r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash eb76c0b3adf4098ad8a9d1e38250758f
99610ddb2b4ec6d04250ac244f966951695d4f00
01ed8c191c175471aee23cbc196d558e5bf5209f166806fc97db08eb06544bab
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "01ED8C191C175471AEE23CBC196D558E5BF5209F166806FC97DB08EB06544BAB"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2778
Expires: Sun, 20 Nov 2022 04:29:56 GMT
Date: Sun, 20 Nov 2022 03:43:38 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash f732c50f6a2482aeea20552e0370c2d0
6f33119d5c38e92a0a62f3a46766ff86014e4d68
a47e38c199c5fecd5594544a3889e1cfca5547d85f19056f06eaeeadf17f4fe9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5881
Cache-Control: max-age=116736
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 03:43:38 GMT
Etag: "6378b071-1d7"
Expires: Mon, 21 Nov 2022 12:09:14 GMT
Last-Modified: Sat, 19 Nov 2022 10:31:13 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1cee7787feebac18f9eca273e56e3741
3a7dac544172921e24c2a1701beef5079b21d01b
79ff4a450c749d64e116c00ca3b00d40e968906c5c3881d6eeb2dc6374a4c858
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "79FF4A450C749D64E116C00CA3B00D40E968906C5C3881D6EEB2DC6374A4C858"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5178
Expires: Sun, 20 Nov 2022 05:09:56 GMT
Date: Sun, 20 Nov 2022 03:43:38 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 9ewmOQD+ZbBB2WrdDieIikXrBD/nE+iccGLSC7W+UlxiDDMFO7k+JXgg/r0pLX6/nnJpF5Q2O48=
x-amz-request-id: 7E2NGQF5DEWMBTYJ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 20 Nov 2022 03:38:34 GMT
age: 304
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 567df7db606cf5d0871aa5bc9311b6da
4263faac7cbab2fcaf6661911dcad5091c06be17
e9650e1fdc46fc8678708ddcc37ab369c7a6d50489a004be896f20c7a3a644b0
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 20 Nov 2022 02:44:58 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 3520
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 20 Nov 2022 03:43:38 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
aans1.blogspot.com/2013/12/polis-negeri-sembilan-siap-sedia-pantau.html
142.250.74.161200 OK 18 kB URL HTTP/1.1 aans1.blogspot.com/2013/12/polis-negeri-sembilan-siap-sedia-pantau.html
IP 142.250.74.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4971)
Hash 5a567098dfd9d1b161aa53849ab38faf
8694dfbc96a366887829f746fe974fd6b0067242
dc9e16a1c5f6b6a09e6e19c940f6d0aaa8312a4f1aa85ddbfb32847e6e08992a
GET /2013/12/polis-negeri-sembilan-siap-sedia-pantau.html HTTP/1.1
Host: aans1.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Expires: Sun, 20 Nov 2022 03:43:38 GMT
Date: Sun, 20 Nov 2022 03:43:38 GMT
Cache-Control: private, max-age=0
Last-Modified: Tue, 08 Nov 2022 12:38:23 GMT
ETag: W/"4c57bcac4cce86ac76b394e2f1ba43e0561322a0a88b0fcb8849eae868211e47"
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 17868
Server: GSE
fonts.googleapis.com/css?family=Josefin+Slab
142.250.74.10200 OK 295 B URL HTTP/1.1 fonts.googleapis.com/css?family=Josefin+Slab
IP 142.250.74.10:0
Hash 8d74fecd94bb3a255c2603538ea257a1
7021cec753ddbcfbd2ba682610c769dd30e837b4
aa1d0524faaaa495bc15a6c3b66679288e1243f4ca5e34294631fb5ed5502ba0
GET /css?family=Josefin+Slab HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://aans1.blogspot.com/
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Sun, 20 Nov 2022 03:43:38 GMT
Date: Sun, 20 Nov 2022 03:43:38 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin-allow-popups
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
apis.google.com/js/plusone.js
142.250.74.174200 OK 21 kB URL HTTP/1.1 apis.google.com/js/plusone.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1279)
Hash 557a84e1a4b4a45f586fb72599df1ad0
78eec98dcefee53f24a6684e407c81676e7952b4
a488b14f67aa02c62eb30b758d1eb76155478e3af0b2fd78dc52de4e28ed4014
GET /js/plusone.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://aans1.blogspot.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Content-Security-Policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="gapi-team"
Report-To: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
Timing-Allow-Origin: *
Content-Length: 20987
Date: Sun, 20 Nov 2022 03:43:38 GMT
Expires: Sun, 20 Nov 2022 03:43:38 GMT
Cache-Control: private, max-age=1800, stale-while-revalidate=1800
ETag: "c1b020d722de3a38"
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
w.sharethis.com/button/buttons.js
54.230.111.78301 Moved Permanently 167 B URL HTTP/1.1 w.sharethis.com/button/buttons.js
IP 54.230.111.78:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash f5d40b7259645010f9a248858ad14178
b3051d17a6ec8c9e166bf09a62b48261ab86957b
7f5007068d2b56ea9735e2490d60cff2e72cae312024ac1f6c91158eba47d05d
GET /button/buttons.js HTTP/1.1
Host: w.sharethis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://aans1.blogspot.com/
HTTP/1.1 301 Moved Permanently
Server: CloudFront
Date: Sun, 20 Nov 2022 03:43:38 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Location: https://w.sharethis.com/button/buttons.js
X-Cache: Redirect from cloudfront
Via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: RvpBnxprX-Eai8m_GYoQF0TuSX2YGtUxrDhKjzSS3GbxxO9bALbl5A==
aans1.blogspot.com/js/cookienotice.js
142.250.74.161200 OK 2.0 kB URL HTTP/1.1 aans1.blogspot.com/js/cookienotice.js
IP 142.250.74.161:0
Hash c4e1ed83d89245089b8a1203be20a377
f3940e1215b89300ef97d57a25993f25243b8688
afa801a129ff6fc98533118275db8a7d4a38fc91f8ab55ed4c19b864255e68d2
GET /js/cookienotice.js HTTP/1.1
Host: aans1.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://aans1.blogspot.com/2013/12/polis-negeri-sembilan-siap-sedia-pantau.html
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: text/javascript
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 2026
Date: Sun, 20 Nov 2022 03:43:38 GMT
Expires: Sun, 27 Nov 2022 03:43:38 GMT
Cache-Control: public, max-age=604800
Last-Modified: Sat, 19 Nov 2022 21:50:27 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash e67c722510722eb154d6d4c0c012ee80
326631d14b6e85fdf096bffb662de5acfa27ac41
31c2e8fe23716772c02c0f31acf5ba47ac35290814e5a7fbf01875a8eb0837a6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 03:43:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
go.padstm.com/?id=292517
139.45.197.238302 Moved Temporarily 138 B IP 139.45.197.238:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash aff950cab4c0265e21d401db15f1026d
f03e18461817f7a6546c8bf8fa8d686d7e30aca0
753e0dd54f28c4f7009b9c0b18a68aed175416bd8b7d134858264586eaac56f0
GET /?id=292517 HTTP/1.1
Host: go.padstm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://aans1.blogspot.com/
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Sun, 20 Nov 2022 03:43:38 GMT
Content-Type: text/html
Content-Length: 138
Connection: keep-alive
Location: http://go.padsdel.com/?id=292517
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Timing-Allow-Origin: *
go.padstm.com/?id=292519
139.45.197.238302 Moved Temporarily 138 B IP 139.45.197.238:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash aff950cab4c0265e21d401db15f1026d
