firefox.settings.services.mozilla.com/v1/
143.204.55.115200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 91dd975a7b17b2922dd23c0e49314e40
57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 07 Sep 2022 19:04:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ogvFLaIa7qDWfDHU9FZWQ40ATkxMtwHOevfgjU9eHiPiWzluOHaVSw==
Age: 716
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b9adda4796e3cda8d92753c46964621c
5f1eba1f6085b23dea088a91fe6f8947172f9f62
a0577a8fcfa81b3f86d99566eb4429655b93a238ffd1a3752bc9aae3d969deea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A0577A8FCFA81B3F86D99566EB4429655B93A238FFD1A3752BC9AAE3D969DEEA"
Last-Modified: Tue, 06 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6708
Expires: Wed, 07 Sep 2022 21:08:30 GMT
Date: Wed, 07 Sep 2022 19:16:42 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.49200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.49:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Wed, 07 Sep 2022 03:46:35 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: wu3TPfHzaS4tHgPj7y0YoCaRU9xihRb8uMjUesNp_dfJxipxE_EEmQ==
age: 55808
X-Firefox-Spdy: h2
horaciostiedemann.blogspot.com/2022/08/utc-pudu-immigration-appointment-how-to.html
142.250.74.161301 Moved Permanently 223 B URL HTTP/1.1 horaciostiedemann.blogspot.com/2022/08/utc-pudu-immigration-appointment-how-to.html
IP 142.250.74.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash cc692e43a620ca0f87e0bb6565b05957
fbe29d8eedd7ca79c7dd84d8c48d4055b031e5e2
365a70e36769f7e42d2eb205a2941ac189eb95364866c06827b9451c39eb763f
GET /2022/08/utc-pudu-immigration-appointment-how-to.html HTTP/1.1
Host: horaciostiedemann.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Location: https://horaciostiedemann.blogspot.com/2022/08/utc-pudu-immigration-appointment-how-to.html
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Wed, 07 Sep 2022 19:16:42 GMT
Expires: Wed, 07 Sep 2022 19:16:42 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 223
Server: GSE
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 07 Sep 2022 19:16:42 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 70176788dbf76349d07709736a0927a4
4e33bdd59d9219a6adaa51286776239715cee22a
031ab595f8eefe5f34ebf7d8a561a7a78373289e70283447af937eda265041db
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 19:16:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.115200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, ETag, Backoff, Last-Modified, Pragma, Cache-Control, Expires, Content-Type, Content-Length, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Wed, 07 Sep 2022 18:38:18 GMT
Expires: Wed, 07 Sep 2022 19:07:22 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 5wFRiTU4Ms8gkUX9A0dDNFslLzqoIi0RVg2c_GaIgM6KGit5JYHUhw==
Age: 2305
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 70176788dbf76349d07709736a0927a4
4e33bdd59d9219a6adaa51286776239715cee22a
031ab595f8eefe5f34ebf7d8a561a7a78373289e70283447af937eda265041db
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 19:16:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a81b0f5b5d11bf95fc176833b2f6e808
5b194aa5a8bf3a6b0d117ccfd0f487f6db0587b5
8f6ae83f2b85db7174bbbc6553e2921617b5c8a401315e76082682949a0bd9cc
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5641
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 19:16:43 GMT
Last-Modified: Wed, 07 Sep 2022 17:42:42 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
horaciostiedemann.blogspot.com/2022/08/utc-pudu-immigration-appointment-how-to.html
142.250.74.161200 OK 71 kB URL HTTP/2 horaciostiedemann.blogspot.com/2022/08/utc-pudu-immigration-appointment-how-to.html
IP 142.250.74.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (18032)
Hash ff44a1d88def811193720ddb35dba9e5
110a415e198ea79921a0acc196b282bfc9bf928e
c01692dfadb77d43a0aa04cb3aa30318c77518181b1fa5e5f282c46bd022bad3
GET /2022/08/utc-pudu-immigration-appointment-how-to.html HTTP/1.1
Host: horaciostiedemann.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
expires: Wed, 07 Sep 2022 19:16:43 GMT
date: Wed, 07 Sep 2022 19:16:43 GMT
cache-control: private, max-age=0
last-modified: Tue, 06 Sep 2022 23:45:20 GMT
etag: W/"233e2f07143b5c266f50dc7f3e5f6a7cb6c7899b7fd3cdf4357c8af322366ed3"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 71192
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
i1.wp.com/3.bp.blogspot.com/-Tge-yE5pCTk/WRlY3vs2BBI/AAAAAAAAjlo/HtrchC9qRSIDs10GVuhhBj0FTm5iMjcRgCLcB/s1600/address%2Bpassport%2Boffice.jpg
192.0.77.2302 Found 138 B URL HTTP/2 i1.wp.com/3.bp.blogspot.com/-Tge-yE5pCTk/WRlY3vs2BBI/AAAAAAAAjlo/HtrchC9qRSIDs10GVuhhBj0FTm5iMjcRgCLcB/s1600/address%2Bpassport%2Boffice.jpg
IP 192.0.77.2:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash aff950cab4c0265e21d401db15f1026d
f03e18461817f7a6546c8bf8fa8d686d7e30aca0
753e0dd54f28c4f7009b9c0b18a68aed175416bd8b7d134858264586eaac56f0
GET /3.bp.blogspot.com/-Tge-yE5pCTk/WRlY3vs2BBI/AAAAAAAAjlo/HtrchC9qRSIDs10GVuhhBj0FTm5iMjcRgCLcB/s1600/address%2Bpassport%2Boffice.jpg HTTP/1.1
Host: i1.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://horaciostiedemann.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx
date: Wed, 07 Sep 2022 19:16:43 GMT
content-type: text/html
content-length: 138
location: https://3.bp.blogspot.com/-Tge-yE5pCTk/WRlY3vs2BBI/AAAAAAAAjlo/HtrchC9qRSIDs10GVuhhBj0FTm5iMjcRgCLcB/s1600/address+passport+office.jpg
x-nc: MISS arn 8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i1.wp.com/i.ytimg.com/vi/wzftV1ZwY08/mqdefault.jpg
192.0.77.2302 Found 138 B URL HTTP/2 i1.wp.com/i.ytimg.com/vi/wzftV1ZwY08/mqdefault.jpg
IP 192.0.77.2:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash aff950cab4c0265e21d401db15f1026d
f03e18461817f7a6546c8bf8fa8d686d7e30aca0
753e0dd54f28c4f7009b9c0b18a68aed175416bd8b7d134858264586eaac56f0
GET /i.ytimg.com/vi/wzftV1ZwY08/mqdefault.jpg HTTP/1.1
Host: i1.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://horaciostiedemann.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx
date: Wed, 07 Sep 2022 19:16:43 GMT
content-type: text/html
content-length: 138
location: https://i.ytimg.com/vi/wzftV1ZwY08/mqdefault.jpg
x-nc: MISS arn 8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com//search?q=UTC+KL+(Pudu+Sentral)&tbm=isch
192.0.77.2400 Bad Request 521 B URL HTTP/2 i0.wp.com//search?q=UTC+KL+(Pudu+Sentral)&tbm=isch
IP 192.0.77.2:0
Hash 12a7bce660459616fd0c6896b963f1bd
69bc6181bc1b8d61cb979ca574e548de45cf668d
4f3585872c5bd6d61c7c0d6824ef4225a0c259998b7249ba368f3a4614e16d6c
GET //search?q=UTC+KL+(Pudu+Sentral)&tbm=isch HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://horaciostiedemann.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 400 Bad Request
server: nginx
date: Wed, 07 Sep 2022 19:16:43 GMT
content-type: text/html; charset=utf-8
x-nc: MISS arn 8
X-Firefox-Spdy: h2
www.blogger.com/static/v1/jsbin/3262169375-comment_from_post_iframe.js
216.58.207.201200 OK 6.5 kB URL HTTP/2 www.blogger.com/static/v1/jsbin/3262169375-comment_from_post_iframe.js
IP 216.58.207.201:0
File type ASCII text, with very long lines (1264)
Hash 30af015884191ce4fe52ce1e707baed9
faa1418efa036704d31eb90f4fbd82de456b81b7
0456cf81299c957c8e54dabb00b4d6d96b76be729b1e112d478b34ba56d8059d
GET /static/v1/jsbin/3262169375-comment_from_post_iframe.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://horaciostiedemann.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 6499
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 02 Sep 2022 14:54:37 GMT
expires: Sat, 02 Sep 2023 14:54:37 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 02 Sep 2022 09:50:05 GMT
content-type: text/javascript
age: 447726
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash eb53024bbd41c1d8f88fa7b9becb704a
c87f5ac53cff6e3436c15551f8092f1e0215cb79
f2f589c71f9426ead1c60e4707982aa501b785a6040c95214db905a5cff8a777
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 19:16:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 690434206fc78d132e3cc0c49a1086ce
ca649ead07b7aeb0430385ae65ba4e63f51c053e
06e094e514194b44d4ec67279ed3e9d7345bf148d840362ace63a9fc346e5b57
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 19:16:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.blogger.com/static/v1/widgets/1538240412-widgets.js
216.58.207.201200 OK 57 kB URL HTTP/2 www.blogger.com/static/v1/widgets/1538240412-widgets.js
IP 216.58.207.201:0
File type ASCII text, with very long lines (2221)
Hash 3144a5192a8ebac30cafce9ad062bd2f
34956dc578e2a4ddf7902c9f38d45f9b15cbe07c
19c85c42386f30aba3d034a5059906aadd10dd2025893f4f6aee8ac51ffe9492
GET /static/v1/widgets/1538240412-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://horaciostiedemann.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 57055
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 02 Sep 2022 02:09:30 GMT
expires: Sat, 02 Sep 2023 02:09:30 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 01 Sep 2022 22:52:56 GMT
