- data
Hash 79d5f399d55eca1becb40e0edf88479c
cba646db72ae706a0c21089d8385711be54d59d8
8cfb2a3d352e982ecdd1706e2af5d64fd6af4ff16e08c459956214c65e9b9c64
GET /-tdSYSSDUqik/YXN_v62DSkI/AAAAAAAAcP8/vS-GCoCV7a8p7zPzjhBsmX45OZTAw8gwQCLcBGAsYHQ/s60/instagram%2Blogo.png HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.byfarahh.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="instagram logo.png"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 1611
x-xss-protection: 0
date: Sat, 14 Jan 2023 09:44:03 GMT
expires: Sun, 15 Jan 2023 00:47:15 GMT
cache-control: public, max-age=86400, no-transform
etag: "v7101"
content-type: image/png
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash c16b1530bbcd3d9226362c0a6100f014
a49685aa2869a3674bc4c8fc58acd47f655c2111
ff063e27670433897ba82fdf8048fc228587ab2f01c21e2970f03b3df9093539
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 09:44:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash a6306915ffb64c0f3f258ae8eb513268
7ae9e34fc2144dbcf338d4d4a1ea9e7b343a5aba
0801e6502016f15ed26a3eccd5aac3bbe114c7cd14c9530d4524d3dcc9742a77
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 09:44:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash b23cfe41da645dfdc123983950c234ca
4df65541611724ca62e1aaf364b7ba1e32090aa4
f779873dbc8f5ce9ed3e446639a7681cf7e4365d3bd46224221179e4537f1103
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 09:44:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
1.bp.blogspot.com/-OfnBVWaJBkA/YXN_VAaGg0I/AAAAAAAAcPk/4lCZqVIFYkAjDSmNAdPXLTR1tHemdYMpACLcBGAsYHQ/s60/facebook.png
142.250.74.161200 OK 1.4 kB URL HTTP/2 1.bp.blogspot.com/-OfnBVWaJBkA/YXN_VAaGg0I/AAAAAAAAcPk/4lCZqVIFYkAjDSmNAdPXLTR1tHemdYMpACLcBGAsYHQ/s60/facebook.png
IP 142.250.74.161:0
File type PNG image data, 60 x 60, 8-bit/color RGB, non-interlaced\012- data
Hash beb3c23c9b1ae8d9a521e72d2af0538f
7944b75e2b95943c98773c74f8ad1c512cde1bab
ac310d0bd42ddc949a2b88ca6421f2fc6bdd8b7f90f720e209dc51b58cb0c137
GET /-OfnBVWaJBkA/YXN_VAaGg0I/AAAAAAAAcPk/4lCZqVIFYkAjDSmNAdPXLTR1tHemdYMpACLcBGAsYHQ/s60/facebook.png HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.byfarahh.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="facebook.png"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 1366
x-xss-protection: 0
date: Sat, 14 Jan 2023 09:44:03 GMT
expires: Sun, 15 Jan 2023 00:47:15 GMT
cache-control: public, max-age=86400, no-transform
etag: "v70fd"
content-type: image/png
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
1.bp.blogspot.com/-vcUqmQI2lR4/YXOAUH-dv-I/AAAAAAAAcQU/OiG1uO1Cru0HvUvGkk4ZF1YscR3qhAWJgCLcBGAsYHQ/s60/twitter%2Blogo.png
142.250.74.161200 OK 1.5 kB URL HTTP/2 1.bp.blogspot.com/-vcUqmQI2lR4/YXOAUH-dv-I/AAAAAAAAcQU/OiG1uO1Cru0HvUvGkk4ZF1YscR3qhAWJgCLcBGAsYHQ/s60/twitter%2Blogo.png
IP 142.250.74.161:0
File type PNG image data, 60 x 60, 8-bit/color RGB, non-interlaced\012- data
Hash 44d846e479c239478ac1bfc777ffe4c5
99a6842403bd3c2a10c604e3a0c7b24680f28fe9
c2db34d3c9e62bf058a1ed09a205d7031d9dbcb1c76f2614b602e1a6a762adee
GET /-vcUqmQI2lR4/YXOAUH-dv-I/AAAAAAAAcQU/OiG1uO1Cru0HvUvGkk4ZF1YscR3qhAWJgCLcBGAsYHQ/s60/twitter%2Blogo.png HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.byfarahh.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="twitter logo.png"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 1461
x-xss-protection: 0
date: Sat, 14 Jan 2023 09:44:03 GMT
expires: Sun, 15 Jan 2023 00:47:15 GMT
cache-control: public, max-age=86400, no-transform
etag: "v7108"
content-type: image/png
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 9ed1720f5007a1b7f6e22d06d928eac0
3e531482edccb59b1913cac947e95dbf2b75c562
6cc500d2156f25b71f93b3ecca3e4f1e70c5c63d68eb535220dcec15596f1011
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 09:44:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
1.bp.blogspot.com/-fIrxyf7ZWWs/YXN_VPQ7T-I/AAAAAAAAcPg/uHY1e6zupRMcmEDWFkY8-Zpyya9WFDOygCLcBGAsYHQ/s60/blogger.png
142.250.74.161200 OK 1.4 kB URL HTTP/2 1.bp.blogspot.com/-fIrxyf7ZWWs/YXN_VPQ7T-I/AAAAAAAAcPg/uHY1e6zupRMcmEDWFkY8-Zpyya9WFDOygCLcBGAsYHQ/s60/blogger.png
IP 142.250.74.161:0
File type PNG image data, 60 x 60, 8-bit/color RGB, non-interlaced\012- data
Hash 4d0d7ca743f2e5ca7ee27fab801748ca
f76eee82af198bc845c9dd21a4f2a68fa59f108c
81e1aef28ccce00a116bba6fd84cb602de4ca25eb98c3aa5a70c6f8228479987
GET /-fIrxyf7ZWWs/YXN_VPQ7T-I/AAAAAAAAcPg/uHY1e6zupRMcmEDWFkY8-Zpyya9WFDOygCLcBGAsYHQ/s60/blogger.png HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.byfarahh.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="blogger.png"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 1370
x-xss-protection: 0
date: Sat, 14 Jan 2023 09:44:03 GMT
expires: Sun, 15 Jan 2023 00:47:15 GMT
cache-control: public, max-age=86400, no-transform
etag: "v70fc"
content-type: image/png
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.blogger.com/static/v1/jsbin/3469866930-comment_from_post_iframe.js
216.58.207.233200 OK 17 kB URL HTTP/2 www.blogger.com/static/v1/jsbin/3469866930-comment_from_post_iframe.js
IP 216.58.207.233:0
File type ASCII text, with very long lines (1441)
Hash f18def4ccec463cf908f91e7cba7f2c1
02d95f67edd84a44c82255ca7abcdbf7f4d0cee5
12b91cbf31131a10b1fc2aa05047c027caeac0d6e0ca5deadf418fff63d68082
GET /static/v1/jsbin/3469866930-comment_from_post_iframe.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.byfarahh.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 17447
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 12 Jan 2023 17:41:16 GMT
expires: Fri, 12 Jan 2024 17:41:16 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 12 Jan 2023 14:54:09 GMT
content-type: text/javascript
age: 144167
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.blogger.com/static/v1/widgets/2364148299-widgets.js
216.58.207.233200 OK 58 kB URL HTTP/2 www.blogger.com/static/v1/widgets/2364148299-widgets.js
IP 216.58.207.233:0
File type ASCII text, with very long lines (2221)
Hash aa3204f753ce29caca5fae8a9ed6c1ba
80df973191a590e44e09645faa5876e778359636
949f134de8cb10f358cf6b0c04f4879bba57ba2426c2364d91eca2432269b2aa
GET /static/v1/widgets/2364148299-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.byfarahh.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 57511
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 12 Jan 2023 05:21:33 GMT
expires: Fri, 12 Jan 2024 05:21:33 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 Jan 2023 19:54:40 GMT
content-type: text/javascript
age: 188550
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=UA-30493307-1
142.250.74.168200 OK 45 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-30493307-1
IP 142.250.74.168:0
File type ASCII text, with very long lines (1921)
Hash e3289f65d3148876ba94c0bea0ddf608
84ffbfc8ef2c2d66967302dd84b378f992b2a628
6be7e9af8990b35335e8a67130aa054e392c992a552f08dacd10f3dd58d8a5e4
GET /gtag/js?id=UA-30493307-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.byfarahh.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 14 Jan 2023 09:44:03 GMT
expires: Sat, 14 Jan 2023 09:44:03 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 45229
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash b23cfe41da645dfdc123983950c234ca
4df65541611724ca62e1aaf364b7ba1e32090aa4
f779873dbc8f5ce9ed3e446639a7681cf7e4365d3bd46224221179e4537f1103
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 09:44:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash a6306915ffb64c0f3f258ae8eb513268
7ae9e34fc2144dbcf338d4d4a1ea9e7b343a5aba
0801e6502016f15ed26a3eccd5aac3bbe114c7cd14c9530d4524d3dcc9742a77
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 09:44:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 815f1a1e0adac55b38019d2af17b9bbe
6e04467e75f83b4a692cf6716b5b564274a487c7
6d8326d418f56d57221790353c7b220088d63c133901e0b500accb5e420811db
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 09:44:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 815f1a1e0adac55b38019d2af17b9bbe
6e04467e75f83b4a692cf6716b5b564274a487c7
6d8326d418f56d57221790353c7b220088d63c133901e0b500accb5e420811db
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 09:44:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash df489559868985b8815baa1cfaaff191
cb804ae84a7d8c2b6580c97caa484cfb515c1435
ecfca9383aa4ff0bc88dc975918610d1406ac9198e68d26a731a589b073b3ead
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 09:44:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 815f1a1e0adac55b38019d2af17b9bbe
6e04467e75f83b4a692cf6716b5b564274a487c7
6d8326d418f56d57221790353c7b220088d63c133901e0b500accb5e420811db
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 09:44:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash c16b1530bbcd3d9226362c0a6100f014
a49685aa2869a3674bc4c8fc58acd47f655c2111
ff063e27670433897ba82fdf8048fc228587ab2f01c21e2970f03b3df9093539
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 09:44:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/playfairdisplay/v14/nuFlD-vYSZviVYUb_rj3ij__anPXBYf9lW4e5g.woff2
216.58.207.227200 OK 27 kB URL HTTP/2 fonts.gstatic.com/s/playfairdisplay/v14/nuFlD-vYSZviVYUb_rj3ij__anPXBYf9lW4e5g.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 26828, version 1.0\012- data
Hash df1d9fe12078f6d528730d21f8a653f8
6c7271fef87ad5cf9d8b33164ff5abf62f424cee
f7ba0cb6b9eaf1d9082e64213b35c76be267611d788d537d15372e5731733968
GET /s/playfairdisplay/v14/nuFlD-vYSZviVYUb_rj3ij__anPXBYf9lW4e5g.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.byfarahh.com
Connection: keep-alive
Referer: https://www.byfarahh.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 26828
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 07 Jan 2023 18:09:53 GMT
expires: Sun, 07 Jan 2024 18:09:53 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 19 Feb 2019 22:30:49 GMT
content-type: font/woff2
age: 574450
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/worksans/v4/QGYpz_wNahGAdqQ43Rh3j4P8mNhN.woff2
216.58.207.227200 OK 24 kB URL HTTP/2 fonts.gstatic.com/s/worksans/v4/QGYpz_wNahGAdqQ43Rh3j4P8mNhN.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 24416, version 1.0\012- data
Hash de83f55b9291ee1bd05c8ebfb451e088
6cf8149b31a4b1e97ca7134a87c56d23531a8650
5fa4c180ac3f29bd3eb23a142aaf20ca6202f9dff37308be5c57231fb80a3417
GET /s/worksans/v4/QGYpz_wNahGAdqQ43Rh3j4P8mNhN.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.byfarahh.com
Connection: keep-alive
Referer: https://www.byfarahh.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 24416
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 07 Jan 2023 23:22:00 GMT
expires: Sun, 07 Jan 2024 23:22:00 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 19 Feb 2019 22:24:14 GMT
content-type: font/woff2
age: 555723
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/worksans/v4/QGYpz_wNahGAdqQ43Rh3x4X8mNhN.woff2
216.58.207.227200 OK 24 kB URL HTTP/2 fonts.gstatic.com/s/worksans/v4/QGYpz_wNahGAdqQ43Rh3x4X8mNhN.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 24452, version 1.0\012- data