f03e18461817f7a6546c8bf8fa8d686d7e30aca0
753e0dd54f28c4f7009b9c0b18a68aed175416bd8b7d134858264586eaac56f0
GET /?id=292519 HTTP/1.1
Host: go.padstm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://aans1.blogspot.com/
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Sun, 20 Nov 2022 03:43:38 GMT
Content-Type: text/html
Content-Length: 138
Connection: keep-alive
Location: http://go.padsdel.com/?id=292519
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Timing-Allow-Origin: *
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash e67c722510722eb154d6d4c0c012ee80
326631d14b6e85fdf096bffb662de5acfa27ac41
31c2e8fe23716772c02c0f31acf5ba47ac35290814e5a7fbf01875a8eb0837a6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 03:43:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.blogger.com/static/v1/widgets/55013136-widget_css_bundle.css
142.250.74.105200 OK 6.6 kB URL HTTP/2 www.blogger.com/static/v1/widgets/55013136-widget_css_bundle.css
IP 142.250.74.105:0
File type ASCII text, with very long lines (30596)
Hash 6f46e6f68353c7911fe34f31faa1518f
ea4dbfa2f87c18e9c51c59a32dfa9afb9c2c3472
0be7e26374fcff6f423b88e5f2a05d1cfdcb56abb4a78fa125e391989782ae0f
GET /static/v1/widgets/55013136-widget_css_bundle.css HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://aans1.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 6620
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 19 Nov 2022 20:36:32 GMT
expires: Sun, 19 Nov 2023 20:36:32 GMT
cache-control: public, max-age=31536000
last-modified: Sat, 19 Nov 2022 18:50:07 GMT
content-type: text/css
age: 25626
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 97670ac939a5ccfe858270bfa723212e
e7e39c53d3f5588f5be7e7893fc4817977b10526
a45926a5ca1fe9f305ce6e64bf68052cb53b8e87e7218ea5c2444f0581a3d58c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 03:43:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.blogger.com/static/v1/jsbin/3469866930-comment_from_post_iframe.js
142.250.74.105200 OK 6.6 kB URL HTTP/2 www.blogger.com/static/v1/jsbin/3469866930-comment_from_post_iframe.js
IP 142.250.74.105:0
File type ASCII text, with very long lines (1441)
Hash f60e5037324bf7fd2256c16929886f09
aae4b1aea3737e0268e3578dd1d0e7cfe6c6d66b
71846da8d45274b77549b110389ab3dbcb8ce042051b5c39547909c1c343dfde
GET /static/v1/jsbin/3469866930-comment_from_post_iframe.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://aans1.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 6573
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Nov 2022 08:05:29 GMT
expires: Thu, 16 Nov 2023 08:05:29 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 15 Nov 2022 07:51:19 GMT
content-type: text/javascript
age: 329889
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.hdwallpapersinn.com/wp-content/uploads/2013/11/2014-New-Year-HD-Wallpaper.jpg
104.21.66.199301 Moved Permanently 0 B URL HTTP/1.1 www.hdwallpapersinn.com/wp-content/uploads/2013/11/2014-New-Year-HD-Wallpaper.jpg
IP 104.21.66.199:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /wp-content/uploads/2013/11/2014-New-Year-HD-Wallpaper.jpg HTTP/1.1
Host: www.hdwallpapersinn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://aans1.blogspot.com/
HTTP/1.1 301 Moved Permanently
Date: Sun, 20 Nov 2022 03:43:38 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sun, 20 Nov 2022 04:43:38 GMT
Location: https://www.hdwallpapersinn.com/wp-content/uploads/2013/11/2014-New-Year-HD-Wallpaper.jpg
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lHwBeM8BDWL9rDOtaxLzquFYIeP4%2B4Veul60D2maY2Y%2BTsE3E8oRWlTbgo%2B2mEIOC8VsY1V4CtvbuUd%2FcjdKtvrW8zJ%2Fgq1RtPDuFAFkYosLp1ozbkcXSIhOHUXhUPwBJy6Nh32Guth%2FFw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76ce2eba4f160b3d-OSL
alt-svc: h2=":443"; ma=60
www.blogger.com/img/icon18_edit_allbkg.gif
142.250.74.105200 OK 162 B URL HTTP/1.1 www.blogger.com/img/icon18_edit_allbkg.gif
IP 142.250.74.105:0
File type GIF image data, version 89a, 18 x 18\012- data
Hash c991641178ff05adf0d004298b5eafa9
d8f6ce8ecd92b86d49849360f6b81ceb10b4c941
ca9848e6006cfec8f9ffa29433ade8152204bdb95579200831c6dc0f53dff70b
GET /img/icon18_edit_allbkg.gif HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://aans1.blogspot.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 162
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 15 Nov 2022 14:39:46 GMT
Expires: Tue, 22 Nov 2022 14:39:46 GMT
Cache-Control: public, max-age=604800
Last-Modified: Tue, 15 Nov 2022 13:54:38 GMT
Content-Type: image/gif
Age: 392632
www.blogger.com/img/icon_delete13.gif
142.250.74.105200 OK 140 B URL HTTP/1.1 www.blogger.com/img/icon_delete13.gif
IP 142.250.74.105:0
File type GIF image data, version 89a, 13 x 13\012- data
Hash e7f55c98f18368f2ba26a008b1d40fc3
bb509d770d2d149060707c2c2c01776e86b858c4
69ff07a31a102649f3e0d08a967c39b134286293b85aac0885b3102a9120f1a6
GET /img/icon_delete13.gif HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://aans1.blogspot.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 140
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Fri, 18 Nov 2022 15:12:26 GMT
Expires: Fri, 25 Nov 2022 15:12:26 GMT
Cache-Control: public, max-age=604800
Last-Modified: Fri, 18 Nov 2022 11:52:55 GMT
Content-Type: image/gif
Age: 131472
www.blogger.com/img/blogger_logo_round_35.png
142.250.74.105200 OK 2.5 kB URL HTTP/1.1 www.blogger.com/img/blogger_logo_round_35.png
IP 142.250.74.105:0
File type PNG image data, 35 x 35, 8-bit/color RGBA, non-interlaced\012- data
Hash 838622483cbfed35380b4705f19d7cca
7de684136affc969a24d61927afc18905cf2fc36
183923f8c8c3960dce8ad9722cf55a30d19b321b721741bd9e2ab6ae1f1ae72a
GET /img/blogger_logo_round_35.png HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://aans1.blogspot.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 2531
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Thu, 17 Nov 2022 15:44:39 GMT
Expires: Thu, 24 Nov 2022 15:44:39 GMT
Cache-Control: public, max-age=604800
Last-Modified: Thu, 17 Nov 2022 08:51:10 GMT
Content-Type: image/png
Age: 215939
www.blogger.com/static/v1/widgets/2342155703-widgets.js
142.250.74.105200 OK 57 kB URL HTTP/2 www.blogger.com/static/v1/widgets/2342155703-widgets.js
IP 142.250.74.105:0
File type ASCII text, with very long lines (2221)
Hash 1217c8e34acb09c7cea97bae4d386ea1
55ee17703d0a7710943e93913bacb49220d98b4b
c2f23437ab938096bf8b40de8b08c4f27bb880b7ef8588481ec5ccc08b58870b
GET /static/v1/widgets/2342155703-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://aans1.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 56726
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Nov 2022 02:09:09 GMT
expires: Thu, 16 Nov 2023 02:09:09 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 15 Nov 2022 04:53:02 GMT
content-type: text/javascript
age: 351269
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
w.sharethis.com/button/buttons.js
54.230.111.78200 OK 17 kB URL HTTP/2 w.sharethis.com/button/buttons.js
IP 54.230.111.78:0
File type ASCII text, with very long lines (60851), with no line terminators