content-type: text/javascript
age: 493633
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 54ec7dbb4f0e1635856899a5f51f5193
9eb32cdb59e7626c15310a1c649f5c797c1898bd
0673368f65ea1d5ce18edbbaa86a28f4011dbafce60b6b9e48dff5dde54e5d77
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 19:16:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash eb53024bbd41c1d8f88fa7b9becb704a
c87f5ac53cff6e3436c15551f8092f1e0215cb79
f2f589c71f9426ead1c60e4707982aa501b785a6040c95214db905a5cff8a777
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 19:16:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i0.wp.com/lookaside.fbsbx.com/lookaside/crawler/media/?media_id=293136516298785
192.0.77.2404 Not Found 20 kB URL HTTP/2 i0.wp.com/lookaside.fbsbx.com/lookaside/crawler/media/?media_id=293136516298785
IP 192.0.77.2:0
Hash f2dcccdf5a4889f3ff4c9a1282169fc0
1fcd738f3d5cf57ee60a946ddb3653d54f54b3ca
f94763b370837bf359bf44b16122a48623f224103a2944f6662dccd642c6c1ee
GET /lookaside.fbsbx.com/lookaside/crawler/media/?media_id=293136516298785 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://horaciostiedemann.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Wed, 07 Sep 2022 19:16:43 GMT
content-type: text/html; charset=utf-8
x-nc: UPDATING arn 7
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15816, version 1.0\012- data
Hash 2735a3a69b509faf3577afd25bdf552e
8621aff863b67040010ccc183da5b9079ce6fd1d
b4d07892cde715d50bb69c1982df496385d1dfd8f9d1867c31f19a3c8634cfae
GET /s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://horaciostiedemann.blogspot.com
Connection: keep-alive
Referer: https://horaciostiedemann.blogspot.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15816
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Sep 2022 06:03:06 GMT
expires: Wed, 06 Sep 2023 06:03:06 GMT
cache-control: public, max-age=31536000
age: 134017
last-modified: Wed, 24 Jul 2019 01:19:00 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 54ec7dbb4f0e1635856899a5f51f5193
9eb32cdb59e7626c15310a1c649f5c797c1898bd
0673368f65ea1d5ce18edbbaa86a28f4011dbafce60b6b9e48dff5dde54e5d77
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 19:16:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash eb53024bbd41c1d8f88fa7b9becb704a
c87f5ac53cff6e3436c15551f8092f1e0215cb79
f2f589c71f9426ead1c60e4707982aa501b785a6040c95214db905a5cff8a777
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 19:16:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 3639ba0efe4098829800b697fa38405d
96391802923ca3b07fdc294b6140c2749fd43a60
c99cafe0cef0d9d8c1212c49b7e4155efc6ee4cc9650bd6e256875599be1d8d5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 19:16:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i0.wp.com/lookaside.fbsbx.com/lookaside/crawler/media/?media_id=10154438293158466
192.0.77.2404 Not Found 537 B URL HTTP/2 i0.wp.com/lookaside.fbsbx.com/lookaside/crawler/media/?media_id=10154438293158466
IP 192.0.77.2:0
Hash 9ce628b85b2f428e6fd0d9724407861a
5b89c4ab02b59f3149870ec1e7d27e54bae1149e
251575471e48c83fd32c68c2815053dee331f7b791d6e844e7777c2be5de1f58
GET /lookaside.fbsbx.com/lookaside/crawler/media/?media_id=10154438293158466 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://horaciostiedemann.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Wed, 07 Sep 2022 19:16:43 GMT
content-type: text/html; charset=utf-8
x-nc: EXPIRED arn 7
X-Firefox-Spdy: h2
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.z9QjrzsHcOc.O/m=plusone,profile/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/cb=gapi.loaded_0?le=scs
142.250.74.174200 OK 74 kB URL HTTP/2 apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.z9QjrzsHcOc.O/m=plusone,profile/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/cb=gapi.loaded_0?le=scs
IP 142.250.74.174:0
File type ASCII text, with very long lines (580)
Hash 5c8513dac89e72e77235afc0385d8658
f2bb8b20a6af3cc6e2d3e13f2101cfd8d3936bc4
3cfa47a84f8cea1e81d7a5aabbb2d5d36f2a6951eb2f61bec883a2310fa412a7
GET /_/scs/abc-static/_/js/k=gapi.lb.en.z9QjrzsHcOc.O/m=plusone,profile/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/cb=gapi.loaded_0?le=scs HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://horaciostiedemann.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 73551
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Sep 2022 00:31:57 GMT
expires: Thu, 07 Sep 2023 00:31:57 GMT
cache-control: public, max-age=31536000
age: 67486
last-modified: Sat, 30 Jul 2022 15:17:53 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.z9QjrzsHcOc.O/m=gapi_iframes,gapi_iframes_style_bubble/exm=plusone,profile/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/cb=gapi.loaded_1?le=scs
142.250.74.174200 OK 5.6 kB URL HTTP/2 apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.z9QjrzsHcOc.O/m=gapi_iframes,gapi_iframes_style_bubble/exm=plusone,profile/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/cb=gapi.loaded_1?le=scs
IP 142.250.74.174:0
File type ASCII text, with very long lines (3295)
Hash add1c094467a85397dd1dcba79647c16
0c10daefd2c177b97572b707d64e262ece9de222
e7b42344ded3823cfd449cbeafe5f885022b6e883dad06c56ffb84a6f389c0fb
GET /_/scs/abc-static/_/js/k=gapi.lb.en.z9QjrzsHcOc.O/m=gapi_iframes,gapi_iframes_style_bubble/exm=plusone,profile/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/cb=gapi.loaded_1?le=scs HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://horaciostiedemann.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 5608
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Sep 2022 03:43:03 GMT
expires: Thu, 07 Sep 2023 03:43:03 GMT
cache-control: public, max-age=31536000
age: 56020
last-modified: Sat, 30 Jul 2022 15:17:53 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.blogger.com/dyn-css/authorization.css?targetBlogID=7890765045691331561&zx=96067071-711e-4525-bccf-3fe6f8ce0806
216.58.207.201200 OK 21 B URL HTTP/2 www.blogger.com/dyn-css/authorization.css?targetBlogID=7890765045691331561&zx=96067071-711e-4525-bccf-3fe6f8ce0806
IP 216.58.207.201:0
File type very short file (no magic)
Hash a62e4d501434033d5d177e67d3aafdd0
34f7300c9ed47334cf10826d57af785321e3138b
b0cabcbfed4b1830ab1956efbd2eec32289a968323cb854a47ef98360ed0f522
GET /dyn-css/authorization.css?targetBlogID=7890765045691331561&zx=96067071-711e-4525-bccf-3fe6f8ce0806 HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://horaciostiedemann.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 07 Sep 2022 19:16:43 GMT
last-modified: Wed, 07 Sep 2022 19:16:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-length: 21
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
i.ytimg.com/vi/wzftV1ZwY08/mqdefault.jpg
142.250.74.22200 OK 22 kB URL HTTP/2 i.ytimg.com/vi/wzftV1ZwY08/mqdefault.jpg
IP 142.250.74.22:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 320x180, components 3\012- data
Hash 553db02fc101d3865b18091b2a68936e
8fbcdef5135d4ad82f7ba3a1bf07c399a4960775
6c071bc24bbbe0f79f266dd85931a7ede3ca652cd0702ca9ea5ca88bd8e3ed20
GET /vi/wzftV1ZwY08/mqdefault.jpg HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://horaciostiedemann.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 21949
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Sep 2022 19:16:43 GMT
expires: Wed, 07 Sep 2022 21:16:43 GMT
cache-control: public, max-age=7200
etag: "1638274908"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash c1437437047f21dec9a10a2ea619f302
2312d50c7870f3fee0f3b837ce466eac9f60d23a
81e03c89f4b0a326ef9784b89eff6bba41bc940a4d7b54957ad1964d01db3a79
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 19:16:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pagead2.googlesyndication.com/pagead/js/google_top_exp.js
142.250.74.130200 OK 67 B URL HTTP/2 pagead2.googlesyndication.com/pagead/js/google_top_exp.js
IP 142.250.74.130:0
Hash 9bbc3ca32ec951a484589ce0e6b4db73
753d6f6183b33b2dee5dde2208fca91c17f5bb13
b8f16a16d2a7ea39a9cc079fdbe3af7d31393d62a853668bdd549e0a0311cb3c
GET /pagead/js/google_top_exp.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://horaciostiedemann.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 67
x-xss-protection: 0
date: Wed, 07 Sep 2022 14:34:07 GMT
expires: Wed, 21 Sep 2022 14:34:07 GMT
cache-control: public, max-age=1209600
age: 16956
etag: 13036835877489095579
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 3639ba0efe4098829800b697fa38405d
96391802923ca3b07fdc294b6140c2749fd43a60
c99cafe0cef0d9d8c1212c49b7e4155efc6ee4cc9650bd6e256875599be1d8d5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 19:16:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash c1437437047f21dec9a10a2ea619f302
2312d50c7870f3fee0f3b837ce466eac9f60d23a
81e03c89f4b0a326ef9784b89eff6bba41bc940a4d7b54957ad1964d01db3a79
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 19:16:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i0.wp.com/pbs.twimg.com/media/FSsM9JBUUAAlVPW.jpg
192.0.77.2200 OK 44 kB URL HTTP/2 i0.wp.com/pbs.twimg.com/media/FSsM9JBUUAAlVPW.jpg
