r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash d2e72d45afe3d391c204b5391599607c
149d68b9d00a720b6f380fa2324779dca9dbe26d
f6f1c295c68dfebadacb1fc812b44e01c7ede0e203615ef3e2cced2ce2251e7e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F6F1C295C68DFEBADACB1FC812B44E01C7EDE0E203615EF3E2CCED2CE2251E7E"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4882
Expires: Mon, 30 Jan 2023 14:22:07 GMT
Date: Mon, 30 Jan 2023 13:00:45 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 0c35c3ec659d3a26ea97e68d787bb043
d97e3672244efec5b7814f2d8a734cd1a9387854
4c946a026114ff05316d92277750facf3d5f5d162839149da0b7fb1a4cff6b5e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4C946A026114FF05316D92277750FACF3D5F5D162839149DA0B7FB1A4CFF6B5E"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4077
Expires: Mon, 30 Jan 2023 14:08:42 GMT
Date: Mon, 30 Jan 2023 13:00:45 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Retry-After, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 30 Jan 2023 12:35:42 GMT
content-type: application/json
age: 1503
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 09ee4b0fe6cf4ca5ed31b24452338d00
7e62b6e20f0d4737f4a8d94f9818a0883027839e
56da08e18a408d7313de4e598984a251a0ecf85bbba98b421be9aebeb98835af
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "56DA08E18A408D7313DE4E598984A251A0ECF85BBBA98B421BE9AEBEB98835AF"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6108
Expires: Mon, 30 Jan 2023 14:42:33 GMT
Date: Mon, 30 Jan 2023 13:00:45 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: St5g7+mkjactOrb3es0m9alhDDNyIhLpdQvp6zMruQuPZopfVs/HSJV46wwgMaenp30/ygDXCVE=
x-amz-request-id: ZX7J4S9QA6S07VVY
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 30 Jan 2023 12:21:47 GMT
age: 2338
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 13:00:45 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
thespecialreports.blogspot.com/2023/01/here-which-of-following-statements.html
142.250.74.1301 Moved Permanently 219 B URL HTTP/1.1 thespecialreports.blogspot.com/2023/01/here-which-of-following-statements.html
IP 142.250.74.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash c125ccc63b8d1f49528451b6de5130bc
c5929d76a9f281f4737a5e498bd0655e97004853
4a40b2a9da83edb421d9cb13bb8b60bc7c789a046493fd5dd4ddebdba1ee7847
GET /2023/01/here-which-of-following-statements.html HTTP/1.1
Host: thespecialreports.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Location: https://thespecialreports.blogspot.com/2023/01/here-which-of-following-statements.html
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Mon, 30 Jan 2023 13:00:46 GMT
Expires: Mon, 30 Jan 2023 13:00:46 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 219
Server: GSE
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Last-Modified, ETag, Content-Length, Expires, Cache-Control, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 30 Jan 2023 12:41:41 GMT
age: 1145
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 07dcea82ca0677d77347c58bcd943425
b0882a71b171ddf5c333f71151db2dd4a80e4c39
b6005a8ac35ada7bfc816a964f9af962c0835b041e63466b0a18a42696786b57
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 13:00:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 22b9916fc1fafc9bdc9bb37f9eac8a9a
86f640e134a741a0f906a8e3a0f5c6659dd0e394
a29ee843c8a39551a1507cc6ad949ad509e33aaae8b72c58ac4884bad8b0b38e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A29EE843C8A39551A1507CC6AD949AD509E33AAAE8B72C58AC4884BAD8B0B38E"
Last-Modified: Sun, 29 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17001
Expires: Mon, 30 Jan 2023 17:44:07 GMT
Date: Mon, 30 Jan 2023 13:00:46 GMT
Connection: keep-alive
push.services.mozilla.com/
52.10.73.188101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.10.73.188:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: FcjWiatE/662pVlkvs/ZxQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: rO/NWAc+cYgy/3midtBTPc5hAUQ=
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 07dcea82ca0677d77347c58bcd943425
b0882a71b171ddf5c333f71151db2dd4a80e4c39
b6005a8ac35ada7bfc816a964f9af962c0835b041e63466b0a18a42696786b57
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 13:00:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 2648db12984a09f2dec69b7d2047f187
b52d9496452542d8f1127d4b77c27e22107c34a1
1439e26d15f854c1f1ddd1b37e37846107a83eafd38945da4d48709052f638b0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2265
Cache-Control: max-age=138364
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 13:00:47 GMT
Etag: "63d73022-118"
Expires: Wed, 01 Feb 2023 03:26:51 GMT
Last-Modified: Mon, 30 Jan 2023 02:49:06 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 280
thespecialreports.blogspot.com/2023/01/here-which-of-following-statements.html
142.250.74.1200 OK 40 kB URL HTTP/2 thespecialreports.blogspot.com/2023/01/here-which-of-following-statements.html
IP 142.250.74.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (3895)
Hash f18c198a8437cd76365d9bdc740646f6
75854c1fe2fbdb627de97a6055fb96ba5ea35191
b4bd091934099748294575039e32831ef245b19a8d3b429903e35459983a3a84
GET /2023/01/here-which-of-following-statements.html HTTP/1.1
Host: thespecialreports.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
expires: Mon, 30 Jan 2023 13:00:47 GMT
date: Mon, 30 Jan 2023 13:00:47 GMT
cache-control: private, max-age=0
last-modified: Mon, 30 Jan 2023 12:13:36 GMT
etag: W/"985ad70beb586c3b10e85b07b2b0054d9988e9b728628d9f08b7ceb6f4d47c04"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 39944
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 353ac22db73d0d1f6401c9a6dae0af28
266f51bf2f05d8431e9b6ada929b1513167d5411
b8dd1137414d56fdb844922a9cfddf36e06093b863632d40332b3d9cae51f7c5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 13:00:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 75bf326700e29b1b06e57fb96ee2b064
4f979f28905b65637a058cd44be6c25bb51a42e4
385f7a9c4112c4d674264d02229719e7f82e7039e681db8aaa6685ebab2be0c1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 13:00:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdnjs.cloudflare.com/ajax/libs/jquery/3.5.0/jquery.min.js
104.17.24.14200 OK 28 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery/3.5.0/jquery.min.js
IP 104.17.24.14:0
File type ASCII text, with very long lines (65451)
Hash 391678ecd81abb89d767676563d04a0d
ca95c965bf5453f22a77969f650d82cc0495aedc
0688a8577842e3019d1880c5e32bf44ab58a93592218886291e05eb8a1907c7b
GET /ajax/libs/jquery/3.5.0/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://thespecialreports.blogspot.com
Connection: keep-alive
Referer: https://thespecialreports.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 13:00:47 GMT
content-type: application/javascript; charset=utf-8
content-length: 27964
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-15d95"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 4215617
expires: Sat, 20 Jan 2024 13:00:47 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AO5vfv2GUeKXRgQcz6gwWC8n8Yh%2FFDtyVTN0PRvbTtIaD1U4CcilFnNh0qrN2HL9f8gN3d5VG2HcY8Kr6gdwr9Ghl205%2BDGwgpFHLHW%2F2KmR7I7CsLM0NUaC5LJLRel0OxQDURMp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 791a647c2f180afa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.blogger.com/static/v1/widgets/2975350028-css_bundle_v2.css
216.58.207.233200 OK 7.8 kB URL HTTP/2 www.blogger.com/static/v1/widgets/2975350028-css_bundle_v2.css
IP 216.58.207.233:0
File type ASCII text, with very long lines (35959)
Hash 5aa2d3297bdc86bc81322aedecbb5e79
1c0a3c007e41726e167e79b70ddea76198650884
feae1fac625d0f30b5f10fa00b62df1a5600cd2178062c427e55f289b29cc630
GET /static/v1/widgets/2975350028-css_bundle_v2.css HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thespecialreports.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 7776
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 24 Jan 2023 09:41:15 GMT
expires: Wed, 24 Jan 2024 09:41:15 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 23 Jan 2023 12:51:55 GMT
content-type: text/css
age: 530372
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 75bf326700e29b1b06e57fb96ee2b064
4f979f28905b65637a058cd44be6c25bb51a42e4
385f7a9c4112c4d674264d02229719e7f82e7039e681db8aaa6685ebab2be0c1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 13:00:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 75bf326700e29b1b06e57fb96ee2b064
4f979f28905b65637a058cd44be6c25bb51a42e4
385f7a9c4112c4d674264d02229719e7f82e7039e681db8aaa6685ebab2be0c1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 13:00:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.blogger.com/static/v1/jsbin/3469866930-comment_from_post_iframe.js
216.58.207.233200 OK 6.6 kB URL HTTP/2 www.blogger.com/static/v1/jsbin/3469866930-comment_from_post_iframe.js
IP 216.58.207.233:0
File type ASCII text, with very long lines (1441)
Hash f60e5037324bf7fd2256c16929886f09
aae4b1aea3737e0268e3578dd1d0e7cfe6c6d66b
71846da8d45274b77549b110389ab3dbcb8ce042051b5c39547909c1c343dfde
GET /static/v1/jsbin/3469866930-comment_from_post_iframe.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thespecialreports.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 6573
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 24 Jan 2023 15:34:38 GMT
expires: Wed, 24 Jan 2024 15:34:38 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 23 Jan 2023 17:56:07 GMT
content-type: text/javascript
age: 509169
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.blogger.com/static/v1/widgets/1253685842-widgets.js
216.58.207.233200 OK 56 kB URL HTTP/2 www.blogger.com/static/v1/widgets/1253685842-widgets.js
IP 216.58.207.233:0
File type ASCII text, with very long lines (2221)
Hash b329ea3a8875a3cb1fff0b03b148b3f5
97cb465dc452e56a75e6e2caf453aba800719305
71572f07e491477cf2d6925d94658fbd5f054172291071f8675f6a4aec6dcc09
GET /static/v1/widgets/1253685842-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thespecialreports.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 56462
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 30 Jan 2023 01:57:07 GMT
expires: Tue, 30 Jan 2024 01:57:07 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 27 Jan 2023 00:03:44 GMT
content-type: text/javascript
age: 39820
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js
142.250.74.42200 OK 34 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js
IP 142.250.74.42:0
File type ASCII text, with very long lines (32341)
Hash 856f85cc1b07156fa844b44a10c236c2
7cef457c0e1cd0c20f4e699564ea8997f0332021
c61aa9ce7b32f93630abac1a4b27382f9333e0ff69477c9d9099070ae0742b01
GET /ajax/libs/jquery/1.11.0/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thespecialreports.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33576
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 29 Jan 2023 11:05:57 GMT
expires: Mon, 29 Jan 2024 11:05:57 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 93290
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 93e097027f2d53e4c41ac3a4ef1b210c
83cb79e5ced32851d1c3513e4a9ab65bc9a31e93
6bcc8888fed5f48846a37f451d0517dba26cec5cf90d72082a80ab77abf05598
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 13:00:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 353ac22db73d0d1f6401c9a6dae0af28
266f51bf2f05d8431e9b6ada929b1513167d5411
b8dd1137414d56fdb844922a9cfddf36e06093b863632d40332b3d9cae51f7c5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 13:00:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 75bf326700e29b1b06e57fb96ee2b064
4f979f28905b65637a058cd44be6c25bb51a42e4
385f7a9c4112c4d674264d02229719e7f82e7039e681db8aaa6685ebab2be0c1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 13:00:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
apis.google.com/js/platform.js
172.217.21.174200 OK 21 kB URL HTTP/2 apis.google.com/js/platform.js
IP 172.217.21.174:0
File type ASCII text, with very long lines (1429)
Hash 2354fa28c58e16af89e7da6224aeca93
6bd3430a81730ed77c5d53f5406ddb40306ecabd
dc35ae752b7be035bd3a3bd4ae205e41afce5fa8f88e1bfe0e9524610df10f3b
GET /js/platform.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thespecialreports.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 20950
date: Mon, 30 Jan 2023 13:00:47 GMT
expires: Mon, 30 Jan 2023 13:00:47 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "03884666a30c671f"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 75bf326700e29b1b06e57fb96ee2b064
4f979f28905b65637a058cd44be6c25bb51a42e4
385f7a9c4112c4d674264d02229719e7f82e7039e681db8aaa6685ebab2be0c1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 13:00:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 1141ae65ad448fb3438690d5042af728
aa8b236bb1099c9440bfe3e98530939623250c03
e55eeaf5cd454042706c3e2d7d2b0211e91087b430cb5bae6b9e030392f57b4b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 13:00:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash db3290a85d0ba4da27406ae9636aa618
4c69da45eddd66a1e26fce5562fc45eda7005309
19db4d0cc84bff9586883a5fa69c426af0b5fc1c2760ee7c259b0307c8afa6b2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 13:00:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i2.wp.com/doubtnut-static.s.llnwi.net/static/web-thumb/141183969_web.png
192.0.77.2400 Bad Request 520 B URL HTTP/2 i2.wp.com/doubtnut-static.s.llnwi.net/static/web-thumb/141183969_web.png
IP 192.0.77.2:0
Hash 8ca6c4e37b5e4bb4b1888d5c4dd2577d
1c2e19571bb8b62cd38e5697705c9d694738c6e6
108a7466e6c1a7a23ff5f27c6cbd14b3ea44e40ce338201c9c407de66f21a660
GET /doubtnut-static.s.llnwi.net/static/web-thumb/141183969_web.png HTTP/1.1
Host: i2.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thespecialreports.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 400 Bad Request