Hash 6df1e6fb302d1bcb35d898105f0327de
2336688fde43d37fc38dbd842b76f728d7423034
3acec848060440ee2c01f063023d2cc0122ad46f1de910ca0738e6715a6c2e67
GET /button/buttons.js HTTP/1.1
Host: w.sharethis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://aans1.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 16989
content-encoding: gzip
server: nginx/1.20.1
x-robots-tag: noindex, nofollow
date: Sat, 19 Nov 2022 21:20:00 GMT
cache-control: max-age=259200
expires: Tue, 22 Nov 2022 21:20:00 GMT
etag: W/"634f1855-edb3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 92Kn2da1fgOpjVnvEBQTz_gtOijSVN4yxKdRXfNr7O2AaEkffbSlwQ==
age: 23018
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash e67c722510722eb154d6d4c0c012ee80
326631d14b6e85fdf096bffb662de5acfa27ac41
31c2e8fe23716772c02c0f31acf5ba47ac35290814e5a7fbf01875a8eb0837a6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 03:43:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 30678aaa5e2f3f22f0fcd53b2466a7ab
e3045982a45b15f099fafcfb8c19c90b580ae3bc
2ced767771c96abc27feb208e116efbb81c04ea4676f5294ee8f23a0002f87fc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 03:43:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
go.padsdel.com/?id=292519
139.45.197.239200 OK 8 B URL HTTP/1.1 go.padsdel.com/?id=292519
IP 139.45.197.239:0
File type ASCII text, with no line terminators
Hash 3bbbac058fc4ed9e8078f0318d31d9fa
fb3f78865eac1bdd3406f00b9cae5c6cdf6211b8
3938c63e8b782001c4b451b439634c1380b1e262d919e11ba7374862835d83e4
GET /?id=292519 HTTP/1.1
Host: go.padsdel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://aans1.blogspot.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 20 Nov 2022 03:43:38 GMT
Content-Type: application/octet-stream
Content-Length: 8
Connection: keep-alive
go.padsdel.com/?id=292517
139.45.197.239200 OK 8 B URL HTTP/1.1 go.padsdel.com/?id=292517
IP 139.45.197.239:0
File type ASCII text, with no line terminators
Hash 3bbbac058fc4ed9e8078f0318d31d9fa
fb3f78865eac1bdd3406f00b9cae5c6cdf6211b8
3938c63e8b782001c4b451b439634c1380b1e262d919e11ba7374862835d83e4
GET /?id=292517 HTTP/1.1
Host: go.padsdel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://aans1.blogspot.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 20 Nov 2022 03:43:38 GMT
Content-Type: application/octet-stream
Content-Length: 8
Connection: keep-alive
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.P0B2vZm_jJk.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_nmCaDbrwZCe_WiNZEgKVKQ-FnSA/cb=gapi.loaded_0?le=scs
142.250.74.174200 OK 51 kB URL HTTP/2 apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.P0B2vZm_jJk.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_nmCaDbrwZCe_WiNZEgKVKQ-FnSA/cb=gapi.loaded_0?le=scs
IP 142.250.74.174:0
File type ASCII text, with very long lines (580)
Hash cf7ba1923d457322375044e5b1042100
25339ead949bb7b8c30b3e7eb638fc3200c8f2d6
6de820e802afec0caaf44492eb818c6eac1b2463e29bd467afa3a0d396718cd2
GET /_/scs/abc-static/_/js/k=gapi.lb.en.P0B2vZm_jJk.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_nmCaDbrwZCe_WiNZEgKVKQ-FnSA/cb=gapi.loaded_0?le=scs HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://aans1.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 51265
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Nov 2022 18:59:14 GMT
expires: Thu, 16 Nov 2023 18:59:14 GMT
cache-control: public, max-age=31536000
age: 290664
last-modified: Tue, 04 Oct 2022 15:24:13 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash a00fff9dd1711061b285e2136c973d13
66548ac11fc58024c6994539ab81804add41d2f2
4b87c5468c15817686a8497324c2a06d18fd5574141aa0476bf98aa3b8395a8f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 03:43:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
4.bp.blogspot.com/-Cjrjhse6Exc/T_YQ7dMaIpI/AAAAAAAACxg/3RqA3xoGSj0/s1600/subcribe%2Bthesis.gif
142.250.74.161200 OK 354 B URL HTTP/1.1 4.bp.blogspot.com/-Cjrjhse6Exc/T_YQ7dMaIpI/AAAAAAAACxg/3RqA3xoGSj0/s1600/subcribe%2Bthesis.gif
IP 142.250.74.161:0
File type GIF image data, version 89a, 12 x 12\012- data
Hash 63518cf04cae6c58308feb72ea17aeb4
899fbaf9f628bc09483dbca246f580596beb8378
c33b76e5a92e675fbef817c95a1414f9b9a661d46f6e66b9eb58b05679d69fd5
GET /-Cjrjhse6Exc/T_YQ7dMaIpI/AAAAAAAACxg/3RqA3xoGSj0/s1600/subcribe%2Bthesis.gif HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://aans1.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="subcribe thesis.gif"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 354
X-XSS-Protection: 0
Date: Sun, 20 Nov 2022 03:43:38 GMT
Expires: Sat, 19 Nov 2022 01:09:42 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v248c"
Content-Type: image/gif
Age: 0
fonts.gstatic.com/s/josefinslab/v20/lW-swjwOK3Ps5GSJlNNkMalNpiZe_ldbOR4W71msR349Kg.woff2
216.58.207.195200 OK 10 kB URL HTTP/1.1 fonts.gstatic.com/s/josefinslab/v20/lW-swjwOK3Ps5GSJlNNkMalNpiZe_ldbOR4W71msR349Kg.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 10024, version 1.0\012- data
Hash 29db13120ec478925e9486c2fb8aa79a
59af3d7d251693ee0ef2f14566d3bd165028bb0f
f48b859d4f27ad5d59d75e405c3c4a847effd7b56308c1315e5d8f9dbac89bd0
GET /s/josefinslab/v20/lW-swjwOK3Ps5GSJlNNkMalNpiZe_ldbOR4W71msR349Kg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://aans1.blogspot.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 10024
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Fri, 18 Nov 2022 01:05:53 GMT
Expires: Sat, 18 Nov 2023 01:05:53 GMT
Cache-Control: public, max-age=31536000
Age: 182265
Last-Modified: Mon, 11 Jul 2022 20:59:21 GMT
Content-Type: font/woff2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 8bda6dda8e10180d978714b045ed231b
922134fdf8cae49cc3d2935466cd899d05fa5f13
749149017bfa88e0bcf29ccaf2f335511dc213636af06a19157f4a1049ef526c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=139624
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 03:43:38 GMT
Etag: "637920d2-118"
Expires: Mon, 21 Nov 2022 18:30:42 GMT
Last-Modified: Sat, 19 Nov 2022 18:30:42 GMT
Server: nginx
Content-Length: 280
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Cache-Control, ETag, Pragma, Expires, Backoff, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 20 Nov 2022 02:44:49 GMT
cache-control: public,max-age=3600
age: 3529
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
www.clicksasia.com/openx/www/delivery/inline.js
185.38.110.121200 OK 47 B URL HTTP/1.1 www.clicksasia.com/openx/www/delivery/inline.js
IP 185.38.110.121:0
Hash 511b5d4a2aef166d9dc32d1c02c07ac9
0f1a044a15467fcd79f0eed930ef3089093724e4
8bc7dba4bd487ef7bf47ad5e54a2eb55618d75518d5f98c8eb83a9901ac05f38
Analyzer Verdict Alert quad9 Sinkholed
GET /openx/www/delivery/inline.js HTTP/1.1
Host: www.clicksasia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://aans1.blogspot.com/
HTTP/1.1 200 OK
Content-Type: application/javascript
Date: Sun, 20 Nov 2022 03:43:38 GMT
Content-Length: 47
1.bp.blogspot.com/-ho1JUe_TJ-8/Vdb8kU0l1dI/AAAAAAAAKNI/JB0-WlsU-eM/s1600/12.jpg