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 674x1200, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash a1df12c728594d8cafa9e6802cbfc571
0f725c49141afe0659518aa3f30daa7d6a2c0a9d
7e81b5ff70ad82014054b51f4d7fd98bdd5dcd2d860255d4dcae0f12ec130dd9
GET /pbs.twimg.com/media/FSsM9JBUUAAlVPW.jpg HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://horaciostiedemann.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Sep 2022 19:16:44 GMT
content-type: image/webp
content-length: 43556
last-modified: Wed, 07 Sep 2022 19:16:44 GMT
expires: Sat, 07 Sep 2024 07:16:44 GMT
cache-control: public, max-age=63115200
link: <http://pbs.twimg.com/media/FSsM9JBUUAAlVPW.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "df2c6f4c2e6b6c0f"
vary: Accept
x-nc: MISS arn 6
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
www.google.com/recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu
142.250.74.164200 OK 666 B URL HTTP/2 www.google.com/recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu
IP 142.250.74.164:0
File type ASCII text, with very long lines (1034), with no line terminators
Hash 0984d8a94b6794a967f603f80d187661
b283e98217ca3fd6be6b84f02dd7a5605e5f31f3
1fb88b9852c7a7aa0fd24f2be9441adf1b9c04343af703fb556eeef7ad3edf88
GET /recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Wed, 07 Sep 2022 19:16:44 GMT
date: Wed, 07 Sep 2022 19:16:44 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 666
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
i0.wp.com/encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcQlLT0Byg8OMZJVkYehwhncF9r53pVdFXz2dA&usqp=CAU
192.0.77.2404 Not Found 568 B URL HTTP/2 i0.wp.com/encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcQlLT0Byg8OMZJVkYehwhncF9r53pVdFXz2dA&usqp=CAU
IP 192.0.77.2:0
Hash 7e737fef1914e7573e5ae7faae77ad1c
aa8fc51826040fb631a1596624999c4a4b28dd35
c854c747ba37119ba4f1a98d4f446b76768b5c1ea95fecfee3cdeec46db005a4
GET /encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcQlLT0Byg8OMZJVkYehwhncF9r53pVdFXz2dA&usqp=CAU HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://horaciostiedemann.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Wed, 07 Sep 2022 19:16:43 GMT
content-type: text/html; charset=utf-8
x-nc: MISS arn 8
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash eefbc3e92429d8e2beb6d1d913cd7442
ed50f0d6bf3aaa67945627d401d70f357940c786
693b3bff56a8f267f7831903e497dcfde37b16b188824fa63fd310698ab13388
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 19:16:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i1.wp.com/encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcQbzWzGF0cDF60WcWMlOgwNXsIRZuPM37luMg&usqp=CAU
192.0.77.2404 Not Found 537 B URL HTTP/2 i1.wp.com/encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcQbzWzGF0cDF60WcWMlOgwNXsIRZuPM37luMg&usqp=CAU
IP 192.0.77.2:0
Hash 9761286ec3ea7f8bedb4de359dbd1764
2a917dbb6b58a8398f172cb4bd60605ddbb3f6f7
6e0cae553ec2ab4713143e44a56539fbed417c1cc78ab5faf6018b6d9b9fe5c6
GET /encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcQbzWzGF0cDF60WcWMlOgwNXsIRZuPM37luMg&usqp=CAU HTTP/1.1
Host: i1.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://horaciostiedemann.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Wed, 07 Sep 2022 19:16:43 GMT
content-type: text/html; charset=utf-8
x-nc: MISS arn 8
X-Firefox-Spdy: h2
play.google.com/log?format=json&hasfast=true&authuser=0
216.58.207.206200 OK 0 B URL HTTP/2 play.google.com/log?format=json&hasfast=true&authuser=0
IP 216.58.207.206:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Referer: https://www.blogger.com/
Origin: https://www.blogger.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.blogger.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Wed, 07 Sep 2022 19:16:44 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: CONSENT=PENDING+222; expires=Fri, 06-Sep-2024 19:16:44 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 07 Sep 2022 19:16:44 GMT
cache-control: private
X-Firefox-Spdy: h2
accompanycollapse.com/bc8d59f796233b632b8846bc72a15192/invoke.js
192.243.59.20200 OK 9.8 kB URL HTTP/1.1 accompanycollapse.com/bc8d59f796233b632b8846bc72a15192/invoke.js
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (27024), with no line terminators
Hash 309f519b37bab1fe8130854e541da272
066d1cc5b155084b71efb864c33654f96f8bc435
b63d9848ac3bbedb875c1aefab1018183b1e901d917e66490e4615d15c7d4881
GET /bc8d59f796233b632b8846bc72a15192/invoke.js HTTP/1.1
Host: accompanycollapse.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://horaciostiedemann.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Wed, 07 Sep 2022 19:16:44 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ba6e99088c6003c4532ec0f63e807929
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
play.google.com/log?format=json&hasfast=true&authuser=0
216.58.207.206200 OK 131 B URL HTTP/2 play.google.com/log?format=json&hasfast=true&authuser=0
IP 216.58.207.206:0
File type JSON data\012- , ASCII text, with no line terminators
Hash babb6f090aeebc6f421624475b4aefff
06079b7547949822c118224e51604f4c5ebf80c8
b2fe8b91f31edc7284cc9690e90dd4a38d985598374df68967d917590beb55dd
POST /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
X-Goog-AuthUser: 0
Content-Type: application/x-www-form-urlencoded;charset=utf-8
Content-Length: 2974
Origin: https://www.blogger.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.blogger.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web
content-type: text/plain; charset=UTF-8
content-encoding: gzip
date: Wed, 07 Sep 2022 19:16:44 GMT
server: Playlog
cache-control: private
content-length: 131
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: CONSENT=PENDING+942; expires=Fri, 06-Sep-2024 19:16:44 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 07 Sep 2022 19:16:44 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash f791e6440ce515569bb0194eda4d603b
8d8fa952205d85133136ac352d2732bc4c838c42
c32a6a6c9669d371e94d43f6e765a8e438096c6eb8b69d719ad365255d669417
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 19:16:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i0.wp.com/www.techarp.com/wp-content/uploads/2022/05/Passport-renewal-Malaysia-May-2022-03.jpg?resize=900%2C500&ssl=1
192.0.77.2200 OK 72 kB URL HTTP/2 i0.wp.com/www.techarp.com/wp-content/uploads/2022/05/Passport-renewal-Malaysia-May-2022-03.jpg?resize=900%2C500&ssl=1
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 900x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 87bf5d8158730fec10d4226c665de4c6
1b542ae20c10c81356423fca0467deb07a37c9c2
dec99afe6129d51de5ee1fe4fa6b38fb882d410f3a1aa78d27f89a8785a2decb
GET /www.techarp.com/wp-content/uploads/2022/05/Passport-renewal-Malaysia-May-2022-03.jpg?resize=900%2C500&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://horaciostiedemann.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 07 Sep 2022 19:16:44 GMT
content-type: image/webp
content-length: 71642
last-modified: Wed, 07 Sep 2022 19:16:44 GMT
expires: Sat, 07 Sep 2024 07:16:44 GMT
cache-control: public, max-age=63115200
link: <https://www.techarp.com/wp-content/uploads/2022/05/Passport-renewal-Malaysia-May-2022-03.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "6fd50e25dc946854"
vary: Accept
x-nc: MISS arn 3
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i1.wp.com/img.youtube.com/vi/g5FBdqg9gAk/mqdefault.jpg
192.0.77.2302 Found 138 B URL HTTP/2 i1.wp.com/img.youtube.com/vi/g5FBdqg9gAk/mqdefault.jpg
IP 192.0.77.2:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash aff950cab4c0265e21d401db15f1026d
f03e18461817f7a6546c8bf8fa8d686d7e30aca0
753e0dd54f28c4f7009b9c0b18a68aed175416bd8b7d134858264586eaac56f0
GET /img.youtube.com/vi/g5FBdqg9gAk/mqdefault.jpg HTTP/1.1
Host: i1.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://horaciostiedemann.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx
date: Wed, 07 Sep 2022 19:16:44 GMT
content-type: text/html
content-length: 138
location: https://img.youtube.com/vi/g5FBdqg9gAk/mqdefault.jpg
x-nc: MISS arn 7
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.39200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.39:0
Hash 1a2adb6d06ff306d9d3118213e27e532
b0c6dede44100d653ac05c260c3c6a15a60f13f1
624d5505fb673fd21dacda10f774ee3d19f9c3c33db688473b3b7c55f5cc5c11
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 07 Sep 2022 19:16:44 GMT
Last-Modified: Wed, 07 Sep 2022 17:31:08 GMT
Server: ECS (nyb/1D25)
X-Cache: Miss from cloudfront
Via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: NySoNd5W1MGH5rOr-b5WO0s6jOzL6xFUBxcgKAwGHj0cqyMT8V8y8w==
Age: 6336
simplewebanalysis.com/stats
52.28.172.243200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 52.28.172.243:0
File type ASCII text, with no line terminators
Hash 9da13e0e868ef8f4bc2766b322d153bb
3a4c7f8cb9f462eda5de443396153a602ed4003c
5ef17962b0a499b2cb356ed76e2530c1c5dc16ab1ae38cba4107dacf1be0421a