server: nginx
date: Mon, 30 Jan 2023 13:00:47 GMT
content-type: text/html; charset=utf-8
x-nc: MISS arn 3
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash db3290a85d0ba4da27406ae9636aa618
4c69da45eddd66a1e26fce5562fc45eda7005309
19db4d0cc84bff9586883a5fa69c426af0b5fc1c2760ee7c259b0307c8afa6b2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 13:00:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
142.250.74.35200 OK 13 kB URL HTTP/2 fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 13036, version 1.0\012- data
Hash 0ad032b3d07aaf33b160ac4799dda40f
06b931e0d0bf37f5037d9e66d6feedfddd21c0ba
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
GET /s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://thespecialreports.blogspot.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 13036
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 25 Jan 2023 19:28:49 GMT
expires: Thu, 25 Jan 2024 19:28:49 GMT
cache-control: public, max-age=31536000
age: 408718
last-modified: Wed, 27 Apr 2022 16:04:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
142.250.74.35200 OK 13 kB URL HTTP/2 fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 12924, version 1.0\012- data
Hash 4610010f425c140b99c88b6819ce1c02
a7e839aa0452ceeb6228de7c15062fe82cc6d1c3
7348a2eb48c9a681d6178433394c7037144d85b57ee33a11339d3a33fa1001a4
GET /s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://thespecialreports.blogspot.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12924
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 26 Jan 2023 10:05:58 GMT
expires: Fri, 26 Jan 2024 10:05:58 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 27 Apr 2022 16:02:31 GMT
content-type: font/woff2
age: 356089
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
142.250.74.35200 OK 7.8 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 7816, version 1.0\012- data
Hash 25b0e113ca7cce3770d542736db26368
cb726212d5d525021752a1d8470a0fb593e0c49e
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
GET /s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://thespecialreports.blogspot.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7816
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 24 Jan 2023 02:42:35 GMT
expires: Wed, 24 Jan 2024 02:42:35 GMT
cache-control: public, max-age=31536000
age: 555492
last-modified: Wed, 27 Apr 2022 16:11:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
i2.wp.com/image.slidesharecdn.com/scadd63xqfidq7xov6ah-signature-091447bade647bc70325d98b994f7c3a3901d946a34a4516654ab9d79d1d0b85-poli-141026005448-conversion-gate01/95/questions-of-biochemistry-with-answers-of-all-chapter-60-638.jpg?cb=1414285186
192.0.77.2200 OK 22 kB URL HTTP/2 i2.wp.com/image.slidesharecdn.com/scadd63xqfidq7xov6ah-signature-091447bade647bc70325d98b994f7c3a3901d946a34a4516654ab9d79d1d0b85-poli-141026005448-conversion-gate01/95/questions-of-biochemistry-with-answers-of-all-chapter-60-638.jpg?cb=1414285186
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 638x479, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 79d5cbdaff6d0b8550e05ceee48f308a
1be218f44cad54df9ce2c33fb516c271d18bad64
6a15acb631ff2c9906052bbd29977a1ce74f58becb0ffcca21a9dea2012dd2c0
GET /image.slidesharecdn.com/scadd63xqfidq7xov6ah-signature-091447bade647bc70325d98b994f7c3a3901d946a34a4516654ab9d79d1d0b85-poli-141026005448-conversion-gate01/95/questions-of-biochemistry-with-answers-of-all-chapter-60-638.jpg?cb=1414285186 HTTP/1.1
Host: i2.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thespecialreports.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 13:00:47 GMT
content-type: image/webp
content-length: 22414
last-modified: Mon, 30 Jan 2023 13:00:47 GMT
expires: Thu, 30 Jan 2025 01:00:47 GMT
cache-control: public, max-age=63115200
link: <http://image.slidesharecdn.com/scadd63xqfidq7xov6ah-signature-091447bade647bc70325d98b994f7c3a3901d946a34a4516654ab9d79d1d0b85-poli-141026005448-conversion-gate01/95/questions-of-biochemistry-with-answers-of-all-chapter-60-638.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "c050cba2e512fd4e"
vary: Accept
x-nc: MISS arn 5
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i2.wp.com/image.slidesharecdn.com/enzymesworksheet-100207191638-phpapp02/95/enzymes-worksheet-2-728.jpg?cb=1265579963
192.0.77.2200 OK 38 kB URL HTTP/2 i2.wp.com/image.slidesharecdn.com/enzymesworksheet-100207191638-phpapp02/95/enzymes-worksheet-2-728.jpg?cb=1265579963
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 728x942, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash af35952037de6994b88e6461fc84c58d
4b943e3a20bc6392b3b7a5feced3dda34399a545
b9aa7fabcbd679254f1788e991e5b60e8f239571164ef89f0f94b0fc1c241501
GET /image.slidesharecdn.com/enzymesworksheet-100207191638-phpapp02/95/enzymes-worksheet-2-728.jpg?cb=1265579963 HTTP/1.1
Host: i2.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thespecialreports.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 13:00:47 GMT
content-type: image/webp
content-length: 38332
last-modified: Mon, 30 Jan 2023 13:00:47 GMT
expires: Thu, 30 Jan 2025 01:00:47 GMT
cache-control: public, max-age=63115200
link: <http://image.slidesharecdn.com/enzymesworksheet-100207191638-phpapp02/95/enzymes-worksheet-2-728.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "a4bcc7bb40b503c1"
vary: Accept
x-nc: MISS arn 5
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash db3290a85d0ba4da27406ae9636aa618
4c69da45eddd66a1e26fce5562fc45eda7005309
19db4d0cc84bff9586883a5fa69c426af0b5fc1c2760ee7c259b0307c8afa6b2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 13:00:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i2.wp.com/s3.studylib.net/store/data/008200973_1-c3d8f2bb6ea1ed555001e5ada31ecff9.png
192.0.77.2200 OK 77 kB URL HTTP/2 i2.wp.com/s3.studylib.net/store/data/008200973_1-c3d8f2bb6ea1ed555001e5ada31ecff9.png
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash ed7e5db6fa907e197618988488dd3e92
196cd9a66ae5fb82a56a4011f8721299c02cc2c0
f10f7339dad8cc7faa3d90552e8c1c230388421c07ed5bde34c398e69106df64
GET /s3.studylib.net/store/data/008200973_1-c3d8f2bb6ea1ed555001e5ada31ecff9.png HTTP/1.1
Host: i2.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thespecialreports.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 13:00:47 GMT
content-type: image/webp
content-length: 77386
last-modified: Mon, 30 Jan 2023 13:00:47 GMT
expires: Thu, 30 Jan 2025 01:00:47 GMT
cache-control: public, max-age=63115200
link: <http://s3.studylib.net/store/data/008200973_1-c3d8f2bb6ea1ed555001e5ada31ecff9.png>; rel="canonical"
x-content-type-options: nosniff
etag: "df72fb7391e385b6"
vary: Accept
x-nc: MISS arn 6
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i2.wp.com/s3.studylib.net/store/data/007799753_1-9950387c9658438adda2b03dcfe2ff0c-768x994.png
192.0.77.2200 OK 90 kB URL HTTP/2 i2.wp.com/s3.studylib.net/store/data/007799753_1-9950387c9658438adda2b03dcfe2ff0c-768x994.png
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 5bb1bb66adb654f04f6588e155473525
39ca5da748e79be063763df16e51cece3b67f2b5
e2294caade0ce6723ce5f45e8d648059032e48a0c3488f836c1eb46a9e1dafe2
GET /s3.studylib.net/store/data/007799753_1-9950387c9658438adda2b03dcfe2ff0c-768x994.png HTTP/1.1
Host: i2.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thespecialreports.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 13:00:47 GMT
content-type: image/webp
content-length: 90234
last-modified: Mon, 30 Jan 2023 13:00:47 GMT
expires: Thu, 30 Jan 2025 01:00:47 GMT
cache-control: public, max-age=63115200
link: <http://s3.studylib.net/store/data/007799753_1-9950387c9658438adda2b03dcfe2ff0c-768x994.png>; rel="canonical"
x-content-type-options: nosniff
etag: "6f4c6b1b81ef3623"
vary: Accept
x-nc: MISS arn 5
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i2.wp.com/s3.studylib.net/store/data/006963600_1-c848b73d652009d3262982fcbe7fbe9f.png
192.0.77.2200 OK 54 kB URL HTTP/2 i2.wp.com/s3.studylib.net/store/data/006963600_1-c848b73d652009d3262982fcbe7fbe9f.png
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 656ad18e9dae7ab2b04339acaab21f50
8a34c43f38f34d673bcd3a0bd75adf622f83c3fe
5e5c382d88e986bb830fbe8b4912f05ba7932bce8a2792606c909ed7b5931468
GET /s3.studylib.net/store/data/006963600_1-c848b73d652009d3262982fcbe7fbe9f.png HTTP/1.1
Host: i2.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thespecialreports.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 13:00:47 GMT
content-type: image/webp
content-length: 54280
last-modified: Mon, 30 Jan 2023 13:00:47 GMT
expires: Thu, 30 Jan 2025 01:00:47 GMT
cache-control: public, max-age=63115200
link: <http://s3.studylib.net/store/data/006963600_1-c848b73d652009d3262982fcbe7fbe9f.png>; rel="canonical"
x-content-type-options: nosniff
etag: "bc2d9c6f97f007fc"
vary: Accept
x-nc: MISS arn 4
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i2.wp.com/www.coursehero.com/doc-asset/bg/3ca71d5f7b8a2f182fd676a4d3e8fa9d1203665c/splits/v9/split-2-page-6-html-bg.jpg
192.0.77.2200 OK 5.0 kB URL HTTP/2 i2.wp.com/www.coursehero.com/doc-asset/bg/3ca71d5f7b8a2f182fd676a4d3e8fa9d1203665c/splits/v9/split-2-page-6-html-bg.jpg
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x829, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 7d5babe9fbce66be8facedb8b61036fc
2eb4f8214d42661df7be1df331153e9d5f495585
2d6f2151516a04ca4affe18b2ab61f2f9ea0fdcbfd5c8e562a5ec9559bf3998e
GET /www.coursehero.com/doc-asset/bg/3ca71d5f7b8a2f182fd676a4d3e8fa9d1203665c/splits/v9/split-2-page-6-html-bg.jpg HTTP/1.1
Host: i2.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thespecialreports.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 13:00:47 GMT
content-type: image/webp
content-length: 5042
last-modified: Mon, 30 Jan 2023 13:00:47 GMT
expires: Thu, 30 Jan 2025 01:00:47 GMT
cache-control: public, max-age=63115200
link: <http://www.coursehero.com/doc-asset/bg/3ca71d5f7b8a2f182fd676a4d3e8fa9d1203665c/splits/v9/split-2-page-6-html-bg.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "269b870c580e0111"
vary: Accept
x-nc: MISS arn 1
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i2.wp.com/us-static.z-dn.net/files/dbc/53db4023a4d42ce89ac16b75a41df6b3.png
192.0.77.2200 OK 64 kB URL HTTP/2 i2.wp.com/us-static.z-dn.net/files/dbc/53db4023a4d42ce89ac16b75a41df6b3.png
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1200x1200, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 4c6dd1d417c9e6ff9355b63a87f6d2d0
956482918e70b1b5aa110cd1b53c62accde87b36
9b19e99444faf82febc6f976718ea86406ff9b5904e489b24d9bcfeeb754aaf0
GET /us-static.z-dn.net/files/dbc/53db4023a4d42ce89ac16b75a41df6b3.png HTTP/1.1
Host: i2.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thespecialreports.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 13:00:47 GMT
content-type: image/webp
content-length: 64402
last-modified: Mon, 30 Jan 2023 13:00:47 GMT
expires: Thu, 30 Jan 2025 01:00:47 GMT
cache-control: public, max-age=63115200
link: <http://us-static.z-dn.net/files/dbc/53db4023a4d42ce89ac16b75a41df6b3.png>; rel="canonical"
x-content-type-options: nosniff
etag: "19021245398a6bba"
vary: Accept
x-nc: MISS arn 3
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2736
Expires: Mon, 30 Jan 2023 13:46:23 GMT
Date: Mon, 30 Jan 2023 13:00:47 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2736
Expires: Mon, 30 Jan 2023 13:46:23 GMT
Date: Mon, 30 Jan 2023 13:00:47 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2736
Expires: Mon, 30 Jan 2023 13:46:23 GMT
Date: Mon, 30 Jan 2023 13:00:47 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2736
Expires: Mon, 30 Jan 2023 13:46:23 GMT
Date: Mon, 30 Jan 2023 13:00:47 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df754eb-70f9-4576-ac48-68a6ae719511.jpeg
34.120.237.76200 OK 9.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df754eb-70f9-4576-ac48-68a6ae719511.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 51aa950d5eed7b90cab6632107092edc
e4388ced02e5576867e77547496dec1ac2338ef7
588830e5f725e8e56270565e40f817f2658b0ee7c0425d138e5f65a17ff40483
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df754eb-70f9-4576-ac48-68a6ae719511.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9457
x-amzn-requestid: 7c48e5ca-2128-43da-ba83-fd91568af1ef
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhkBOGHVoAMFQtw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e6d4-1b850ffd543f51f92dec3894;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:36:20 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 3EXFa0gb46AbdZ9ZznGiPTemGZ7zWh9WLs5Yr1zmfyh_jyKA6o7xoA==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 22:19:57 GMT
age: 52850
etag: "e4388ced02e5576867e77547496dec1ac2338ef7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9169e1aa-278a-45ac-a3cb-92421681099d.jpeg
34.120.237.76200 OK 7.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9169e1aa-278a-45ac-a3cb-92421681099d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 01f406ed5d9b17a7aa00015301bddf94
d78e18830fc6cf231f66f95cc0e01520cfeebddf
33245ea764fb634a01ee9657e529a30567588ecbb10fc0e6499aac14cd21fe81
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9169e1aa-278a-45ac-a3cb-92421681099d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7333
x-amzn-requestid: 7563c72f-e40d-4e96-a73f-8aa404ae0b25
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhklyFK8IAMFzMQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e7be-7eb009311701187873f05b20;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:40:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: -npeyE-5ETAaI6cs7oewWxVe4ZUrtmhvCNC4tMWT_3ab3hZ3tw060w==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 21:51:22 GMT