Hash 539ed1a07cb8b137b6825efd1789c2f3
6a46045cbc0a5af52f68d8a65a40df4f5cc6ed6e
681a963b7e247c1376a6af7a6e439256600ac932521623f600faa57a59b4fcb7
GET /s/worksans/v4/QGYpz_wNahGAdqQ43Rh3x4X8mNhN.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.byfarahh.com
Connection: keep-alive
Referer: https://www.byfarahh.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 24452
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 12 Jan 2023 13:04:30 GMT
expires: Fri, 12 Jan 2024 13:04:30 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 19 Feb 2019 22:22:13 GMT
content-type: font/woff2
age: 160773
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/lora/v13/0QIhMX1D_JOuMw_LIftL.woff2
216.58.207.227200 OK 26 kB URL HTTP/2 fonts.gstatic.com/s/lora/v13/0QIhMX1D_JOuMw_LIftL.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 26096, version 1.0\012- data
Hash 2c4801fad2634e6dac678d8826cf417c
3e5677530c04184c1948a9bdebb3aac036a2c02f
46829f84ae79ebb1e2806849ad8959e8d8b7351407223b22a798f59ca92d47b6
GET /s/lora/v13/0QIhMX1D_JOuMw_LIftL.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.byfarahh.com
Connection: keep-alive
Referer: https://www.byfarahh.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 26096
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 07 Jan 2023 18:09:53 GMT
expires: Sun, 07 Jan 2024 18:09:53 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 19 Feb 2019 22:22:54 GMT
content-type: font/woff2
age: 574450
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/lora/v13/0QIvMX1D_JOuMwr7Iw.woff2
216.58.207.227200 OK 25 kB URL HTTP/2 fonts.gstatic.com/s/lora/v13/0QIvMX1D_JOuMwr7Iw.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 24552, version 1.0\012- data
Hash e4cdb14bf148f2846997a6be7ba648bd
f14a4351257b84e7469a2c9fcc31d5ce6cc05321
b8d471fd55fbf29d033dd130913a60f9137ec4a36c02d251a879d0630e0ba84c
GET /s/lora/v13/0QIvMX1D_JOuMwr7Iw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.byfarahh.com
Connection: keep-alive
Referer: https://www.byfarahh.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 24552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 07 Jan 2023 18:09:53 GMT
expires: Sun, 07 Jan 2024 18:09:53 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 19 Feb 2019 22:22:47 GMT
content-type: font/woff2
age: 574450
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 815f1a1e0adac55b38019d2af17b9bbe
6e04467e75f83b4a692cf6716b5b564274a487c7
6d8326d418f56d57221790353c7b220088d63c133901e0b500accb5e420811db
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 09:44:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/worksans/v4/QGYsz_wNahGAdqQ43Rh_fKDp.woff2
216.58.207.227200 OK 22 kB URL HTTP/2 fonts.gstatic.com/s/worksans/v4/QGYsz_wNahGAdqQ43Rh_fKDp.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 22488, version 1.0\012- data
Hash 238c66f0f32567f8b025fa462b139235
a27f5e36161c6194a6f8a135e9e0056028bf3128
29a23ea4b518625595ed555e8edc2e32119a305df5bfecacc1ac38df8a384f9e
GET /s/worksans/v4/QGYsz_wNahGAdqQ43Rh_fKDp.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.byfarahh.com
Connection: keep-alive
Referer: https://www.byfarahh.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 22488
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 08 Jan 2023 05:41:03 GMT
expires: Mon, 08 Jan 2024 05:41:03 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 19 Feb 2019 22:22:43 GMT
content-type: font/woff2
age: 532980
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/playfairdisplay/v14/nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2
216.58.207.227200 OK 25 kB URL HTTP/2 fonts.gstatic.com/s/playfairdisplay/v14/nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 25324, version 1.0\012- data
Hash 496b0ee7c32c16da8c6289fa8aae5268
35c93a007abc49c3c52d9af3d194f59a5f5aea8a
3146bf8dc6b5128aaeee523a4bfa19a61ca86f564a1f0ef2225ed7067a192f5f
GET /s/playfairdisplay/v14/nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.byfarahh.com
Connection: keep-alive
Referer: https://www.byfarahh.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 25324
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 10 Jan 2023 18:09:04 GMT
expires: Wed, 10 Jan 2024 18:09:04 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 19 Feb 2019 22:30:57 GMT
content-type: font/woff2
age: 315299
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash df489559868985b8815baa1cfaaff191
cb804ae84a7d8c2b6580c97caa484cfb515c1435
ecfca9383aa4ff0bc88dc975918610d1406ac9198e68d26a731a589b073b3ead
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 09:44:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
3.bp.blogspot.com/-_jaRzMyoYhY/UPlREysqg6I/AAAAAAAAK2A/wI3ueWWrrVg/s1600/juara+maharajalawak+mega+2012+2013+final+-+whoa.my.jpg
142.250.74.161200 OK 88 kB URL HTTP/2 3.bp.blogspot.com/-_jaRzMyoYhY/UPlREysqg6I/AAAAAAAAK2A/wI3ueWWrrVg/s1600/juara+maharajalawak+mega+2012+2013+final+-+whoa.my.jpg
IP 142.250.74.161:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=3, software=Google], baseline, precision 8, 500x643, components 3\012- data
Hash 438b75d59bd63676c3fad3dade190209
72f01c11b9875d9955fee89598120ad0693fd5e7
3cd450753e211ec52846f97f3cc79bf4ace42e696d2afb0883a1d0e14eab90bc
GET /-_jaRzMyoYhY/UPlREysqg6I/AAAAAAAAK2A/wI3ueWWrrVg/s1600/juara+maharajalawak+mega+2012+2013+final+-+whoa.my.jpg HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.byfarahh.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v2b60"
expires: Sun, 15 Jan 2023 09:44:03 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="juara maharajalawak mega 2012 2013 final - whoa.my.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Sat, 14 Jan 2023 09:44:03 GMT
server: fife
content-length: 88201
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
freehostedscripts.net/ocounter.php?site=5682186&e1=Online%20User&e2=Online%20Users&r=&wh=1280%20x%201024&a=1&pn=https://www.byfarahh.com/2013/01/juara-maharaja-lawak-mega-2012.html
188.114.97.1200 OK 141 B URL HTTP/1.1 freehostedscripts.net/ocounter.php?site=5682186&e1=Online%20User&e2=Online%20Users&r=&wh=1280%20x%201024&a=1&pn=https://www.byfarahh.com/2013/01/juara-maharaja-lawak-mega-2012.html
IP 188.114.97.1:0
File type HTML document, ASCII text, with no line terminators
Hash 546e52efaf5f7b99d11faadad6ae9159
d9ef40ac2c03664397f2dfa746ce58f642cae5f2
9742cd763b360c6f24a6f6451c440d66c74c1bf450456b01caeb955d339cbf94
GET /ocounter.php?site=5682186&e1=Online%20User&e2=Online%20Users&r=&wh=1280%20x%201024&a=1&pn=https://www.byfarahh.com/2013/01/juara-maharaja-lawak-mega-2012.html HTTP/1.1
Host: freehostedscripts.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.byfarahh.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 14 Jan 2023 09:44:03 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.3.10-1ubuntu3.26
Expires: Tue, 01 Jan 2000 00:00:00 GMT
Last-Modified: Sat, 14 Jan 2023 09:44:03 GMT
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yfDppRye6ZgCZv5mEOxVa1IYmmmvxcaeNGjUjgg11qqQtDVcBwS6OaHJ3bE6B8xKeLpjvDB8oUQztngy8JwaIoipbo4ES8t7lCam8G2eomc9GYZiVQf8vCm3QctTvAhMP%2Bj%2B3orLPjs%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 78956e4ee8d80b39-OSL
Content-Encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
www.byfarahh.com/feeds/posts/default?alt=json&max-results=4
142.250.74.19200 OK 10 kB URL HTTP/2 www.byfarahh.com/feeds/posts/default?alt=json&max-results=4
IP 142.250.74.19:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (41771), with no line terminators
Hash 0da4c181e6192591f2b64c124b7b7212
9c2c420ee9094607f5aef758267c2215a8948ad2
4ef0f8eba600aabf02d4e0bc8739ac120a72245643e61b32a0b7aa3221524ace
GET /feeds/posts/default?alt=json&max-results=4 HTTP/1.1
Host: www.byfarahh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.byfarahh.com/2013/01/juara-maharaja-lawak-mega-2012.html
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
etag: W/"82d13bd9eb19f45ff8e3dcdd4cc193c6f3ccb037e73719bb176d8a1994147fc5"
date: Sat, 14 Jan 2023 09:44:03 GMT
content-type: application/json; charset=UTF-8
server: blogger-renderd
expires: Sat, 14 Jan 2023 09:44:04 GMT
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
x-content-type-options: nosniff
x-xss-protection: 0
last-modified: Sat, 14 Jan 2023 08:07:26 GMT
content-encoding: gzip
content-length: 10073
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 256e39696ba05f2324bbc49b2a396115
e1cf8b15abd0a20eb1218be517c03459514a59e0
d576a66e6b39751bdbc7b662454d37866b75efef1aa51761daba61783d755bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D576A66E6B39751BDBC7B662454D37866B75EFEF1AA51761DABA61783D755BC9"
Last-Modified: Thu, 12 Jan 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15391
Expires: Sat, 14 Jan 2023 14:00:35 GMT
Date: Sat, 14 Jan 2023 09:44:04 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 256e39696ba05f2324bbc49b2a396115
e1cf8b15abd0a20eb1218be517c03459514a59e0
d576a66e6b39751bdbc7b662454d37866b75efef1aa51761daba61783d755bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D576A66E6B39751BDBC7B662454D37866B75EFEF1AA51761DABA61783D755BC9"
Last-Modified: Thu, 12 Jan 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15391
Expires: Sat, 14 Jan 2023 14:00:35 GMT
Date: Sat, 14 Jan 2023 09:44:04 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 256e39696ba05f2324bbc49b2a396115
e1cf8b15abd0a20eb1218be517c03459514a59e0
d576a66e6b39751bdbc7b662454d37866b75efef1aa51761daba61783d755bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D576A66E6B39751BDBC7B662454D37866B75EFEF1AA51761DABA61783D755BC9"
Last-Modified: Thu, 12 Jan 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15391
Expires: Sat, 14 Jan 2023 14:00:35 GMT
Date: Sat, 14 Jan 2023 09:44:04 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F78b55aad-884c-40db-a779-021d0c2305b4.jpeg
34.120.237.76200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F78b55aad-884c-40db-a779-021d0c2305b4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b1378f107c1996ade14a8fe7fd728072
f52d98d9a0d1d343a539689ea14acf99e148cf8c
4be994757ec7ec42929590169de199e927889261334e258903a0929a1055047d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F78b55aad-884c-40db-a779-021d0c2305b4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9154
x-amzn-requestid: fbb1140d-7ec2-4f86-8761-5d04601af70e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: enAkCEN2IAMFuMQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bf7ae6-4baebf1104f9cf2a0ee8a538;Sampled=0
x-amzn-remapped-date: Thu, 12 Jan 2023 03:13:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: jlRcVyQppaQaPPMKaqadtaEHfdOYXXXbnfrr44l_2E2qaOoh_O0Mog==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Sat, 14 Jan 2023 04:21:52 GMT
age: 19332
etag: "f52d98d9a0d1d343a539689ea14acf99e148cf8c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F78b0d4bc-9eea-491e-9fed-be68e71088e5.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F78b0d4bc-9eea-491e-9fed-be68e71088e5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 64ba27a2f0a3bc61bd325f1fb317b755