142.250.74.161200 OK 122 kB URL HTTP/1.1 1.bp.blogspot.com/-ho1JUe_TJ-8/Vdb8kU0l1dI/AAAAAAAAKNI/JB0-WlsU-eM/s1600/12.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=4, orientation=upper-left, software=Google], baseline, precision 8, 851x315, components 3\012- data
Size 122 kB (121948 bytes)
Hash fdb16fd9d11da34115a3d36756ec2cd8
88f5eff84192079db87a49713aadc38e498e080c
b24bc09a6345b5ff13f8ed35497ae71ecb464dbde6470fdb6ff9a409d7cdd59a
GET /-ho1JUe_TJ-8/Vdb8kU0l1dI/AAAAAAAAKNI/JB0-WlsU-eM/s1600/12.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://aans1.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v28d3"
Expires: Mon, 21 Nov 2022 03:43:38 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="12.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Sun, 20 Nov 2022 03:43:38 GMT
Server: fife
Content-Length: 121948
X-XSS-Protection: 0
aans1.blogspot.com/feeds/posts/default/-/MISC?alt=json-in-script&callback=related_results_labels&max-results=17
142.250.74.161200 OK 20 kB URL HTTP/1.1 aans1.blogspot.com/feeds/posts/default/-/MISC?alt=json-in-script&callback=related_results_labels&max-results=17
IP 142.250.74.161:0
File type Unicode text, UTF-8 text, with very long lines (65506)
Hash ccdb4a19eabf0b484f2acab496225957
75f2f9d0d5c4d719a29869ebe55bc28af2cf834a
427d6505224cd1555eeeb80510a41f99037e7ca564e4fb962af9ad672e37980b
GET /feeds/posts/default/-/MISC?alt=json-in-script&callback=related_results_labels&max-results=17 HTTP/1.1
Host: aans1.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://aans1.blogspot.com/2013/12/polis-negeri-sembilan-siap-sedia-pantau.html
HTTP/1.1 200 OK
Cross-Origin-Resource-Policy: cross-origin
ETag: W/"1652e6937fd990fa804d895ded1be67d0633fdd5bb65c165d16b065ca9093dcb"
Date: Sun, 20 Nov 2022 03:43:38 GMT
Content-Type: text/javascript; charset=UTF-8
Server: blogger-renderd
Expires: Sun, 20 Nov 2022 03:43:39 GMT
Cache-Control: public, must-revalidate, proxy-revalidate, max-age=1
X-Content-Type-Options: nosniff
X-XSS-Protection: 0
Last-Modified: Tue, 08 Nov 2022 12:38:23 GMT
Content-Encoding: gzip
Content-Length: 19948
X-Frame-Options: SAMEORIGIN
1.bp.blogspot.com/-zt1heJ3mBLg/T7zVmDb7EII/AAAAAAAAA-Q/hpQivcNMPP4/s1600/bullet.gif
142.250.74.161200 OK 311 B URL HTTP/1.1 1.bp.blogspot.com/-zt1heJ3mBLg/T7zVmDb7EII/AAAAAAAAA-Q/hpQivcNMPP4/s1600/bullet.gif
IP 142.250.74.161:0
File type GIF image data, version 89a, 13 x 11\012- data
Hash 028bcf92cf62e42de0acfa130f3d351e
68e32de8443766f9ed1ddc91c4f6436cc2facf4a
a9ded55ec2249c5d0fc740e775d521dc79e6b38bb8f28f80fdd8348975ca11d4
GET /-zt1heJ3mBLg/T7zVmDb7EII/AAAAAAAAA-Q/hpQivcNMPP4/s1600/bullet.gif HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://aans1.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="bullet.gif"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 311
X-XSS-Protection: 0
Date: Sun, 20 Nov 2022 03:43:39 GMT
Expires: Wed, 16 Nov 2022 03:47:33 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v4ca"
Content-Type: image/gif
Age: 0
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 060d538b33e370fcd033339830d33a42
4a37d427988358eb318e18e2678c3484ef4a5ebd
efa33f92547243814b5bd3bca4f94d26055d590a4431611b3ba251a8d774bfbb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1150
Cache-Control: max-age=106943
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 03:43:39 GMT
Etag: "63789cac-1d7"
Expires: Mon, 21 Nov 2022 09:26:02 GMT
Last-Modified: Sat, 19 Nov 2022 09:06:52 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 8c1ee5f4c1ab645286b162b818a868a4
db959000bdbdc15fbd978fd3d2fdad0d6e126112
d98fe4a593330c0d1337308afa26ab255f46bba987b749ff449b69c7df651b0a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 03:43:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
developers.google.com/
142.250.74.14301 Moved Permanently 0 B IP 142.250.74.14:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: developers.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://aans1.blogspot.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Location: https://developers.google.com/
X-Cloud-Trace-Context: f34183311a0821ce7ef37d554c811fe0
Date: Sun, 20 Nov 2022 03:43:39 GMT
Content-Type: text/html
Server: Google Frontend
Content-Length: 0
ww62.clicksasia.com/
13.248.148.254200 OK 4.5 kB IP 13.248.148.254:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2482)
Hash aa59cfcee4069d0540f92949b902e069
5b132c035a18834fde7a4c095696d18176c4ce90
b664c2353af0bb6c72fe09f2d048b340a1493d854a0858b46a4398c05ea4dbd2
Analyzer Verdict Alert quad9 Sinkholed
GET / HTTP/1.1
Host: ww62.clicksasia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://aans1.blogspot.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sun, 20 Nov 2022 03:43:39 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Vary: Accept-Encoding
X-Buckets: bucket103
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_Ue2QSzd35QEQtTK6x1YLQaf0D2dWoHK7bmHfcZIGI/CAXG4Ia6DnnC8NDz024FxnCIyOUYSYMWBOGoKSnD/fqw==
X-Template: tpl_CleanPeppermintBlack_twoclick
X-Language: norwegian
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-CH-Lifetime: 30
Content-Encoding: gzip
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash 6e5133a27b00b831a1ee918d5273efbc
d5baed63df107bfa2b2fb38ac97e38b7a4e6e161
2acc42ca21221b9f38b5520e20d14cf3406e5f454d2a8b363a5bfaff51df5cde
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=143337
Date: Sun, 20 Nov 2022 03:43:39 GMT
Etag: "63791cad-1d7"
Expires: Mon, 21 Nov 2022 19:32:36 GMT
Last-Modified: Sat, 19 Nov 2022 18:13:01 GMT
Server: ECS (nyb/1D0A)
X-Cache: Miss from cloudfront
Via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Ms9xfJAhgjGPNQ9O7grLgxlvg8KyNSM3Z74ngrYOwDvKh7FIsjCyrQ==
Age: 4775
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 801bfa5219b8edbae22ab4be73ea5f1b
6795d174c6af1841ff34a78c0723c8fd9a69bdce
5288c50ab4af870e03058d86bbf4fca0cb0cbb10136580858cb7c05e91605805
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 03:43:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
52.41.91.37101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.41.91.37:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: FDz7VkVVU4LKRzfAv/iNMg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: bsZiRgKpTxdS9Nldu2iElYMf/fg=
l.sharethis.com/pview?event=pview&version=buttons.js&lang=en&sessionID=1668915818723.70922&hostname=aans1.blogspot.com&location=%2F2013%2F12%2Fpolis-negeri-sembilan-siap-sedia-pantau.html&product=widget&fcmp=false&fcmpv2=false&publisher=ur.00000000-0000-0000-0000-000000000000&url=http%3A%2F%2Faans1.blogspot.com%2F2013%2F12%2Fpolis-negeri-sembilan-siap-sedia-pantau.html&title=Polis%20Negeri%20Sembilan%20siap%20sedia%20pantau%20sambutan%20tahun%20baru&sop=false&description=SEREMBAN%20%E2%80%93%20Polis%20Negeri%20Sembilan%20telah%20bersiap%20sedia%20menghadapi%20sebarang%20kemungkinan%20akan%20berlaku%20pada%20malam%20sambutan%20tahun%20baharu%20di%20negeri...&description=SEREMBAN%20%E2%80%93%20Polis%20Negeri%20Sembilan%20telah%20bersiap%20sedia%20menghadapi%20sebarang%20kemungkinan%20akan%20berlaku%20pada%20malam%20sambutan%20tahun%20baharu%20di%20negeri...&img_pview=true