age: 54565
etag: "d78e18830fc6cf231f66f95cc0e01520cfeebddf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3bb7921c-8aaf-40cd-bf87-43903c3f1a74.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3bb7921c-8aaf-40cd-bf87-43903c3f1a74.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3e04b9eaf7449828136ad59e4c9d69f1
b820be4ed885dcf288eb6460c57e1fa7b1c7c476
df75cf7183d401a19655aab025d08ad2c498573c88b32e9b258d951d2993b936
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3bb7921c-8aaf-40cd-bf87-43903c3f1a74.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7679
x-amzn-requestid: 0c7983d5-6040-44e9-b394-21c3784702a2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhkEtEfHoAMFaNA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e6ea-54c55dbd09ca642048af8916;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:36:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: VHh2SQ21xoDoBnGvM2kRiposhXuCE-DdWW1bM35kEykjbHYmhsldVA==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 21:51:22 GMT
age: 54565
etag: "b820be4ed885dcf288eb6460c57e1fa7b1c7c476"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F72e6599c-6a41-4dd2-a346-b15fa84cb20a.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F72e6599c-6a41-4dd2-a346-b15fa84cb20a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 65c02d8a1b0d6a210cb2a649c5c67469
027dbc7a104c922904f067ed15d696c363c11774
89d5443a1d313c632d09a583ef602aa4645a16986076387329f434262d15b0a1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F72e6599c-6a41-4dd2-a346-b15fa84cb20a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10997
x-amzn-requestid: a6fac0ab-1acf-4808-8785-3b4ec5e32edf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhj30FX7IAMFa5w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e698-005109ec2e76529e793678d6;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:35:20 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: skGKI_MWvDwpAbGibUcr8wTlimgoPU9ZYhEHltd3uhdJZ_GoNznVAA==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 22:08:57 GMT
etag: "027dbc7a104c922904f067ed15d696c363c11774"
content-type: image/jpeg
age: 53510
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52796f60-dafe-46ba-9c7a-a08ce5e16c34.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52796f60-dafe-46ba-9c7a-a08ce5e16c34.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fe31ee140c2fd62e616c8a1edc9e78bb
7aa5fbdc8156514770ae620e81f1afef1c77890f
799af4bf9fa07ed27ebdc9d1a3344ee8a2b6529f076c263495b93290c47a1cc4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52796f60-dafe-46ba-9c7a-a08ce5e16c34.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8464
x-amzn-requestid: bf2cf356-ebb1-469b-ba35-a79bb009cad6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhj3qGeboAMFzNw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e697-7c96841f52b6a96d1b0eaf34;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:35:19 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: y6bDvcD7a3-A4DLC3cSdZT-yewV1kkFqcGr7AMuqvUeGA4A0pgF4wQ==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 21:59:27 GMT
age: 54080
etag: "7aa5fbdc8156514770ae620e81f1afef1c77890f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb781854-72d1-4a71-a095-0416f886f570.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb781854-72d1-4a71-a095-0416f886f570.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 131eb343c5abd61939457d69bd371348
ffb2035cf64fc83f01db5c6f26ffa264b6aac95b
8486eb9dc6325018f8721bc6f37408f260b6e652b145280f2d778d860d3ec2d5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb781854-72d1-4a71-a095-0416f886f570.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7538
x-amzn-requestid: 8bec493a-9c81-4cfd-b6e9-66f4f3d55cb7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fOOJQEZSoAMFb1w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cf2a3b-5f0c9f3e4cac1ba26c802050;Sampled=0
x-amzn-remapped-date: Tue, 24 Jan 2023 00:45:47 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: PyA7JoIHpcBuMaoGjSH3XdUZ0PmHYITS4606WbOLHitdOmLbIPpxJQ==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 15:39:26 GMT
age: 76881
etag: "ffb2035cf64fc83f01db5c6f26ffa264b6aac95b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
i2.wp.com/image1.slideserve.com/2065918/slide25-l.jpg
192.0.77.2200 OK 38 kB URL HTTP/2 i2.wp.com/image1.slideserve.com/2065918/slide25-l.jpg
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1024x768, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash ea0fb9c8ea74a85b99baf1f80e4c20df
942e7be91b2f95e403dcfe83fc961d4a6ac942cf
cfa750cad08b09c553f42fe8aedcad35b55c3a46932822ce0f9fa8e02d0543ff
GET /image1.slideserve.com/2065918/slide25-l.jpg HTTP/1.1
Host: i2.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thespecialreports.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 13:00:48 GMT
content-type: image/webp
content-length: 37610
last-modified: Mon, 30 Jan 2023 13:00:48 GMT
expires: Thu, 30 Jan 2025 01:00:48 GMT
cache-control: public, max-age=63115200
link: <http://image1.slideserve.com/2065918/slide25-l.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "0d0493d3ed5e2c78"
vary: Accept
x-nc: MISS arn 2
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i2.wp.com/d2vlcm61l7u1fs.cloudfront.net/media/303/3035fb49-40ae-4eae-9869-74b8110ef68d/phpUSg0CS.png
192.0.77.2200 OK 21 kB URL HTTP/2 i2.wp.com/d2vlcm61l7u1fs.cloudfront.net/media/303/3035fb49-40ae-4eae-9869-74b8110ef68d/phpUSg0CS.png
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 24b0482f8c0c139a0af294fe83b36328
774a746485ca9118b5671b722586eacb0b487c5b
736ee45244701d3e64cef660aaff4dd896c0b752e1a1d57b38b4b2383a306e72
GET /d2vlcm61l7u1fs.cloudfront.net/media/303/3035fb49-40ae-4eae-9869-74b8110ef68d/phpUSg0CS.png HTTP/1.1
Host: i2.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thespecialreports.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 13:00:48 GMT
content-type: image/webp
content-length: 20728
last-modified: Mon, 30 Jan 2023 13:00:48 GMT
expires: Thu, 30 Jan 2025 01:00:48 GMT
cache-control: public, max-age=63115200
link: <http://d2vlcm61l7u1fs.cloudfront.net/media/303/3035fb49-40ae-4eae-9869-74b8110ef68d/phpUSg0CS.png>; rel="canonical"
x-content-type-options: nosniff
etag: "58a42a212ffc93ee"
vary: Accept
x-nc: MISS arn 7
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i2.wp.com/d2vlcm61l7u1fs.cloudfront.net/media/8ff/8ff64f25-40af-45fa-af2c-7ba5ed24d9fd/phpXCkiYK.png
192.0.77.2200 OK 17 kB URL HTTP/2 i2.wp.com/d2vlcm61l7u1fs.cloudfront.net/media/8ff/8ff64f25-40af-45fa-af2c-7ba5ed24d9fd/phpXCkiYK.png
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash a8b5e22efb7fbac5195b790d740a538c
842a01bdd155fcc921a1b46aed1f1d186ca27c74
c08f78885b6085185bfe2b68b15234c474386f47805b30ed934596a3f199f649
GET /d2vlcm61l7u1fs.cloudfront.net/media/8ff/8ff64f25-40af-45fa-af2c-7ba5ed24d9fd/phpXCkiYK.png HTTP/1.1
Host: i2.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thespecialreports.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 13:00:48 GMT
content-type: image/webp
content-length: 16674
last-modified: Mon, 30 Jan 2023 13:00:48 GMT
expires: Thu, 30 Jan 2025 01:00:48 GMT
cache-control: public, max-age=63115200
link: <http://d2vlcm61l7u1fs.cloudfront.net/media/8ff/8ff64f25-40af-45fa-af2c-7ba5ed24d9fd/phpXCkiYK.png>; rel="canonical"
x-content-type-options: nosniff
etag: "a43fc0104561c03c"
vary: Accept
x-nc: MISS arn 2
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i2.wp.com/media.cheggcdn.com/study/17f/17f64cd2-f1a6-4e47-b56f-e51cf696b746/image
192.0.77.2200 OK 29 kB URL HTTP/2 i2.wp.com/media.cheggcdn.com/study/17f/17f64cd2-f1a6-4e47-b56f-e51cf696b746/image
IP 192.0.77.2:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 700x274, components 3\012- data
Hash 614e20434616b9283bddbb958538d547
d0445cabb35c167db3f27d3c737cc96cf924fad0
dd2217af85aacb69fe97cfe577e634bb6a1ea30e2c48aeeb09c348bfd986be67
GET /media.cheggcdn.com/study/17f/17f64cd2-f1a6-4e47-b56f-e51cf696b746/image HTTP/1.1
Host: i2.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thespecialreports.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 13:00:48 GMT
content-type: image/jpeg
content-length: 29166
last-modified: Mon, 30 Jan 2023 13:00:48 GMT
expires: Thu, 30 Jan 2025 01:00:48 GMT
cache-control: public, max-age=63115200
link: <http://media.cheggcdn.com/study/17f/17f64cd2-f1a6-4e47-b56f-e51cf696b746/image>; rel="canonical"
x-content-type-options: nosniff
etag: "78787b2432933f1d"
x-bytes-saved: 2178
vary: Accept
x-nc: MISS arn 1
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i2.wp.com/d1hj4to4g9ba46.cloudfront.net/questions/2084380_1490029_ans_ce1e45d5f9504b57a071a2d05405b284.jpg
192.0.77.2200 OK 40 kB URL HTTP/2 i2.wp.com/d1hj4to4g9ba46.cloudfront.net/questions/2084380_1490029_ans_ce1e45d5f9504b57a071a2d05405b284.jpg
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 2339x685, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 7b391f3d4dd1d1bdf87d1bdd3fdbb09b
f0382512dd9ea36af0d8c51b42d669501b8a8b2b
4e46b841aed35de11bb48d4fdae634cb95c03d9af57d47cb6be9712bbf5241c1
GET /d1hj4to4g9ba46.cloudfront.net/questions/2084380_1490029_ans_ce1e45d5f9504b57a071a2d05405b284.jpg HTTP/1.1
Host: i2.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thespecialreports.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 13:00:48 GMT
content-type: image/webp
content-length: 39944
last-modified: Mon, 30 Jan 2023 13:00:48 GMT
expires: Thu, 30 Jan 2025 01:00:48 GMT
cache-control: public, max-age=63115200
link: <http://d1hj4to4g9ba46.cloudfront.net/questions/2084380_1490029_ans_ce1e45d5f9504b57a071a2d05405b284.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "167b37070003298b"
vary: Accept
x-nc: MISS arn 2
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i2.wp.com/d2vlcm61l7u1fs.cloudfront.net/media/18f/18f014f3-4921-4c69-be4a-6067a92913fa/php5l1vEr.png
192.0.77.2200 OK 24 kB URL HTTP/2 i2.wp.com/d2vlcm61l7u1fs.cloudfront.net/media/18f/18f014f3-4921-4c69-be4a-6067a92913fa/php5l1vEr.png
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash f73742afad8fe43f932a188860c79bcc
86f0ceb832dea8776c86230b8dff510a214b8fb4
f1df2c2f60408ea240d06ddc25915f77d44c3add45882edea50f481e142ec672
GET /d2vlcm61l7u1fs.cloudfront.net/media/18f/18f014f3-4921-4c69-be4a-6067a92913fa/php5l1vEr.png HTTP/1.1
Host: i2.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thespecialreports.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 13:00:48 GMT
content-type: image/webp
content-length: 23600
last-modified: Mon, 30 Jan 2023 13:00:48 GMT
expires: Thu, 30 Jan 2025 01:00:48 GMT
cache-control: public, max-age=63115200
link: <http://d2vlcm61l7u1fs.cloudfront.net/media/18f/18f014f3-4921-4c69-be4a-6067a92913fa/php5l1vEr.png>; rel="canonical"
x-content-type-options: nosniff
etag: "a5e0afd8ce335b66"
vary: Accept
x-nc: MISS arn 2
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i2.wp.com/cdn.numerade.com/ask_images/6e51fe13dd254991ace8544f2890576f.jpg
192.0.77.2200 OK 40 kB URL HTTP/2 i2.wp.com/cdn.numerade.com/ask_images/6e51fe13dd254991ace8544f2890576f.jpg
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 513x700, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 67ca3ab87b8e6383e5bd296e9b9b71e9
eaf7d2ecd1882e46d09c2a249e6e751d40429fee
23b54e8b59346273148723e9b14f67ea37aef0bff82f6c00b24e533313ee1088
GET /cdn.numerade.com/ask_images/6e51fe13dd254991ace8544f2890576f.jpg HTTP/1.1
Host: i2.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thespecialreports.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 13:00:48 GMT
content-type: image/webp
content-length: 40430
last-modified: Mon, 30 Jan 2023 13:00:48 GMT
expires: Thu, 30 Jan 2025 01:00:48 GMT
cache-control: public, max-age=63115200
link: <http://cdn.numerade.com/ask_images/6e51fe13dd254991ace8544f2890576f.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "a2c4c41fadb59e11"
vary: Accept
x-nc: MISS arn 7
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i2.wp.com/media.cheggcdn.com/media/968/9681fa4e-96b2-4daf-a9dd-bd87d0283c56/image
192.0.77.2200 OK 117 kB URL HTTP/2 i2.wp.com/media.cheggcdn.com/media/968/9681fa4e-96b2-4daf-a9dd-bd87d0283c56/image
IP 192.0.77.2:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=2, orientation=upper-left], progressive, precision 8, 525x700, components 3\012- data
Size 117 kB (116933 bytes)
Hash b466df363c5d88297c92bb441b7cbc2f
63829c10c6497178c8a7929d7f3ed2e2bf54ab28
15428a1b5bc1aca3828f0c15bcce637c7720815174d7eb450dcc362d6224924a
GET /media.cheggcdn.com/media/968/9681fa4e-96b2-4daf-a9dd-bd87d0283c56/image HTTP/1.1
Host: i2.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thespecialreports.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 13:00:48 GMT
content-type: image/jpeg
content-length: 116933
last-modified: Mon, 30 Jan 2023 13:00:48 GMT
expires: Thu, 30 Jan 2025 01:00:48 GMT
cache-control: public, max-age=63115200
link: <http://media.cheggcdn.com/media/968/9681fa4e-96b2-4daf-a9dd-bd87d0283c56/image>; rel="canonical"
x-content-type-options: nosniff
etag: "a64412d45bb0bd36"
x-bytes-saved: 11916
vary: Accept
x-nc: MISS arn 2
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i2.wp.com/d2vlcm61l7u1fs.cloudfront.net/media/6ed/6ede29d9-19af-4002-918e-5a87fe005217/phpGkcXOW.png
192.0.77.2200 OK 62 kB URL HTTP/2 i2.wp.com/d2vlcm61l7u1fs.cloudfront.net/media/6ed/6ede29d9-19af-4002-918e-5a87fe005217/phpGkcXOW.png
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 30df7c8f562f3f6f9796d4332896e360
5bc49a6bbdb7c6d09e59eec728ed4d8b0ca2d72d
671ff177dbf340f036606d247de7df0083dea81b8eef9615f524f986fc11167d
GET /d2vlcm61l7u1fs.cloudfront.net/media/6ed/6ede29d9-19af-4002-918e-5a87fe005217/phpGkcXOW.png HTTP/1.1