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://horaciostiedemann.blogspot.com
Connection: keep-alive
Referer: https://horaciostiedemann.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Sep 2022 19:16:44 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://horaciostiedemann.blogspot.com
access-control-allow-credentials: true
set-cookie: uid_id2=951ee743-6960-4359-9685-40d08eedc43c:3:1; expires=Sat, 04 Sep 2032 19:16:44 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 8fc7316fab55e89a81536e926eab6f83
7fcab743b176312e76999b39a1b2a3b97dbeb10f
8178b9805611209f5c47dce32da555117870a90648e026d08cc691a4103169a7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 19:16:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i0.wp.com/hazeldiary.com/wp-content/uploads/2019/01/Malaysia-Passport-Renewal.jpg
192.0.77.2200 OK 49 kB URL HTTP/2 i0.wp.com/hazeldiary.com/wp-content/uploads/2019/01/Malaysia-Passport-Renewal.jpg
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 807x605, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 7d6d267a3587a7225289b5fa622a5765
b67d739de9878eb11386775e4bbe6669ee88066c
62639cb0c0f25e9b4bd05d115bb3b4c0eb9aac125f4702dd285d233fdfc21dfd
GET /hazeldiary.com/wp-content/uploads/2019/01/Malaysia-Passport-Renewal.jpg HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://horaciostiedemann.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Sep 2022 19:16:44 GMT
content-type: image/webp
content-length: 48732
last-modified: Wed, 07 Sep 2022 19:16:44 GMT
expires: Sat, 07 Sep 2024 07:16:44 GMT
cache-control: public, max-age=63115200
link: <http://hazeldiary.com/wp-content/uploads/2019/01/Malaysia-Passport-Renewal.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "80b72933653dcbaa"
vary: Accept
x-nc: MISS arn 2
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/www.passport.my/images/imi_offices/imi_utc_pudu_sentral.jpg
192.0.77.2200 OK 71 kB URL HTTP/2 i0.wp.com/www.passport.my/images/imi_offices/imi_utc_pudu_sentral.jpg
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 930x625, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 09f1af7d8a24d8c0beed99323f9c675a
43416de583b37fa1ff04edc01fc99dcbeddee10f
b88b0e254e8eec5098aaca4362d38e5e185a6a021ac3dcf4334fa05aa9abfcb1
GET /www.passport.my/images/imi_offices/imi_utc_pudu_sentral.jpg HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://horaciostiedemann.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Sep 2022 19:16:44 GMT
content-type: image/webp
content-length: 71284
last-modified: Wed, 07 Sep 2022 19:16:44 GMT
expires: Sat, 07 Sep 2024 07:16:44 GMT
cache-control: public, max-age=63115200
link: <http://www.passport.my/images/imi_offices/imi_utc_pudu_sentral.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "2cbdf64c7e4ce037"
vary: Accept
x-nc: MISS arn 6
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i1.wp.com/apicms.thestar.com.my/uploads/images/2020/06/13/718772.jpg
192.0.77.2200 OK 134 kB URL HTTP/2 i1.wp.com/apicms.thestar.com.my/uploads/images/2020/06/13/718772.jpg
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1240x846, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size 134 kB (133914 bytes)
Hash acadbc8f9d9b3d5ffc359f5122cd664d
0962533847373874e05e9bd2f756d61732b103c2
049a554cd66cb0d1b62a4313c9e286d87856199bb3ef6f05594678d9619ce499
GET /apicms.thestar.com.my/uploads/images/2020/06/13/718772.jpg HTTP/1.1
Host: i1.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://horaciostiedemann.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 07 Sep 2022 19:16:44 GMT
content-type: image/webp
content-length: 133914
last-modified: Wed, 07 Sep 2022 19:16:44 GMT
expires: Sat, 07 Sep 2024 07:16:44 GMT
cache-control: public, max-age=63115200
link: <http://apicms.thestar.com.my/uploads/images/2020/06/13/718772.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "0b3c58434abc1341"
vary: Accept
x-nc: MISS arn 4
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i1.wp.com/imgv2-2-f.scribdassets.com/img/document/374406502/original/0c1be16ef3/1659128698?v=1
192.0.77.2200 OK 101 kB URL HTTP/2 i1.wp.com/imgv2-2-f.scribdassets.com/img/document/374406502/original/0c1be16ef3/1659128698?v=1
IP 192.0.77.2:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 768x1024, components 3\012- data
Size 101 kB (100855 bytes)
Hash a4e94df93e9f0df847cbe6ed474117e7
8cc8e44dd927cb959cd2f768efb85c7b37f45cbd
57562232edd5cbb70a57c0f643a619896afa1ca27a8c731c05b771677bc554bd
GET /imgv2-2-f.scribdassets.com/img/document/374406502/original/0c1be16ef3/1659128698?v=1 HTTP/1.1
Host: i1.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://horaciostiedemann.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Sep 2022 19:16:45 GMT
content-type: image/jpeg
content-length: 100855
last-modified: Wed, 07 Sep 2022 19:16:45 GMT
expires: Sat, 07 Sep 2024 07:16:45 GMT
cache-control: public, max-age=63115200
link: <http://imgv2-2-f.scribdassets.com/img/document/374406502/original/0c1be16ef3/1659128698>; rel="canonical"
x-content-type-options: nosniff
etag: "8c857d98de99bee0"
x-bytes-saved: 18718
vary: Accept
x-nc: MISS arn 3
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4847
Expires: Wed, 07 Sep 2022 20:37:32 GMT
Date: Wed, 07 Sep 2022 19:16:45 GMT
Connection: keep-alive
i1.wp.com/cdn.worldofbuzz.com/wp-content/uploads/2022/04/ft-utc.jpg?strip=all&lossy=1&quality=92&ssl=1
192.0.77.2200 OK 503 B URL HTTP/2 i1.wp.com/cdn.worldofbuzz.com/wp-content/uploads/2022/04/ft-utc.jpg?strip=all&lossy=1&quality=92&ssl=1
IP 192.0.77.2:0
Hash 7b37420aa6c3f2c8c169157a49e67c1a
4c4942c5e9a3a55c157b0a251fda6939baa65739
056bab003ae25d85fc3bf70208842d94abf096fa009aa72f54421d15215f7490
GET /cdn.worldofbuzz.com/wp-content/uploads/2022/04/ft-utc.jpg?strip=all&lossy=1&quality=92&ssl=1 HTTP/1.1
Host: i1.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://horaciostiedemann.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Sep 2022 19:16:43 GMT
content-type: image/webp
content-length: 61706
last-modified: Wed, 07 Sep 2022 19:16:43 GMT
expires: Sat, 07 Sep 2024 07:16:43 GMT
cache-control: public, max-age=63115200
link: <https://cdn.worldofbuzz.com/wp-content/uploads/2022/04/ft-utc.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "07892161e46f5215"
vary: Accept
x-nc: MISS arn 4
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4847
Expires: Wed, 07 Sep 2022 20:37:32 GMT
Date: Wed, 07 Sep 2022 19:16:45 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4847
Expires: Wed, 07 Sep 2022 20:37:32 GMT
Date: Wed, 07 Sep 2022 19:16:45 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0766520-2dbc-4f52-b0e2-1a908af4cd29.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0766520-2dbc-4f52-b0e2-1a908af4cd29.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1462b0c8fff091f29c7c5145031c08aa
55154c3878e9650f463805c3829f03a1603f14c1
62f913a6498b21da33451e7cf0e37c5fdef565324bcd35d93cb536527394a3d5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0766520-2dbc-4f52-b0e2-1a908af4cd29.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11778
x-amzn-requestid: 0054ce27-72f6-4161-90d0-eeb20d9c9537
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YDqcrEczIAMFqlg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6317bdea-0c3e511533c91b783a458f2b;Sampled=0
x-amzn-remapped-date: Tue, 06 Sep 2022 21:38:50 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Q4n9f959aCshN6qgQ2LWVSUTmSd4hvjWyF2GNdsR1_asVSdFKxXsqw==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 21:41:08 GMT
age: 77737
etag: "55154c3878e9650f463805c3829f03a1603f14c1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faba86944-df9f-4d50-9b10-d50644b978e3.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faba86944-df9f-4d50-9b10-d50644b978e3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4f29d8aaae2d67c27c58001e7553dea7
5200b601017ce86614783b76fd2a775c1c48d4e9
6b55c4d692cf584e0319b07251d9845749fe8954062dab66e003dd2706451504
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faba86944-df9f-4d50-9b10-d50644b978e3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4805
x-amzn-requestid: 270858f2-c94d-4047-8e3b-c49a5a603610
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XjbiJHuZoAMFpSg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630ad940-3ba2164762e4f74227b6a23b;Sampled=0
x-amzn-remapped-date: Sun, 28 Aug 2022 02:56:00 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: do30zKZmrP_j4feGGu8G39ibskE4dXxTL8YzpAR7PCFpQuJalYeJqA==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 21:57:13 GMT
age: 76772
etag: "5200b601017ce86614783b76fd2a775c1c48d4e9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9fc5baf3-df02-4e98-9312-7ed0ef0b8638.jpeg
34.120.237.76200 OK 3.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9fc5baf3-df02-4e98-9312-7ed0ef0b8638.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 932f4d99fb1927aae3010e00472b38c3
b95ee99dafca1695d6b86763fce0ceb058f40ef3