52.28.72.230204 No Content 0 B URL HTTP/1.1 l.sharethis.com/pview?event=pview&version=buttons.js&lang=en&sessionID=1668915818723.70922&hostname=aans1.blogspot.com&location=%2F2013%2F12%2Fpolis-negeri-sembilan-siap-sedia-pantau.html&product=widget&fcmp=false&fcmpv2=false&publisher=ur.00000000-0000-0000-0000-000000000000&url=http%3A%2F%2Faans1.blogspot.com%2F2013%2F12%2Fpolis-negeri-sembilan-siap-sedia-pantau.html&title=Polis%20Negeri%20Sembilan%20siap%20sedia%20pantau%20sambutan%20tahun%20baru&sop=false&description=SEREMBAN%20%E2%80%93%20Polis%20Negeri%20Sembilan%20telah%20bersiap%20sedia%20menghadapi%20sebarang%20kemungkinan%20akan%20berlaku%20pada%20malam%20sambutan%20tahun%20baharu%20di%20negeri...&description=SEREMBAN%20%E2%80%93%20Polis%20Negeri%20Sembilan%20telah%20bersiap%20sedia%20menghadapi%20sebarang%20kemungkinan%20akan%20berlaku%20pada%20malam%20sambutan%20tahun%20baharu%20di%20negeri...&img_pview=true
IP 52.28.72.230:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pview?event=pview&version=buttons.js&lang=en&sessionID=1668915818723.70922&hostname=aans1.blogspot.com&location=%2F2013%2F12%2Fpolis-negeri-sembilan-siap-sedia-pantau.html&product=widget&fcmp=false&fcmpv2=false&publisher=ur.00000000-0000-0000-0000-000000000000&url=http%3A%2F%2Faans1.blogspot.com%2F2013%2F12%2Fpolis-negeri-sembilan-siap-sedia-pantau.html&title=Polis%20Negeri%20Sembilan%20siap%20sedia%20pantau%20sambutan%20tahun%20baru&sop=false&description=SEREMBAN%20%E2%80%93%20Polis%20Negeri%20Sembilan%20telah%20bersiap%20sedia%20menghadapi%20sebarang%20kemungkinan%20akan%20berlaku%20pada%20malam%20sambutan%20tahun%20baharu%20di%20negeri...&description=SEREMBAN%20%E2%80%93%20Polis%20Negeri%20Sembilan%20telah%20bersiap%20sedia%20menghadapi%20sebarang%20kemungkinan%20akan%20berlaku%20pada%20malam%20sambutan%20tahun%20baharu%20di%20negeri...&img_pview=true HTTP/1.1
Host: l.sharethis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://aans1.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: *
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: stid
Access-Control-Max-Age: 1728000
Cache-Control: no-cache, no-store, must-revalidate
Date: Sun, 20 Nov 2022 03:43:39 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
d38psrni17bvxu.cloudfront.net/themes/assets/style.css
54.230.245.138200 OK 343 B URL HTTP/1.1 d38psrni17bvxu.cloudfront.net/themes/assets/style.css
IP 54.230.245.138:0
Hash 03a4a8c322fc0c99b0ee7cbbcc9eabcd
6fc193276de2a3458cd853c474cb9269b900e00d
a535d2296792cb37a2bbad1d9d0546e3383a8a5bfac0d9edda15795c226bddf7
GET /themes/assets/style.css HTTP/1.1
Host: d38psrni17bvxu.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww62.clicksasia.com/
HTTP/1.1 200 OK
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Date: Sun, 20 Nov 2022 00:33:15 GMT
Last-Modified: Tue, 12 May 2020 14:25:52 GMT
Content-Encoding: gzip
ETag: W/"5ebab1f0-33d"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: I6ERUNOJPc0q4_K9n-jqlMf30H-OwJPL4yKwpSrjTaKWNuOnH4927w==
Age: 11424
d38psrni17bvxu.cloudfront.net/scripts/maincaf.js
54.230.245.138200 OK 7.0 kB URL HTTP/1.1 d38psrni17bvxu.cloudfront.net/scripts/maincaf.js
IP 54.230.245.138:0
File type ASCII text, with very long lines (316)
Hash 3c7567521347bf95b105ffa7fdc7da86
08739adacbf1300c74d8ae1cf100d00d9fbd0e5f
0e32bca6b67dfdeed3f9b988ddcec1adf0502549a130a78c4ace64c318a7ea29
GET /scripts/maincaf.js HTTP/1.1
Host: d38psrni17bvxu.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww62.clicksasia.com/
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 7006
Connection: keep-alive
Server: nginx
Date: Sat, 19 Nov 2022 15:10:44 GMT
Last-Modified: Tue, 15 Nov 2022 15:10:24 GMT
Accept-Ranges: bytes
ETag: "6373abe0-1b5e"
X-Cache: Hit from cloudfront
Via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: B2WcacMvxzrMvCHkjDP3IV51c1StSQ3_vUEUIaZcUPxeIO8DVXcRow==
Age: 45175
d38psrni17bvxu.cloudfront.net/themes/cleanPeppermintBlack_657d9013/style.css
54.230.245.138200 OK 648 B URL HTTP/1.1 d38psrni17bvxu.cloudfront.net/themes/cleanPeppermintBlack_657d9013/style.css
IP 54.230.245.138:0
Hash 706f944f821bc64dff4240a04251ff36
efcf7c46310be1b252baae8e2f4b5e9edfee9fe3
dc365466c780c2d5e58a10925db88facb0cae18cb5a077790c54561e8590b63b
GET /themes/cleanPeppermintBlack_657d9013/style.css HTTP/1.1
Host: d38psrni17bvxu.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww62.clicksasia.com/
HTTP/1.1 200 OK
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Date: Sun, 20 Nov 2022 03:12:40 GMT
Last-Modified: Fri, 21 Oct 2022 11:27:37 GMT
Content-Encoding: gzip
ETag: W/"63528229-63e"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 375ku0QYEx-32ueig2PDGQgSwwiUvXv7Phc2KtZIVuvlSCDU_Lx_xw==
Age: 1859
www.google.com/adsense/domains/caf.js
142.250.74.164200 OK 54 kB URL HTTP/1.1 www.google.com/adsense/domains/caf.js
IP 142.250.74.164:0
File type ASCII text, with very long lines (1885)
Hash cab5a8333ee166d9f6d0b2bd295db5e5
6693b5f32a350be64a33d9f3cf42aae1a67270a8
148e93b6b9d9cc517b75154be03b93614353dfebd96b73137d1f08c9c82c02de
GET /adsense/domains/caf.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww62.clicksasia.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="ads-afs-ui"
Report-To: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
Date: Sun, 20 Nov 2022 03:43:39 GMT
Expires: Sun, 20 Nov 2022 03:43:39 GMT
Cache-Control: private, max-age=3600
ETag: "8456826843805353673"
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: sffe
X-XSS-Protection: 0
d38psrni17bvxu.cloudfront.net/themes/cleanPeppermintBlack_657d9013/img/arrows.png
54.230.245.138200 OK 11 kB URL HTTP/1.1 d38psrni17bvxu.cloudfront.net/themes/cleanPeppermintBlack_657d9013/img/arrows.png
IP 54.230.245.138:0
File type PNG image data, 1500 x 600, 8-bit colormap, non-interlaced\012- data
Hash 0cb2e5165dc9324eb462199f04e1ffa9
9e0f89847ec8a98d98a6020bc5c4ed32b7a48bf8
67dff0aad873050f12609885f2264417ccdd0d438311000a704c89f0865f7865
GET /themes/cleanPeppermintBlack_657d9013/img/arrows.png HTTP/1.1
Host: d38psrni17bvxu.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://d38psrni17bvxu.cloudfront.net/themes/cleanPeppermintBlack_657d9013/style.css
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 11375
Connection: keep-alive
Server: nginx
Date: Sun, 20 Nov 2022 02:14:15 GMT
Last-Modified: Thu, 23 Jun 2022 10:44:43 GMT
Accept-Ranges: bytes
ETag: "62b4441b-2c6f"
X-Cache: Hit from cloudfront
Via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: -Ia9VW9zhNuvdUMvVLqTOU8fKMF-g9UxTibGMMrg2KCGCn0tmf-onw==
Age: 5364
ww62.clicksasia.com/favicon.ico
13.248.148.254200 OK 0 B URL HTTP/1.1 ww62.clicksasia.com/favicon.ico
IP 13.248.148.254:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /favicon.ico HTTP/1.1
Host: ww62.clicksasia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww62.clicksasia.com/
HTTP/1.1 200 OK
Date: Sun, 20 Nov 2022 03:43:40 GMT
Content-Type: image/x-icon
Content-Length: 0
Connection: keep-alive
Server: nginx
Last-Modified: Tue, 12 May 2020 14:25:52 GMT
ETag: "5ebab1f0-0"
Accept-Ranges: bytes