Host: i2.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thespecialreports.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 13:00:48 GMT
content-type: image/webp
content-length: 61586
last-modified: Mon, 30 Jan 2023 13:00:48 GMT
expires: Thu, 30 Jan 2025 01:00:48 GMT
cache-control: public, max-age=63115200
link: <http://d2vlcm61l7u1fs.cloudfront.net/media/6ed/6ede29d9-19af-4002-918e-5a87fe005217/phpGkcXOW.png>; rel="canonical"
x-content-type-options: nosniff
etag: "f370e90771f3e823"
vary: Accept
x-nc: MISS arn 6
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i2.wp.com/media.cheggcdn.com/media/238/238861b6-0d23-4ac3-af8d-5ab147e61e90/image.png
192.0.77.2200 OK 173 kB URL HTTP/2 i2.wp.com/media.cheggcdn.com/media/238/238861b6-0d23-4ac3-af8d-5ab147e61e90/image.png
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image\012- data
Size 173 kB (173296 bytes)
Hash 19e4cabd4cc39febcf96721bbfd57fc3
9793e22db1a7bed298ba1ec155457c5d55f8f0b3
5317521fbff6e01aa0f7ec16286e1bc16a2ba3032e7952169ba2c3d160d0ad01
GET /media.cheggcdn.com/media/238/238861b6-0d23-4ac3-af8d-5ab147e61e90/image.png HTTP/1.1
Host: i2.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thespecialreports.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 13:00:48 GMT
content-type: image/webp
content-length: 173296
last-modified: Mon, 30 Jan 2023 13:00:48 GMT
expires: Thu, 30 Jan 2025 01:00:48 GMT
cache-control: public, max-age=63115200
link: <http://media.cheggcdn.com/media/238/238861b6-0d23-4ac3-af8d-5ab147e61e90/image.png>; rel="canonical"
x-content-type-options: nosniff
etag: "ef5f42ae1325be87"
vary: Accept
x-nc: MISS arn 4
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i2.wp.com/media.cheggcdn.com/study/4ba/4bad3e4d-49c4-4f04-8f3c-032cbe4e769c/image.png
192.0.77.2200 OK 127 kB URL HTTP/2 i2.wp.com/media.cheggcdn.com/study/4ba/4bad3e4d-49c4-4f04-8f3c-032cbe4e769c/image.png
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image\012- data
Size 127 kB (127076 bytes)
Hash a113d47b4d643275cb12d15b53102cbd
a4d2fb53de60bc13ff447d9aaff9bf76813cc9ca
21331c8c4286632bda2ff4ed959f943c98565490d77750db55c4c8f367cc7c99
GET /media.cheggcdn.com/study/4ba/4bad3e4d-49c4-4f04-8f3c-032cbe4e769c/image.png HTTP/1.1
Host: i2.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thespecialreports.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 13:00:49 GMT
content-type: image/webp
content-length: 127076
last-modified: Mon, 30 Jan 2023 13:00:49 GMT
expires: Thu, 30 Jan 2025 01:00:49 GMT
cache-control: public, max-age=63115200
link: <http://media.cheggcdn.com/study/4ba/4bad3e4d-49c4-4f04-8f3c-032cbe4e769c/image.png>; rel="canonical"
x-content-type-options: nosniff
etag: "5ee0e0cf48ee5b94"
vary: Accept
x-nc: MISS arn 6
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i2.wp.com/media.cheggcdn.com/media/2e0/2e0f2178-edc1-4dc0-b67f-0af0e04e6759/image.png
192.0.77.2200 OK 223 kB URL HTTP/2 i2.wp.com/media.cheggcdn.com/media/2e0/2e0f2178-edc1-4dc0-b67f-0af0e04e6759/image.png
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image\012- data
Size 223 kB (222924 bytes)
Hash 0c5bada907b4463b26c7a3e9d5d936be
2c0ec094150356623f7cdd1ace7973a25f0680f2
8638bf84aee5e1206d7ef2cea63c13f1f10448a59f548fcbf7d9745f969d2852
GET /media.cheggcdn.com/media/2e0/2e0f2178-edc1-4dc0-b67f-0af0e04e6759/image.png HTTP/1.1
Host: i2.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thespecialreports.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 13:00:49 GMT
content-type: image/webp
content-length: 222924
last-modified: Mon, 30 Jan 2023 13:00:49 GMT
expires: Thu, 30 Jan 2025 01:00:49 GMT
cache-control: public, max-age=63115200
link: <http://media.cheggcdn.com/media/2e0/2e0f2178-edc1-4dc0-b67f-0af0e04e6759/image.png>; rel="canonical"
x-content-type-options: nosniff
etag: "37828c5294c83268"
vary: Accept
x-nc: MISS arn 7
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 545350d44508dd501a6b2b83b3ae9140
7b37bd1e31b624d3ff5d096b11dc227af3291782
fa9723eb8a4edc88a480bc5c6a85cbff8ffa8a30d9c58578e66cd0c334d7cbad
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FA9723EB8A4EDC88A480BC5C6A85CBFF8FFA8A30D9C58578E66CD0C334D7CBAD"
Last-Modified: Sat, 28 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10291
Expires: Mon, 30 Jan 2023 15:52:21 GMT
Date: Mon, 30 Jan 2023 13:00:50 GMT
Connection: keep-alive
maggotpolity.com/30890a410d321c8eb0727444a2bd807c/invoke.js
192.243.59.12200 OK 9.8 kB URL HTTP/1.1 maggotpolity.com/30890a410d321c8eb0727444a2bd807c/invoke.js
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (26973), with no line terminators
Hash fadb00e5aa36a46e0b426474cdda98b6
3935662c64da605b5d5e2f58b2bd4d495c5e404c
6269ef5a7ec9515215225a2fc7dac9e6b6d5ede41f517ff989710daaaebf3f91
GET /30890a410d321c8eb0727444a2bd807c/invoke.js HTTP/1.1
Host: maggotpolity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thespecialreports.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Mon, 30 Jan 2023 13:00:50 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 2b438af314ea33fe04dc664df415b875
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2
142.250.74.35200 OK 7.8 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 7840, version 1.0\012- data
Hash 8d91ec1ca2d8b56640a47117e313a3e9
a9e9bafe64666f4595051a0e895b47a5fa39e67e
78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb
GET /s/poppins/v20/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://thespecialreports.blogspot.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7840
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 25 Jan 2023 20:09:33 GMT
expires: Thu, 25 Jan 2024 20:09:33 GMT
cache-control: public, max-age=31536000
age: 406277
last-modified: Wed, 27 Apr 2022 16:51:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
142.250.74.35200 OK 7.9 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 7884, version 1.0\012- data
Hash 9212f6f9860f9fc6c69b02fedf6db8c3
ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
GET /s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://thespecialreports.blogspot.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 30 Jan 2023 04:05:29 GMT
expires: Tue, 30 Jan 2024 04:05:29 GMT
cache-control: public, max-age=31536000
age: 32121
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
maggotpolity.com/330bd1a571a50dbbe00069becfd6e7a1/invoke.js
192.243.59.12200 OK 9.8 kB URL HTTP/1.1 maggotpolity.com/330bd1a571a50dbbe00069becfd6e7a1/invoke.js
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (26973), with no line terminators
Hash fadb00e5aa36a46e0b426474cdda98b6
3935662c64da605b5d5e2f58b2bd4d495c5e404c
6269ef5a7ec9515215225a2fc7dac9e6b6d5ede41f517ff989710daaaebf3f91
GET /330bd1a571a50dbbe00069becfd6e7a1/invoke.js HTTP/1.1
Host: maggotpolity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thespecialreports.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Mon, 30 Jan 2023 13:00:50 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ab47a8d322a6c3bb925171da911d4338
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash 0e90c9d5521358d2754bbad686a2e9c1
013349b8f38535bae1e197d5d96d86d17d5a1ef0
47bb6aa901220aeab3800d1ea88eb456cfe3ea337f12c059d9549fa6bd8064ab
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=92094
Date: Mon, 30 Jan 2023 13:00:50 GMT
Etag: "63d67516-1d7"
Expires: Tue, 31 Jan 2023 14:35:44 GMT
Last-Modified: Sun, 29 Jan 2023 13:31:02 GMT
Server: ECS (nyb/1D35)
X-Cache: Miss from cloudfront
Via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: w0WnCZYvhgTwwHHt1MzB1p_GGIXMvzi8DWlsHiGleBmFK0fiEgcM-w==
Age: 3882
simplewebanalysis.com/stats
3.120.47.42200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 3.120.47.42:0
File type ASCII text, with no line terminators
Hash 4f71812f67ec5bc734b2a2b21192cf0c
75708e3acb1d7fb624356d2f548a819de87a1c1b
2cb890e0d6f8fb0b441b32bfb5d30ad27bde9cad5cb4489716e0e2341f84a046
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://thespecialreports.blogspot.com
Connection: keep-alive
Referer: https://thespecialreports.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 13:00:50 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://thespecialreports.blogspot.com
access-control-allow-credentials: true
set-cookie: uid_id2=690dce3b-bf5a-418e-9e2f-5829e1db3851:2:1; expires=Thu, 27 Jan 2033 13:00:50 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
3.120.47.42200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 3.120.47.42:0
File type ASCII text, with no line terminators
Hash 974334f4ac268cda4289e6b68e9f05e9
3b7e0c6db6dab44c9543face80c5b78cbd367eb3
9b51fdaf13ab79bba9cb338884ef41eb6f04d441a98468588793c8d61c0efb79
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://thespecialreports.blogspot.com
Connection: keep-alive
Referer: https://thespecialreports.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 13:00:50 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://thespecialreports.blogspot.com
access-control-allow-credentials: true
set-cookie: uid_id2=d5d0ac4f-2137-4303-860c-e763293369bf:3:1; expires=Thu, 27 Jan 2033 13:00:50 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
maggotpolity.com/c7cc9bbe583b37fca4b40d77af3687bf/invoke.js
192.243.59.12200 OK 9.8 kB URL HTTP/1.1 maggotpolity.com/c7cc9bbe583b37fca4b40d77af3687bf/invoke.js
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (27005), with no line terminators
Hash 448e24dd77c89cebc43804d80064f47e
2b154140b8ee1b288cffac5f7d843194e55103a4
5c6d8f2f6801d5084a41237755ace25764806ba70b0b8947775e86f7b0c9e5c6
GET /c7cc9bbe583b37fca4b40d77af3687bf/invoke.js HTTP/1.1
Host: maggotpolity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thespecialreports.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Mon, 30 Jan 2023 13:00:50 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: b6de9a46255c4c25c451da448a7f8f0d
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 1141ae65ad448fb3438690d5042af728
aa8b236bb1099c9440bfe3e98530939623250c03
e55eeaf5cd454042706c3e2d7d2b0211e91087b430cb5bae6b9e030392f57b4b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 13:00:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 1141ae65ad448fb3438690d5042af728
aa8b236bb1099c9440bfe3e98530939623250c03
e55eeaf5cd454042706c3e2d7d2b0211e91087b430cb5bae6b9e030392f57b4b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 13:00:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash b67335a8e235eacf68e4b7f98cc5dc40
887a9b34cf2ba9371bbe8c93e362c174668cf812
1ad2f6328af6d819acd85f4e4646afcafd945e17e555d5eeb54244db83cd48fa
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 13:00:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
simplewebanalysis.com/stats
3.120.47.42200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 3.120.47.42:0
File type ASCII text, with no line terminators
Hash 974334f4ac268cda4289e6b68e9f05e9
3b7e0c6db6dab44c9543face80c5b78cbd367eb3
9b51fdaf13ab79bba9cb338884ef41eb6f04d441a98468588793c8d61c0efb79
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://thespecialreports.blogspot.com
Connection: keep-alive
Referer: https://thespecialreports.blogspot.com/
Cookie: uid_id2=d5d0ac4f-2137-4303-860c-e763293369bf:3:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 13:00:51 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://thespecialreports.blogspot.com
access-control-allow-credentials: true
X-Firefox-Spdy: h2
play.google.com/log?format=json&hasfast=true&authuser=0
142.250.74.14200 OK 0 B URL HTTP/2 play.google.com/log?format=json&hasfast=true&authuser=0
IP 142.250.74.14:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Referer: https://www.blogger.com/
Origin: https://www.blogger.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.blogger.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Mon, 30 Jan 2023 13:00:51 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: CONSENT=PENDING+238; expires=Wed, 29-Jan-2025 13:00:51 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 30 Jan 2023 13:00:51 GMT
cache-control: private
X-Firefox-Spdy: h2
www.google.com/recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu
216.58.207.228200 OK 668 B URL HTTP/2 www.google.com/recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu
IP 216.58.207.228:0
File type ASCII text, with very long lines (1034), with no line terminators
Hash dc0970ee345b90a14d79327dc20bf48c
ef64af0b9aa38731125da81bbd3aa5247d30da7d
37b0c4b55ed83ab6e05003db8b0c4814ea0f92100727929af3407e535d1c8a10
GET /recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Mon, 30 Jan 2023 13:00:51 GMT
date: Mon, 30 Jan 2023 13:00:51 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 668
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
play.google.com/log?format=json&hasfast=true&authuser=0
142.250.74.14200 OK 131 B URL HTTP/2 play.google.com/log?format=json&hasfast=true&authuser=0
IP 142.250.74.14:0
File type JSON data\012- , ASCII text, with no line terminators
Hash babb6f090aeebc6f421624475b4aefff
06079b7547949822c118224e51604f4c5ebf80c8
b2fe8b91f31edc7284cc9690e90dd4a38d985598374df68967d917590beb55dd
POST /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
X-Goog-AuthUser: 0
Content-Type: application/x-www-form-urlencoded;charset=utf-8
Content-Length: 2975
Origin: https://www.blogger.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.blogger.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web
content-type: text/plain; charset=UTF-8
content-encoding: gzip
date: Mon, 30 Jan 2023 13:00:51 GMT
server: Playlog
cache-control: private
content-length: 131
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: CONSENT=PENDING+976; expires=Wed, 29-Jan-2025 13:00:51 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 30 Jan 2023 13:00:51 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash e9eba61fbe87bc53d60d0fdd1ba6adb4