c65c58476b66cbb6269ba1d8412d270a0a003ae3
5f7f03752f8a7c8c08d92512ae93b193ea37f59354503c3129d33fd2910f87e0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F78b0d4bc-9eea-491e-9fed-be68e71088e5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9135
x-amzn-requestid: 2c5e9de0-9244-43ac-b7c4-712cbcf7038c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: enAnoG6roAMFzgA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bf7afd-7fb640b30bab63bc1979a173;Sampled=0
x-amzn-remapped-date: Thu, 12 Jan 2023 03:14:05 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: RnAGo4OuBl5UjyOlUOJqu2nlFLHTOe0ETxokWtbI4frbpkNVnIBSew==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Sat, 14 Jan 2023 01:41:40 GMT
age: 28944
etag: "c65c58476b66cbb6269ba1d8412d270a0a003ae3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4eac26ee-70ec-4eca-8e10-c7a79b5575b3.jpeg
34.120.237.76200 OK 4.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4eac26ee-70ec-4eca-8e10-c7a79b5575b3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f4f04f55a9d261ddda8128b0bb721446
5e8df480a1650606937ee493660177bf09c49c14
3a357fbbd9f41d384a06e151a0daff50b345520d4816e70cc1b2c694949ce79f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4eac26ee-70ec-4eca-8e10-c7a79b5575b3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4936
x-amzn-requestid: f1808de3-5712-4a65-8394-c1624668cdb9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: es0pZFbIIAMFnvA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c1ce3b-48c4b0cd36319a2634c0c5f0;Sampled=0
x-amzn-remapped-date: Fri, 13 Jan 2023 21:33:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: rudCuuUXfxE8aRq8-FFIwHE4tqeSWxYrd8uilWI-8DZSY9A-8EiLQQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 13 Jan 2023 21:49:06 GMT
age: 42898
etag: "5e8df480a1650606937ee493660177bf09c49c14"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbd91e555-c9f3-4166-92be-27db2e1919b6.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbd91e555-c9f3-4166-92be-27db2e1919b6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash afcc8f4875f4b74ca0640829b689731e
584d0e11665ae89f9a294baf1e9bb4f0e4e9a4df
3e487396389c4330abc99bc99053eecc6aaf56f7afa398d70c30e1f4709577a0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbd91e555-c9f3-4166-92be-27db2e1919b6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13626
x-amzn-requestid: 4769eaeb-0c78-4054-ad47-eefdd6ab2d03
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eWHMZErbIAMF6sQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b8b8b5-4c7bacfe060899044e361f70;Sampled=0
x-amzn-remapped-date: Sat, 07 Jan 2023 00:11:33 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: JRzc2Mcl4EasyH6_1kFh7sr-57f1HNDu-YN8YptDe_kcTET9x8P9LA==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Fri, 13 Jan 2023 14:03:21 GMT
age: 70843
etag: "584d0e11665ae89f9a294baf1e9bb4f0e4e9a4df"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F917985a1-aa8d-4c0a-860c-0b16c203387e.jpeg
34.120.237.76200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F917985a1-aa8d-4c0a-860c-0b16c203387e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d24ea1f095f492934a1f1c63f5d8590c
dade37148c9b9a941f93a8535d8ddc5de3952623
2d8e3f90eb347eb3479a6c5d20a1c2ca6a0560f335a6c6800948db2640e4c878
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F917985a1-aa8d-4c0a-860c-0b16c203387e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8181
x-amzn-requestid: 7ada8fbd-58e6-4433-a532-b4a4ef93ac9c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: es0paH-OIAMFg5A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c1ce3c-582529522dbb67ee728484f8;Sampled=0
x-amzn-remapped-date: Fri, 13 Jan 2023 21:33:48 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: AHjOmYxva5avyA3gt9DvYLas_B2ACimer5QRQOi919HDtSjnKq22lw==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Fri, 13 Jan 2023 21:36:45 GMT
age: 43639
etag: "dade37148c9b9a941f93a8535d8ddc5de3952623"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe27fa975-dca1-4275-9da9-4f794ba4053a.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe27fa975-dca1-4275-9da9-4f794ba4053a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5e40d5007919bd7f226664e3b1fa1339
73293ca2143a4ca1cbd17317fbab0aeac401df1b
5396d28bba05d0775a803107ce2aef6a28cbd29bcc211dcc5e1d10326aa9dcb3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe27fa975-dca1-4275-9da9-4f794ba4053a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11798
x-amzn-requestid: 69dd4065-86d7-41cc-916c-c4a98167123c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eg8H3HSeoAMFt3Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bd0d65-5c1f9f743324cabe37606cd3;Sampled=0
x-amzn-remapped-date: Tue, 10 Jan 2023 07:01:57 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: d2D5R-T-3hwS4VhmFV7olq3wBJGZUVOVr6W4ohxdEDmXyK_HalMeUA==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 14 Jan 2023 07:49:51 GMT
age: 6853
etag: "73293ca2143a4ca1cbd17317fbab0aeac401df1b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 16fdc7481eb2bf489762b6b6ad440216
8ba97c0fac5d5edf8ae49bccb0ec2ba8e251f646
465edacc998277376411200c9d9e30fdc1290717d1c5857ff226e73a33bfd516
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 09:44:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 1f11017b16b760a6d7f46e34be189071
3ad1eccc391cbf1ae1bbafbb7849d0b2e2f10d6d
61a1baa07b39df1d28ca49045667ef6c5c3c17fb539d34d70b4e03337e92fdbc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 09:44:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 1f11017b16b760a6d7f46e34be189071
3ad1eccc391cbf1ae1bbafbb7849d0b2e2f10d6d
61a1baa07b39df1d28ca49045667ef6c5c3c17fb539d34d70b4e03337e92fdbc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 09:44:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lh3.googleusercontent.com/blogger_img_proxy/ANbyha2RUj1voWnpZB_foBw-_qtJtrxwjhCiNa6Ps9nbngzaK2i3KL_bkfapZutbCafQvclLLKIpAC5yg5Sw06OlBQdEk83EEL_BJFjJNTrboMrqvuLkocztiEsrW25esze_ntAkoKWwntO3jKvV08rtczFFDpfCwK6oi2S0=s0-d
216.58.207.225404 Not Found 1.8 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha2RUj1voWnpZB_foBw-_qtJtrxwjhCiNa6Ps9nbngzaK2i3KL_bkfapZutbCafQvclLLKIpAC5yg5Sw06OlBQdEk83EEL_BJFjJNTrboMrqvuLkocztiEsrW25esze_ntAkoKWwntO3jKvV08rtczFFDpfCwK6oi2S0=s0-d
IP 216.58.207.225:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1136)
Hash e66a9ed7b2e9d4eedfd7147e40dc6779
2fa57e3ea3bcc93e59998718c7a82619e911dd86
d12e87b61129e433ba1ca9afc6bfab96e1e2e1a00679d290d4d4f1f53a2a0220
GET /blogger_img_proxy/ANbyha2RUj1voWnpZB_foBw-_qtJtrxwjhCiNa6Ps9nbngzaK2i3KL_bkfapZutbCafQvclLLKIpAC5yg5Sw06OlBQdEk83EEL_BJFjJNTrboMrqvuLkocztiEsrW25esze_ntAkoKWwntO3jKvV08rtczFFDpfCwK6oi2S0=s0-d HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.byfarahh.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 14 Jan 2023 09:44:04 GMT
server: fife
content-length: 1752
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 16fdc7481eb2bf489762b6b6ad440216
8ba97c0fac5d5edf8ae49bccb0ec2ba8e251f646
465edacc998277376411200c9d9e30fdc1290717d1c5857ff226e73a33bfd516
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 09:44:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.byfarahh.com/favicon.ico
142.250.74.19200 OK 926 B URL HTTP/2 www.byfarahh.com/favicon.ico
IP 142.250.74.19:0
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash c73c631b001041abb558a8a722e4462d
58733d8518a89e8870bcd3d6bec5d078b34d558d
7cb578e368d7c746f4fc4e58d46c1cfe1f0374640eb3f6b8a729199176c7fac7
GET /favicon.ico HTTP/1.1
Host: www.byfarahh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.byfarahh.com/2013/01/juara-maharaja-lawak-mega-2012.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/x-icon; charset=UTF-8
expires: Sat, 14 Jan 2023 09:44:04 GMT
date: Sat, 14 Jan 2023 09:44:04 GMT
cache-control: private, max-age=86400
last-modified: Sat, 14 Jan 2023 08:07:26 GMT
etag: W/"7d76ac474a712e99d7b518e4133998de969b3e95eeb9293c272d969c3b6212f3"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 926
server: GSE
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 1f11017b16b760a6d7f46e34be189071
3ad1eccc391cbf1ae1bbafbb7849d0b2e2f10d6d
61a1baa07b39df1d28ca49045667ef6c5c3c17fb539d34d70b4e03337e92fdbc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 09:44:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.byfarahh.com/b/stats?style=BLACK_TRANSPARENT&timeRange=ALL_TIME&token=APq4FmDLPSLkyREAsxP9DFY5UPO8yty7hVNt95BHdGcZuAqLhZ_6a-DalIIV8vrMChTKV0OFpvHGturnk4RciC3_Ltr_jTfRBA
142.250.74.19200 OK 263 B URL HTTP/2 www.byfarahh.com/b/stats?style=BLACK_TRANSPARENT&timeRange=ALL_TIME&token=APq4FmDLPSLkyREAsxP9DFY5UPO8yty7hVNt95BHdGcZuAqLhZ_6a-DalIIV8vrMChTKV0OFpvHGturnk4RciC3_Ltr_jTfRBA
IP 142.250.74.19:0
File type JSON data\012- , ASCII text, with very long lines (410), with no line terminators
Hash 966c902865fdb9d0579729a863d16855
adfc88b5f26fdd378d991241364af6f3fc36631f
b44c6e4e62e7615b4cb9f50b1d9b4eb3773afb01602614586ca67203e0235f1d
GET /b/stats?style=BLACK_TRANSPARENT&timeRange=ALL_TIME&token=APq4FmDLPSLkyREAsxP9DFY5UPO8yty7hVNt95BHdGcZuAqLhZ_6a-DalIIV8vrMChTKV0OFpvHGturnk4RciC3_Ltr_jTfRBA HTTP/1.1
Host: www.byfarahh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.byfarahh.com/2013/01/juara-maharaja-lawak-mega-2012.html
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
content-encoding: gzip
date: Sat, 14 Jan 2023 09:44:04 GMT
expires: Sat, 14 Jan 2023 09:44:04 GMT
cache-control: private, max-age=0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 263
server: GSE
X-Firefox-Spdy: h2
www.byfarahh.com/feeds/comments/default?alt=json&max-results=5
142.250.74.19200 OK 2.2 kB URL HTTP/2 www.byfarahh.com/feeds/comments/default?alt=json&max-results=5
IP 142.250.74.19:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (10694), with no line terminators
Hash bbd9af141dbbae5b2d9f84102473a93d
b6767ac8e5d80955d29b8f55de51650f3ca79cc9
acce165fb5643b2bd41013f4cf464d8115cfe7529c1f9fa51d3ff34f044296c4
GET /feeds/comments/default?alt=json&max-results=5 HTTP/1.1
Host: www.byfarahh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.byfarahh.com/2013/01/juara-maharaja-lawak-mega-2012.html
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
etag: W/"784da3f659f9a85df795505a137015234fbf86fa6b2fa6d855940bbf0676d339"
date: Sat, 14 Jan 2023 09:44:04 GMT
content-type: application/json; charset=UTF-8
server: blogger-renderd
expires: Sat, 14 Jan 2023 09:44:05 GMT
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
x-content-type-options: nosniff
x-xss-protection: 0
last-modified: Sat, 14 Jan 2023 08:07:26 GMT
content-encoding: gzip
content-length: 2231
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
blogger.googleusercontent.com/img/a/AVvXsEgd5QIBQEdukyxFw463GYPFafwE7cuIlbXknGsjFusgAxxXyUeufVCOOJjf7aTslXMTO-asoA-0FZdtS2XUvTFpg5VoXUcJ4T01JnrxsDvx_H8aAnt73FWxwBcAz2L7dXXoFU1fqDwnCOotmNUSIL-uGT3TVp5DJKl-ILOn6pytAoL73MXNEJAzjE4MjQ=s969