da9dbade65f50c1f9ca10956dc863759dd1e0cdf7e28721c79831c288d3ae24e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9fc5baf3-df02-4e98-9312-7ed0ef0b8638.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3604
x-amzn-requestid: 193380c8-0d3a-4b81-9429-fa4cb4cf136e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YDq26FI7oAMFpOw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6317be92-2f435ce33c4469de425b11a3;Sampled=0
x-amzn-remapped-date: Tue, 06 Sep 2022 21:41:38 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 6MhayVPx_iJ_mgJzUfuOsFeBgAK21RktvWOwrX3Rvk3WIElEek1LFA==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 21:49:33 GMT
etag: "b95ee99dafca1695d6b86763fce0ceb058f40ef3"
content-type: image/jpeg
age: 77232
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe3ef55d7-b6c2-4550-aff3-c9052f7d4816.jpeg
34.120.237.76200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe3ef55d7-b6c2-4550-aff3-c9052f7d4816.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f922505178de0cea92eedcfda85a9f67
50f1459de01174e594e03e7df4dfaa8eb1798672
981cd58768d6ad841673add855ddcc7106fbc85de05db9a1bd2d6bc8928b4c2c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe3ef55d7-b6c2-4550-aff3-c9052f7d4816.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6214
x-amzn-requestid: 46a44af0-e547-49e8-bc39-f6c49d94e375
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xj_0HFKbIAMFRbg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630b134d-0297c83c305422fa51b86dcf;Sampled=0
x-amzn-remapped-date: Sun, 28 Aug 2022 07:03:41 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: _ZKcuRO8Z6wBMdm79iDZj5uRYk4YYpYJqOoG8hZqY81O0R7hfbe5bQ==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Sep 2022 05:12:06 GMT
age: 50679
etag: "50f1459de01174e594e03e7df4dfaa8eb1798672"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1b220c7c-ed68-4f56-82a7-5748d044635a.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1b220c7c-ed68-4f56-82a7-5748d044635a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 70c964498818242b742575cfa1769b67
cde85fbe83c9e29618edf4e05002bd623e3ab965
bdb0e76fe216f742789ba5a77645c640fe0c7f207707181e618fa31d4cf58605
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1b220c7c-ed68-4f56-82a7-5748d044635a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8462
x-amzn-requestid: 1a501a0a-2671-468b-885b-2a2efb73bc2e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YDq64HbCIAMFjGg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6317beab-395f6d1436b027ee60d00abd;Sampled=0
x-amzn-remapped-date: Tue, 06 Sep 2022 21:42:03 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: ZWf6CXKcClMXAXmFXNp0sxVCMUFyZqhhh7B83tJMX_jvteLRDzG8QA==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 21:42:04 GMT
etag: "cde85fbe83c9e29618edf4e05002bd623e3ab965"
content-type: image/jpeg
age: 77681
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8510bf06-7808-4fda-a5d9-b75fc73021c9.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8510bf06-7808-4fda-a5d9-b75fc73021c9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 79f4356c488498012cc7fc03be21e3df
dd9cd9b711d7112efa85eff8a798346dbd7d5f5f
ebd84bf1db6b39b92be1020c7ea5c32eaa23dfb347ec83941d5bc56e80855ebc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8510bf06-7808-4fda-a5d9-b75fc73021c9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12661
x-amzn-requestid: 71ef9e09-ccf1-4930-865d-665ece4bf3a6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X3hXnFnXIAMFqKQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6312e296-627daf7c7ad3e23a60b183cd;Sampled=0
x-amzn-remapped-date: Sat, 03 Sep 2022 05:13:58 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: xwunW741LulZXvM0har5nqrcCiyYoUwvhCWiPsEvs5P2VKSe476_Cw==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 22:14:32 GMT
etag: "dd9cd9b711d7112efa85eff8a798346dbd7d5f5f"
content-type: image/jpeg
age: 75733
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
graduatewonderentreaty.com/watch.1549395295730.js?key=bc8d59f796233b632b8846bc72a15192&kw=%5B%22utc%22%2C%22pudu%22%2C%22immigration%22%2C%22appointment%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22renew%22%2C%22malaysian%22%2C%22passport%22%2C%22online%22%2C%222022%22%2C%22utc%22%2C%22pudu%22%2C%22sentral%22%2C%22miriam%22%2C%22merrygoround%22%2C%22-%22%2C%22horacio%22%2C%22stiedemann%22%5D&refer=https%3A%2F%2Fhoraciostiedemann.blogspot.com%2F2022%2F08%2Futc-pudu-immigration-appointment-how-to.html&tz=0&dev=r&res=12.31&uuid=951ee743-6960-4359-9685-40d08eedc43c%3A3%3A1
209.192.156.20307 Temporary Redirect 0 B URL HTTP/1.1 graduatewonderentreaty.com/watch.1549395295730.js?key=bc8d59f796233b632b8846bc72a15192&kw=%5B%22utc%22%2C%22pudu%22%2C%22immigration%22%2C%22appointment%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22renew%22%2C%22malaysian%22%2C%22passport%22%2C%22online%22%2C%222022%22%2C%22utc%22%2C%22pudu%22%2C%22sentral%22%2C%22miriam%22%2C%22merrygoround%22%2C%22-%22%2C%22horacio%22%2C%22stiedemann%22%5D&refer=https%3A%2F%2Fhoraciostiedemann.blogspot.com%2F2022%2F08%2Futc-pudu-immigration-appointment-how-to.html&tz=0&dev=r&res=12.31&uuid=951ee743-6960-4359-9685-40d08eedc43c%3A3%3A1
IP 209.192.156.20:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1549395295730.js?key=bc8d59f796233b632b8846bc72a15192&kw=%5B%22utc%22%2C%22pudu%22%2C%22immigration%22%2C%22appointment%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22renew%22%2C%22malaysian%22%2C%22passport%22%2C%22online%22%2C%222022%22%2C%22utc%22%2C%22pudu%22%2C%22sentral%22%2C%22miriam%22%2C%22merrygoround%22%2C%22-%22%2C%22horacio%22%2C%22stiedemann%22%5D&refer=https%3A%2F%2Fhoraciostiedemann.blogspot.com%2F2022%2F08%2Futc-pudu-immigration-appointment-how-to.html&tz=0&dev=r&res=12.31&uuid=951ee743-6960-4359-9685-40d08eedc43c%3A3%3A1 HTTP/1.1
Host: graduatewonderentreaty.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://horaciostiedemann.blogspot.com
Connection: keep-alive
Referer: https://horaciostiedemann.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Wed, 07 Sep 2022 19:16:45 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://horaciostiedemann.blogspot.com
Access-Control-Allow-Origin: https://horaciostiedemann.blogspot.com
Access-Control-Allow-Credentials: true
Location: https://graduatewonderentreaty.com/watch.1549395295730.js?key=bc8d59f796233b632b8846bc72a15192&kw=%5B%22utc%22%2C%22pudu%22%2C%22immigration%22%2C%22appointment%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22renew%22%2C%22malaysian%22%2C%22passport%22%2C%22online%22%2C%222022%22%2C%22utc%22%2C%22pudu%22%2C%22sentral%22%2C%22miriam%22%2C%22merrygoround%22%2C%22-%22%2C%22horacio%22%2C%22stiedemann%22%5D&refer=https%3A%2F%2Fhoraciostiedemann.blogspot.com%2F2022%2F08%2Futc-pudu-immigration-appointment-how-to.html&tz=0&dev=r&res=12.31&uuid=951ee743-6960-4359-9685-40d08eedc43c%3A3%3A1&shu=11bb0d02e6b3ddf7357b7513bfdd34cc3ea07de9f6e09b488eccea884330bf9c16b4736402825767239082947d958521cf62d06e9632ecd51f680f39ee7ffc5c5e6ad308491eac9d381ba86b28b0b8c507c04df9de8f4c0d2b428b0bc41a79&pst=1662578265&rmtc=t
Set-Cookie: u_pl=15928454; expires=Thu, 08 Sep 2022 19:16:45 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNTkyODQ1NCwiayI6ImJjOGQ1OWY3OTYyMzNiNjMyYjg4NDZiYzcyYTE1MTkyIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxMzY2MzI0LCJwaWQiOjEzODg5NiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyMCwiYWlkIjo1LCJwdCI6NCwicGsiOiJrZWQwanFuaXN6IiwiY3BrcyI6eyAiMjgiOiI0NDEwOGQxODA1NTc2OTQ3NjAxNWY0MjQyY2Y3ZDIyZCIsIjI5IjoiZGFjZTg4N2QwMzlmMDg4YWUwZDk5NTJhOGI4Y2IwNjAifSwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjc5OTU0MTk2LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjExNjY3MCwiYm4iOiJGaXJlZm94IiwiYnYiOiI5Ni4wIiwid3YiOmZhbHNlLCJlIjpmYWxzZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL2hvcmFjaW9zdGllZGVtYW5uLmJsb2dzcG90LmNvbS8yMDIyLzA4L3V0Yy1wdWR1LWltbWlncmF0aW9uLWFwcG9pbnRtZW50LWhvdy10by5odG1sIn19.9gj6gW16PMhhc2VYdug6Z-nZCy3x6B0I_mbmL7me030; expires=Wed, 07 Sep 2022 19:17:45 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 5a53dee49fa694bda7713096348ea266
Strict-Transport-Security: max-age=0; includeSubdomains
i0.wp.com/www.moe.gov.my/joomlatools-files/docman-images/generated/9ce3c52fc54362e22053399d3181c638.jpg
192.0.77.2200 OK 22 kB URL HTTP/2 i0.wp.com/www.moe.gov.my/joomlatools-files/docman-images/generated/9ce3c52fc54362e22053399d3181c638.jpg
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 362x512, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 3167a6647889c76d4dec7977b3c5210b
cb487917429acd269da22c17b0a5fe66631ac1a0
bbe54b709b118a200321f20b3968316baaae7ca1008b45a4962ebf6dcbb363b6
GET /www.moe.gov.my/joomlatools-files/docman-images/generated/9ce3c52fc54362e22053399d3181c638.jpg HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://horaciostiedemann.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Sep 2022 19:16:45 GMT
content-type: image/webp
content-length: 21730
last-modified: Wed, 07 Sep 2022 19:16:45 GMT
expires: Sat, 07 Sep 2024 07:16:45 GMT