ww62.clicksasia.com/track.php?domain=clicksasia.com&toggle=browserjs&uid=MTY2ODkxNTgxOS40NjAyOjk1ODcwM2M4ZWUxYjkyMjE3MWQ1N2ZjYmNkM2JjNDUwMThmZmFmNjIxYmI1YWIyMmJiNjY3NTE0Mjk0Yjc0MWQ6NjM3OWEyNmI3MDU5Yw%3D%3D
13.248.148.254200 OK 20 B URL HTTP/1.1 ww62.clicksasia.com/track.php?domain=clicksasia.com&toggle=browserjs&uid=MTY2ODkxNTgxOS40NjAyOjk1ODcwM2M4ZWUxYjkyMjE3MWQ1N2ZjYmNkM2JjNDUwMThmZmFmNjIxYmI1YWIyMmJiNjY3NTE0Mjk0Yjc0MWQ6NjM3OWEyNmI3MDU5Yw%3D%3D
IP 13.248.148.254:0
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
Analyzer Verdict Alert quad9 Sinkholed
GET /track.php?domain=clicksasia.com&toggle=browserjs&uid=MTY2ODkxNTgxOS40NjAyOjk1ODcwM2M4ZWUxYjkyMjE3MWQ1N2ZjYmNkM2JjNDUwMThmZmFmNjIxYmI1YWIyMmJiNjY3NTE0Mjk0Yjc0MWQ6NjM3OWEyNmI3MDU5Yw%3D%3D HTTP/1.1
Host: ww62.clicksasia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww62.clicksasia.com/
HTTP/1.1 200 OK
Date: Sun, 20 Nov 2022 03:43:40 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Vary: Accept-Encoding
X-Custom-Track: browserjs
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-CH-Lifetime: 30
Access-Control-Allow-Origin: *
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 5e884c53db72411f06e2209d005f7586
6e1049a7fc26d6a3259a97bfca9dc6ba7b0dd5af
2965603dd297987ffa36ffd33c133f2c6a67fa6df1551554160b65ce804b0198
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 03:43:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ww62.clicksasia.com/ls.php
13.248.148.254201 Created 0 B URL HTTP/1.1 ww62.clicksasia.com/ls.php
IP 13.248.148.254:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
POST /ls.php HTTP/1.1
Host: ww62.clicksasia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Content-Length: 2202
Origin: http://ww62.clicksasia.com
Connection: keep-alive
Referer: http://ww62.clicksasia.com/
Cookie: GoogleAdServingTest=Good
HTTP/1.1 201 Created
Date: Sun, 20 Nov 2022 03:43:40 GMT
Content-Type: text/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-CH-Lifetime: 30
X-Log-Success: 6379a26c49cb056f3114f408
Charset: utf-8
Access-Control-Allow-Origin: http://ww62.clicksasia.com
Access-Control-Allow-Methods: POST, OPTIONS
Access-Control-Max-Age: 86400
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_k4z/jTmnrJY8WxvSGqI8q3nU8GMq4pUBF+4n7MWQbngmj0MgPw9PKB05YB3Wx6mLAuHhN8ot5075PvWp7hZqSw==
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 798ef0955be535268547903e74dacfcd
782823486f9ded693609cade264d1950e816f7d0
75df3810e787be95774282d4851ce350bba5c326843f1bd02348746355866e95
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "75DF3810E787BE95774282D4851CE350BBA5C326843F1BD02348746355866E95"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2249
Expires: Sun, 20 Nov 2022 04:21:09 GMT
Date: Sun, 20 Nov 2022 03:43:40 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 798ef0955be535268547903e74dacfcd
782823486f9ded693609cade264d1950e816f7d0
75df3810e787be95774282d4851ce350bba5c326843f1bd02348746355866e95
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "75DF3810E787BE95774282D4851CE350BBA5C326843F1BD02348746355866E95"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2249
Expires: Sun, 20 Nov 2022 04:21:09 GMT
Date: Sun, 20 Nov 2022 03:43:40 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 798ef0955be535268547903e74dacfcd
782823486f9ded693609cade264d1950e816f7d0
75df3810e787be95774282d4851ce350bba5c326843f1bd02348746355866e95
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "75DF3810E787BE95774282D4851CE350BBA5C326843F1BD02348746355866E95"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2249
Expires: Sun, 20 Nov 2022 04:21:09 GMT
Date: Sun, 20 Nov 2022 03:43:40 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 798ef0955be535268547903e74dacfcd
782823486f9ded693609cade264d1950e816f7d0
75df3810e787be95774282d4851ce350bba5c326843f1bd02348746355866e95
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "75DF3810E787BE95774282D4851CE350BBA5C326843F1BD02348746355866E95"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2249
Expires: Sun, 20 Nov 2022 04:21:09 GMT
Date: Sun, 20 Nov 2022 03:43:40 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 798ef0955be535268547903e74dacfcd
782823486f9ded693609cade264d1950e816f7d0
75df3810e787be95774282d4851ce350bba5c326843f1bd02348746355866e95
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "75DF3810E787BE95774282D4851CE350BBA5C326843F1BD02348746355866E95"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2249
Expires: Sun, 20 Nov 2022 04:21:09 GMT
Date: Sun, 20 Nov 2022 03:43:40 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ec00dd4-9302-4378-82e1-eb2f8686bdc7.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ec00dd4-9302-4378-82e1-eb2f8686bdc7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6653147acce57a88af20de89d4f40239
d097755b7cafd14d6dcf18fe09d0a3237a1057dd
5d0166eacfa748026865e4461b1a1c0fb7373e0fb7de16b266f3eee6b816f5f6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ec00dd4-9302-4378-82e1-eb2f8686bdc7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13671
x-amzn-requestid: 26e11776-b559-4325-9082-df4b9366715e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b3jWaFEZoAMFb3w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63794c28-0117d3a633ab918d6179fa87;Sampled=0
x-amzn-remapped-date: Sat, 19 Nov 2022 21:35:36 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: IwyX_NEXHb8YvHaYou8CndLh9PR-S7OR-M6hiKNCLXuSB218dIMlfA==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Sat, 19 Nov 2022 21:38:45 GMT
age: 21895
etag: "d097755b7cafd14d6dcf18fe09d0a3237a1057dd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.google.com/afs/ads?adtest=off&psid=6016880802&pcsa=false&channel=000001%2Cbucket103&client=dp-teaminternet09_3ph&r=m&hl=en&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2737784835408106&oe=UTF-8&ie=UTF-8&fexp=21404&format=r3%7Cs&nocache=231668915820484&num=0&output=afd_ads&domain_name=ww62.clicksasia.com&v=3&bsl=8&pac=0&u_his=1&u_tz=0&dt=1668915820486&u_w=1280&u_h=1024&biw=1280&bih=939&psw=1280&psh=760&frm=0&cl=488417025&uio=--&cont=tc&jsid=caf&jsv=488417025&rurl=http%3A%2F%2Fww62.clicksasia.com%2F&referer=http%3A%2F%2Faans1.blogspot.com%2F&adbw=master-1%3A530
142.250.74.164200 OK 2.0 kB URL HTTP/2 www.google.com/afs/ads?adtest=off&psid=6016880802&pcsa=false&channel=000001%2Cbucket103&client=dp-teaminternet09_3ph&r=m&hl=en&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2737784835408106&oe=UTF-8&ie=UTF-8&fexp=21404&format=r3%7Cs&nocache=231668915820484&num=0&output=afd_ads&domain_name=ww62.clicksasia.com&v=3&bsl=8&pac=0&u_his=1&u_tz=0&dt=1668915820486&u_w=1280&u_h=1024&biw=1280&bih=939&psw=1280&psh=760&frm=0&cl=488417025&uio=--&cont=tc&jsid=caf&jsv=488417025&rurl=http%3A%2F%2Fww62.clicksasia.com%2F&referer=http%3A%2F%2Faans1.blogspot.com%2F&adbw=master-1%3A530
IP 142.250.74.164:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (5328)
Hash ab354e090d7a4343845444ef0e6dc293
f95302cbdb3664777a099998c024ce69c73946a9
7429d9bd6d59cad4193d69f7e7e7b46385627a230adaf50e8df3617b4c35cda0