216.58.207.225200 OK 35 kB URL HTTP/2 blogger.googleusercontent.com/img/a/AVvXsEgd5QIBQEdukyxFw463GYPFafwE7cuIlbXknGsjFusgAxxXyUeufVCOOJjf7aTslXMTO-asoA-0FZdtS2XUvTFpg5VoXUcJ4T01JnrxsDvx_H8aAnt73FWxwBcAz2L7dXXoFU1fqDwnCOotmNUSIL-uGT3TVp5DJKl-ILOn6pytAoL73MXNEJAzjE4MjQ=s969
IP 216.58.207.225:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 144x144, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=4, orientation=upper-left, software=Google], baseline, precision 8, 969x249, components 3\012- data
Hash 230220f958e994940bba8c2cdcebd702
45b6e43a05df8e54da2eef88e42d7158b8e00af3
abc7188f02fff6ef53daf095753c61da3e61580a6b94b1d88d9c088bb5b60249
GET /img/a/AVvXsEgd5QIBQEdukyxFw463GYPFafwE7cuIlbXknGsjFusgAxxXyUeufVCOOJjf7aTslXMTO-asoA-0FZdtS2XUvTFpg5VoXUcJ4T01JnrxsDvx_H8aAnt73FWxwBcAz2L7dXXoFU1fqDwnCOotmNUSIL-uGT3TVp5DJKl-ILOn6pytAoL73MXNEJAzjE4MjQ=s969 HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.byfarahh.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v7bbf"
expires: Sun, 15 Jan 2023 09:44:04 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Header Huda.jpg"
content-type: image/jpeg
vary: Origin
x-content-type-options: nosniff
date: Sat, 14 Jan 2023 09:44:04 GMT
server: fife
content-length: 35196
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
blogger.googleusercontent.com/img/a/AVvXsEiUiwSnujiiPdLh9kO3zoV35N5qdeFZDc2cBTYF8FG4H03IJtupLmdOZEA32vvbe01vudHf_HJdn5vFqQSjBtGk1KjkRvfpD8lyV8ByDHaU-uukF7YIGTvRG5LBRMUg1vPoY_lKLYh2-_yO0p6Rhow3uAjApCZ_HCB0jt9KIiaxLqWpwExio-Nztt2mFg=s300
216.58.207.225200 OK 7.1 kB URL HTTP/2 blogger.googleusercontent.com/img/a/AVvXsEiUiwSnujiiPdLh9kO3zoV35N5qdeFZDc2cBTYF8FG4H03IJtupLmdOZEA32vvbe01vudHf_HJdn5vFqQSjBtGk1KjkRvfpD8lyV8ByDHaU-uukF7YIGTvRG5LBRMUg1vPoY_lKLYh2-_yO0p6Rhow3uAjApCZ_HCB0jt9KIiaxLqWpwExio-Nztt2mFg=s300
IP 216.58.207.225:0
File type PNG image data, 300 x 160, 8-bit colormap, non-interlaced\012- data
Hash 99897f0c9bc06c88fbc108fe268c7ea2
5e1a7fb1739e514c64a3793f4e8e444e0206b03a
e29c2fe037929ee61c133526637512ab156c884a1ec27c119edba8d5de1b81dc
GET /img/a/AVvXsEiUiwSnujiiPdLh9kO3zoV35N5qdeFZDc2cBTYF8FG4H03IJtupLmdOZEA32vvbe01vudHf_HJdn5vFqQSjBtGk1KjkRvfpD8lyV8ByDHaU-uukF7YIGTvRG5LBRMUg1vPoY_lKLYh2-_yO0p6Rhow3uAjApCZ_HCB0jt9KIiaxLqWpwExio-Nztt2mFg=s300 HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.byfarahh.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v7bc1"
expires: Sun, 15 Jan 2023 09:44:04 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="jdt blogger logo.png"
content-type: image/png
vary: Origin
x-content-type-options: nosniff
date: Sat, 14 Jan 2023 09:44:04 GMT
server: fife
content-length: 7116
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/html/r20230111/r20190131/zrt_lookup.html
142.250.74.34200 OK 4.2 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/html/r20230111/r20190131/zrt_lookup.html
IP 142.250.74.34:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2579)
Hash 2fb3574102373e2e076cfa2ff90cdf25
d06c985183def975546d6e47ab6369c11dcf7195
e61cbc207f7fc2f429deceff11e7a339a3d9a9574da6d035054eba02ee381345
GET /pagead/html/r20230111/r20190131/zrt_lookup.html HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.byfarahh.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 4242
x-xss-protection: 0
date: Fri, 13 Jan 2023 22:41:44 GMT
expires: Fri, 27 Jan 2023 22:41:44 GMT
cache-control: public, max-age=1209600
age: 39740
etag: 10353107486223812946
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 12238ac88c3ac2456b559dadf3740bfd
2cb4c5acc658c935c968cf7a0cdd03be720fa428
43a2d518757191a74093b15f16d34e4990079a99612ae1ae690473248c88e951
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 09:44:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
accounts.google.com/ServiceLogin?passive=true&continue=https://www.blogger.com/followers.g?blogID%3D4278199753568050899%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByM2NTY1NjUiByM5OTg2NzUqByNmNWY1ZjUyByMwMDAwMDA6ByM2NTY1NjVCByM5OTg2NzVKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50%26pageSize%3D21%26postID%3D1202921384888719626%26origin%3Dhttps://www.byfarahh.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.ydLROSGdlBE.O/d%253D1/rs%253DAHpOoo_OUY4V-VcsLuRVnUuYVO758FydkA/m%253D__features__%26bpli%3D1&followup=https://www.blogger.com/followers.g?blogID%3D4278199753568050899%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByM2NTY1NjUiByM5OTg2NzUqByNmNWY1ZjUyByMwMDAwMDA6ByM2NTY1NjVCByM5OTg2NzVKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50%26pageSize%3D21%26postID%3D1202921384888719626%26origin%3Dhttps://www.byfarahh.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.ydLROSGdlBE.O/d%253D1/rs%253DAHpOoo_OUY4V-VcsLuRVnUuYVO758FydkA/m%253D__features__%26bpli%3D1&go=true
142.250.74.109302 Found 490 B URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https://www.blogger.com/followers.g?blogID%3D4278199753568050899%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByM2NTY1NjUiByM5OTg2NzUqByNmNWY1ZjUyByMwMDAwMDA6ByM2NTY1NjVCByM5OTg2NzVKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50%26pageSize%3D21%26postID%3D1202921384888719626%26origin%3Dhttps://www.byfarahh.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.ydLROSGdlBE.O/d%253D1/rs%253DAHpOoo_OUY4V-VcsLuRVnUuYVO758FydkA/m%253D__features__%26bpli%3D1&followup=https://www.blogger.com/followers.g?blogID%3D4278199753568050899%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByM2NTY1NjUiByM5OTg2NzUqByNmNWY1ZjUyByMwMDAwMDA6ByM2NTY1NjVCByM5OTg2NzVKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50%26pageSize%3D21%26postID%3D1202921384888719626%26origin%3Dhttps://www.byfarahh.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.ydLROSGdlBE.O/d%253D1/rs%253DAHpOoo_OUY4V-VcsLuRVnUuYVO758FydkA/m%253D__features__%26bpli%3D1&go=true
IP 142.250.74.109:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (527)
Hash 8a2e0eec78c0007e27cb45326b27971e
cfbd9a805dd32fe231d7315af97641b6d52b879f
808879eb4c31f2550840dad92b91d330386cac9baf99620408ad6b5e73ce5069
GET /ServiceLogin?passive=true&continue=https://www.blogger.com/followers.g?blogID%3D4278199753568050899%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByM2NTY1NjUiByM5OTg2NzUqByNmNWY1ZjUyByMwMDAwMDA6ByM2NTY1NjVCByM5OTg2NzVKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50%26pageSize%3D21%26postID%3D1202921384888719626%26origin%3Dhttps://www.byfarahh.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.ydLROSGdlBE.O/d%253D1/rs%253DAHpOoo_OUY4V-VcsLuRVnUuYVO758FydkA/m%253D__features__%26bpli%3D1&followup=https://www.blogger.com/followers.g?blogID%3D4278199753568050899%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByM2NTY1NjUiByM5OTg2NzUqByNmNWY1ZjUyByMwMDAwMDA6ByM2NTY1NjVCByM5OTg2NzVKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50%26pageSize%3D21%26postID%3D1202921384888719626%26origin%3Dhttps://www.byfarahh.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.ydLROSGdlBE.O/d%253D1/rs%253DAHpOoo_OUY4V-VcsLuRVnUuYVO758FydkA/m%253D__features__%26bpli%3D1&go=true HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.byfarahh.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 14 Jan 2023 09:44:04 GMT
location: https://www.blogger.com/followers.g?blogID=4278199753568050899&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByM2NTY1NjUiByM5OTg2NzUqByNmNWY1ZjUyByMwMDAwMDA6ByM2NTY1NjVCByM5OTg2NzVKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50&pageSize=21&postID=1202921384888719626&origin=https%3A%2F%2Fwww.byfarahh.com%2F&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.ydLROSGdlBE.O%2Fd%3D1%2Frs%3DAHpOoo_OUY4V-VcsLuRVnUuYVO758FydkA%2Fm%3D__features__&bpli=1
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-H6X_2_PuH6LdRK0cGStoEQ' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 490
server: GSE
set-cookie: __Host-GAPS=1:eC8uo7HCTSmT22FnjDNmTyQQDpPjEw:hESKHCwjpe9axnpu;Path=/;Expires=Mon, 13-Jan-2025 09:44:04 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash f96f3b88eebd362c0208a60d27e28068
f244f8dfbc2677fbddcf0024ff7cf343e24205bb
9b3586a498232da2b246b2bd158d7fd75eb9b4ac00ed750bbe670f1b54fe0f2e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 09:44:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.com/adsid/integrator.js?domain=www.byfarahh.com
142.250.74.130200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=www.byfarahh.com
IP 142.250.74.130:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=www.byfarahh.com HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.byfarahh.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sat, 14 Jan 2023 09:44:05 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.no/adsid/integrator.js?domain=www.byfarahh.com
216.58.211.2200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=www.byfarahh.com
IP 216.58.211.2:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=www.byfarahh.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.byfarahh.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sat, 14 Jan 2023 09:44:05 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash aa60c680c7a1735cdaea7e7b08e7fa92
fdf5e35c5ccb7f1c8bc43bcbe9fa5d3a9284c613
d0f0833a46c376208ad78cafb1077c56f0c5465386b676fc075b77b13e9aa31f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 09:44:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 69c011429c0b1f8a0c091474b207c240
fe2c5e1854a65d8a2b669fc54aa0c827f07e428b
409f967eeebf5472cb0d2a917b9285e52b21950f672c6c37a19285d3375edc7f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 09:44:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
play.google.com/log?format=json&hasfast=true&authuser=0
142.250.74.14200 OK 0 B URL HTTP/2 play.google.com/log?format=json&hasfast=true&authuser=0
IP 142.250.74.14:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Referer: https://www.blogger.com/
Origin: https://www.blogger.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.blogger.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Sat, 14 Jan 2023 09:44:05 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: CONSENT=PENDING+536; expires=Mon, 13-Jan-2025 09:44:05 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 14 Jan 2023 09:44:05 GMT
cache-control: private
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash ec8e48d149daee2752435a00c6a2bc82
c6ea572437b23d7e342e3e46e8dbcfec9cf062c0
703596d130348ad65e4f77abee2c1aa2fac0bee63d42999e764deb5d36834ed0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 09:44:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
partner.googleadservices.com/gampad/cookie.js?domain=www.byfarahh.com&callback=_gfp_s_&client=ca-pub-9888280728063597&gpid_exp=1
216.58.207.194200 OK 253 B URL HTTP/2 partner.googleadservices.com/gampad/cookie.js?domain=www.byfarahh.com&callback=_gfp_s_&client=ca-pub-9888280728063597&gpid_exp=1
IP 216.58.207.194:0
File type ASCII text, with very long lines (391), with no line terminators
Hash 873da7ad7c3c4527e45338363dcca42f
87af88b1fc39f8df74c2313f3725300235b128b5
524e65d70a08c1566014e5b4eec33136076132edc951c106dcbedbc4166d2052