cache-control: public, max-age=63115200
link: <http://www.moe.gov.my/joomlatools-files/docman-images/generated/9ce3c52fc54362e22053399d3181c638.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "3f84e6854e25a9c6"
vary: Accept
x-nc: MISS arn 1
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
graduatewonderentreaty.com/watch.1549395295730.js?key=bc8d59f796233b632b8846bc72a15192&kw=%5B%22utc%22%2C%22pudu%22%2C%22immigration%22%2C%22appointment%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22renew%22%2C%22malaysian%22%2C%22passport%22%2C%22online%22%2C%222022%22%2C%22utc%22%2C%22pudu%22%2C%22sentral%22%2C%22miriam%22%2C%22merrygoround%22%2C%22-%22%2C%22horacio%22%2C%22stiedemann%22%5D&refer=https%3A%2F%2Fhoraciostiedemann.blogspot.com%2F2022%2F08%2Futc-pudu-immigration-appointment-how-to.html&tz=0&dev=r&res=12.31&uuid=951ee743-6960-4359-9685-40d08eedc43c%3A3%3A1&shu=11bb0d02e6b3ddf7357b7513bfdd34cc3ea07de9f6e09b488eccea884330bf9c16b4736402825767239082947d958521cf62d06e9632ecd51f680f39ee7ffc5c5e6ad308491eac9d381ba86b28b0b8c507c04df9de8f4c0d2b428b0bc41a79&pst=1662578265&rmtc=t
209.192.156.20200 OK 2.1 kB URL HTTP/1.1 graduatewonderentreaty.com/watch.1549395295730.js?key=bc8d59f796233b632b8846bc72a15192&kw=%5B%22utc%22%2C%22pudu%22%2C%22immigration%22%2C%22appointment%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22renew%22%2C%22malaysian%22%2C%22passport%22%2C%22online%22%2C%222022%22%2C%22utc%22%2C%22pudu%22%2C%22sentral%22%2C%22miriam%22%2C%22merrygoround%22%2C%22-%22%2C%22horacio%22%2C%22stiedemann%22%5D&refer=https%3A%2F%2Fhoraciostiedemann.blogspot.com%2F2022%2F08%2Futc-pudu-immigration-appointment-how-to.html&tz=0&dev=r&res=12.31&uuid=951ee743-6960-4359-9685-40d08eedc43c%3A3%3A1&shu=11bb0d02e6b3ddf7357b7513bfdd34cc3ea07de9f6e09b488eccea884330bf9c16b4736402825767239082947d958521cf62d06e9632ecd51f680f39ee7ffc5c5e6ad308491eac9d381ba86b28b0b8c507c04df9de8f4c0d2b428b0bc41a79&pst=1662578265&rmtc=t
IP 209.192.156.20:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (2668)
Hash 632837d0270a94d1558a268fc26aae81
d0c5c52ff725aa34c9ca729ed46e33c8489d175f
51d8c25b1d69cd1a3e43866baf6f708496571a348487ff92b01511ea30f6797b
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1549395295730.js?key=bc8d59f796233b632b8846bc72a15192&kw=%5B%22utc%22%2C%22pudu%22%2C%22immigration%22%2C%22appointment%22%2C%22-%22%2C%22how%22%2C%22to%22%2C%22renew%22%2C%22malaysian%22%2C%22passport%22%2C%22online%22%2C%222022%22%2C%22utc%22%2C%22pudu%22%2C%22sentral%22%2C%22miriam%22%2C%22merrygoround%22%2C%22-%22%2C%22horacio%22%2C%22stiedemann%22%5D&refer=https%3A%2F%2Fhoraciostiedemann.blogspot.com%2F2022%2F08%2Futc-pudu-immigration-appointment-how-to.html&tz=0&dev=r&res=12.31&uuid=951ee743-6960-4359-9685-40d08eedc43c%3A3%3A1&shu=11bb0d02e6b3ddf7357b7513bfdd34cc3ea07de9f6e09b488eccea884330bf9c16b4736402825767239082947d958521cf62d06e9632ecd51f680f39ee7ffc5c5e6ad308491eac9d381ba86b28b0b8c507c04df9de8f4c0d2b428b0bc41a79&pst=1662578265&rmtc=t HTTP/1.1
Host: graduatewonderentreaty.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://horaciostiedemann.blogspot.com
Referer: https://horaciostiedemann.blogspot.com/
Connection: keep-alive
Cookie: u_pl=15928454; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNTkyODQ1NCwiayI6ImJjOGQ1OWY3OTYyMzNiNjMyYjg4NDZiYzcyYTE1MTkyIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxMzY2MzI0LCJwaWQiOjEzODg5NiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyMCwiYWlkIjo1LCJwdCI6NCwicGsiOiJrZWQwanFuaXN6IiwiY3BrcyI6eyAiMjgiOiI0NDEwOGQxODA1NTc2OTQ3NjAxNWY0MjQyY2Y3ZDIyZCIsIjI5IjoiZGFjZTg4N2QwMzlmMDg4YWUwZDk5NTJhOGI4Y2IwNjAifSwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjc5OTU0MTk2LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjExNjY3MCwiYm4iOiJGaXJlZm94IiwiYnYiOiI5Ni4wIiwid3YiOmZhbHNlLCJlIjpmYWxzZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL2hvcmFjaW9zdGllZGVtYW5uLmJsb2dzcG90LmNvbS8yMDIyLzA4L3V0Yy1wdWR1LWltbWlncmF0aW9uLWFwcG9pbnRtZW50LWhvdy10by5odG1sIn19.9gj6gW16PMhhc2VYdug6Z-nZCy3x6B0I_mbmL7me030
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 07 Sep 2022 19:16:45 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://horaciostiedemann.blogspot.com
Access-Control-Allow-Origin: https://horaciostiedemann.blogspot.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=951ee743-6960-4359-9685-40d08eedc43c:3:1; expires=Wed, 14 Sep 2022 19:16:45 GMT; secure; SameSite=None
iprcad9fac104ec79218a2b54fa3710e0577=3569806; expires=Wed, 07 Sep 2022 23:16:45 GMT; secure; SameSite=None
pdhtkv=true; expires=Thu, 08 Sep 2022 19:16:45 GMT; secure; SameSite=None
uncs=1; expires=Thu, 08 Sep 2022 19:16:45 GMT; secure; SameSite=None
pdhtkv5=true; expires=Thu, 08 Sep 2022 19:16:45 GMT; secure; SameSite=None
uncs5=1; expires=Thu, 08 Sep 2022 19:16:45 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 2214f1d9cc11a786224d876ab477d6a3
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
graduatewonderentreaty.com/da/ce/88/dace887d039f088ae0d9952a8b8cb060.js
209.192.156.20200 OK 13 kB URL HTTP/1.1 graduatewonderentreaty.com/da/ce/88/dace887d039f088ae0d9952a8b8cb060.js
IP 209.192.156.20:0
File type ASCII text, with very long lines (37124), with no line terminators
Hash ab93e7df27a804c801fc02a808f8be2e
c0409d83726b42b82d2833ffa6a4f78d338cad06
dd9bf2a6976fbd8b6bc8e3dbaebc57a4af884827daf86d7d99d2939fb3add25b
Analyzer Verdict Alert quad9 Sinkholed
GET /da/ce/88/dace887d039f088ae0d9952a8b8cb060.js HTTP/1.1
Host: graduatewonderentreaty.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://horaciostiedemann.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 07 Sep 2022 19:16:45 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 9a899035864e1eed380f54a05301e30b
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7c34afdb543f36633ccaa1856798ce9b
568d09d760f3b498376e86a26b13345bd53cd217
54daf99f14294bd52d5f516aa5cec0584b8a43daae4525fabb7692f9f114af5b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "54DAF99F14294BD52D5F516AA5CEC0584B8A43DAAE4525FABB7692F9F114AF5B"
Last-Modified: Wed, 07 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5363
Expires: Wed, 07 Sep 2022 20:46:08 GMT
Date: Wed, 07 Sep 2022 19:16:45 GMT
Connection: keep-alive
cdn.cloudimagesb.com/cti/7d/00/a0/7d00a008556ebc4e68d1de531274e928/1658920033.png
45.133.44.10200 OK 144 kB URL HTTP/2 cdn.cloudimagesb.com/cti/7d/00/a0/7d00a008556ebc4e68d1de531274e928/1658920033.png
IP 45.133.44.10:0
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 300 x 250, 8-bit/color RGBA, non-interlaced\012- data
Size 144 kB (144379 bytes)
Hash 33c304429dc1a4408a96e6a74ffa2feb
c45fa8e65528d1bb2b46bf8a28af9eeaa1903d04
dbed482e5948ead5587d30a22306a5b611305f704de940bd22c76daf90e0a314
GET /cti/7d/00/a0/7d00a008556ebc4e68d1de531274e928/1658920033.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Sep 2022 19:16:45 GMT
content-type: image/png
content-length: 144379
server: nginx/1.17.6
last-modified: Wed, 27 Jul 2022 11:07:21 GMT
etag: "62e11c69-233fb"
expires: Fri, 09 Sep 2022 19:16:45 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
i0.wp.com/waupost.com/wp-content/uploads/2022/04/petitionft1-1.png
192.0.77.2200 OK 652 kB URL HTTP/2 i0.wp.com/waupost.com/wp-content/uploads/2022/04/petitionft1-1.png
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image\012- data
Size 652 kB (651822 bytes)
Hash 1eceddd38b47a1e8afbbc3c25de477a2
06edcf09cef787cfe7ce47162802a78aa08ce49f
634f59c55a889320eb1263f2a68098a238ca1a6cfe4bc12972efc8189c24e7ab
GET /waupost.com/wp-content/uploads/2022/04/petitionft1-1.png HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://horaciostiedemann.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Sep 2022 19:16:46 GMT
content-type: image/webp
content-length: 651822
last-modified: Wed, 07 Sep 2022 19:16:46 GMT
expires: Sat, 07 Sep 2024 07:16:46 GMT
cache-control: public, max-age=63115200
link: <http://waupost.com/wp-content/uploads/2022/04/petitionft1-1.png>; rel="canonical"
x-content-type-options: nosniff
etag: "f39279a0751ad23d"
vary: Accept
x-nc: MISS arn 8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b2ef56bd5e1bb320ed12b28175abbaa3
6d48cd8181a653d642885419c1b07a9d487fc46a
f98a57503fa21121b9978ea5aeb6a8724ef86894e16d282c97e7568315382098
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F98A57503FA21121B9978EA5AEB6A8724EF86894E16D282C97E7568315382098"
Last-Modified: Tue, 06 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5328
Expires: Wed, 07 Sep 2022 20:45:34 GMT
Date: Wed, 07 Sep 2022 19:16:46 GMT
Connection: keep-alive
s10.histats.com/js15_as.js
46.105.201.240200 OK 4.4 kB URL HTTP/2 s10.histats.com/js15_as.js
IP 46.105.201.240:0
File type HTML document, ASCII text, with very long lines (11440), with no line terminators
Hash ed192092c129db6123a3397855f42619
067e9b8e26cf6246eb84c6b9cf3da0c192ce7b3e
998fff486a7fb38b6ed445edc36c9b317b70950cd39efcf4012ca641312fcee1
GET /js15_as.js HTTP/1.1