GET /afs/ads?adtest=off&psid=6016880802&pcsa=false&channel=000001%2Cbucket103&client=dp-teaminternet09_3ph&r=m&hl=en&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2737784835408106&oe=UTF-8&ie=UTF-8&fexp=21404&format=r3%7Cs&nocache=231668915820484&num=0&output=afd_ads&domain_name=ww62.clicksasia.com&v=3&bsl=8&pac=0&u_his=1&u_tz=0&dt=1668915820486&u_w=1280&u_h=1024&biw=1280&bih=939&psw=1280&psh=760&frm=0&cl=488417025&uio=--&cont=tc&jsid=caf&jsv=488417025&rurl=http%3A%2F%2Fww62.clicksasia.com%2F&referer=http%3A%2F%2Faans1.blogspot.com%2F&adbw=master-1%3A530 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ww62.clicksasia.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
content-disposition: inline
date: Sun, 20 Nov 2022 03:43:40 GMT
expires: Sun, 20 Nov 2022 03:43:40 GMT
cache-control: private, max-age=3600
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-encoding: br
server: gws
content-length: 1990
x-xss-protection: 0
set-cookie: NID=511=ANsJXptUqIyN5XfutN8vOSYW1S0-McCta42Rrhx6oARN6EhbOieAtTH5_9Of4xe_L-ncFHVM2R4bpyw9BENuwE5Nqf0CPt2ZMo5W1YSKkGySFcjQyOELA8czWkWGu6gF08tXk131hDtBg468FkBpsWJDWxOxXg6evDkzSvTWS2M; expires=Mon, 22-May-2023 03:43:40 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+045; expires=Tue, 19-Nov-2024 03:43:40 GMT; path=/; domain=.google.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac98a873-8b46-43f5-9ac0-fc1cc1a0cd81.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac98a873-8b46-43f5-9ac0-fc1cc1a0cd81.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 481c033b9ffd030ff0de6e35cf788b47
85d3baad9217af2b5d75c019d2ef95dbb919a788
02443c7869914c2b29892deb0c645395bcf4e8379da3cf20974614ff9c92893b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac98a873-8b46-43f5-9ac0-fc1cc1a0cd81.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11249
x-amzn-requestid: 65a3db77-b2e6-40b9-a776-021c2e9b56d0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bubSsHbZoAMFZNg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6375a5aa-1286b97968cc2e4c7fe8ab29;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 03:08:26 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: PYoD_MxycYfiNvyRlBnLWCcyqQK9sZi8y2ir1U9eCavNoAB-3oFcxg==
via: 1.1 38eecd3ca21bf068d69a2f9cfe668d14.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 19 Nov 2022 03:43:53 GMT
age: 86387
etag: "85d3baad9217af2b5d75c019d2ef95dbb919a788"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5b07f2a3-725f-4aa2-afa2-375328b55ea8.jpeg
34.120.237.76200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5b07f2a3-725f-4aa2-afa2-375328b55ea8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4454f87c40e9b7c5de9853c1ec6f0671
119aac07a88e7c358bf353335f3a81039ca9943b
e909f823611609282c643c58ccc7b267dcfc09970e58b66742dc8baf7cda5bf4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5b07f2a3-725f-4aa2-afa2-375328b55ea8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5699
x-amzn-requestid: ea538aed-2b5a-4940-b49f-b4703a556956
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b3i6KHnQoAMFu3Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63794b74-2f756f9a27ddc4b001cdaff2;Sampled=0
x-amzn-remapped-date: Sat, 19 Nov 2022 21:32:36 GMT
x-amz-cf-pop: SEA19-C3, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: w4JqPNmzHlUl4EMM2osU4Z5dtroFWOB0DL5ylePs6XBbIdxpsPItnQ==
via: 1.1 219e8f088c8c2a564bdacafe44be620a.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Sat, 19 Nov 2022 21:41:31 GMT
etag: "119aac07a88e7c358bf353335f3a81039ca9943b"
content-type: image/jpeg
age: 21729
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F175348d8-bd72-46a1-a737-9e442ab4231c.jpeg
34.120.237.76200 OK 9.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F175348d8-bd72-46a1-a737-9e442ab4231c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a41f9693b9247dcce6c2340bb5c02828
e982a3a8a8c6baac9d1676ad93646d6c4cd9f58e
aa23cead1d44bf9db22654eb14113ef356d4ac972d301969c02803964418d556
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F175348d8-bd72-46a1-a737-9e442ab4231c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9798
x-amzn-requestid: abab4eb2-0a35-4113-8a52-e07c08f069cd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bkiY2HXCoAMFVrQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6371b105-1cb176423ca3231a093cc4c7;Sampled=0
x-amzn-remapped-date: Mon, 14 Nov 2022 03:07:49 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: sCEwyGN6h_P0abZJGEY8PJNE7j1Nmz62-wvzWWO5gbFwA1auACXtJw==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Sat, 19 Nov 2022 15:08:05 GMT
age: 45335
etag: "e982a3a8a8c6baac9d1676ad93646d6c4cd9f58e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffb73669f-154c-41e7-aadd-11587277938d.webp
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffb73669f-154c-41e7-aadd-11587277938d.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a5447e0a57fbd65d5f719786842dfb40
68dbd2b4ecedb47d3f47bc3690336fe0f3fd3fe6
b6f69c679ecb9978c12f9fc5e03531250e1e13327ac0337532317b91d2ede502
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffb73669f-154c-41e7-aadd-11587277938d.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10330
x-amzn-requestid: c6df2fa3-53ad-4f43-ab26-8754ce25c421
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b3jdVGY0oAMF_2w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63794c55-0dd776a50b4a8fbb5b29ccae;Sampled=0
x-amzn-remapped-date: Sat, 19 Nov 2022 21:36:21 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: sKTa_b92EIi4H8YgHoEJCm8rVgdfCFJ91I1UNkGLzsPQVOI10I9d7w==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Sat, 19 Nov 2022 21:45:57 GMT
age: 21463
etag: "68dbd2b4ecedb47d3f47bc3690336fe0f3fd3fe6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff1fe6564-e0ba-4c81-b868-04fa596cddaa.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff1fe6564-e0ba-4c81-b868-04fa596cddaa.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a8f1dddf91a53f8f28d70565d1a3458b
9d026c2c53629648cfda4a324eadae6e33de0d55
c352216d126382d7b588ff6e5a3ed6ab12d92dc5e58216cc5883c27bf612a7d9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff1fe6564-e0ba-4c81-b868-04fa596cddaa.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7968
x-amzn-requestid: 0dc9cfbf-7e72-45a7-9496-49a5cf1a4465
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b3jZmEwboAMF1tQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63794c3d-1f40770e29ad853b31a3aa23;Sampled=0
x-amzn-remapped-date: Sat, 19 Nov 2022 21:35:57 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: UM4MVSwb8F1uv2jbbdeh8bhV3KJNhqiN9wJj1Yua8h4x762uD8UKyQ==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 ee330666adf9f04c8c30094f8ddcd004.cloudfront.net (CloudFront), 1.1 google
date: Sat, 19 Nov 2022 21:41:31 GMT
age: 21729
etag: "9d026c2c53629648cfda4a324eadae6e33de0d55"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 76912fed802a100ef5ae2e782501c372
0203642bd36bb83a9870fdf9b935f022e95cdb1e
fa4689b1d84466fa7a224893ef30b1d68c4dab5da89ba49a29e5b0dd034c0d3d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 03:43:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