GET /gampad/cookie.js?domain=www.byfarahh.com&callback=_gfp_s_&client=ca-pub-9888280728063597&gpid_exp=1 HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.byfarahh.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sat, 14 Jan 2023 09:44:05 GMT
server: cafe
cache-control: private
content-length: 253
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash ec8e48d149daee2752435a00c6a2bc82
c6ea572437b23d7e342e3e46e8dbcfec9cf062c0
703596d130348ad65e4f77abee2c1aa2fac0bee63d42999e764deb5d36834ed0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 09:44:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash ec8e48d149daee2752435a00c6a2bc82
c6ea572437b23d7e342e3e46e8dbcfec9cf062c0
703596d130348ad65e4f77abee2c1aa2fac0bee63d42999e764deb5d36834ed0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 09:44:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.doubleclick.net/instream/ad_status.js
142.250.74.134200 OK 29 B URL HTTP/2 static.doubleclick.net/instream/ad_status.js
IP 142.250.74.134:0
Hash 1fa71744db23d0f8df9cce6719defcb7
e4be9b7136697942a036f97cf26ebaf703ad2067
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
GET /instream/ad_status.js HTTP/1.1
Host: static.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 29
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 14 Jan 2023 09:32:36 GMT
expires: Sat, 14 Jan 2023 09:47:36 GMT
cache-control: public, max-age=900
age: 689
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash f96f3b88eebd362c0208a60d27e28068
f244f8dfbc2677fbddcf0024ff7cf343e24205bb
9b3586a498232da2b246b2bd158d7fd75eb9b4ac00ed750bbe670f1b54fe0f2e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 09:44:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash aa60c680c7a1735cdaea7e7b08e7fa92
fdf5e35c5ccb7f1c8bc43bcbe9fa5d3a9284c613
d0f0833a46c376208ad78cafb1077c56f0c5465386b676fc075b77b13e9aa31f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 09:44:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash ec8e48d149daee2752435a00c6a2bc82
c6ea572437b23d7e342e3e46e8dbcfec9cf062c0
703596d130348ad65e4f77abee2c1aa2fac0bee63d42999e764deb5d36834ed0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 09:44:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu
216.58.207.228200 OK 666 B URL HTTP/2 www.google.com/recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu
IP 216.58.207.228:0
File type ASCII text, with very long lines (1034), with no line terminators
Hash 9772c1ac276b7f095e3e59e207246f45
bf933496e2cf24787d7d3e77577a8d1e8150af20
ffc05ed6140c66c30658a4b567c6de06c7de5b77f1dc9205af62299d67575152
GET /recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Sat, 14 Jan 2023 09:44:05 GMT
date: Sat, 14 Jan 2023 09:44:05 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 666
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash b5628887325331ad3d660f7208e1995c
9e4bf04468a7aed126488ccb5552a8e02610f6dd
5cd181d6728fc5f0f4d88407b97af61db39c5a38feebdeb2c21335cf4402fca4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 09:44:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash b5628887325331ad3d660f7208e1995c
9e4bf04468a7aed126488ccb5552a8e02610f6dd
5cd181d6728fc5f0f4d88407b97af61db39c5a38feebdeb2c21335cf4402fca4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 09:44:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.74200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.74:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Sat, 14 Jan 2023 09:44:06 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.74200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.74:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash c166d66e4ee725ca5cd31a25c463ecf6
41f3d5365f522629081d35dd3bc35d1226605977
766fad59feed5db07d4ac634a9c24223b037dad0704173f7f110b530974b707b
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sat, 14 Jan 2023 09:44:06 GMT
server: ESF
cache-control: private
content-length: 31001
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash b5628887325331ad3d660f7208e1995c
9e4bf04468a7aed126488ccb5552a8e02610f6dd
5cd181d6728fc5f0f4d88407b97af61db39c5a38feebdeb2c21335cf4402fca4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 09:44:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiM446OvGcgGijg-1x_BZbjYmzvUsX5haG0GjLWvD8FC1N4KyKeONINuvjctgIWNpY6WJ2PVC8o2n41Sg9WxH2d7UMDWNKevlKuop94ZIMsP064bbSIiO5-9hEwQjjG1gyoJ80lSkw_tlgNu78TBJBh_AgAaN-lqt3RNdza_BRUXoS19jqYlMNIIWG2Vw/s320/farahuda.jpg
216.58.207.225200 OK 25 kB URL HTTP/2 blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiM446OvGcgGijg-1x_BZbjYmzvUsX5haG0GjLWvD8FC1N4KyKeONINuvjctgIWNpY6WJ2PVC8o2n41Sg9WxH2d7UMDWNKevlKuop94ZIMsP064bbSIiO5-9hEwQjjG1gyoJ80lSkw_tlgNu78TBJBh_AgAaN-lqt3RNdza_BRUXoS19jqYlMNIIWG2Vw/s320/farahuda.jpg
IP 216.58.207.225:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 320x213, components 3\012- data
Hash 53353add44e832eca66617045dcd8cb4
eb2e3ca4bc603b94b524c01a6c20d642ecff60ab
562f953de448df4acfb8a76445295f6875a21017c4ab96a5b019bab3c284a3b1
GET /img/b/R29vZ2xl/AVvXsEiM446OvGcgGijg-1x_BZbjYmzvUsX5haG0GjLWvD8FC1N4KyKeONINuvjctgIWNpY6WJ2PVC8o2n41Sg9WxH2d7UMDWNKevlKuop94ZIMsP064bbSIiO5-9hEwQjjG1gyoJ80lSkw_tlgNu78TBJBh_AgAaN-lqt3RNdza_BRUXoS19jqYlMNIIWG2Vw/s320/farahuda.jpg HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.byfarahh.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v73f5"
expires: Sun, 15 Jan 2023 09:44:06 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="farahuda.jpg"
content-type: image/jpeg
vary: Origin
x-content-type-options: nosniff
date: Sat, 14 Jan 2023 09:44:06 GMT
server: fife
content-length: 24986
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/u35fw2Dx4G0WsO6SztVYg4cV/recaptcha__en.js
216.58.211.3200 OK 163 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/u35fw2Dx4G0WsO6SztVYg4cV/recaptcha__en.js
IP 216.58.211.3:0
File type ASCII text, with very long lines (534)
Size 163 kB (162972 bytes)
Hash 76ec8636078661afbc2c6fdd811b0b76
035c5fe2d57e0363a7abaedc294ef890a6e2a081
194068b0223ebb32c7e7026851a4c1eb6b70c988b269c7fa10f4dd3362bd650a
GET /recaptcha/releases/u35fw2Dx4G0WsO6SztVYg4cV/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
Origin: https://www.blogger.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 162972
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 11 Jan 2023 02:20:28 GMT
expires: Thu, 11 Jan 2024 02:20:28 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 Jan 2023 00:08:35 GMT
content-type: text/javascript
age: 285818
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.74200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.74:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 8be6f99d9bad1a9f5853def98c9d4a90
14d7ce1c44472e12531835c32711f3c1ba1d94c1
8c7bd63826a728ba0ace85ac86b726e2c95d59553561a573cf6cc012d13c0b3d
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sat, 14 Jan 2023 09:44:06 GMT
server: ESF
cache-control: private
content-length: 30988
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.74200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.74:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash efd305ee9078a4effc1057940702161d
cd6e9e2361bab4732fa5626cadcd22c546d1e382
926b5e223f7daa7abc48f41751ae936c54562465f72b8d4145b9ba2a723a4d2b
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sat, 14 Jan 2023 09:44:06 GMT
server: ESF
cache-control: private
content-length: 30839
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjOQVbXCf2Uwy1o1qHLAkXmrnmHpYYAChnZYvabQnHF-_FIQ_7LRKM2XL9Y81KGtSqtIz0uvs12paJQtMN4_xyq1PeglX4p_1wM10OWaXIAx0QhKtrKnWpZLaja3QolCs8mNtOajFso6XLPMy5BoHdCXSFKa2l1D2O--dsaVo3ahZAlW9PriUcxQyoX1g/s640/0E2CA0F5-7C63-48B8-9A41-0FB84DA8847F.jpeg
216.58.207.225200 OK 104 kB URL HTTP/2 blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjOQVbXCf2Uwy1o1qHLAkXmrnmHpYYAChnZYvabQnHF-_FIQ_7LRKM2XL9Y81KGtSqtIz0uvs12paJQtMN4_xyq1PeglX4p_1wM10OWaXIAx0QhKtrKnWpZLaja3QolCs8mNtOajFso6XLPMy5BoHdCXSFKa2l1D2O--dsaVo3ahZAlW9PriUcxQyoX1g/s640/0E2CA0F5-7C63-48B8-9A41-0FB84DA8847F.jpeg
IP 216.58.207.225:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 640x480, components 3\012- data
Size 104 kB (104308 bytes)
Hash 9d45dd947d5199c67453ad75d4f8d0cd
92c6fd6b43890e364e4712a32de945566b18fe71
dd0e48aaf57c6ec76f257912b430bcd2ff5a2af2113bece4d6f1d69d7d310e42
GET /img/b/R29vZ2xl/AVvXsEjOQVbXCf2Uwy1o1qHLAkXmrnmHpYYAChnZYvabQnHF-_FIQ_7LRKM2XL9Y81KGtSqtIz0uvs12paJQtMN4_xyq1PeglX4p_1wM10OWaXIAx0QhKtrKnWpZLaja3QolCs8mNtOajFso6XLPMy5BoHdCXSFKa2l1D2O--dsaVo3ahZAlW9PriUcxQyoX1g/s640/0E2CA0F5-7C63-48B8-9A41-0FB84DA8847F.jpeg HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.byfarahh.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v7c4e"
expires: Sun, 15 Jan 2023 09:44:07 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="0E2CA0F5-7C63-48B8-9A41-0FB84DA8847F.jpeg"
content-type: image/jpeg
vary: Origin
x-content-type-options: nosniff
date: Sat, 14 Jan 2023 09:44:07 GMT
server: fife
content-length: 104308
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgzaJ5Mxe-mGshyxLVb_2pPOpotaJQ9SwEokQ8p0QeQ5Tu32Y6ZB_KLkmMjjTrHDraR9jaTh4HYd18cgwjLenU8vf1VkMTipHG7sLZvFohrso8mSGVDPv8duaTN7dFpq8uvoWDgOLq5qmBmmVh9rhqh_Cof1k5x8QrnFd0RnLrTGW4joPkwzvKhWopwFw/s640/8FF06AAC-B485-4D78-AF7F-742929F30508.jpeg
216.58.207.225200 OK 69 kB URL HTTP/2 blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgzaJ5Mxe-mGshyxLVb_2pPOpotaJQ9SwEokQ8p0QeQ5Tu32Y6ZB_KLkmMjjTrHDraR9jaTh4HYd18cgwjLenU8vf1VkMTipHG7sLZvFohrso8mSGVDPv8duaTN7dFpq8uvoWDgOLq5qmBmmVh9rhqh_Cof1k5x8QrnFd0RnLrTGW4joPkwzvKhWopwFw/s640/8FF06AAC-B485-4D78-AF7F-742929F30508.jpeg
IP 216.58.207.225:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 640x611, components 3\012- data
Hash 6c2046db2a0ed63d23e31fe08704e44a
a1b2f739f40ef91d37094b0fd9227f246b2a59eb
fae35b9f8edbb511f4396b34c1c8f5a0652e67ed06ecf40d3a02c070c938fdd9
GET /img/b/R29vZ2xl/AVvXsEgzaJ5Mxe-mGshyxLVb_2pPOpotaJQ9SwEokQ8p0QeQ5Tu32Y6ZB_KLkmMjjTrHDraR9jaTh4HYd18cgwjLenU8vf1VkMTipHG7sLZvFohrso8mSGVDPv8duaTN7dFpq8uvoWDgOLq5qmBmmVh9rhqh_Cof1k5x8QrnFd0RnLrTGW4joPkwzvKhWopwFw/s640/8FF06AAC-B485-4D78-AF7F-742929F30508.jpeg HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.byfarahh.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v7c59"
expires: Sun, 15 Jan 2023 09:44:07 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="8FF06AAC-B485-4D78-AF7F-742929F30508.jpeg"
content-type: image/jpeg
vary: Origin
x-content-type-options: nosniff
date: Sat, 14 Jan 2023 09:44:07 GMT
server: fife
content-length: 68710
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash ada63762075e5651538a7488c1892793
d443662e6a558c67937b5582c7a53606477d9f57
6d66c972497029fe99022d6ff9b567e67b6b4d4dce33951a34ba7bcd2f79efdf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 09:44:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjQxrBwv8777KCp3r9dnJLrM5oqjnya7dcpComaYjy6onvwNfVxLHhEShVLDias5UdEEpcG6xziVdl2njHOwuNVyRbcSY6sAclAPl9udqOUxOxVRKfmByWtkqHQFgL8rrjHe7ZyMZ_y8SY3RiANibN9107euUUadEwCnq4jAlRiD4EL_R3bgkf8R5a1_Q/s640/01C84EA2-AD59-4EE1-9795-078EA12EC7A4.jpeg