Host: s10.histats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://horaciostiedemann.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Sep 2022 19:10:33 GMT
etag: "-375139978"
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
x-request-id: 598574515
content-type: application/javascript; charset=UTF-8
content-encoding: br
x-cdn-pop: rbx1
x-cdn-pop-ip: 51.254.41.128/25
x-cacheable: Matched cache
accept-ranges: bytes
content-length: 4364
X-Firefox-Spdy: h2
i1.wp.com/radarpena.com/wp-content/uploads/2022/07/Hairani-Electrical-Global-.jpeg
192.0.77.2200 OK 27 kB URL HTTP/2 i1.wp.com/radarpena.com/wp-content/uploads/2022/07/Hairani-Electrical-Global-.jpeg
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 426x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash dcab99f035044fb250dffd186562c502
9dd3d848c24accfc298149c1ccf93c57cddbf820
8e459615eefc149d81273e1a2a46d1788d8c1584df0b13fb877c87996a367b8f
GET /radarpena.com/wp-content/uploads/2022/07/Hairani-Electrical-Global-.jpeg HTTP/1.1
Host: i1.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://horaciostiedemann.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Sep 2022 19:16:46 GMT
content-type: image/webp
content-length: 27432
last-modified: Wed, 07 Sep 2022 19:16:46 GMT
expires: Sat, 07 Sep 2024 07:16:46 GMT
cache-control: public, max-age=63115200
link: <http://radarpena.com/wp-content/uploads/2022/07/Hairani-Electrical-Global-.jpeg>; rel="canonical"
x-content-type-options: nosniff
etag: "42c88ce14cd70175"
vary: Accept
x-nc: MISS arn 5
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
s4.histats.com/stats/0.php?4633384&@f16&@g1&@h1&@i1&@j1662578199337&@k0&@l1&@mUtc%20Pudu%20Immigration%20Appointment%20-%20How%20To%20Renew%20Malaysian%20Passport%20Online%202022%20Utc%20Pudu%20Sentral%20Miriam%20Merrygoround%20-%20Horacio%20Stiedemann&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:20056648&@b3:1662578199&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fhoraciostiedemann.blogspot.com%2F2022%2F08%2Futc-pudu-immigration-appointment-how-to.html&@w
158.69.251.190200 OK 50 B URL HTTP/1.1 s4.histats.com/stats/0.php?4633384&@f16&@g1&@h1&@i1&@j1662578199337&@k0&@l1&@mUtc%20Pudu%20Immigration%20Appointment%20-%20How%20To%20Renew%20Malaysian%20Passport%20Online%202022%20Utc%20Pudu%20Sentral%20Miriam%20Merrygoround%20-%20Horacio%20Stiedemann&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:20056648&@b3:1662578199&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fhoraciostiedemann.blogspot.com%2F2022%2F08%2Futc-pudu-immigration-appointment-how-to.html&@w
IP 158.69.251.190:0
File type ASCII text, with no line terminators
Hash 644909b3291089505bb4ee440f033ab6
f0cde2c4ed4294ee62e702e7ff90ede0a5aa4e3d
85f2d331a39392d63802f7ea07ead1fb3d728076d5967a202a5fb4d8c6ce2a10
GET /stats/0.php?4633384&@f16&@g1&@h1&@i1&@j1662578199337&@k0&@l1&@mUtc%20Pudu%20Immigration%20Appointment%20-%20How%20To%20Renew%20Malaysian%20Passport%20Online%202022%20Utc%20Pudu%20Sentral%20Miriam%20Merrygoround%20-%20Horacio%20Stiedemann&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:20056648&@b3:1662578199&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fhoraciostiedemann.blogspot.com%2F2022%2F08%2Futc-pudu-immigration-appointment-how-to.html&@w HTTP/1.1
Host: s4.histats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://horaciostiedemann.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 07 Sep 2022 19:16:46 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 50
Connection: close
i1.wp.com/media.thevibes.com/images/uploads/articles/_extra-large/pudu_urban_transformation_centre_long_lines_fiasco_qistina_nadia_pic.jpg
192.0.77.2400 Bad Request 558 B URL HTTP/2 i1.wp.com/media.thevibes.com/images/uploads/articles/_extra-large/pudu_urban_transformation_centre_long_lines_fiasco_qistina_nadia_pic.jpg
IP 192.0.77.2:0
Hash 1e9f15ddb6a754435594d2adbfe86869
02708be622446f17bf6153fab67a10f757fbbd94
0eb7a3d8ce427d55e653e776478861753d25f221457d5d19a205ada7afb7f697
GET /media.thevibes.com/images/uploads/articles/_extra-large/pudu_urban_transformation_centre_long_lines_fiasco_qistina_nadia_pic.jpg HTTP/1.1
Host: i1.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://horaciostiedemann.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 400 Bad Request
server: nginx
date: Wed, 07 Sep 2022 19:16:46 GMT
content-type: text/html; charset=utf-8
x-nc: MISS arn 5
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash c2c07ed786b6b2c8faab1b19b485aef2
b079d6725961bc93a895c8550cf0213404a8b8e4
52be840fb45515a6efa32a05d6b4876405c1c3361aca36ab3b4772f18da4a80a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 19:16:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash c2c07ed786b6b2c8faab1b19b485aef2
b079d6725961bc93a895c8550cf0213404a8b8e4
52be840fb45515a6efa32a05d6b4876405c1c3361aca36ab3b4772f18da4a80a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 19:16:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash c2c07ed786b6b2c8faab1b19b485aef2
b079d6725961bc93a895c8550cf0213404a8b8e4
52be840fb45515a6efa32a05d6b4876405c1c3361aca36ab3b4772f18da4a80a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 19:16:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lh3.googleusercontent.com/blogger_img_proxy/ANbyha0F1GyasTcFbSIIq6Ui7sCuXJP0YFl8PZGHUbNrP4geLpWVdKfC-pb8rA9SWTy0Hv6yHTvt_nUSDVzySZz7bpHZe5hLhFUX3K5Mm0-SQ78VZFnT1-D-SS5jBgJjyC3sN6NQz9aCzRoD00PUwbzRMw=w100-h100-p-k-no-nu
142.250.74.1200 OK 1.7 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha0F1GyasTcFbSIIq6Ui7sCuXJP0YFl8PZGHUbNrP4geLpWVdKfC-pb8rA9SWTy0Hv6yHTvt_nUSDVzySZz7bpHZe5hLhFUX3K5Mm0-SQ78VZFnT1-D-SS5jBgJjyC3sN6NQz9aCzRoD00PUwbzRMw=w100-h100-p-k-no-nu
IP 142.250.74.1:0
File type GIF image data, version 89a, 100 x 100\012- data
Hash f5859b8cc5b1f88ce97bd8bfa75c8d04
92b669b84cd75dea29fd23cd7e2a07ddd2d63fa1
db4f529064dadfc20fb16abc884870eb637b3d365347ff19aa742f5ab2cb6f95
GET /blogger_img_proxy/ANbyha0F1GyasTcFbSIIq6Ui7sCuXJP0YFl8PZGHUbNrP4geLpWVdKfC-pb8rA9SWTy0Hv6yHTvt_nUSDVzySZz7bpHZe5hLhFUX3K5Mm0-SQ78VZFnT1-D-SS5jBgJjyC3sN6NQz9aCzRoD00PUwbzRMw=w100-h100-p-k-no-nu HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://horaciostiedemann.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
expires: Thu, 08 Sep 2022 19:16:47 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.gif"
content-type: image/gif
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Wed, 07 Sep 2022 19:16:47 GMT
server: fife
content-length: 1743
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash c2c07ed786b6b2c8faab1b19b485aef2
b079d6725961bc93a895c8550cf0213404a8b8e4
52be840fb45515a6efa32a05d6b4876405c1c3361aca36ab3b4772f18da4a80a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Sep 2022 19:16:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 601d02860a32cd0667c2b4b6d5746e29
cd419b7dbf9f54edca0ceca468d14627d70f0764
18b245d8cf9427a2fab1793342ec08d8b1967083aad465785540d7f6bbc1af01
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "18B245D8CF9427A2FAB1793342EC08D8B1967083AAD465785540D7F6BBC1AF01"
Last-Modified: Mon, 05 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5468
Expires: Wed, 07 Sep 2022 20:47:55 GMT
Date: Wed, 07 Sep 2022 19:16:47 GMT
Connection: keep-alive
lh3.googleusercontent.com/blogger_img_proxy/ANbyha33wUUuv4Y6IknwQ_qeRs9cdqRKBVEHpCiD6U721INylavbf6c8VzkaiAYnKgCvL-Y-tYk9zvFwxi2yYn1MwxSFshK3TkFfXp9AzVYze0g1HlIdI-7u6qIGnB62f2Jc9Lf8jm20-cD_Pr9Z0rxSF6E=w100-h100-p-k-no-nu
142.250.74.1200 OK 11 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha33wUUuv4Y6IknwQ_qeRs9cdqRKBVEHpCiD6U721INylavbf6c8VzkaiAYnKgCvL-Y-tYk9zvFwxi2yYn1MwxSFshK3TkFfXp9AzVYze0g1HlIdI-7u6qIGnB62f2Jc9Lf8jm20-cD_Pr9Z0rxSF6E=w100-h100-p-k-no-nu
IP 142.250.74.1:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, description=Passport Malaysia counter, Immigration Department is now back in business in PUTRAJAYA., software=Picasa], baseline, precision 8, 100x100, components 3\012- data
Hash 6ec116a4463557ce7d80b46646624007
54caa6f041b126d8c1b3e8e352f39d9df780a644
06ee1b0ee2dda90185b3ebdda7a852b68bd68f816e66988e8cc94f200d74ec6e
GET /blogger_img_proxy/ANbyha33wUUuv4Y6IknwQ_qeRs9cdqRKBVEHpCiD6U721INylavbf6c8VzkaiAYnKgCvL-Y-tYk9zvFwxi2yYn1MwxSFshK3TkFfXp9AzVYze0g1HlIdI-7u6qIGnB62f2Jc9Lf8jm20-cD_Pr9Z0rxSF6E=w100-h100-p-k-no-nu HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://horaciostiedemann.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
expires: Thu, 08 Sep 2022 19:16:47 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Wed, 07 Sep 2022 19:16:47 GMT
server: fife
content-length: 10881
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/blogger_img_proxy/ANbyha3ZZh1JhaHcjd4F2SNrYI71u6yQOlZfX_IZtQ8AR3oPC-1sewTcRslBHT5eFJWEXcRdykdbSk-KDVeXvORs1778x_ZDieYiTkNO2tY5VvcCafd1u9uhaRdpTqwZibiI8IkPcvkm0f5tFtagJsVwL4OUiIAdZyxL92HNXO6LCng6vqr_DFDx2-2-J0e_5UVxEA=w100-h100-p-k-no-nu