8dbb3dfacfaad4ce0fd3a355790cb9b245e01e07
9c0233792f873315e75ce5396d1a210f2df665db23ab858a0724f66bbb4528e7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 13:00:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pagead2.googlesyndication.com/pagead/js/google_top_exp.js
142.250.74.162200 OK 42 B URL HTTP/2 pagead2.googlesyndication.com/pagead/js/google_top_exp.js
IP 142.250.74.162:0
Hash d0360ff032091f5b24fb22cdc84a6890
76140dbc7eb007f3ec7995d88e7491ebebcf159c
29ea95cbc925c4afd08a2d36d812406c2a0172e0bb2703fce7a76749667472d7
GET /pagead/js/google_top_exp.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thespecialreports.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 42
x-xss-protection: 0
date: Mon, 30 Jan 2023 03:25:13 GMT
expires: Mon, 13 Feb 2023 03:25:13 GMT
cache-control: public, max-age=1209600
age: 34538
etag: 13036835877489095579
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash e9eba61fbe87bc53d60d0fdd1ba6adb4
8dbb3dfacfaad4ce0fd3a355790cb9b245e01e07
9c0233792f873315e75ce5396d1a210f2df665db23ab858a0724f66bbb4528e7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 13:00:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash c239475b53a2314c43c5922ef55e73f8
e30168fe4daa7e6ebe19591863e7175bf9ad784d
2f985a21771f800b54258c8b1e70a38c9249ef7b9bf2ec61e01d5717c2e204d4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6529
Cache-Control: max-age=135438
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 13:00:51 GMT
Etag: "63d71410-1d7"
Expires: Wed, 01 Feb 2023 02:38:09 GMT
Last-Modified: Mon, 30 Jan 2023 00:49:20 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash d9e7028883da0be37fa509c335d6a12b
d54b7637e3e5181d65c831283d2caf40c76c6fff
7ddc3cd14856bcfb93af95eacd467348f00790bdd19e13a5da8d246141ece38f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7DDC3CD14856BCFB93AF95EACD467348F00790BDD19E13A5DA8D246141ECE38F"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2550
Expires: Mon, 30 Jan 2023 13:43:21 GMT
Date: Mon, 30 Jan 2023 13:00:51 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash c239475b53a2314c43c5922ef55e73f8
e30168fe4daa7e6ebe19591863e7175bf9ad784d
2f985a21771f800b54258c8b1e70a38c9249ef7b9bf2ec61e01d5717c2e204d4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6529
Cache-Control: max-age=135438
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 13:00:51 GMT
Etag: "63d71410-1d7"
Expires: Wed, 01 Feb 2023 02:38:09 GMT
Last-Modified: Mon, 30 Jan 2023 00:49:20 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
connect.facebook.net/en_US/sdk.js
157.240.205.11200 OK 1.7 kB URL HTTP/2 connect.facebook.net/en_US/sdk.js
IP 157.240.205.11:0
File type ASCII text, with very long lines (1957)
Hash e37585a8ae8cceea743b83c6fed8f567
63893656088410c13a7ef110c5e7130ada96d6bc
ac719f3505d61b9c80a17b010f7cf6f560819f3257bcd21fac9ea002e26dd986
GET /en_US/sdk.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thespecialreports.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 250e5d1f401ebde59aa16b0473f32029
etag: "dd18f037f7ec38253b9265d03cdce640"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Mon, 30 Jan 2023 13:04:40 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: 43WFqK6Mzup0O4PG/tj1Zw==
x-fb-debug: F26cr09TI1xvFGQ711Q2HJZIiO0J6t8z62KfjCQvgbfuF4QLjFkTte07JS9bZliKfUuck225tZdOMrhm+4DpIQ==
priority: u=3,i
content-length: 1687
x-fb-trip-id: 1679558926
date: Mon, 30 Jan 2023 13:00:51 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
connect.facebook.net/en_US/all.js
157.240.205.11200 OK 1.7 kB URL HTTP/2 connect.facebook.net/en_US/all.js
IP 157.240.205.11:0
File type ASCII text, with very long lines (1957)
Hash b213ed77fbc7c26256f0a9876311c38e
512e5c01c49846ae9bca53b79d30c00f91003879
6dc655ae897d73a912401d842db73b4bdd3132ef72e36b50a0d64b34f32826e7
GET /en_US/all.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thespecialreports.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: add3da38b37b33b93386923bcdf6cde3
etag: "957688d25d7e22193a287f2d8aedb984"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Mon, 30 Jan 2023 13:19:16 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: shPtd/vHwmJW8KmHYxHDjg==
x-fb-debug: O3j0tRT+KUXGDBzbljw5EKgr9L+UQZhyvRm+iRGkix4AFTu96RNvm03N58LjN/1FRbJ89BFs+/3mn1NTYvKfVA==
content-length: 1687
x-fb-trip-id: 1679558926
date: Mon, 30 Jan 2023 13:00:51 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
i2.wp.com/doubtnut-static.s.llnwi.net/static/web-thumb/141183969_web.png
192.0.77.2400 Bad Request 21 kB URL HTTP/2 i2.wp.com/doubtnut-static.s.llnwi.net/static/web-thumb/141183969_web.png
IP 192.0.77.2:0
Hash a2c557e292b0268659dd33b100c84e9e
fa20b556ebb5fcf06ed5f8d9b7fe2afdab444b67
63ecd58dcec7ee41415476e0b1730d821abe9683db4ed01f9c46d969a0133b03
GET /doubtnut-static.s.llnwi.net/static/web-thumb/141183969_web.png HTTP/1.1
Host: i2.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thespecialreports.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 400 Bad Request
server: nginx
date: Mon, 30 Jan 2023 13:00:50 GMT
content-type: text/html; charset=utf-8
x-nc: HIT arn 3
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash c239475b53a2314c43c5922ef55e73f8
e30168fe4daa7e6ebe19591863e7175bf9ad784d
2f985a21771f800b54258c8b1e70a38c9249ef7b9bf2ec61e01d5717c2e204d4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6529
Cache-Control: max-age=135438
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 13:00:51 GMT
Etag: "63d71410-1d7"
Expires: Wed, 01 Feb 2023 02:38:09 GMT
Last-Modified: Mon, 30 Jan 2023 00:49:20 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 98988bf41d6e5621fe9fa4b297e6930d
0a68688e2c01871e50f8a00de4e3f898d00b3b0c
3e4c5b82b3defb517e4843aed4fcea094a354a2c6a4576bead832cb5bf6cde2c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3E4C5B82B3DEFB517E4843AED4FCEA094A354A2C6A4576BEAD832CB5BF6CDE2C"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8414
Expires: Mon, 30 Jan 2023 15:21:05 GMT
Date: Mon, 30 Jan 2023 13:00:51 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 98988bf41d6e5621fe9fa4b297e6930d
0a68688e2c01871e50f8a00de4e3f898d00b3b0c
3e4c5b82b3defb517e4843aed4fcea094a354a2c6a4576bead832cb5bf6cde2c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3E4C5B82B3DEFB517E4843AED4FCEA094A354A2C6A4576BEAD832CB5BF6CDE2C"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Mon, 30 Jan 2023 19:00:51 GMT
Date: Mon, 30 Jan 2023 13:00:51 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 98988bf41d6e5621fe9fa4b297e6930d
0a68688e2c01871e50f8a00de4e3f898d00b3b0c
3e4c5b82b3defb517e4843aed4fcea094a354a2c6a4576bead832cb5bf6cde2c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3E4C5B82B3DEFB517E4843AED4FCEA094A354A2C6A4576BEAD832CB5BF6CDE2C"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Mon, 30 Jan 2023 19:00:51 GMT
Date: Mon, 30 Jan 2023 13:00:51 GMT
Connection: keep-alive
connect.facebook.net/en_US/sdk.js?hash=f58548aef19ef7652d239182ddbc9996
157.240.205.11200 OK 88 kB URL HTTP/2 connect.facebook.net/en_US/sdk.js?hash=f58548aef19ef7652d239182ddbc9996
IP 157.240.205.11:0
File type ASCII text, with very long lines (18530)
Hash 852bec1399a1b2a775f6613b8ed2d724
5131e717914769282f8f4fc26d7590f959fb193b
d2147a1738083910e067ce41a104b557e4c7b49a0689628e4aafae3a8efc7f7f
GET /en_US/sdk.js?hash=f58548aef19ef7652d239182ddbc9996 HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://thespecialreports.blogspot.com
Connection: keep-alive
Referer: https://thespecialreports.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: da0fc60608a50a116092a01803fb67a3
etag: "60db35edf1a6415237fe967820c8439f"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Tue, 30 Jan 2024 11:30:04 GMT
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
origin-agent-cluster: ?0
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: hSvsE5mhsqd19mE7jtLXJA==
x-fb-debug: 4Uj0X9cjj5Ezgxd5Z2fOQqMf5jmj2KCsoHPfklMeKs5mQvzhnWNbIpa8m1KeqPKxjBS5xbAhXmn5SAQ0BNscqw==
priority: u=3,i
content-length: 88413
x-fb-trip-id: 1679558926
date: Mon, 30 Jan 2023 13:00:51 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.profitabledisplaycontent.com/watch.748003214364.js?key=c7cc9bbe583b37fca4b40d77af3687bf&kw=%5B%22here%22%2C%22which%22%2C%22of%22%2C%22the%22%2C%22following%22%2C%22statements%22%2C%22about%22%2C%22enzymes%22%2C%22is%22%2C%22true%22%2C%22ideas%22%2C%22-%22%2C%22special%22%2C%22report%22%5D&refer=https%3A%2F%2Fthespecialreports.blogspot.com%2F2023%2F01%2Fhere-which-of-following-statements.html&tz=0&dev=e&res=12.1055&uuid=d5d0ac4f-2137-4303-860c-e763293369bf%3A3%3A1
192.243.61.225307 Temporary Redirect 0 B URL HTTP/1.1 www.profitabledisplaycontent.com/watch.748003214364.js?key=c7cc9bbe583b37fca4b40d77af3687bf&kw=%5B%22here%22%2C%22which%22%2C%22of%22%2C%22the%22%2C%22following%22%2C%22statements%22%2C%22about%22%2C%22enzymes%22%2C%22is%22%2C%22true%22%2C%22ideas%22%2C%22-%22%2C%22special%22%2C%22report%22%5D&refer=https%3A%2F%2Fthespecialreports.blogspot.com%2F2023%2F01%2Fhere-which-of-following-statements.html&tz=0&dev=e&res=12.1055&uuid=d5d0ac4f-2137-4303-860c-e763293369bf%3A3%3A1
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /watch.748003214364.js?key=c7cc9bbe583b37fca4b40d77af3687bf&kw=%5B%22here%22%2C%22which%22%2C%22of%22%2C%22the%22%2C%22following%22%2C%22statements%22%2C%22about%22%2C%22enzymes%22%2C%22is%22%2C%22true%22%2C%22ideas%22%2C%22-%22%2C%22special%22%2C%22report%22%5D&refer=https%3A%2F%2Fthespecialreports.blogspot.com%2F2023%2F01%2Fhere-which-of-following-statements.html&tz=0&dev=e&res=12.1055&uuid=d5d0ac4f-2137-4303-860c-e763293369bf%3A3%3A1 HTTP/1.1
Host: www.profitabledisplaycontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://thespecialreports.blogspot.com
Connection: keep-alive
Referer: https://thespecialreports.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Mon, 30 Jan 2023 13:00:51 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://thespecialreports.blogspot.com
Access-Control-Allow-Origin: https://thespecialreports.blogspot.com
Access-Control-Allow-Credentials: true
Location: https://www.profitabledisplaycontent.com/watch.748003214364.js?key=c7cc9bbe583b37fca4b40d77af3687bf&kw=%5B%22here%22%2C%22which%22%2C%22of%22%2C%22the%22%2C%22following%22%2C%22statements%22%2C%22about%22%2C%22enzymes%22%2C%22is%22%2C%22true%22%2C%22ideas%22%2C%22-%22%2C%22special%22%2C%22report%22%5D&refer=https%3A%2F%2Fthespecialreports.blogspot.com%2F2023%2F01%2Fhere-which-of-following-statements.html&tz=0&dev=e&res=12.1055&uuid=d5d0ac4f-2137-4303-860c-e763293369bf%3A3%3A1&shu=04db4a4072cea16b6d44e021c28e8517d4fa97888e4682396e53df540c4ce7a19049a9b9727f82a8ce2e543e1c2b8f36a0f4d9513feba4c482ad030768bd4e61573c7108ff5961cb7c1fc4d5b6b82bc08c6f11a61bfe18edb5990646b8f3dc7172&pst=1675083711&rmtc=t
Set-Cookie: u_pl=14220896; expires=Tue, 31 Jan 2023 13:00:51 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNDIyMDg5NiwiayI6ImM3Y2M5YmJlNTgzYjM3ZmNhNGI0MGQ3N2FmMzY4N2JmIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo3MTAxNSwicGlkIjo2MDk2MCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyMSwiYWlkIjo1LCJwdCI6NCwicGsiOiJ1eTNiOXlzYiIsImNwa3MiOnsgIjI4IjoiZjE3ODY4Y2YzODgwMzkyZGVjMDZhMDRiZDEwYjBjMDkiLCI0NiI6IjljODkwZTY4NTVmMTZhYzkyZjc3ODk4NzllMjI0YWM0In0sInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL3RoZXNwZWNpYWxyZXBvcnRzLmJsb2dzcG90LmNvbS8yMDIzLzAxL2hlcmUtd2hpY2gtb2YtZm9sbG93aW5nLXN0YXRlbWVudHMuaHRtbCJ9fQ.EHCvcO0xvL3XAqSBbVwvotFzjgOMZm5FKzEwroSUSPY; expires=Mon, 30 Jan 2023 13:01:51 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 247263fa979bb6ae3ef352ec11fe07bf
Strict-Transport-Security: max-age=0; includeSubdomains
www.profitabledisplaycontent.com/watch.767641484955.js?key=330bd1a571a50dbbe00069becfd6e7a1&kw=%5B%22here%22%2C%22which%22%2C%22of%22%2C%22the%22%2C%22following%22%2C%22statements%22%2C%22about%22%2C%22enzymes%22%2C%22is%22%2C%22true%22%2C%22ideas%22%2C%22-%22%2C%22special%22%2C%22report%22%5D&refer=https%3A%2F%2Fthespecialreports.blogspot.com%2F2023%2F01%2Fhere-which-of-following-statements.html&tz=0&dev=e&res=12.1055&uuid=d5d0ac4f-2137-4303-860c-e763293369bf%3A3%3A1
192.243.61.225307 Temporary Redirect 0 B URL HTTP/1.1 www.profitabledisplaycontent.com/watch.767641484955.js?key=330bd1a571a50dbbe00069becfd6e7a1&kw=%5B%22here%22%2C%22which%22%2C%22of%22%2C%22the%22%2C%22following%22%2C%22statements%22%2C%22about%22%2C%22enzymes%22%2C%22is%22%2C%22true%22%2C%22ideas%22%2C%22-%22%2C%22special%22%2C%22report%22%5D&refer=https%3A%2F%2Fthespecialreports.blogspot.com%2F2023%2F01%2Fhere-which-of-following-statements.html&tz=0&dev=e&res=12.1055&uuid=d5d0ac4f-2137-4303-860c-e763293369bf%3A3%3A1
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /watch.767641484955.js?key=330bd1a571a50dbbe00069becfd6e7a1&kw=%5B%22here%22%2C%22which%22%2C%22of%22%2C%22the%22%2C%22following%22%2C%22statements%22%2C%22about%22%2C%22enzymes%22%2C%22is%22%2C%22true%22%2C%22ideas%22%2C%22-%22%2C%22special%22%2C%22report%22%5D&refer=https%3A%2F%2Fthespecialreports.blogspot.com%2F2023%2F01%2Fhere-which-of-following-statements.html&tz=0&dev=e&res=12.1055&uuid=d5d0ac4f-2137-4303-860c-e763293369bf%3A3%3A1 HTTP/1.1
Host: www.profitabledisplaycontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://thespecialreports.blogspot.com
Connection: keep-alive
Referer: https://thespecialreports.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Mon, 30 Jan 2023 13:00:51 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://thespecialreports.blogspot.com
Access-Control-Allow-Origin: https://thespecialreports.blogspot.com
Access-Control-Allow-Credentials: true