partner.googleadservices.com/gampad/cookie.js?domain=ww62.clicksasia.com&client=dp-teaminternet09_3ph&product=SAS&callback=__sasCookie
172.217.21.162200 OK 187 B URL HTTP/2 partner.googleadservices.com/gampad/cookie.js?domain=ww62.clicksasia.com&client=dp-teaminternet09_3ph&product=SAS&callback=__sasCookie
IP 172.217.21.162:0
File type ASCII text, with no line terminators
Hash c5eb6bed8cb05ffa0074de901e59b8f0
2b71314903728d5554209ff8917d49eca9f27c6f
110d6ca47e7f5c7718359e5337f538ddedbadc6c49117c88082e1296ce460bad
GET /gampad/cookie.js?domain=ww62.clicksasia.com&client=dp-teaminternet09_3ph&product=SAS&callback=__sasCookie HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ww62.clicksasia.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sun, 20 Nov 2022 03:43:40 GMT
server: cafe
cache-control: private
content-length: 187
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 76912fed802a100ef5ae2e782501c372
0203642bd36bb83a9870fdf9b935f022e95cdb1e
fa4689b1d84466fa7a224893ef30b1d68c4dab5da89ba49a29e5b0dd034c0d3d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 03:43:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 59277a4dca16f49864f375aed6f1dac7
7002f5a369d26c4958d927858157c76c27a3b80f
812626c4c69994fa1e7474408de2a88bf558ed8a9eccd580b12acacbbb4ce418
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 03:43:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 59277a4dca16f49864f375aed6f1dac7
7002f5a369d26c4958d927858157c76c27a3b80f
812626c4c69994fa1e7474408de2a88bf558ed8a9eccd580b12acacbbb4ce418
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 03:43:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/search.svg?c=%23ffffff
142.250.74.33200 OK 270 B URL HTTP/2 afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/search.svg?c=%23ffffff
IP 142.250.74.33:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (390)
Hash 5100391430a00e10ce60aa159f525b5c
231a4492d73b225f441b1e9028dc33c89862e498
52b1432a6e3002e41ed1d8f4c84b258fdc4c6dac863e3c0e5c06360c81be6067
GET /ad_icons/standard/publisher_icon_image/search.svg?c=%23ffffff HTTP/1.1
Host: afs.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers"
report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-length: 270
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
date: Sat, 19 Nov 2022 23:18:41 GMT
expires: Sun, 20 Nov 2022 22:18:41 GMT
cache-control: public, max-age=82800
age: 15899
last-modified: Thu, 19 Dec 2019 14:15:00 GMT
content-type: image/svg+xml
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff
142.250.74.33200 OK 174 B URL HTTP/2 afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff
IP 142.250.74.33:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with no line terminators
Hash 4de8b85c8915995b571bde50e231be7c
29c226ca7b9cbe1d44e5480ce95bbb42727b2d99
2ec9168c4507546748c5f400f5030031f0eb06f2aed8deaa11362c395bff4f7a
GET /ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff HTTP/1.1
Host: afs.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers"
report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-length: 174
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
date: Sat, 19 Nov 2022 21:02:49 GMT
expires: Sun, 20 Nov 2022 20:02:49 GMT
cache-control: public, max-age=82800
age: 24051
last-modified: Thu, 22 Oct 2020 21:45:00 GMT
content-type: image/svg+xml
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash d418191564a2a363ad0d5a244e5ba2ba
37fa564547b44eb40c23eb6e0a454e14d9458642
06da7d01b65ecc80c1b9b3fe0712fdd9c714cfe39ceb3e699491b34b8f855734
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 03:43:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ww62.clicksasia.com/track.php?domain=clicksasia.com&caf=1&toggle=answercheck&answer=yes&uid=MTY2ODkxNTgxOS40NjAyOjk1ODcwM2M4ZWUxYjkyMjE3MWQ1N2ZjYmNkM2JjNDUwMThmZmFmNjIxYmI1YWIyMmJiNjY3NTE0Mjk0Yjc0MWQ6NjM3OWEyNmI3MDU5Yw%3D%3D
13.248.148.254200 OK 20 B URL HTTP/1.1 ww62.clicksasia.com/track.php?domain=clicksasia.com&caf=1&toggle=answercheck&answer=yes&uid=MTY2ODkxNTgxOS40NjAyOjk1ODcwM2M4ZWUxYjkyMjE3MWQ1N2ZjYmNkM2JjNDUwMThmZmFmNjIxYmI1YWIyMmJiNjY3NTE0Mjk0Yjc0MWQ6NjM3OWEyNmI3MDU5Yw%3D%3D
IP 13.248.148.254:0
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
Analyzer Verdict Alert quad9 Sinkholed
GET /track.php?domain=clicksasia.com&caf=1&toggle=answercheck&answer=yes&uid=MTY2ODkxNTgxOS40NjAyOjk1ODcwM2M4ZWUxYjkyMjE3MWQ1N2ZjYmNkM2JjNDUwMThmZmFmNjIxYmI1YWIyMmJiNjY3NTE0Mjk0Yjc0MWQ6NjM3OWEyNmI3MDU5Yw%3D%3D HTTP/1.1
Host: ww62.clicksasia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww62.clicksasia.com/
Cookie: __gsas=ID=5f5986f057656db8:T=1668915820:S=ALNI_MbA1SztWCglsOaZxytxJ9YDhFQanQ
HTTP/1.1 200 OK
Date: Sun, 20 Nov 2022 03:43:40 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Vary: Accept-Encoding
X-Custom-Track: answercheck
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-CH-Lifetime: 30
Access-Control-Allow-Origin: *
Content-Encoding: gzip
1.bp.blogspot.com/-uzF0oVy_F7U/VgPjgVVKEuI/AAAAAAAAKag/UsyXtm5xJmA/s1600/FotorCreated.jpg
142.250.74.161200 OK 0 B URL HTTP/1.1 1.bp.blogspot.com/-uzF0oVy_F7U/VgPjgVVKEuI/AAAAAAAAKag/UsyXtm5xJmA/s1600/FotorCreated.jpg
IP 142.250.74.161:0
GET /-uzF0oVy_F7U/VgPjgVVKEuI/AAAAAAAAKag/UsyXtm5xJmA/s1600/FotorCreated.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://aans1.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v29a9"
Expires: Mon, 21 Nov 2022 03:43:39 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="FotorCreated.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Sun, 20 Nov 2022 03:43:39 GMT
Server: fife
Content-Length: 194499
X-XSS-Protection: 0
accounts.google.com/o/oauth2/postmessageRelay?parent=http%3A%2F%2Faans1.blogspot.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.P0B2vZm_jJk.O%2Fd%3D1%2Frs%3DAHpOoo_nmCaDbrwZCe_WiNZEgKVKQ-FnSA%2Fm%3D__features__
216.58.207.237200 OK 0 B URL HTTP/2 accounts.google.com/o/oauth2/postmessageRelay?parent=http%3A%2F%2Faans1.blogspot.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.P0B2vZm_jJk.O%2Fd%3D1%2Frs%3DAHpOoo_nmCaDbrwZCe_WiNZEgKVKQ-FnSA%2Fm%3D__features__
IP 216.58.207.237:0
GET /o/oauth2/postmessageRelay?parent=http%3A%2F%2Faans1.blogspot.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.P0B2vZm_jJk.O%2Fd%3D1%2Frs%3DAHpOoo_nmCaDbrwZCe_WiNZEgKVKQ-FnSA%2Fm%3D__features__ HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://aans1.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 20 Nov 2022 03:43:39 GMT
content-security-policy: script-src 'nonce-iXt20m13tpgdDk9vwuuyUA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport, require-trusted-types-for 'script';report-uri /o/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/adsense/domains/caf.js
142.250.74.164200 OK 0 B URL HTTP/2 www.google.com/adsense/domains/caf.js
IP 142.250.74.164:0
GET /adsense/domains/caf.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
date: Sun, 20 Nov 2022 03:43:40 GMT
expires: Sun, 20 Nov 2022 03:43:40 GMT
cache-control: private, max-age=3600
etag: "12331705512487618899"
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2