216.58.207.225200 OK 82 kB URL HTTP/2 blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjQxrBwv8777KCp3r9dnJLrM5oqjnya7dcpComaYjy6onvwNfVxLHhEShVLDias5UdEEpcG6xziVdl2njHOwuNVyRbcSY6sAclAPl9udqOUxOxVRKfmByWtkqHQFgL8rrjHe7ZyMZ_y8SY3RiANibN9107euUUadEwCnq4jAlRiD4EL_R3bgkf8R5a1_Q/s640/01C84EA2-AD59-4EE1-9795-078EA12EC7A4.jpeg
IP 216.58.207.225:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 640x480, components 3\012- data
Hash 379115453fa21765b0433d79ac8ef5e3
9cb6cab31c3038dd6798113a0de768b8fbd285e5
d30b82e2ea0045ca50e79b55a267db11cc915ebd62aa5dd662fc24732d879bdf
GET /img/b/R29vZ2xl/AVvXsEjQxrBwv8777KCp3r9dnJLrM5oqjnya7dcpComaYjy6onvwNfVxLHhEShVLDias5UdEEpcG6xziVdl2njHOwuNVyRbcSY6sAclAPl9udqOUxOxVRKfmByWtkqHQFgL8rrjHe7ZyMZ_y8SY3RiANibN9107euUUadEwCnq4jAlRiD4EL_R3bgkf8R5a1_Q/s640/01C84EA2-AD59-4EE1-9795-078EA12EC7A4.jpeg HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.byfarahh.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v7c51"
expires: Sun, 15 Jan 2023 09:44:07 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="01C84EA2-AD59-4EE1-9795-078EA12EC7A4.jpeg"
content-type: image/jpeg
vary: Origin
x-content-type-options: nosniff
date: Sat, 14 Jan 2023 09:44:07 GMT
server: fife
content-length: 82423
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tpc.googlesyndication.com/sodar/sodar2.js
142.250.74.97200 OK 6.4 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2.js
IP 142.250.74.97:0
File type ASCII text, with very long lines (1321)
Hash ac906814ed812c4ecdbb624a3bd2f6c3
8e4547eaffaa66a1ee61b36028dbcd7091d0e7de
8ab8cef6156022c4547455defd8252b48b6bcb8b734072849345bb99758705fe
GET /sodar/sodar2.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.byfarahh.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 6386
date: Sat, 14 Jan 2023 09:44:07 GMT
expires: Sat, 14 Jan 2023 09:44:07 GMT
cache-control: private, max-age=3000
etag: "1637097310169751"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiShF76_gMxwPhF1QjisGO4x4T-afueukrPyDTAaKktvbeO2E4AV_ghq5fh60oijr_GHRv-_3n2vr2biCCUPrcc_PBVnXnlhUUGfQZcW4Hjp31LCkrAN7JAubuo1yKPPMohH6UqM-bvOjEUFAmk9k-HFl6b0Uj6OLXR5Em8sFDwB3yBCWj5AeoOvjt5Yw/s640/4E51F597-2B43-418F-B063-C5B49F7BFDAE.jpeg
216.58.207.225200 OK 47 kB URL HTTP/2 blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiShF76_gMxwPhF1QjisGO4x4T-afueukrPyDTAaKktvbeO2E4AV_ghq5fh60oijr_GHRv-_3n2vr2biCCUPrcc_PBVnXnlhUUGfQZcW4Hjp31LCkrAN7JAubuo1yKPPMohH6UqM-bvOjEUFAmk9k-HFl6b0Uj6OLXR5Em8sFDwB3yBCWj5AeoOvjt5Yw/s640/4E51F597-2B43-418F-B063-C5B49F7BFDAE.jpeg
IP 216.58.207.225:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 480x640, components 3\012- data
Hash 15a7f657bd1543eada08f53faea1f2db
5728fbfe9cea2f27350ddd20c6cd462238b5ce40
9231dab1edd4fb78bc5a1acb122004910ae377406c46af398397e307d684bcae
GET /img/b/R29vZ2xl/AVvXsEiShF76_gMxwPhF1QjisGO4x4T-afueukrPyDTAaKktvbeO2E4AV_ghq5fh60oijr_GHRv-_3n2vr2biCCUPrcc_PBVnXnlhUUGfQZcW4Hjp31LCkrAN7JAubuo1yKPPMohH6UqM-bvOjEUFAmk9k-HFl6b0Uj6OLXR5Em8sFDwB3yBCWj5AeoOvjt5Yw/s640/4E51F597-2B43-418F-B063-C5B49F7BFDAE.jpeg HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.byfarahh.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v7c50"
expires: Sun, 15 Jan 2023 09:44:07 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="4E51F597-2B43-418F-B063-C5B49F7BFDAE.jpeg"
content-type: image/jpeg
vary: Origin
x-content-type-options: nosniff
date: Sat, 14 Jan 2023 09:44:07 GMT
server: fife
content-length: 47218
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgzaJ5Mxe-mGshyxLVb_2pPOpotaJQ9SwEokQ8p0QeQ5Tu32Y6ZB_KLkmMjjTrHDraR9jaTh4HYd18cgwjLenU8vf1VkMTipHG7sLZvFohrso8mSGVDPv8duaTN7dFpq8uvoWDgOLq5qmBmmVh9rhqh_Cof1k5x8QrnFd0RnLrTGW4joPkwzvKhWopwFw/w244-h150-p-k-no-nu/8FF06AAC-B485-4D78-AF7F-742929F30508.jpeg
216.58.207.225200 OK 7.1 kB URL HTTP/2 blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgzaJ5Mxe-mGshyxLVb_2pPOpotaJQ9SwEokQ8p0QeQ5Tu32Y6ZB_KLkmMjjTrHDraR9jaTh4HYd18cgwjLenU8vf1VkMTipHG7sLZvFohrso8mSGVDPv8duaTN7dFpq8uvoWDgOLq5qmBmmVh9rhqh_Cof1k5x8QrnFd0RnLrTGW4joPkwzvKhWopwFw/w244-h150-p-k-no-nu/8FF06AAC-B485-4D78-AF7F-742929F30508.jpeg
IP 216.58.207.225:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 244x150, components 3\012- data
Hash a4605f4f33d6c5425b194dedbe4778e0
c99bcdefac6bf86d172ee051de35d804f94447a5
aafe51a8c33a3f76b9e00dad44e86e8f853896079903c29b28b137d48d0c1e02
GET /img/b/R29vZ2xl/AVvXsEgzaJ5Mxe-mGshyxLVb_2pPOpotaJQ9SwEokQ8p0QeQ5Tu32Y6ZB_KLkmMjjTrHDraR9jaTh4HYd18cgwjLenU8vf1VkMTipHG7sLZvFohrso8mSGVDPv8duaTN7dFpq8uvoWDgOLq5qmBmmVh9rhqh_Cof1k5x8QrnFd0RnLrTGW4joPkwzvKhWopwFw/w244-h150-p-k-no-nu/8FF06AAC-B485-4D78-AF7F-742929F30508.jpeg HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.byfarahh.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v7c59"
expires: Sun, 15 Jan 2023 09:44:07 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="8FF06AAC-B485-4D78-AF7F-742929F30508.jpeg"
content-type: image/jpeg
vary: Origin
x-content-type-options: nosniff
date: Sat, 14 Jan 2023 09:44:07 GMT
server: fife
content-length: 7090
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj_Fa6-u1F-fhBvXfye_07WSoe019bzUAfLJF-zkJgbyJszcq2O4o8K-Tycl7Y_ieZMyzSClU_eRvvCN5inAxP5lyIbsanRQZTz6F34aBd0aRkGtOf9QwcTC4kicqtLTIFnTq8MKKIDp7bg3iBWTYrqumR1X3eDCWGqBfxy2wWLsOqrZZTedHgAzaGmFw/s640/2FA896AE-CC17-4537-9766-AAE25612B7DF.jpeg
216.58.207.225200 OK 110 kB URL HTTP/2 blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj_Fa6-u1F-fhBvXfye_07WSoe019bzUAfLJF-zkJgbyJszcq2O4o8K-Tycl7Y_ieZMyzSClU_eRvvCN5inAxP5lyIbsanRQZTz6F34aBd0aRkGtOf9QwcTC4kicqtLTIFnTq8MKKIDp7bg3iBWTYrqumR1X3eDCWGqBfxy2wWLsOqrZZTedHgAzaGmFw/s640/2FA896AE-CC17-4537-9766-AAE25612B7DF.jpeg
IP 216.58.207.225:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 480x640, components 3\012- data
Size 110 kB (109895 bytes)
Hash b5673628e48544b37150650dd9762442
03b96db7b31f30c65e08803389bcb25583b146d5
ada6dd61bde32ffd837f1a37b54f343f5cb94464a73147f798abdbabe6290095
GET /img/b/R29vZ2xl/AVvXsEj_Fa6-u1F-fhBvXfye_07WSoe019bzUAfLJF-zkJgbyJszcq2O4o8K-Tycl7Y_ieZMyzSClU_eRvvCN5inAxP5lyIbsanRQZTz6F34aBd0aRkGtOf9QwcTC4kicqtLTIFnTq8MKKIDp7bg3iBWTYrqumR1X3eDCWGqBfxy2wWLsOqrZZTedHgAzaGmFw/s640/2FA896AE-CC17-4537-9766-AAE25612B7DF.jpeg HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.byfarahh.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v7c4f"
expires: Sun, 15 Jan 2023 09:44:07 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="2FA896AE-CC17-4537-9766-AAE25612B7DF.jpeg"
content-type: image/jpeg
vary: Origin
x-content-type-options: nosniff
date: Sat, 14 Jan 2023 09:44:07 GMT
server: fife
content-length: 109895
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEghhD-ZAy0iwqTUk4xtqh_kDkbNADmmen65bzQNyF9SeHoXr4reB3wjh8FRVkgRQkkmhynMibSf3rqCC5jhxXXlSvr4GY9kfbhaz-sp6fwZDOJBs1bGue2inbkR1He7b7ophM2d8xAtZg5tNQM5qKOpuLFRna34Me9XffBtjI1JZQ69HSF4ECmQxU24xw/s640/3D8D7A9B-6BF1-4E06-8E79-44E0B894B1D6.jpeg
216.58.207.225200 OK 84 kB URL HTTP/2 blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEghhD-ZAy0iwqTUk4xtqh_kDkbNADmmen65bzQNyF9SeHoXr4reB3wjh8FRVkgRQkkmhynMibSf3rqCC5jhxXXlSvr4GY9kfbhaz-sp6fwZDOJBs1bGue2inbkR1He7b7ophM2d8xAtZg5tNQM5qKOpuLFRna34Me9XffBtjI1JZQ69HSF4ECmQxU24xw/s640/3D8D7A9B-6BF1-4E06-8E79-44E0B894B1D6.jpeg
IP 216.58.207.225:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 480x640, components 3\012- data
Hash e5e401e4800a317adb412c672e4eba1f
789e47e17a1e3ffbd9ae807807172349a2c823a2
c9f237a932ed758484e81dfd62814a7b01bab27f185c4ea5614dbe249f3c5928
GET /img/b/R29vZ2xl/AVvXsEghhD-ZAy0iwqTUk4xtqh_kDkbNADmmen65bzQNyF9SeHoXr4reB3wjh8FRVkgRQkkmhynMibSf3rqCC5jhxXXlSvr4GY9kfbhaz-sp6fwZDOJBs1bGue2inbkR1He7b7ophM2d8xAtZg5tNQM5qKOpuLFRna34Me9XffBtjI1JZQ69HSF4ECmQxU24xw/s640/3D8D7A9B-6BF1-4E06-8E79-44E0B894B1D6.jpeg HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.byfarahh.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v7c50"
expires: Sun, 15 Jan 2023 09:44:07 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="3D8D7A9B-6BF1-4E06-8E79-44E0B894B1D6.jpeg"
content-type: image/jpeg
vary: Origin
x-content-type-options: nosniff
date: Sat, 14 Jan 2023 09:44:07 GMT
server: fife
content-length: 83591
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiRFAlkKISM6QC_f37rNjHFhOuAJP-8oM1832P2AifxUBSYIl1hL7xpe9O4gB0si6PrKLoUiAYWKpPJoilaAI2hmGMBRdJ4mwtYGwO3_O6hykseZnBZYRdYSiao6PzeqTb6OkgqP0aPhz7UVfzOWFfNc2GNydNgM8BAZ_7oc4CiNfjCap6LajydfOIPLA/s640/734A156F-985E-4924-ACC1-863D0244E01D.jpeg
216.58.207.225200 OK 69 kB URL HTTP/2 blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiRFAlkKISM6QC_f37rNjHFhOuAJP-8oM1832P2AifxUBSYIl1hL7xpe9O4gB0si6PrKLoUiAYWKpPJoilaAI2hmGMBRdJ4mwtYGwO3_O6hykseZnBZYRdYSiao6PzeqTb6OkgqP0aPhz7UVfzOWFfNc2GNydNgM8BAZ_7oc4CiNfjCap6LajydfOIPLA/s640/734A156F-985E-4924-ACC1-863D0244E01D.jpeg
IP 216.58.207.225:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 640x480, components 3\012- data
Hash 083b5c575dc3c9b350b418ed611d11ff
4a1309054cbc029870adc0e9c3cc659011676acb
bbfcce7987c1a37c022c51c35ad64c1c0a7dcf2423b282bca70d85c73e44f3a7
GET /img/b/R29vZ2xl/AVvXsEiRFAlkKISM6QC_f37rNjHFhOuAJP-8oM1832P2AifxUBSYIl1hL7xpe9O4gB0si6PrKLoUiAYWKpPJoilaAI2hmGMBRdJ4mwtYGwO3_O6hykseZnBZYRdYSiao6PzeqTb6OkgqP0aPhz7UVfzOWFfNc2GNydNgM8BAZ_7oc4CiNfjCap6LajydfOIPLA/s640/734A156F-985E-4924-ACC1-863D0244E01D.jpeg HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.byfarahh.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v7c51"
expires: Sun, 15 Jan 2023 09:44:07 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="734A156F-985E-4924-ACC1-863D0244E01D.jpeg"
content-type: image/jpeg
vary: Origin
x-content-type-options: nosniff
date: Sat, 14 Jan 2023 09:44:07 GMT
server: fife
content-length: 69422
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tpc.googlesyndication.com/sodar/sodar2/225/runner.html
142.250.74.97200 OK 5.0 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2/225/runner.html
IP 142.250.74.97:0
File type HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2020)
Hash f530c16b248be97e10df228df6a41c24
ca3c3a38bbeef6906682b3e0b2a7be40c08b0925
f45287dcfd79a2411e79f98c834c6f7eff8a281a9b4fdba0124be9d204987786
GET /sodar/sodar2/225/runner.html HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.byfarahh.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 12 Jan 2023 07:22:01 GMT
expires: Fri, 12 Jan 2024 07:22:01 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 181326
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhHlnVuz8wqMyi-hm9qb7h-ZRCdt1eMLk8dvfYsr3KCKNNTjP49HX8ZByW9Ujno6H2ghPo49s7tNrD_rKyZC5fACXrbaJQx-Cj1MWVcNy43pWXcDFFbGwbhjSaYGT_1TJETyzsSUQDOXSjpDRVvmuTUF1fXj7mhO2PgqsS53U_f4Zx1-AyxkieGwy-0Mw/w244-h150-p-k-no-nu/19E98FAC-FBD2-46C9-BEBA-2F3E701FCDE0.png
216.58.207.225200 OK 43 kB URL HTTP/2 blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhHlnVuz8wqMyi-hm9qb7h-ZRCdt1eMLk8dvfYsr3KCKNNTjP49HX8ZByW9Ujno6H2ghPo49s7tNrD_rKyZC5fACXrbaJQx-Cj1MWVcNy43pWXcDFFbGwbhjSaYGT_1TJETyzsSUQDOXSjpDRVvmuTUF1fXj7mhO2PgqsS53U_f4Zx1-AyxkieGwy-0Mw/w244-h150-p-k-no-nu/19E98FAC-FBD2-46C9-BEBA-2F3E701FCDE0.png
IP 216.58.207.225:0