Location: https://www.profitabledisplaycontent.com/watch.767641484955.js?key=330bd1a571a50dbbe00069becfd6e7a1&kw=%5B%22here%22%2C%22which%22%2C%22of%22%2C%22the%22%2C%22following%22%2C%22statements%22%2C%22about%22%2C%22enzymes%22%2C%22is%22%2C%22true%22%2C%22ideas%22%2C%22-%22%2C%22special%22%2C%22report%22%5D&refer=https%3A%2F%2Fthespecialreports.blogspot.com%2F2023%2F01%2Fhere-which-of-following-statements.html&tz=0&dev=e&res=12.1055&uuid=d5d0ac4f-2137-4303-860c-e763293369bf%3A3%3A1&shu=89af1cc9c7f5c206c9cc57d92f7ad8ac858d449f37d2d678e82ebc46592472c18db6c77f5f5030e8720a0a41c9b69651ac5f15c4a563ec400c8c6d43208798db267e38a1ee2e2ff08edbf75f8442eed8cb9c025c&pst=1675083711&rmtc=t
Set-Cookie: u_pl=14220898; expires=Tue, 31 Jan 2023 13:00:51 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNDIyMDg5OCwiayI6IjMzMGJkMWE1NzFhNTBkYmJlMDAwNjliZWNmZDZlN2ExIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo3MTAxNSwicGlkIjo2MDk2MCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyMSwiYWlkIjoyNSwicHQiOjQsInBrIjoidXkzYjl5c2IiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly90aGVzcGVjaWFscmVwb3J0cy5ibG9nc3BvdC5jb20vMjAyMy8wMS9oZXJlLXdoaWNoLW9mLWZvbGxvd2luZy1zdGF0ZW1lbnRzLmh0bWwifX0.89vjhxmprTbQqp5-yRjFiOVrZ1wY_tXZqQZ9PC-O6rI; expires=Mon, 30 Jan 2023 13:01:51 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 14be85b3cb7e733cd4e38fabcf0a7195
Strict-Transport-Security: max-age=0; includeSubdomains
www.profitabledisplaycontent.com/watch.484013344830.js?key=30890a410d321c8eb0727444a2bd807c&kw=%5B%22here%22%2C%22which%22%2C%22of%22%2C%22the%22%2C%22following%22%2C%22statements%22%2C%22about%22%2C%22enzymes%22%2C%22is%22%2C%22true%22%2C%22ideas%22%2C%22-%22%2C%22special%22%2C%22report%22%5D&refer=https%3A%2F%2Fthespecialreports.blogspot.com%2F2023%2F01%2Fhere-which-of-following-statements.html&tz=0&dev=e&res=12.1055&uuid=690dce3b-bf5a-418e-9e2f-5829e1db3851%3A2%3A1
192.243.61.225307 Temporary Redirect 0 B URL HTTP/1.1 www.profitabledisplaycontent.com/watch.484013344830.js?key=30890a410d321c8eb0727444a2bd807c&kw=%5B%22here%22%2C%22which%22%2C%22of%22%2C%22the%22%2C%22following%22%2C%22statements%22%2C%22about%22%2C%22enzymes%22%2C%22is%22%2C%22true%22%2C%22ideas%22%2C%22-%22%2C%22special%22%2C%22report%22%5D&refer=https%3A%2F%2Fthespecialreports.blogspot.com%2F2023%2F01%2Fhere-which-of-following-statements.html&tz=0&dev=e&res=12.1055&uuid=690dce3b-bf5a-418e-9e2f-5829e1db3851%3A2%3A1
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /watch.484013344830.js?key=30890a410d321c8eb0727444a2bd807c&kw=%5B%22here%22%2C%22which%22%2C%22of%22%2C%22the%22%2C%22following%22%2C%22statements%22%2C%22about%22%2C%22enzymes%22%2C%22is%22%2C%22true%22%2C%22ideas%22%2C%22-%22%2C%22special%22%2C%22report%22%5D&refer=https%3A%2F%2Fthespecialreports.blogspot.com%2F2023%2F01%2Fhere-which-of-following-statements.html&tz=0&dev=e&res=12.1055&uuid=690dce3b-bf5a-418e-9e2f-5829e1db3851%3A2%3A1 HTTP/1.1
Host: www.profitabledisplaycontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://thespecialreports.blogspot.com
Connection: keep-alive
Referer: https://thespecialreports.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Mon, 30 Jan 2023 13:00:51 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://thespecialreports.blogspot.com
Access-Control-Allow-Origin: https://thespecialreports.blogspot.com
Access-Control-Allow-Credentials: true
Location: https://www.profitabledisplaycontent.com/watch.484013344830.js?key=30890a410d321c8eb0727444a2bd807c&kw=%5B%22here%22%2C%22which%22%2C%22of%22%2C%22the%22%2C%22following%22%2C%22statements%22%2C%22about%22%2C%22enzymes%22%2C%22is%22%2C%22true%22%2C%22ideas%22%2C%22-%22%2C%22special%22%2C%22report%22%5D&refer=https%3A%2F%2Fthespecialreports.blogspot.com%2F2023%2F01%2Fhere-which-of-following-statements.html&tz=0&dev=e&res=12.1055&uuid=690dce3b-bf5a-418e-9e2f-5829e1db3851%3A2%3A1&shu=94b154ca76ca631be4c49074e050aa172a81ab38d522df53774cabe37eceb1aae3a092b163fc4cb477f44b2c96bc44474be15c360111d9314d1a6d4e6ecfef57f9c757e33bf14d0b1aac10dbae9ebc682d618e10&pst=1675083711&rmtc=t
Set-Cookie: u_pl=14220897; expires=Tue, 31 Jan 2023 13:00:51 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNDIyMDg5NywiayI6IjMwODkwYTQxMGQzMjFjOGViMDcyNzQ0NGEyYmQ4MDdjIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo3MTAxNSwicGlkIjo2MDk2MCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyMSwiYWlkIjoyMywicHQiOjQsInBrIjoidXkzYjl5c2IiLCJjcGtzIjp7ICI0NyI6IjQwMzUzNjJkYzg0Mzg0OTI3ZWYxYTA2ZjRkMTZhZTg5In0sInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL3RoZXNwZWNpYWxyZXBvcnRzLmJsb2dzcG90LmNvbS8yMDIzLzAxL2hlcmUtd2hpY2gtb2YtZm9sbG93aW5nLXN0YXRlbWVudHMuaHRtbCJ9fQ.vtGvs7CZrJlLWoVYMCWRWheLbYOTbvFGFfjg3IYITu4; expires=Mon, 30 Jan 2023 13:01:51 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a8b99364bc01727490df915b1cbc5127
Strict-Transport-Security: max-age=0; includeSubdomains
www.profitabledisplaycontent.com/watch.748003214364.js?key=c7cc9bbe583b37fca4b40d77af3687bf&kw=%5B%22here%22%2C%22which%22%2C%22of%22%2C%22the%22%2C%22following%22%2C%22statements%22%2C%22about%22%2C%22enzymes%22%2C%22is%22%2C%22true%22%2C%22ideas%22%2C%22-%22%2C%22special%22%2C%22report%22%5D&refer=https%3A%2F%2Fthespecialreports.blogspot.com%2F2023%2F01%2Fhere-which-of-following-statements.html&tz=0&dev=e&res=12.1055&uuid=d5d0ac4f-2137-4303-860c-e763293369bf%3A3%3A1&shu=04db4a4072cea16b6d44e021c28e8517d4fa97888e4682396e53df540c4ce7a19049a9b9727f82a8ce2e543e1c2b8f36a0f4d9513feba4c482ad030768bd4e61573c7108ff5961cb7c1fc4d5b6b82bc08c6f11a61bfe18edb5990646b8f3dc7172&pst=1675083711&rmtc=t
192.243.61.225200 OK 636 B URL HTTP/1.1 www.profitabledisplaycontent.com/watch.748003214364.js?key=c7cc9bbe583b37fca4b40d77af3687bf&kw=%5B%22here%22%2C%22which%22%2C%22of%22%2C%22the%22%2C%22following%22%2C%22statements%22%2C%22about%22%2C%22enzymes%22%2C%22is%22%2C%22true%22%2C%22ideas%22%2C%22-%22%2C%22special%22%2C%22report%22%5D&refer=https%3A%2F%2Fthespecialreports.blogspot.com%2F2023%2F01%2Fhere-which-of-following-statements.html&tz=0&dev=e&res=12.1055&uuid=d5d0ac4f-2137-4303-860c-e763293369bf%3A3%3A1&shu=04db4a4072cea16b6d44e021c28e8517d4fa97888e4682396e53df540c4ce7a19049a9b9727f82a8ce2e543e1c2b8f36a0f4d9513feba4c482ad030768bd4e61573c7108ff5961cb7c1fc4d5b6b82bc08c6f11a61bfe18edb5990646b8f3dc7172&pst=1675083711&rmtc=t
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document, ASCII text, with very long lines (582)
Hash 08f18030945b0e922f4e85d181f86388
da9a12922478d9a76d79d536b985c792bda3340f
e2d983574454aea3ed2432b34aebb043186afe26b679161bd7310ebea72f76cd
GET /watch.748003214364.js?key=c7cc9bbe583b37fca4b40d77af3687bf&kw=%5B%22here%22%2C%22which%22%2C%22of%22%2C%22the%22%2C%22following%22%2C%22statements%22%2C%22about%22%2C%22enzymes%22%2C%22is%22%2C%22true%22%2C%22ideas%22%2C%22-%22%2C%22special%22%2C%22report%22%5D&refer=https%3A%2F%2Fthespecialreports.blogspot.com%2F2023%2F01%2Fhere-which-of-following-statements.html&tz=0&dev=e&res=12.1055&uuid=d5d0ac4f-2137-4303-860c-e763293369bf%3A3%3A1&shu=04db4a4072cea16b6d44e021c28e8517d4fa97888e4682396e53df540c4ce7a19049a9b9727f82a8ce2e543e1c2b8f36a0f4d9513feba4c482ad030768bd4e61573c7108ff5961cb7c1fc4d5b6b82bc08c6f11a61bfe18edb5990646b8f3dc7172&pst=1675083711&rmtc=t HTTP/1.1
Host: www.profitabledisplaycontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://thespecialreports.blogspot.com
Referer: https://thespecialreports.blogspot.com/
Connection: keep-alive
Cookie: u_pl=14220898; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNDIyMDg5OCwiayI6IjMzMGJkMWE1NzFhNTBkYmJlMDAwNjliZWNmZDZlN2ExIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo3MTAxNSwicGlkIjo2MDk2MCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyMSwiYWlkIjoyNSwicHQiOjQsInBrIjoidXkzYjl5c2IiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly90aGVzcGVjaWFscmVwb3J0cy5ibG9nc3BvdC5jb20vMjAyMy8wMS9oZXJlLXdoaWNoLW9mLWZvbGxvd2luZy1zdGF0ZW1lbnRzLmh0bWwifX0.89vjhxmprTbQqp5-yRjFiOVrZ1wY_tXZqQZ9PC-O6rI
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 30 Jan 2023 13:00:52 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://thespecialreports.blogspot.com
Access-Control-Allow-Origin: https://thespecialreports.blogspot.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=14220898,14220896; expires=Tue, 31 Jan 2023 13:00:52 GMT; secure; SameSite=None
uid_id2=d5d0ac4f-2137-4303-860c-e763293369bf:3:1; expires=Mon, 06 Feb 2023 13:00:52 GMT; secure; SameSite=None
iprc7d0fd9b8a28a5be902a2d4f54f8bbfc9=2717340; expires=Tue, 31 Jan 2023 15:00:52 GMT; secure; SameSite=None
pdhtkv=true; expires=Tue, 31 Jan 2023 13:00:52 GMT; secure; SameSite=None
uncs=1; expires=Tue, 31 Jan 2023 13:00:52 GMT; secure; SameSite=None
pdhtkv5=true; expires=Tue, 31 Jan 2023 13:00:52 GMT; secure; SameSite=None
uncs5=1; expires=Tue, 31 Jan 2023 13:00:52 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 3f48e515fb4a4a3fb7c17ff7f5719e79
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
www.profitabledisplaycontent.com/watch.767641484955.js?key=330bd1a571a50dbbe00069becfd6e7a1&kw=%5B%22here%22%2C%22which%22%2C%22of%22%2C%22the%22%2C%22following%22%2C%22statements%22%2C%22about%22%2C%22enzymes%22%2C%22is%22%2C%22true%22%2C%22ideas%22%2C%22-%22%2C%22special%22%2C%22report%22%5D&refer=https%3A%2F%2Fthespecialreports.blogspot.com%2F2023%2F01%2Fhere-which-of-following-statements.html&tz=0&dev=e&res=12.1055&uuid=d5d0ac4f-2137-4303-860c-e763293369bf%3A3%3A1&shu=89af1cc9c7f5c206c9cc57d92f7ad8ac858d449f37d2d678e82ebc46592472c18db6c77f5f5030e8720a0a41c9b69651ac5f15c4a563ec400c8c6d43208798db267e38a1ee2e2ff08edbf75f8442eed8cb9c025c&pst=1675083711&rmtc=t
192.243.61.225200 OK 634 B URL HTTP/1.1 www.profitabledisplaycontent.com/watch.767641484955.js?key=330bd1a571a50dbbe00069becfd6e7a1&kw=%5B%22here%22%2C%22which%22%2C%22of%22%2C%22the%22%2C%22following%22%2C%22statements%22%2C%22about%22%2C%22enzymes%22%2C%22is%22%2C%22true%22%2C%22ideas%22%2C%22-%22%2C%22special%22%2C%22report%22%5D&refer=https%3A%2F%2Fthespecialreports.blogspot.com%2F2023%2F01%2Fhere-which-of-following-statements.html&tz=0&dev=e&res=12.1055&uuid=d5d0ac4f-2137-4303-860c-e763293369bf%3A3%3A1&shu=89af1cc9c7f5c206c9cc57d92f7ad8ac858d449f37d2d678e82ebc46592472c18db6c77f5f5030e8720a0a41c9b69651ac5f15c4a563ec400c8c6d43208798db267e38a1ee2e2ff08edbf75f8442eed8cb9c025c&pst=1675083711&rmtc=t
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document, ASCII text, with very long lines (582)
Hash b7beb7b8429d108e53cfdbcf87e0fded
4ef761136688f21a38a8995ff3a9c3e9a696d853
916f9dc129b8cf947645d57744be70edd5721ac0e3838458ff504eb6a52cb4a9
GET /watch.767641484955.js?key=330bd1a571a50dbbe00069becfd6e7a1&kw=%5B%22here%22%2C%22which%22%2C%22of%22%2C%22the%22%2C%22following%22%2C%22statements%22%2C%22about%22%2C%22enzymes%22%2C%22is%22%2C%22true%22%2C%22ideas%22%2C%22-%22%2C%22special%22%2C%22report%22%5D&refer=https%3A%2F%2Fthespecialreports.blogspot.com%2F2023%2F01%2Fhere-which-of-following-statements.html&tz=0&dev=e&res=12.1055&uuid=d5d0ac4f-2137-4303-860c-e763293369bf%3A3%3A1&shu=89af1cc9c7f5c206c9cc57d92f7ad8ac858d449f37d2d678e82ebc46592472c18db6c77f5f5030e8720a0a41c9b69651ac5f15c4a563ec400c8c6d43208798db267e38a1ee2e2ff08edbf75f8442eed8cb9c025c&pst=1675083711&rmtc=t HTTP/1.1
Host: www.profitabledisplaycontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://thespecialreports.blogspot.com
Referer: https://thespecialreports.blogspot.com/
Connection: keep-alive
Cookie: u_pl=14220898; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNDIyMDg5OCwiayI6IjMzMGJkMWE1NzFhNTBkYmJlMDAwNjliZWNmZDZlN2ExIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo3MTAxNSwicGlkIjo2MDk2MCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyMSwiYWlkIjoyNSwicHQiOjQsInBrIjoidXkzYjl5c2IiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly90aGVzcGVjaWFscmVwb3J0cy5ibG9nc3BvdC5jb20vMjAyMy8wMS9oZXJlLXdoaWNoLW9mLWZvbGxvd2luZy1zdGF0ZW1lbnRzLmh0bWwifX0.89vjhxmprTbQqp5-yRjFiOVrZ1wY_tXZqQZ9PC-O6rI
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 30 Jan 2023 13:00:52 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://thespecialreports.blogspot.com
Access-Control-Allow-Origin: https://thespecialreports.blogspot.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=d5d0ac4f-2137-4303-860c-e763293369bf:3:1; expires=Mon, 06 Feb 2023 13:00:52 GMT; secure; SameSite=None
iprcc6554e50baa022daf8401691ca6ad10e=2717339; expires=Tue, 31 Jan 2023 15:00:52 GMT; secure; SameSite=None
pdhtkv=true; expires=Tue, 31 Jan 2023 13:00:52 GMT; secure; SameSite=None
uncs=1; expires=Tue, 31 Jan 2023 13:00:52 GMT; secure; SameSite=None
pdhtkv25=true; expires=Tue, 31 Jan 2023 13:00:52 GMT; secure; SameSite=None
uncs25=1; expires=Tue, 31 Jan 2023 13:00:52 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 8456d23e2c94fa31a1ef838e0cdf102c
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 8d227d4ce2252ca792eb1e8ad3f7e1f8
69df728908dcfe901793fbc0ae6faab6d2b963ba
830ac047395e2e7f562e119b0d36d3d7ddf186cc9835042e661a3eecbb4f2a06
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "830AC047395E2E7F562E119B0D36D3D7DDF186CC9835042E661A3EECBB4F2A06"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5915
Expires: Mon, 30 Jan 2023 14:39:27 GMT
Date: Mon, 30 Jan 2023 13:00:52 GMT
Connection: keep-alive
jennyvisits.com/dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=14220898
173.233.137.36200 OK 1.3 kB URL HTTP/1.1 jennyvisits.com/dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=14220898
IP 173.233.137.36:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 2cbd26b399f0926e6fa202af2748c62c
fb9299c9ef6fe8d3aa288f8bd330e4ed924e2144
3869bb2669e2777194ecd1f08e44bfc0b52624248ae250cb79ef2de9b7e92bcb
Analyzer Verdict Alert quad9 Sinkholed
GET /dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=14220898 HTTP/1.1