142.250.74.1200 OK 4.7 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha3ZZh1JhaHcjd4F2SNrYI71u6yQOlZfX_IZtQ8AR3oPC-1sewTcRslBHT5eFJWEXcRdykdbSk-KDVeXvORs1778x_ZDieYiTkNO2tY5VvcCafd1u9uhaRdpTqwZibiI8IkPcvkm0f5tFtagJsVwL4OUiIAdZyxL92HNXO6LCng6vqr_DFDx2-2-J0e_5UVxEA=w100-h100-p-k-no-nu
IP 142.250.74.1:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components 3\012- data
Hash 3b581be9d4cbf0c17367be76b6bd638e
c55f016f71f67672098483b28f074e253d9b238b
4786cd6e6b13573a81054ab74d206749ace8925493a48f03366d98da196e8740
GET /blogger_img_proxy/ANbyha3ZZh1JhaHcjd4F2SNrYI71u6yQOlZfX_IZtQ8AR3oPC-1sewTcRslBHT5eFJWEXcRdykdbSk-KDVeXvORs1778x_ZDieYiTkNO2tY5VvcCafd1u9uhaRdpTqwZibiI8IkPcvkm0f5tFtagJsVwL4OUiIAdZyxL92HNXO6LCng6vqr_DFDx2-2-J0e_5UVxEA=w100-h100-p-k-no-nu HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://horaciostiedemann.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
expires: Thu, 08 Sep 2022 19:16:47 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Wed, 07 Sep 2022 19:16:47 GMT
server: fife
content-length: 4658
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
unseenreport.com/pxf.gif?uuid=951ee743-6960-4359-9685-40d08eedc43c&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=0&pk=dace887d039f088ae0d9952a8b8cb060&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=19
192.243.59.13200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=951ee743-6960-4359-9685-40d08eedc43c&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=0&pk=dace887d039f088ae0d9952a8b8cb060&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=19
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=951ee743-6960-4359-9685-40d08eedc43c&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=0&pk=dace887d039f088ae0d9952a8b8cb060&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=19 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://horaciostiedemann.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Wed, 07 Sep 2022 19:16:47 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 2abe17e74504d7661eba469adcbe3dec
Strict-Transport-Security: max-age=0; includeSubdomains
lh3.googleusercontent.com/blogger_img_proxy/ANbyha2YpJyvDdKfuhKRY9Pb4G5hV4SXI6jV7X_9hzNvBa-cZ8miLzkgV6gCoOCOR7njbQ7GUz6SvLhm6GXxLtCTtA-RSEItiz2wx_ioeC9p3HS2C_guh7NSlB2A7ympHLVNtS7cZni2KIFJ4IAs6xbaXhrXSzTK-HXX1ghWYChWSR4JyWzkeyahwCJyrmBoJu4onEbIEeIwoF8MwHiosQ=w100-h100-p-k-no-nu
142.250.74.1200 OK 6.1 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha2YpJyvDdKfuhKRY9Pb4G5hV4SXI6jV7X_9hzNvBa-cZ8miLzkgV6gCoOCOR7njbQ7GUz6SvLhm6GXxLtCTtA-RSEItiz2wx_ioeC9p3HS2C_guh7NSlB2A7ympHLVNtS7cZni2KIFJ4IAs6xbaXhrXSzTK-HXX1ghWYChWSR4JyWzkeyahwCJyrmBoJu4onEbIEeIwoF8MwHiosQ=w100-h100-p-k-no-nu
IP 142.250.74.1:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 100x100, components 3\012- data
Hash cd0eab36fc9228ac1fef44afa381d2c1
24ac99c58722baced91f03ec824a11ebcf50e41d
ba25cdc06ba02385c52cde01a2444c269c9313262f5d211b17ed451470af2981
GET /blogger_img_proxy/ANbyha2YpJyvDdKfuhKRY9Pb4G5hV4SXI6jV7X_9hzNvBa-cZ8miLzkgV6gCoOCOR7njbQ7GUz6SvLhm6GXxLtCTtA-RSEItiz2wx_ioeC9p3HS2C_guh7NSlB2A7ympHLVNtS7cZni2KIFJ4IAs6xbaXhrXSzTK-HXX1ghWYChWSR4JyWzkeyahwCJyrmBoJu4onEbIEeIwoF8MwHiosQ=w100-h100-p-k-no-nu HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://horaciostiedemann.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
expires: Thu, 08 Sep 2022 19:16:47 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Wed, 07 Sep 2022 19:16:47 GMT
server: fife
content-length: 6108
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 45e712c7ece84652ac13df8dddf941ab
40387f552bf92ba6b6d4235aac06523d1d9526d4
34a539b2cc2f6e097022d08d7bec0e66aa3ea623490dc99ae14d17c4079824ab
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "34A539B2CC2F6E097022D08D7BEC0E66AA3EA623490DC99AE14D17C4079824AB"
Last-Modified: Tue, 06 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15189
Expires: Wed, 07 Sep 2022 23:30:00 GMT
Date: Wed, 07 Sep 2022 19:16:51 GMT
Connection: keep-alive
i0.wp.com/encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcQmSOL709oo8FT8OAhIbdrlzWIF6_NukBq5jQ&usqp=CAU
192.0.77.2404 Not Found 0 B URL HTTP/2 i0.wp.com/encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcQmSOL709oo8FT8OAhIbdrlzWIF6_NukBq5jQ&usqp=CAU
IP 192.0.77.2:0
GET /encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcQmSOL709oo8FT8OAhIbdrlzWIF6_NukBq5jQ&usqp=CAU HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://horaciostiedemann.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Wed, 07 Sep 2022 19:16:43 GMT
content-type: text/html; charset=utf-8
x-nc: MISS arn 8
X-Firefox-Spdy: h2
i0.wp.com/encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcQ14j3-k-5gyLbCktP9wTt_v3ZJsc8Ezq0I5Q&usqp=CAU
192.0.77.2404 Not Found 0 B URL HTTP/2 i0.wp.com/encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcQ14j3-k-5gyLbCktP9wTt_v3ZJsc8Ezq0I5Q&usqp=CAU
IP 192.0.77.2:0
GET /encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcQ14j3-k-5gyLbCktP9wTt_v3ZJsc8Ezq0I5Q&usqp=CAU HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://horaciostiedemann.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Wed, 07 Sep 2022 19:16:46 GMT
content-type: text/html; charset=utf-8
x-nc: MISS arn 8
X-Firefox-Spdy: h2
i1.wp.com//search?q=Pudu+Sentral&tbm=isch
192.0.77.2400 Bad Request 0 B URL HTTP/2 i1.wp.com//search?q=Pudu+Sentral&tbm=isch
IP 192.0.77.2:0
GET //search?q=Pudu+Sentral&tbm=isch HTTP/1.1
Host: i1.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://horaciostiedemann.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 400 Bad Request
server: nginx
date: Wed, 07 Sep 2022 19:16:43 GMT
content-type: text/html; charset=utf-8
x-nc: MISS arn 8
X-Firefox-Spdy: h2
i1.wp.com/encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcQy4hmTzI__y0cmq6aIdTuQfcNTF_kzeK-9Uw&usqp=CAU
192.0.77.2404 Not Found 0 B URL HTTP/2 i1.wp.com/encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcQy4hmTzI__y0cmq6aIdTuQfcNTF_kzeK-9Uw&usqp=CAU
IP 192.0.77.2:0
GET /encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcQy4hmTzI__y0cmq6aIdTuQfcNTF_kzeK-9Uw&usqp=CAU HTTP/1.1
Host: i1.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://horaciostiedemann.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Wed, 07 Sep 2022 19:16:43 GMT
content-type: text/html; charset=utf-8
x-nc: MISS arn 8
X-Firefox-Spdy: h2
bestbestfree.com/01bestbestfree.js
172.67.183.31200 OK 0 B URL HTTP/2 bestbestfree.com/01bestbestfree.js
IP 172.67.183.31:0
GET /01bestbestfree.js HTTP/1.1
Host: bestbestfree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://horaciostiedemann.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Sep 2022 19:16:43 GMT
content-type: application/javascript
last-modified: Tue, 18 Jan 2022 15:57:35 GMT
vary: Accept-Encoding
etag: W/"61e6e36f-34b8"
expires: Sun, 02 Oct 2022 07:34:02 GMT
cache-control: public, max-age=2592000
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: HIT
age: 474161
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F3jHYF1leyDFnNeo%2FY24lp8NHA5NHMPih%2FEODXZjGibhA3MjlKTWMlDhhxoQMAB7KqSI%2B7b0m99YxBoywtru0TwJ%2F7qi7%2BAejRswjoywvyxHj3kc%2F6YcSNa3AYVQI3t%2Bcxf7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7471c7ccbe881bfa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
i1.wp.com/lookaside.fbsbx.com/lookaside/crawler/media/?media_id=331245442303205
192.0.77.2404 Not Found 0 B URL HTTP/2 i1.wp.com/lookaside.fbsbx.com/lookaside/crawler/media/?media_id=331245442303205
IP 192.0.77.2:0
GET /lookaside.fbsbx.com/lookaside/crawler/media/?media_id=331245442303205 HTTP/1.1
Host: i1.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://horaciostiedemann.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Wed, 07 Sep 2022 19:16:43 GMT
content-type: text/html; charset=utf-8
x-nc: EXPIRED arn 7
X-Firefox-Spdy: h2
i1.wp.com/www.techarp.com/?attachment_id=44800&=1
192.0.77.2400 Bad Request 0 B URL HTTP/2 i1.wp.com/www.techarp.com/?attachment_id=44800&=1
IP 192.0.77.2:0
GET /www.techarp.com/?attachment_id=44800&=1 HTTP/1.1
Host: i1.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://horaciostiedemann.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 400 Bad Request
server: nginx
date: Wed, 07 Sep 2022 19:16:43 GMT
content-type: text/html; charset=utf-8
x-nc: MISS arn 3
X-Firefox-Spdy: h2
creepingbrings.com/sfp.js
104.21.234.232200 OK 0 B URL HTTP/2 creepingbrings.com/sfp.js
IP 104.21.234.232:0
GET /sfp.js HTTP/1.1
Host: creepingbrings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://horaciostiedemann.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Sep 2022 19:16:46 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 9dedc363a9a95e37f47248c958184c06
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Wed, 07 Sep 2022 19:16:45 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rSHD5KGs1IiqAcbsXaz%2BGim%2F%2BSZzUni%2F0c2togzj3vyIaHIcf3ZpRhHvdZYmo13rwtF7PzKCRYhpy5OvyVCo3GkC5UN2387GrU6XJeHzpi%2FUpKHiy7Aup3NK5bEcQ4tXzuKFM9Q%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7471c7d9e9cf75bd-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2