File type PNG image data, 244 x 150, 8-bit/color RGB, non-interlaced\012- data
Hash c78a53afedab1a5977b40d03d7bd082a
de7450462113a5ac0a21fdfa131b0bc53f793590
ace0bbef1f1ba502a66cd2eeea4f29926a7116b87061288933eac4fa78824d8f
GET /img/b/R29vZ2xl/AVvXsEhHlnVuz8wqMyi-hm9qb7h-ZRCdt1eMLk8dvfYsr3KCKNNTjP49HX8ZByW9Ujno6H2ghPo49s7tNrD_rKyZC5fACXrbaJQx-Cj1MWVcNy43pWXcDFFbGwbhjSaYGT_1TJETyzsSUQDOXSjpDRVvmuTUF1fXj7mhO2PgqsS53U_f4Zx1-AyxkieGwy-0Mw/w244-h150-p-k-no-nu/19E98FAC-FBD2-46C9-BEBA-2F3E701FCDE0.png HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.byfarahh.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v7c2e"
expires: Sun, 15 Jan 2023 09:44:07 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="19E98FAC-FBD2-46C9-BEBA-2F3E701FCDE0.png"
content-type: image/png
vary: Origin
x-content-type-options: nosniff
date: Sat, 14 Jan 2023 09:44:07 GMT
server: fife
content-length: 43259
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjwoOeisi6ykh4HFlEtBjHOlIhXTxIpMzWkxsF5GLmjdgodK07lQk35TxutT7HErSMr6Q4UmGUeEJ2RTBCBCmyqN0O1LFF7lQ1DmANdZMSPuCZA90dMHokk99cJk14dxGP81z2n38De1WqX2eU-u4EJDu9niUm7ZWI0KevmFevscSOZUEb2ggA3VNvrMA/s320/7A6BC027-8C37-4771-98F9-08DA7FDEFB7C.jpeg
216.58.207.225200 OK 21 kB URL HTTP/2 blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjwoOeisi6ykh4HFlEtBjHOlIhXTxIpMzWkxsF5GLmjdgodK07lQk35TxutT7HErSMr6Q4UmGUeEJ2RTBCBCmyqN0O1LFF7lQ1DmANdZMSPuCZA90dMHokk99cJk14dxGP81z2n38De1WqX2eU-u4EJDu9niUm7ZWI0KevmFevscSOZUEb2ggA3VNvrMA/s320/7A6BC027-8C37-4771-98F9-08DA7FDEFB7C.jpeg
IP 216.58.207.225:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 320x240, components 3\012- data
Hash 3366f0f408444448c644d5ff773725bf
b3bb43e797fbc01bc1d41359868b37f46fe13a83
9a7586d10aaa1642ddb5bd54c0d3895cc29abbe1e96ddc70c4e27c7feb52845c
GET /img/b/R29vZ2xl/AVvXsEjwoOeisi6ykh4HFlEtBjHOlIhXTxIpMzWkxsF5GLmjdgodK07lQk35TxutT7HErSMr6Q4UmGUeEJ2RTBCBCmyqN0O1LFF7lQ1DmANdZMSPuCZA90dMHokk99cJk14dxGP81z2n38De1WqX2eU-u4EJDu9niUm7ZWI0KevmFevscSOZUEb2ggA3VNvrMA/s320/7A6BC027-8C37-4771-98F9-08DA7FDEFB7C.jpeg HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.byfarahh.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v7c2a"
expires: Sun, 15 Jan 2023 09:44:07 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="7A6BC027-8C37-4771-98F9-08DA7FDEFB7C.jpeg"
content-type: image/jpeg
vary: Origin
x-content-type-options: nosniff
date: Sat, 14 Jan 2023 09:44:07 GMT
server: fife
content-length: 20581
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi4xqj6IndmEUeHWEIxosqAN-TUTmG6DTwFHz-R9kMF163QoJ5_U5rER6Ni--8olRqbk8HeY0BVQc2clM9qKA-XFwPgJRIthkbWKrVc5lm08LV0cfg7TKOeaPKGFunWoKGP-0jdHZlnfdkkhP7Ihty5NyyCZ5Y8i6GmN_zAFLS3jGbd_JqWpa8dumIO4Q/s640/64B8F1E7-F73E-438F-A95B-7928C7FC5F22.jpeg
216.58.207.225200 OK 39 kB URL HTTP/2 blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi4xqj6IndmEUeHWEIxosqAN-TUTmG6DTwFHz-R9kMF163QoJ5_U5rER6Ni--8olRqbk8HeY0BVQc2clM9qKA-XFwPgJRIthkbWKrVc5lm08LV0cfg7TKOeaPKGFunWoKGP-0jdHZlnfdkkhP7Ihty5NyyCZ5Y8i6GmN_zAFLS3jGbd_JqWpa8dumIO4Q/s640/64B8F1E7-F73E-438F-A95B-7928C7FC5F22.jpeg
IP 216.58.207.225:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, software=Google], baseline, precision 8, 458x640, components 3\012- data
Hash 9e95720abcf7bd3208fdf97180798cad
542e5df8b3c334128a4f271ba6f804a85a174890
eac74b699890ef7e1c3a3e6626216ec0bb01aa1140d424ac99a3b693b53d43ad
GET /img/b/R29vZ2xl/AVvXsEi4xqj6IndmEUeHWEIxosqAN-TUTmG6DTwFHz-R9kMF163QoJ5_U5rER6Ni--8olRqbk8HeY0BVQc2clM9qKA-XFwPgJRIthkbWKrVc5lm08LV0cfg7TKOeaPKGFunWoKGP-0jdHZlnfdkkhP7Ihty5NyyCZ5Y8i6GmN_zAFLS3jGbd_JqWpa8dumIO4Q/s640/64B8F1E7-F73E-438F-A95B-7928C7FC5F22.jpeg HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.byfarahh.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v7c44"
expires: Sun, 15 Jan 2023 09:44:07 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="64B8F1E7-F73E-438F-A95B-7928C7FC5F22.jpeg"
content-type: image/jpeg
vary: Origin
x-content-type-options: nosniff
date: Sat, 14 Jan 2023 09:44:07 GMT
server: fife
content-length: 39283
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiHyjdXefTc1Oz4UrFj0TRNRxzM5Wk7nnUkuPwXctNCis3e-5gnEkXFSpiQmiyrDOSz9t7tUUGyzVFBq_AMfSN07DL31lrs2b9lW0bLM4qKGjJBIA_nstzJ7Vea8wkU-x3WFHH1jHneyzWv-6j-sJlQopa5q2x1yoew4R-OrlKdnZYLNT-ihyvE5ZHS-Q/s320/7BC9424D-3BEF-45A1-A2CF-0D470C8CDA1B.jpeg
216.58.207.225200 OK 31 kB URL HTTP/2 blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiHyjdXefTc1Oz4UrFj0TRNRxzM5Wk7nnUkuPwXctNCis3e-5gnEkXFSpiQmiyrDOSz9t7tUUGyzVFBq_AMfSN07DL31lrs2b9lW0bLM4qKGjJBIA_nstzJ7Vea8wkU-x3WFHH1jHneyzWv-6j-sJlQopa5q2x1yoew4R-OrlKdnZYLNT-ihyvE5ZHS-Q/s320/7BC9424D-3BEF-45A1-A2CF-0D470C8CDA1B.jpeg
IP 216.58.207.225:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 240x320, components 3\012- data
Hash 551967ea72deee6b9122ec12454e6332
7e452d2d48772106b631cf6fae01c4707887de1c
c67a740a7b62d768c0c8069609d9b52149cc476c986e4bc363a3736e294aaede
GET /img/b/R29vZ2xl/AVvXsEiHyjdXefTc1Oz4UrFj0TRNRxzM5Wk7nnUkuPwXctNCis3e-5gnEkXFSpiQmiyrDOSz9t7tUUGyzVFBq_AMfSN07DL31lrs2b9lW0bLM4qKGjJBIA_nstzJ7Vea8wkU-x3WFHH1jHneyzWv-6j-sJlQopa5q2x1yoew4R-OrlKdnZYLNT-ihyvE5ZHS-Q/s320/7BC9424D-3BEF-45A1-A2CF-0D470C8CDA1B.jpeg HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.byfarahh.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v7c29"
expires: Sun, 15 Jan 2023 09:44:07 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="7BC9424D-3BEF-45A1-A2CF-0D470C8CDA1B.jpeg"
content-type: image/jpeg
vary: Origin
x-content-type-options: nosniff
date: Sat, 14 Jan 2023 09:44:07 GMT
server: fife
content-length: 31427
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi4xqj6IndmEUeHWEIxosqAN-TUTmG6DTwFHz-R9kMF163QoJ5_U5rER6Ni--8olRqbk8HeY0BVQc2clM9qKA-XFwPgJRIthkbWKrVc5lm08LV0cfg7TKOeaPKGFunWoKGP-0jdHZlnfdkkhP7Ihty5NyyCZ5Y8i6GmN_zAFLS3jGbd_JqWpa8dumIO4Q/w244-h150-p-k-no-nu/64B8F1E7-F73E-438F-A95B-7928C7FC5F22.jpeg
216.58.207.225200 OK 8.9 kB URL HTTP/2 blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi4xqj6IndmEUeHWEIxosqAN-TUTmG6DTwFHz-R9kMF163QoJ5_U5rER6Ni--8olRqbk8HeY0BVQc2clM9qKA-XFwPgJRIthkbWKrVc5lm08LV0cfg7TKOeaPKGFunWoKGP-0jdHZlnfdkkhP7Ihty5NyyCZ5Y8i6GmN_zAFLS3jGbd_JqWpa8dumIO4Q/w244-h150-p-k-no-nu/64B8F1E7-F73E-438F-A95B-7928C7FC5F22.jpeg
IP 216.58.207.225:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, software=Google], baseline, precision 8, 244x150, components 3\012- data
Hash 31f8e47b34a85a2ef2a2b3a9ee15e189
cd02d165c2ff0d1082148893b54f3d0a0dd530ab
7d89fa8014a9a2ac6e71d66a8a15d3cf0c5e4b74c3d74b43538f155cce002555
GET /img/b/R29vZ2xl/AVvXsEi4xqj6IndmEUeHWEIxosqAN-TUTmG6DTwFHz-R9kMF163QoJ5_U5rER6Ni--8olRqbk8HeY0BVQc2clM9qKA-XFwPgJRIthkbWKrVc5lm08LV0cfg7TKOeaPKGFunWoKGP-0jdHZlnfdkkhP7Ihty5NyyCZ5Y8i6GmN_zAFLS3jGbd_JqWpa8dumIO4Q/w244-h150-p-k-no-nu/64B8F1E7-F73E-438F-A95B-7928C7FC5F22.jpeg HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.byfarahh.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v7c44"
expires: Sun, 15 Jan 2023 09:44:07 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="64B8F1E7-F73E-438F-A95B-7928C7FC5F22.jpeg"
content-type: image/jpeg
vary: Origin
x-content-type-options: nosniff
date: Sat, 14 Jan 2023 09:44:07 GMT
server: fife
content-length: 8930
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjwoOeisi6ykh4HFlEtBjHOlIhXTxIpMzWkxsF5GLmjdgodK07lQk35TxutT7HErSMr6Q4UmGUeEJ2RTBCBCmyqN0O1LFF7lQ1DmANdZMSPuCZA90dMHokk99cJk14dxGP81z2n38De1WqX2eU-u4EJDu9niUm7ZWI0KevmFevscSOZUEb2ggA3VNvrMA/w244-h150-p-k-no-nu/7A6BC027-8C37-4771-98F9-08DA7FDEFB7C.jpeg
216.58.207.225200 OK 12 kB URL HTTP/2 blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjwoOeisi6ykh4HFlEtBjHOlIhXTxIpMzWkxsF5GLmjdgodK07lQk35TxutT7HErSMr6Q4UmGUeEJ2RTBCBCmyqN0O1LFF7lQ1DmANdZMSPuCZA90dMHokk99cJk14dxGP81z2n38De1WqX2eU-u4EJDu9niUm7ZWI0KevmFevscSOZUEb2ggA3VNvrMA/w244-h150-p-k-no-nu/7A6BC027-8C37-4771-98F9-08DA7FDEFB7C.jpeg
IP 216.58.207.225:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 244x150, components 3\012- data
Hash d8d30b89a93ce20386a5800f2861d3e2
5ee5a8ae14f3c25cfd79991e219c34090e769af0
09fe05d6b3f47c00daa148f242fd46e5096893f45ff81843c88d5b08643bea51
GET /img/b/R29vZ2xl/AVvXsEjwoOeisi6ykh4HFlEtBjHOlIhXTxIpMzWkxsF5GLmjdgodK07lQk35TxutT7HErSMr6Q4UmGUeEJ2RTBCBCmyqN0O1LFF7lQ1DmANdZMSPuCZA90dMHokk99cJk14dxGP81z2n38De1WqX2eU-u4EJDu9niUm7ZWI0KevmFevscSOZUEb2ggA3VNvrMA/w244-h150-p-k-no-nu/7A6BC027-8C37-4771-98F9-08DA7FDEFB7C.jpeg HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.byfarahh.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v7c2a"
expires: Sun, 15 Jan 2023 09:44:07 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="7A6BC027-8C37-4771-98F9-08DA7FDEFB7C.jpeg"
content-type: image/jpeg
vary: Origin
x-content-type-options: nosniff
date: Sat, 14 Jan 2023 09:44:07 GMT
server: fife
content-length: 12515
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgezT4YoMAbbXgQH3qzoPB9jvTP994IzeSjY4d9L3oRsWQOKZG_LKZfaAiwZYpazbQfgh-RWhv3hwGFm8de0EnqqRPkH5AImZgM9jXQCOv1-cJ4t2VHoa90LgLd6xy7ogR4c73BiEUo0_DP0PJQDoPQODyfl8YMTJU8TZrN_Sz-aeWp9TuFsPJrHhiqWw/s320/26E743FB-0AEC-46F7-9A24-88103728E9A2.jpeg
216.58.207.225200 OK 34 kB URL HTTP/2 blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgezT4YoMAbbXgQH3qzoPB9jvTP994IzeSjY4d9L3oRsWQOKZG_LKZfaAiwZYpazbQfgh-RWhv3hwGFm8de0EnqqRPkH5AImZgM9jXQCOv1-cJ4t2VHoa90LgLd6xy7ogR4c73BiEUo0_DP0PJQDoPQODyfl8YMTJU8TZrN_Sz-aeWp9TuFsPJrHhiqWw/s320/26E743FB-0AEC-46F7-9A24-88103728E9A2.jpeg
IP 216.58.207.225:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 240x320, components 3\012- data
Hash 4fd649e1994e36756ee9b2410a494720
45ace6742f94272aa416649c42c6fa41293ff2fb
8b31cec0b91bf9fc19f9c2f04898f28ad105f9622bba20c41ce3351256e35aab
GET /img/b/R29vZ2xl/AVvXsEgezT4YoMAbbXgQH3qzoPB9jvTP994IzeSjY4d9L3oRsWQOKZG_LKZfaAiwZYpazbQfgh-RWhv3hwGFm8de0EnqqRPkH5AImZgM9jXQCOv1-cJ4t2VHoa90LgLd6xy7ogR4c73BiEUo0_DP0PJQDoPQODyfl8YMTJU8TZrN_Sz-aeWp9TuFsPJrHhiqWw/s320/26E743FB-0AEC-46F7-9A24-88103728E9A2.jpeg HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.byfarahh.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v7c2b"
expires: Sun, 15 Jan 2023 09:44:07 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="26E743FB-0AEC-46F7-9A24-88103728E9A2.jpeg"
content-type: image/jpeg
vary: Origin
x-content-type-options: nosniff
date: Sat, 14 Jan 2023 09:44:07 GMT
server: fife
content-length: 34053
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgE08jVRlbVVlx8dkCB5SCOAFW2qnJW1bqV0CCpD2LsQAseZE1dOnpzWbs1s2jW7_jIEjXKZUQyWwvF3tol3e9mWdXySJxPjBuhVFCFrbPtIN2jBMckyoPPzNsg4T_yGE_UoyegaDSyFpRyPvfW9qQAM5N6AypiaxjqybYaeaOaORf6onqtpal3CBWkew/s320/AE0B8D70-50D2-4BE4-8669-C83FC8972F7F.jpeg
216.58.207.225200 OK 52 kB URL HTTP/2 blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgE08jVRlbVVlx8dkCB5SCOAFW2qnJW1bqV0CCpD2LsQAseZE1dOnpzWbs1s2jW7_jIEjXKZUQyWwvF3tol3e9mWdXySJxPjBuhVFCFrbPtIN2jBMckyoPPzNsg4T_yGE_UoyegaDSyFpRyPvfW9qQAM5N6AypiaxjqybYaeaOaORf6onqtpal3CBWkew/s320/AE0B8D70-50D2-4BE4-8669-C83FC8972F7F.jpeg
IP 216.58.207.225:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 320x240, components 3\012- data
Hash 86ee7990dd63eab9c722e073732d6ef5