Host: jennyvisits.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thespecialreports.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 30 Jan 2023 13:00:52 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=16122660; expires=Tue, 31 Jan 2023 13:00:52 GMT
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjEyMjY2MCwiayI6Ijg2MzcwNWJjYmI0YjZhNTU0ZGRiMzU5NjY1Mzk1YTZmIiwic2lkIjoiMTQyMjA4OTgiLCJpc2lkIjoyLCJhc2lkIjoxLCJ6aWQiOjE0NjQxNSwicGlkIjo5NzI5OSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjI4LCJwdCI6NCwicGsiOiJkeWZjMWswOSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly90aGVzcGVjaWFscmVwb3J0cy5ibG9nc3BvdC5jb20vIn19.utkJzE2-Rx1jE0Eiad-9agNX8JdOzO4Td2B6rnG2AqY; expires=Mon, 30 Jan 2023 13:01:52 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: cc7277e0ebb3582bfaea8f1504b051da
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
jennyvisits.com/dyfc1k09?shu=0d104422f088e196864cb80309d66b155b3510717c9822832f09fb9a77ee03c637a72d21bef58f84945d6583fb0364106728d0c3f517111f7587f0eb07d8721f4aaccf62a8af9aa8c08b24575778bb8ac4b58c223d73b9919e0d9cc60dfeef948bea&pst=1675083712&rmtc=t&uuid=&pii=&in=false&key=863705bcbb4b6a554ddb359665395a6f&refer=https%3A%2F%2Fthespecialreports.blogspot.com%2F&psid=14220898
173.233.137.36302 Found 0 B URL HTTP/1.1 jennyvisits.com/dyfc1k09?shu=0d104422f088e196864cb80309d66b155b3510717c9822832f09fb9a77ee03c637a72d21bef58f84945d6583fb0364106728d0c3f517111f7587f0eb07d8721f4aaccf62a8af9aa8c08b24575778bb8ac4b58c223d73b9919e0d9cc60dfeef948bea&pst=1675083712&rmtc=t&uuid=&pii=&in=false&key=863705bcbb4b6a554ddb359665395a6f&refer=https%3A%2F%2Fthespecialreports.blogspot.com%2F&psid=14220898
IP 173.233.137.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /dyfc1k09?shu=0d104422f088e196864cb80309d66b155b3510717c9822832f09fb9a77ee03c637a72d21bef58f84945d6583fb0364106728d0c3f517111f7587f0eb07d8721f4aaccf62a8af9aa8c08b24575778bb8ac4b58c223d73b9919e0d9cc60dfeef948bea&pst=1675083712&rmtc=t&uuid=&pii=&in=false&key=863705bcbb4b6a554ddb359665395a6f&refer=https%3A%2F%2Fthespecialreports.blogspot.com%2F&psid=14220898 HTTP/1.1
Host: jennyvisits.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jennyvisits.com/dyfc1k09?key=0f22c1fd609f13cb7947c8cabfe1a90d&submetric=16122660
Cookie: u_pl=16122660; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjEyMjY2MCwiayI6Ijg2MzcwNWJjYmI0YjZhNTU0ZGRiMzU5NjY1Mzk1YTZmIiwic2lkIjoiMTQyMjA4OTgiLCJpc2lkIjoyLCJhc2lkIjoxLCJ6aWQiOjE0NjQxNSwicGlkIjo5NzI5OSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjI4LCJwdCI6NCwicGsiOiJkeWZjMWswOSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly90aGVzcGVjaWFscmVwb3J0cy5ibG9nc3BvdC5jb20vIn19.utkJzE2-Rx1jE0Eiad-9agNX8JdOzO4Td2B6rnG2AqY; cjs=t
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 302 Found
Server: nginx/1.19.5
Date: Mon, 30 Jan 2023 13:00:53 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Location: http://adpointrtb.com/script/s2iurl.php?stamat=m%7C%2C%2CQhYnY3fjtGU3Bp-GH0dEdHP3xP.6be%2CGt4zR2Zm-FNF0Dq3bxYfI2Za9IvsXcF94ccCmw539c_5cLJU5IehAoOCvvVeyTPJ6LmQi2i-FtGjbHTJMAIWXUqiIeaF_8eunJJpU528kv4U0o5gkByhtkD8GeLo_hrk4KvwsN-9AZ4xxdw1wORNeVaMnqrGK3hoBngW1DH8Pe3oKvmqaWXrrfvWFzi2ZDchjsoVvLjpN2snuAoyOL4tRqx2JuzoYDfhcEaA9eSPGMOGSIlFJEjQfkdOk9Mvn_IQuCNP7nX8P8k5X7w5ADvlgBHQre8XCeaWLLavl5WXE85MV6-cDvUg7NOgugad_DuOGIfBHhMqV_9RY4_jMlmJ1d73SrG8Cgjb8GSQDfUgJ7NVIy-fVOoegMDtpzx3EdEAdz12IqY6_ee7cBlTGKdX6BvOTnYPIS-8bVvS8qZqDNvL95BYK6IJqWxoAwC-KsgU_FglxLAcSfPX3Ah-xjOcubalR6-WGstecwHWW05cNDgJ1BH0oemS9vViaf9vnG5ohjeISOmhVHhoyXcfWGhHww%2C%2C&csid=1506755&s1=16122660&md=0&crid=23364304
Set-Cookie: pdhtkv=true; expires=Tue, 31 Jan 2023 13:00:53 GMT
uncs=1; expires=Tue, 31 Jan 2023 13:00:53 GMT
pdhtkv28=true; expires=Tue, 31 Jan 2023 13:00:53 GMT
uncs28=1; expires=Tue, 31 Jan 2023 13:00:53 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: c05f7b1aa12a29544ca8255ae7f83421
Strict-Transport-Security: max-age=0; includeSubdomains
adpointrtb.com/script/s2iurl.php?stamat=m%7C%2C%2CQhYnY3fjtGU3Bp-GH0dEdHP3xP.6be%2CGt4zR2Zm-FNF0Dq3bxYfI2Za9IvsXcF94ccCmw539c_5cLJU5IehAoOCvvVeyTPJ6LmQi2i-FtGjbHTJMAIWXUqiIeaF_8eunJJpU528kv4U0o5gkByhtkD8GeLo_hrk4KvwsN-9AZ4xxdw1wORNeVaMnqrGK3hoBngW1DH8Pe3oKvmqaWXrrfvWFzi2ZDchjsoVvLjpN2snuAoyOL4tRqx2JuzoYDfhcEaA9eSPGMOGSIlFJEjQfkdOk9Mvn_IQuCNP7nX8P8k5X7w5ADvlgBHQre8XCeaWLLavl5WXE85MV6-cDvUg7NOgugad_DuOGIfBHhMqV_9RY4_jMlmJ1d73SrG8Cgjb8GSQDfUgJ7NVIy-fVOoegMDtpzx3EdEAdz12IqY6_ee7cBlTGKdX6BvOTnYPIS-8bVvS8qZqDNvL95BYK6IJqWxoAwC-KsgU_FglxLAcSfPX3Ah-xjOcubalR6-WGstecwHWW05cNDgJ1BH0oemS9vViaf9vnG5ohjeISOmhVHhoyXcfWGhHww%2C%2C&csid=1506755&s1=16122660&md=0&crid=23364304
34.160.190.227200 OK 1.9 kB URL HTTP/1.1 adpointrtb.com/script/s2iurl.php?stamat=m%7C%2C%2CQhYnY3fjtGU3Bp-GH0dEdHP3xP.6be%2CGt4zR2Zm-FNF0Dq3bxYfI2Za9IvsXcF94ccCmw539c_5cLJU5IehAoOCvvVeyTPJ6LmQi2i-FtGjbHTJMAIWXUqiIeaF_8eunJJpU528kv4U0o5gkByhtkD8GeLo_hrk4KvwsN-9AZ4xxdw1wORNeVaMnqrGK3hoBngW1DH8Pe3oKvmqaWXrrfvWFzi2ZDchjsoVvLjpN2snuAoyOL4tRqx2JuzoYDfhcEaA9eSPGMOGSIlFJEjQfkdOk9Mvn_IQuCNP7nX8P8k5X7w5ADvlgBHQre8XCeaWLLavl5WXE85MV6-cDvUg7NOgugad_DuOGIfBHhMqV_9RY4_jMlmJ1d73SrG8Cgjb8GSQDfUgJ7NVIy-fVOoegMDtpzx3EdEAdz12IqY6_ee7cBlTGKdX6BvOTnYPIS-8bVvS8qZqDNvL95BYK6IJqWxoAwC-KsgU_FglxLAcSfPX3Ah-xjOcubalR6-WGstecwHWW05cNDgJ1BH0oemS9vViaf9vnG5ohjeISOmhVHhoyXcfWGhHww%2C%2C&csid=1506755&s1=16122660&md=0&crid=23364304
IP 34.160.190.227:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (738)
Hash d228bc6e8e268f5169b8ccac8ab1d571
4f86562eef87a1178ee1ed28f21bba01ff42f6f6
2ce1381247794443c4936c1d3d6d35dfb5f3581bc45e30bb54e48f3c3f16f5b7
GET /script/s2iurl.php?stamat=m%7C%2C%2CQhYnY3fjtGU3Bp-GH0dEdHP3xP.6be%2CGt4zR2Zm-FNF0Dq3bxYfI2Za9IvsXcF94ccCmw539c_5cLJU5IehAoOCvvVeyTPJ6LmQi2i-FtGjbHTJMAIWXUqiIeaF_8eunJJpU528kv4U0o5gkByhtkD8GeLo_hrk4KvwsN-9AZ4xxdw1wORNeVaMnqrGK3hoBngW1DH8Pe3oKvmqaWXrrfvWFzi2ZDchjsoVvLjpN2snuAoyOL4tRqx2JuzoYDfhcEaA9eSPGMOGSIlFJEjQfkdOk9Mvn_IQuCNP7nX8P8k5X7w5ADvlgBHQre8XCeaWLLavl5WXE85MV6-cDvUg7NOgugad_DuOGIfBHhMqV_9RY4_jMlmJ1d73SrG8Cgjb8GSQDfUgJ7NVIy-fVOoegMDtpzx3EdEAdz12IqY6_ee7cBlTGKdX6BvOTnYPIS-8bVvS8qZqDNvL95BYK6IJqWxoAwC-KsgU_FglxLAcSfPX3Ah-xjOcubalR6-WGstecwHWW05cNDgJ1BH0oemS9vViaf9vnG5ohjeISOmhVHhoyXcfWGhHww%2C%2C&csid=1506755&s1=16122660&md=0&crid=23364304 HTTP/1.1
Host: adpointrtb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: openresty
Date: Mon, 30 Jan 2023 13:00:53 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 google
adpointrtb.com/script/s2iurl.php?stamat=m%7C%2C%2CQhYnY3fjtGU3Bp-GH0dEdHP3xP.6be%2CGt4zR2Zm-FNF0Dq3bxYfI2Za9IvsXcF94ccCmw539c_5cLJU5IehAoOCvvVeyTPJ6LmQi2i-FtGjbHTJMAIWXUqiIeaF_8eunJJpU528kv4U0o5gkByhtkD8GeLo_hrk4KvwsN-9AZ4xxdw1wORNeVaMnqrGK3hoBngW1DH8Pe3oKvmqaWXrrfvWFzi2ZDchjsoVvLjpN2snuAoyOL4tRqx2JuzoYDfhcEaA9eSPGMOGSIlFJEjQfkdOk9Mvn_IQuCNP7nX8P8k5X7w5ADvlgBHQre8XCeaWLLavl5WXE85MV6-cDvUg7NOgugad_DuOGIfBHhMqV_9RY4_jMlmJ1d73SrG8Cgjb8GSQDfUgJ7NVIy-fVOoegMDtpzx3EdEAdz12IqY6_ee7cBlTGKdX6BvOTnYPIS-8bVvS8qZqDNvL95BYK6IJqWxoAwC-KsgU_FglxLAcSfPX3Ah-xjOcubalR6-WGstecwHWW05cNDgJ1BH0oemS9vViaf9vnG5ohjeISOmhVHhoyXcfWGhHww%2C%2C&csid=1506755&s1=16122660&md=0&crid=23364304&treqn=42346345&rpn=1&cbrandom=0.36044741613741604&cbtitle=&cbiframe=0&cbWidth=1280&cbHeight=939&cbdescription=&cbkeywords=&cbref=
34.160.190.227302 Moved Temporarily 1 B URL HTTP/1.1 adpointrtb.com/script/s2iurl.php?stamat=m%7C%2C%2CQhYnY3fjtGU3Bp-GH0dEdHP3xP.6be%2CGt4zR2Zm-FNF0Dq3bxYfI2Za9IvsXcF94ccCmw539c_5cLJU5IehAoOCvvVeyTPJ6LmQi2i-FtGjbHTJMAIWXUqiIeaF_8eunJJpU528kv4U0o5gkByhtkD8GeLo_hrk4KvwsN-9AZ4xxdw1wORNeVaMnqrGK3hoBngW1DH8Pe3oKvmqaWXrrfvWFzi2ZDchjsoVvLjpN2snuAoyOL4tRqx2JuzoYDfhcEaA9eSPGMOGSIlFJEjQfkdOk9Mvn_IQuCNP7nX8P8k5X7w5ADvlgBHQre8XCeaWLLavl5WXE85MV6-cDvUg7NOgugad_DuOGIfBHhMqV_9RY4_jMlmJ1d73SrG8Cgjb8GSQDfUgJ7NVIy-fVOoegMDtpzx3EdEAdz12IqY6_ee7cBlTGKdX6BvOTnYPIS-8bVvS8qZqDNvL95BYK6IJqWxoAwC-KsgU_FglxLAcSfPX3Ah-xjOcubalR6-WGstecwHWW05cNDgJ1BH0oemS9vViaf9vnG5ohjeISOmhVHhoyXcfWGhHww%2C%2C&csid=1506755&s1=16122660&md=0&crid=23364304&treqn=42346345&rpn=1&cbrandom=0.36044741613741604&cbtitle=&cbiframe=0&cbWidth=1280&cbHeight=939&cbdescription=&cbkeywords=&cbref=
IP 34.160.190.227:0
File type very short file (no magic)
Hash 68b329da9893e34099c7d8ad5cb9c940
adc83b19e793491b1c6ea0fd8b46cd9f32e592fc
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
GET /script/s2iurl.php?stamat=m%7C%2C%2CQhYnY3fjtGU3Bp-GH0dEdHP3xP.6be%2CGt4zR2Zm-FNF0Dq3bxYfI2Za9IvsXcF94ccCmw539c_5cLJU5IehAoOCvvVeyTPJ6LmQi2i-FtGjbHTJMAIWXUqiIeaF_8eunJJpU528kv4U0o5gkByhtkD8GeLo_hrk4KvwsN-9AZ4xxdw1wORNeVaMnqrGK3hoBngW1DH8Pe3oKvmqaWXrrfvWFzi2ZDchjsoVvLjpN2snuAoyOL4tRqx2JuzoYDfhcEaA9eSPGMOGSIlFJEjQfkdOk9Mvn_IQuCNP7nX8P8k5X7w5ADvlgBHQre8XCeaWLLavl5WXE85MV6-cDvUg7NOgugad_DuOGIfBHhMqV_9RY4_jMlmJ1d73SrG8Cgjb8GSQDfUgJ7NVIy-fVOoegMDtpzx3EdEAdz12IqY6_ee7cBlTGKdX6BvOTnYPIS-8bVvS8qZqDNvL95BYK6IJqWxoAwC-KsgU_FglxLAcSfPX3Ah-xjOcubalR6-WGstecwHWW05cNDgJ1BH0oemS9vViaf9vnG5ohjeISOmhVHhoyXcfWGhHww%2C%2C&csid=1506755&s1=16122660&md=0&crid=23364304&treqn=42346345&rpn=1&cbrandom=0.36044741613741604&cbtitle=&cbiframe=0&cbWidth=1280&cbHeight=939&cbdescription=&cbkeywords=&cbref= HTTP/1.1
Host: adpointrtb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Moved Temporarily
Server: openresty
Date: Mon, 30 Jan 2023 13:00:53 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Access-Control-Allow-Origin: *
Location: https://adserving.unibet.com/redirect.aspx?bid=37953&pid=2100237&sref=ADC&ADC=1506755-640691165-0_Adsterra
Via: 1.1 google
adpointrtb.com/favicon.ico
34.160.190.227200 OK 0 B URL HTTP/1.1 adpointrtb.com/favicon.ico
IP 34.160.190.227:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: adpointrtb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Server: openresty
Date: Mon, 30 Jan 2023 13:00:53 GMT
Content-Type: image/x-icon
Content-Length: 0
Last-Modified: Thu, 10 Dec 2020 09:27:58 GMT
ETag: "5fd1ea1e-0"
Accept-Ranges: bytes
Via: 1.1 google
adserving.unibet.com/redirect.aspx?bid=37953&pid=2100237&sref=ADC&ADC=1506755-640691165-0_Adsterra
23.36.79.11307 Temporary Redirect 0 B URL HTTP/2 adserving.unibet.com/redirect.aspx?bid=37953&pid=2100237&sref=ADC&ADC=1506755-640691165-0_Adsterra
IP 23.36.79.11:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect.aspx?bid=37953&pid=2100237&sref=ADC&ADC=1506755-640691165-0_Adsterra HTTP/1.1
Host: adserving.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 307 Temporary Redirect
content-type: text/html
content-length: 0
location: https://www.mariacasino.nu/stan/campaign.do?cmpId=2397257&affiliateId=1&unibetTarget=/no/pop/casino/2022/index.html&targetDomain=https://welcome.mariacasino.nu&btag=81750185_35C0AABF756A4E6AA4FA8DE4DF133640&sref=ADC&ADC=1506755-640691165-0_Adsterra&affiliateId=1&pid=74340067&bid=37953
p3p: CP="This is not a P3P policy! It is used to bypass IEs problematic handling of cookies"
x-aspnet-version: 4.0.30319
request-context: appId=cid-v1:83ffbda4-9458-475e-90ec-4427cfb5c3b0
access-control-expose-headers: Request-Context
expires: Mon, 30 Jan 2023 13:00:53 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Mon, 30 Jan 2023 13:00:53 GMT
set-cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a74340067%2c%22BID%22%3a37953%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1675083653540)%5c%2f%22%2c%22CookieTag%22%3a%223795374340067451240919C2023130130%22%7d%5d; SameSite=None;; domain=.unibet.com; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/; secure
NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%228756010695%7c1%22%7d%5d; domain=.unibet.com; expires=Wed, 30-Jan-3022 13:00:53 GMT; path=/; secure; SameSite=Strict
server-timing: cdn-cache; desc=MISS, edge; dur=19, origin; dur=38
X-Firefox-Spdy: h2
www.mariacasino.nu/stan/campaign.do?cmpId=2397257&affiliateId=1&unibetTarget=/no/pop/casino/2022/index.html&targetDomain=https://welcome.mariacasino.nu&btag=81750185_35C0AABF756A4E6AA4FA8DE4DF133640&sref=ADC&ADC=1506755-640691165-0_Adsterra&affiliateId=1&pid=74340067&bid=37953
85.184.96.0301 Moved Permanently 0 B URL HTTP/2 www.mariacasino.nu/stan/campaign.do?cmpId=2397257&affiliateId=1&unibetTarget=/no/pop/casino/2022/index.html&targetDomain=https://welcome.mariacasino.nu&btag=81750185_35C0AABF756A4E6AA4FA8DE4DF133640&sref=ADC&ADC=1506755-640691165-0_Adsterra&affiliateId=1&pid=74340067&bid=37953
IP 85.184.96.0:0
ASN #47171 Unibet Services Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /stan/campaign.do?cmpId=2397257&affiliateId=1&unibetTarget=/no/pop/casino/2022/index.html&targetDomain=https://welcome.mariacasino.nu&btag=81750185_35C0AABF756A4E6AA4FA8DE4DF133640&sref=ADC&ADC=1506755-640691165-0_Adsterra&affiliateId=1&pid=74340067&bid=37953 HTTP/1.1
Host: www.mariacasino.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Mon, 30 Jan 2023 13:00:53 GMT
content-length: 0
location: https://www.mariacasino.nu:443/stan/redirecttocampaign.do?cmpId=2397257&affiliateId=1&unibetTarget=/no/pop/casino/2022/index.html&targetDomain=https://welcome.mariacasino.nu&btag=81750185_35C0AABF756A4E6AA4FA8DE4DF133640&sref=ADC&ADC=1506755-640691165-0_Adsterra&affiliateId=1&pid=74340067&bid=37953&landingPageUrl=https%3A%2F%2Fwelcome.mariacasino.nu%2Fno%2Fpop%2Fcasino%2F2022%2Findex.html%3Fmktid%3D1%3A81750185%3A74340067-37953
set-cookie: JSESSIONID=node0bhyh3iayzuewzsx7x8krmf1m13311.node0; Path=/stan; Secure; HttpOnly; SameSite=Strict
__ucbt=node0bhyh3iayzuewzsx7x8krmf1m1; Path=/; Domain=.mariacasino.nu; Expires=Wed, 29-Jan-2025 13:00:53 GMT; Max-Age=63072000; Secure; SameSite=None
uniattr=ST.0.T; Path=/; Domain=.mariacasino.nu; Expires=Wed, 29-Jan-2025 13:00:53 GMT; Max-Age=63072000; Secure; SameSite=None
uniattr_ref=; Path=/; Domain=.mariacasino.nu; Expires=Wed, 29-Jan-2025 13:00:53 GMT; Max-Age=63072000; Secure; SameSite=None
UNIBET_REQUEST_URL=; Path=/; Domain=.mariacasino.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_REQUEST_URL=; Path=/; Domain=.mariacasino.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