a8f1f445eba6023d32655603ef74e33a7b8ff09c
ebf2183975b6adb912f9c880ed65bc6e0b64446e76b23569bcc36286ad3cc059
GET /img/b/R29vZ2xl/AVvXsEgE08jVRlbVVlx8dkCB5SCOAFW2qnJW1bqV0CCpD2LsQAseZE1dOnpzWbs1s2jW7_jIEjXKZUQyWwvF3tol3e9mWdXySJxPjBuhVFCFrbPtIN2jBMckyoPPzNsg4T_yGE_UoyegaDSyFpRyPvfW9qQAM5N6AypiaxjqybYaeaOaORf6onqtpal3CBWkew/s320/AE0B8D70-50D2-4BE4-8669-C83FC8972F7F.jpeg HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.byfarahh.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v7c2c"
expires: Sun, 15 Jan 2023 09:44:07 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="AE0B8D70-50D2-4BE4-8669-C83FC8972F7F.jpeg"
content-type: image/jpeg
vary: Origin
x-content-type-options: nosniff
date: Sat, 14 Jan 2023 09:44:07 GMT
server: fife
content-length: 51978
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjne7EK3Xdg7P_tyx7aqdnwkP15uH9Pqw_8YoO9fKOjM2id7BJc1O25kDlQZ6nmnk8dYbZBhF7E3DqhtdGMqtfZxVi4kEk-Ot_N9tW1Gv6pWCYqMjvObm18YMeTubzF7_tcnW6hp6JzkkCFNEs47qH3nYpXFNc5OM5_5HRwNxe1Oww4LI0GQ4lBY5RdMg/s320/8EDC22E9-735E-40C7-95AD-B1A7CEBF88F8.jpeg
216.58.207.225200 OK 26 kB URL HTTP/2 blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjne7EK3Xdg7P_tyx7aqdnwkP15uH9Pqw_8YoO9fKOjM2id7BJc1O25kDlQZ6nmnk8dYbZBhF7E3DqhtdGMqtfZxVi4kEk-Ot_N9tW1Gv6pWCYqMjvObm18YMeTubzF7_tcnW6hp6JzkkCFNEs47qH3nYpXFNc5OM5_5HRwNxe1Oww4LI0GQ4lBY5RdMg/s320/8EDC22E9-735E-40C7-95AD-B1A7CEBF88F8.jpeg
IP 216.58.207.225:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 240x320, components 3\012- data
Hash 89adebeeaf64a3b41fe6ad119b89f9e4
8d4accb87a0efd47f68d02bbbb7e9aa10e0f5716
373faf1b39372823a609f6ddb747782c4fa5c872e9f4742a7c3097f87a89589d
GET /img/b/R29vZ2xl/AVvXsEjne7EK3Xdg7P_tyx7aqdnwkP15uH9Pqw_8YoO9fKOjM2id7BJc1O25kDlQZ6nmnk8dYbZBhF7E3DqhtdGMqtfZxVi4kEk-Ot_N9tW1Gv6pWCYqMjvObm18YMeTubzF7_tcnW6hp6JzkkCFNEs47qH3nYpXFNc5OM5_5HRwNxe1Oww4LI0GQ4lBY5RdMg/s320/8EDC22E9-735E-40C7-95AD-B1A7CEBF88F8.jpeg HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.byfarahh.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v7c2b"
expires: Sun, 15 Jan 2023 09:44:07 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="8EDC22E9-735E-40C7-95AD-B1A7CEBF88F8.jpeg"
content-type: image/jpeg
vary: Origin
x-content-type-options: nosniff
date: Sat, 14 Jan 2023 09:44:07 GMT
server: fife
content-length: 26138
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjZZ1SuC47o9sAVwqkVNtKyuBEOXpoIFFYiBVz7LqSfROV2pOpV2CEV7w8o2AeT16PSBcA454y0P_86_3xwLPWxO2yV8b96yyxx-30JcuUlWLkMARTTEvncndnYAbRttP8TsyqpLWQvGsJn85OgW-go6Gy9k1fKiQmXyjh7pIr8s8qOzjN6xf74j2mLeA/s320/13000B65-CF38-427D-B824-430E6B59AE41.jpeg
216.58.207.225200 OK 36 kB URL HTTP/2 blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjZZ1SuC47o9sAVwqkVNtKyuBEOXpoIFFYiBVz7LqSfROV2pOpV2CEV7w8o2AeT16PSBcA454y0P_86_3xwLPWxO2yV8b96yyxx-30JcuUlWLkMARTTEvncndnYAbRttP8TsyqpLWQvGsJn85OgW-go6Gy9k1fKiQmXyjh7pIr8s8qOzjN6xf74j2mLeA/s320/13000B65-CF38-427D-B824-430E6B59AE41.jpeg
IP 216.58.207.225:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 320x240, components 3\012- data
Hash ee02941b06b0b7f04336613b17ab4cf8
440529344bfd66587509076b780446f13dc1c74b
57fe9dabcb0b54f87ead7b372a8485df678f1844286df98771c8e85bfa68c94e
GET /img/b/R29vZ2xl/AVvXsEjZZ1SuC47o9sAVwqkVNtKyuBEOXpoIFFYiBVz7LqSfROV2pOpV2CEV7w8o2AeT16PSBcA454y0P_86_3xwLPWxO2yV8b96yyxx-30JcuUlWLkMARTTEvncndnYAbRttP8TsyqpLWQvGsJn85OgW-go6Gy9k1fKiQmXyjh7pIr8s8qOzjN6xf74j2mLeA/s320/13000B65-CF38-427D-B824-430E6B59AE41.jpeg HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.byfarahh.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v7c2a"
expires: Sun, 15 Jan 2023 09:44:07 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="13000B65-CF38-427D-B824-430E6B59AE41.jpeg"
content-type: image/jpeg
vary: Origin
x-content-type-options: nosniff
date: Sat, 14 Jan 2023 09:44:07 GMT
server: fife
content-length: 36370
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhHlnVuz8wqMyi-hm9qb7h-ZRCdt1eMLk8dvfYsr3KCKNNTjP49HX8ZByW9Ujno6H2ghPo49s7tNrD_rKyZC5fACXrbaJQx-Cj1MWVcNy43pWXcDFFbGwbhjSaYGT_1TJETyzsSUQDOXSjpDRVvmuTUF1fXj7mhO2PgqsS53U_f4Zx1-AyxkieGwy-0Mw/s640/19E98FAC-FBD2-46C9-BEBA-2F3E701FCDE0.png
216.58.207.225200 OK 247 kB URL HTTP/2 blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhHlnVuz8wqMyi-hm9qb7h-ZRCdt1eMLk8dvfYsr3KCKNNTjP49HX8ZByW9Ujno6H2ghPo49s7tNrD_rKyZC5fACXrbaJQx-Cj1MWVcNy43pWXcDFFbGwbhjSaYGT_1TJETyzsSUQDOXSjpDRVvmuTUF1fXj7mhO2PgqsS53U_f4Zx1-AyxkieGwy-0Mw/s640/19E98FAC-FBD2-46C9-BEBA-2F3E701FCDE0.png
IP 216.58.207.225:0
File type PNG image data, 640 x 480, 8-bit/color RGB, non-interlaced\012- data
Size 247 kB (247293 bytes)
Hash b23cfcbc262ff4aab65d88db38480c1e
f473f2fc39a61c6f4e3b12b3373b6b99698a75fe
dbabadc0781d4b786fd8cb0a848d09bc9e516fa1593ec758bd43e4d5ab84b706
GET /img/b/R29vZ2xl/AVvXsEhHlnVuz8wqMyi-hm9qb7h-ZRCdt1eMLk8dvfYsr3KCKNNTjP49HX8ZByW9Ujno6H2ghPo49s7tNrD_rKyZC5fACXrbaJQx-Cj1MWVcNy43pWXcDFFbGwbhjSaYGT_1TJETyzsSUQDOXSjpDRVvmuTUF1fXj7mhO2PgqsS53U_f4Zx1-AyxkieGwy-0Mw/s640/19E98FAC-FBD2-46C9-BEBA-2F3E701FCDE0.png HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.byfarahh.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v7c2e"
expires: Sun, 15 Jan 2023 09:44:07 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="19E98FAC-FBD2-46C9-BEBA-2F3E701FCDE0.png"
content-type: image/png
vary: Origin
x-content-type-options: nosniff
date: Sat, 14 Jan 2023 09:44:07 GMT
server: fife
content-length: 247293
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.blogger.com/comment/frame/4278199753568050899?po=1202921384888719626&hl=en&skin=contempo&blogspotRpcToken=9839688
216.58.207.233200 OK 0 B URL HTTP/2 www.blogger.com/comment/frame/4278199753568050899?po=1202921384888719626&hl=en&skin=contempo&blogspotRpcToken=9839688
IP 216.58.207.233:0
GET /comment/frame/4278199753568050899?po=1202921384888719626&hl=en&skin=contempo&blogspotRpcToken=9839688 HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.byfarahh.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-ua-compatible: IE=edge
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 14 Jan 2023 09:44:03 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
report-to: {"group":"BloggerCommentUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/BloggerCommentUi/external"}]}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-security-policy: script-src 'nonce-zAyOJmOy-kShit2NDhzAmA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/BloggerCommentUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/BloggerCommentUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/BloggerCommentUi/cspreport
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy: same-origin; report-to="BloggerCommentUi"
cross-origin-resource-policy: same-site
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
set-cookie: NID=511=Tj1qMwgVU_bhbwM6eo3lqZ8IqvBCX77DycAksU6091RwPajEv3EMFekzA86JpOLbXtPFTgaJVI13ELDwNg7hH1SyBN5LqigOAqv43s0bSVwshoNrzlAEmlmU_2wr9MBcrsnqnfgcU-EpWyg992fQnET0b4-kfVapGrzi2t-cO9E; expires=Sun, 16-Jul-2023 09:44:03 GMT; path=/; domain=.blogger.com; Secure; HttpOnly
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
apis.google.com/js/platform.js
142.250.74.46200 OK 0 B URL HTTP/2 apis.google.com/js/platform.js
IP 142.250.74.46:0
GET /js/platform.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.byfarahh.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 20933
date: Sat, 14 Jan 2023 09:44:03 GMT
expires: Sat, 14 Jan 2023 09:44:03 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "4fcbc207c89b8c6c"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.youtube.com/embed/iIDTNVpBDvA?feature=player_embedded
172.217.21.174200 OK 0 B URL HTTP/2 www.youtube.com/embed/iIDTNVpBDvA?feature=player_embedded
IP 172.217.21.174:0
GET /embed/iIDTNVpBDvA?feature=player_embedded HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.byfarahh.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 14 Jan 2023 09:44:03 GMT
strict-transport-security: max-age=31536000
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=91QXSZvXeh8; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=iwK5OPNKgsM; Domain=.youtube.com; Expires=Thu, 13-Jul-2023 09:44:03 GMT; Path=/; Secure; HttpOnly; SameSite=none
DEVICE_INFO=ChxOekU0T0RRME1UUXlNekV4TXpNNU16WXpNQT09EOPyiZ4GGOPyiZ4G; Domain=.youtube.com; Expires=Thu, 13-Jul-2023 09:44:03 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+791; expires=Mon, 13-Jan-2025 09:44:03 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.youtube.com/embed/tMDDwSC3I5s?feature=player_embedded
172.217.21.174200 OK 0 B URL HTTP/2 www.youtube.com/embed/tMDDwSC3I5s?feature=player_embedded
IP 172.217.21.174:0
GET /embed/tMDDwSC3I5s?feature=player_embedded HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.byfarahh.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 14 Jan 2023 09:44:03 GMT
strict-transport-security: max-age=31536000
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cross-origin-resource-policy: cross-origin
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=JTeojMQCtDc; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=LXEPd8VBcXE; Domain=.youtube.com; Expires=Thu, 13-Jul-2023 09:44:03 GMT; Path=/; Secure; HttpOnly; SameSite=none
DEVICE_INFO=ChxOekU0T0RRME1UUXlNVGN4TWpZMk9EQTFNZz09EOPyiZ4GGOPyiZ4G; Domain=.youtube.com; Expires=Thu, 13-Jul-2023 09:44:03 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+525; expires=Mon, 13-Jan-2025 09:44:03 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.youtube.com/embed/O2r4dY7nrZs?feature=player_embedded
172.217.21.174200 OK 0 B URL HTTP/2 www.youtube.com/embed/O2r4dY7nrZs?feature=player_embedded
IP 172.217.21.174:0
GET /embed/O2r4dY7nrZs?feature=player_embedded HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.byfarahh.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 14 Jan 2023 09:44:03 GMT
strict-transport-security: max-age=31536000
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=1KbrAeeSlUE; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
DEVICE_INFO=ChxOekU0T0RRME1UUXlNakE0TlRrME9ETTBOUT09EOPyiZ4GGOPyiZ4G; Domain=.youtube.com; Expires=Thu, 13-Jul-2023 09:44:03 GMT; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=IEH3n9Rb1Mk; Domain=.youtube.com; Expires=Thu, 13-Jul-2023 09:44:03 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+943; expires=Mon, 13-Jan-2025 09:44:03 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9888280728063597
142.250.74.130200 OK 0 B URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9888280728063597
IP 142.250.74.130:0
GET /pagead/js/adsbygoogle.js?client=ca-pub-9888280728063597 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.byfarahh.com
Connection: keep-alive
Referer: https://www.byfarahh.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 14 Jan 2023 09:44:04 GMT
expires: Sat, 14 Jan 2023 09:44:04 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 827929245381213735
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 49454
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2