UNIBET_INTERNAL_CAMPAIGN_ID=; Path=/; Domain=.mariacasino.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
affid=; Path=/; Domain=.mariacasino.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
netwid=; Path=/; Domain=.mariacasino.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
CLAIM_CODE=; Path=/; Domain=.mariacasino.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
REGISTRATION_CODE=; Path=/; Domain=.mariacasino.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
campaignId=2397257; Path=/; Domain=.mariacasino.nu; Expires=Wed, 31-Jan-2024 22:58:59 GMT; Max-Age=31658286; Secure; SameSite=None
framework.forceBigLandingArea=; Path=/; Domain=.mariacasino.nu; Expires=Mon, 30-Jan-2023 13:01:08 GMT; Max-Age=15; Secure; SameSite=None
affiliateId=1; Path=/; Domain=.mariacasino.nu; Expires=Wed, 31-Jan-2024 22:58:59 GMT; Max-Age=31658286; Secure; SameSite=None
B-TAG=81750185_35C0AABF756A4E6AA4FA8DE4DF133640; Path=/; Domain=.mariacasino.nu; Expires=Wed, 31-Jan-2024 22:58:59 GMT; Max-Age=31658286; Secure; SameSite=None
REGISTRATION_CODE=; Path=/; Domain=.mariacasino.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
BID=37953; Path=/; Domain=.mariacasino.nu; Expires=Wed, 31-Jan-2024 22:58:59 GMT; Max-Age=31658286; Secure; SameSite=None
PID=74340067; Path=/; Domain=.mariacasino.nu; Expires=Wed, 31-Jan-2024 22:58:59 GMT; Max-Age=31658286; Secure; SameSite=None
CHID=; Path=/; Domain=.mariacasino.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
REFERER=; Path=/; Domain=.mariacasino.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
UNIBET_INTERNAL_CAMPAIGN_ID=; Path=/; Domain=.mariacasino.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
UNIBET_REQUEST_URL=; Path=/; Domain=.mariacasino.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_REQUEST_URL=; Path=/; Domain=.mariacasino.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_CAMPAIGN_ID=; Path=/; Domain=.mariacasino.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AMS_INVITE_CHAT_ACCEPTED=; Path=/; Domain=.mariacasino.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AMS_INVITE_CHAT_DECLINED=; Path=/; Domain=.mariacasino.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
BOCAID=; Path=/; Domain=.mariacasino.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
PRODUCT_ID=; Path=/; Domain=.mariacasino.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFID=; Path=/; Domain=.mariacasino.nu; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Secure; SameSite=None
AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.mariacasino.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2397257%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fcasino%2F2022%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.mariacasino.nu%26btag%3D81750185_35C0AABF756A4E6AA4FA8DE4DF133640%26sref%3DADC%26ADC%3D1506755-640691165-0_Adsterra%26affiliateId%3D1%26pid%3D74340067%26bid%3D37953; Path=/; Domain=.mariacasino.nu; Expires=Wed, 31-Jan-2024 22:58:59 GMT; Max-Age=31658286; Secure; SameSite=None
AFFILIATE_CAMPAIGN_ID=2397257; Path=/; Domain=.mariacasino.nu; Expires=Wed, 31-Jan-2024 22:58:59 GMT; Max-Age=31658286; Secure; SameSite=None
framework.forceBigLandingArea=; Path=/; Domain=.mariacasino.nu; Expires=Mon, 30-Jan-2023 13:01:08 GMT; Max-Age=15; Secure; SameSite=None
campaignId=2397257; Path=/; Domain=.mariacasino.nu; Expires=Wed, 31-Jan-2024 22:58:59 GMT; Max-Age=31658286; Secure; SameSite=None
framework.forceBigLandingArea=; Path=/; Domain=.mariacasino.nu; Expires=Mon, 30-Jan-2023 13:01:08 GMT; Max-Age=15; Secure; SameSite=None
clientId=browser_desktop; Domain=www.mariacasino.nu; Path=/; SameSite=None; Secure
cache-control: max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
expires: Thu, 01 Jan 1970 00:00:00 GMT, Mon, 30 Jan 2023 13:00:53 GMT
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
X-Firefox-Spdy: h2
www.mariacasino.nu/stan/redirecttocampaign.do?cmpId=2397257&affiliateId=1&unibetTarget=/no/pop/casino/2022/index.html&targetDomain=https://welcome.mariacasino.nu&btag=81750185_35C0AABF756A4E6AA4FA8DE4DF133640&sref=ADC&ADC=1506755-640691165-0_Adsterra&affiliateId=1&pid=74340067&bid=37953&landingPageUrl=https%3A%2F%2Fwelcome.mariacasino.nu%2Fno%2Fpop%2Fcasino%2F2022%2Findex.html%3Fmktid%3D1%3A81750185%3A74340067-37953
85.184.96.0301 Moved Permanently 0 B URL HTTP/2 www.mariacasino.nu/stan/redirecttocampaign.do?cmpId=2397257&affiliateId=1&unibetTarget=/no/pop/casino/2022/index.html&targetDomain=https://welcome.mariacasino.nu&btag=81750185_35C0AABF756A4E6AA4FA8DE4DF133640&sref=ADC&ADC=1506755-640691165-0_Adsterra&affiliateId=1&pid=74340067&bid=37953&landingPageUrl=https%3A%2F%2Fwelcome.mariacasino.nu%2Fno%2Fpop%2Fcasino%2F2022%2Findex.html%3Fmktid%3D1%3A81750185%3A74340067-37953
IP 85.184.96.0:0
ASN #47171 Unibet Services Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /stan/redirecttocampaign.do?cmpId=2397257&affiliateId=1&unibetTarget=/no/pop/casino/2022/index.html&targetDomain=https://welcome.mariacasino.nu&btag=81750185_35C0AABF756A4E6AA4FA8DE4DF133640&sref=ADC&ADC=1506755-640691165-0_Adsterra&affiliateId=1&pid=74340067&bid=37953&landingPageUrl=https%3A%2F%2Fwelcome.mariacasino.nu%2Fno%2Fpop%2Fcasino%2F2022%2Findex.html%3Fmktid%3D1%3A81750185%3A74340067-37953 HTTP/1.1
Host: www.mariacasino.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ucbt=node0bhyh3iayzuewzsx7x8krmf1m1; uniattr=ST.0.T; uniattr_ref=; campaignId=2397257; framework.forceBigLandingArea=; affiliateId=1; B-TAG=81750185_35C0AABF756A4E6AA4FA8DE4DF133640; BID=37953; PID=74340067; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.mariacasino.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2397257%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fcasino%2F2022%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.mariacasino.nu%26btag%3D81750185_35C0AABF756A4E6AA4FA8DE4DF133640%26sref%3DADC%26ADC%3D1506755-640691165-0_Adsterra%26affiliateId%3D1%26pid%3D74340067%26bid%3D37953; AFFILIATE_CAMPAIGN_ID=2397257; clientId=browser_desktop
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
date: Mon, 30 Jan 2023 13:00:53 GMT
content-length: 0
location: https://welcome.mariacasino.nu/no/pop/casino/2022/index.html?mktid=1:81750185:74340067-37953&btag=81750185_35C0AABF756A4E6AA4FA8DE4DF133640&bid=37953&campaignId=2397257&pid=74340067
cache-control: max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
expires: Mon, 30 Jan 2023 13:00:53 GMT
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash ac2c13ffbeabcde4dc58c40e8e4b6c89
ccc0bbe2b10be9ae95c994272ea94d115d8f3713
0782693309a97ab779333237e8d8836bc7962e7b651e90648ac3b326b9ece81d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3076
Cache-Control: max-age=145999
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 13:00:53 GMT
Etag: "63d74ad0-118"
Expires: Wed, 01 Feb 2023 05:34:12 GMT
Last-Modified: Mon, 30 Jan 2023 04:42:56 GMT
Server: ECS (amb/6BA2)
X-Cache: HIT
Content-Length: 280
welcome.mariacasino.nu/no/pop/casino/2022/games.png
104.18.25.188200 OK 8.8 kB URL HTTP/2 welcome.mariacasino.nu/no/pop/casino/2022/games.png
IP 104.18.25.188:0
File type PNG image data, 234 x 200, 8-bit/color RGBA, non-interlaced\012- data
Hash fbd364c184d1c2af246dd5a3079ce9ed
5c572431ced831a518e0c4adfed4372254f1eac1
2a09f891fb138e893fbc2fe522761e47307376143582e41016bf8aa54c4fdb77
GET /no/pop/casino/2022/games.png HTTP/1.1
Host: welcome.mariacasino.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.mariacasino.nu/no/pop/casino/2022/index.html?mktid=1:81750185:74340067-37953&btag=81750185_35C0AABF756A4E6AA4FA8DE4DF133640&bid=37953&campaignId=2397257&pid=74340067
Cookie: __ucbt=node0bhyh3iayzuewzsx7x8krmf1m1; uniattr=ST.0.T; uniattr_ref=; campaignId=2397257; framework.forceBigLandingArea=; affiliateId=1; B-TAG=81750185_35C0AABF756A4E6AA4FA8DE4DF133640; BID=37953; PID=74340067; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.mariacasino.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2397257%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fcasino%2F2022%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.mariacasino.nu%26btag%3D81750185_35C0AABF756A4E6AA4FA8DE4DF133640%26sref%3DADC%26ADC%3D1506755-640691165-0_Adsterra%26affiliateId%3D1%26pid%3D74340067%26bid%3D37953; AFFILIATE_CAMPAIGN_ID=2397257; btag=81750185_35C0AABF756A4E6AA4FA8DE4DF133640
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 13:00:54 GMT
content-type: image/png
content-length: 8838
cache-control: public, max-age=900, immutable
content-md5: +9NkwYTRwq8kbdWjB5zp7Q==
last-modified: Tue, 29 Nov 2022 13:35:56 GMT
etag: "0x8DAD20EA4D87720"
x-ms-request-id: 56be89e7-801e-0020-22f7-0369a5000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 516100
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 791a64a74820b503-OSL
X-Firefox-Spdy: h2
welcome.mariacasino.nu/no/pop/casino/2022/mga.png
104.18.25.188200 OK 1.5 kB URL HTTP/2 welcome.mariacasino.nu/no/pop/casino/2022/mga.png
IP 104.18.25.188:0
File type PNG image data, 152 x 60, 8-bit colormap, non-interlaced\012- data
Hash f34e781d7ad22dc774b98ac82a2b46f6
b66cb9753b0f76a7590f62d3c6b8f645bdbae786
7898ba2cec328d50a75400c1e5a6f1f23974f4c0cc433472a24f28a82c7d01c7
GET /no/pop/casino/2022/mga.png HTTP/1.1
Host: welcome.mariacasino.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.mariacasino.nu/no/pop/casino/2022/index.html?mktid=1:81750185:74340067-37953&btag=81750185_35C0AABF756A4E6AA4FA8DE4DF133640&bid=37953&campaignId=2397257&pid=74340067
Cookie: __ucbt=node0bhyh3iayzuewzsx7x8krmf1m1; uniattr=ST.0.T; uniattr_ref=; campaignId=2397257; framework.forceBigLandingArea=; affiliateId=1; B-TAG=81750185_35C0AABF756A4E6AA4FA8DE4DF133640; BID=37953; PID=74340067; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.mariacasino.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2397257%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fcasino%2F2022%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.mariacasino.nu%26btag%3D81750185_35C0AABF756A4E6AA4FA8DE4DF133640%26sref%3DADC%26ADC%3D1506755-640691165-0_Adsterra%26affiliateId%3D1%26pid%3D74340067%26bid%3D37953; AFFILIATE_CAMPAIGN_ID=2397257; btag=81750185_35C0AABF756A4E6AA4FA8DE4DF133640
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 13:00:54 GMT
content-type: image/png
content-length: 1454
cache-control: public, max-age=900, immutable
content-md5: 8054HXrSLcd0uYrIKitG9g==
last-modified: Tue, 29 Nov 2022 13:35:56 GMT
etag: "0x8DAD20EA4FEBE45"
x-ms-request-id: aeb20fbe-701e-0034-08f7-0321ca000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 516100
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 791a64a74824b503-OSL
X-Firefox-Spdy: h2
welcome.mariacasino.nu/no/pop/casino/2022/slots.png
104.18.25.188200 OK 6.3 kB URL HTTP/2 welcome.mariacasino.nu/no/pop/casino/2022/slots.png
IP 104.18.25.188:0
File type PNG image data, 151 x 200, 8-bit/color RGBA, non-interlaced\012- data
Hash 6be047bdf3d103b2414f7f6ab64d96b8
57818bdfe16383abe584b5c30de5f35eb55ebf20
38e2d3e7f261032cf0c558e28555c6425c30aa14014f31bbaad7d5176b7d4449
GET /no/pop/casino/2022/slots.png HTTP/1.1
Host: welcome.mariacasino.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.mariacasino.nu/no/pop/casino/2022/index.html?mktid=1:81750185:74340067-37953&btag=81750185_35C0AABF756A4E6AA4FA8DE4DF133640&bid=37953&campaignId=2397257&pid=74340067
Cookie: __ucbt=node0bhyh3iayzuewzsx7x8krmf1m1; uniattr=ST.0.T; uniattr_ref=; campaignId=2397257; framework.forceBigLandingArea=; affiliateId=1; B-TAG=81750185_35C0AABF756A4E6AA4FA8DE4DF133640; BID=37953; PID=74340067; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.mariacasino.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2397257%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fcasino%2F2022%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.mariacasino.nu%26btag%3D81750185_35C0AABF756A4E6AA4FA8DE4DF133640%26sref%3DADC%26ADC%3D1506755-640691165-0_Adsterra%26affiliateId%3D1%26pid%3D74340067%26bid%3D37953; AFFILIATE_CAMPAIGN_ID=2397257; btag=81750185_35C0AABF756A4E6AA4FA8DE4DF133640
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 13:00:54 GMT
content-type: image/png
content-length: 6303
cache-control: public, max-age=900, immutable
content-md5: a+BHvfPRA7JBT39qtk2WuA==
last-modified: Tue, 29 Nov 2022 13:35:56 GMT
etag: "0x8DAD20EA4ED5BA7"
x-ms-request-id: da131072-401e-003f-7bf7-03daa1000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 516101
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 791a64a7481ab503-OSL
X-Firefox-Spdy: h2
welcome.mariacasino.nu/no/pop/casino/2022/livecasino.png
104.18.25.188200 OK 21 kB URL HTTP/2 welcome.mariacasino.nu/no/pop/casino/2022/livecasino.png
IP 104.18.25.188:0
File type PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced\012- data
Hash 87dc3fc9a40a9b0e8fd7c0519ac24f54
908b0ca475f8da1d0380a6cb5caabafce2466aec
a0fd031aa160b2679253c5952576a692e002c6be963c5935af3692ff50206eb4
GET /no/pop/casino/2022/livecasino.png HTTP/1.1
Host: welcome.mariacasino.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.mariacasino.nu/no/pop/casino/2022/index.html?mktid=1:81750185:74340067-37953&btag=81750185_35C0AABF756A4E6AA4FA8DE4DF133640&bid=37953&campaignId=2397257&pid=74340067
Cookie: __ucbt=node0bhyh3iayzuewzsx7x8krmf1m1; uniattr=ST.0.T; uniattr_ref=; campaignId=2397257; framework.forceBigLandingArea=; affiliateId=1; B-TAG=81750185_35C0AABF756A4E6AA4FA8DE4DF133640; BID=37953; PID=74340067; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.mariacasino.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2397257%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fcasino%2F2022%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.mariacasino.nu%26btag%3D81750185_35C0AABF756A4E6AA4FA8DE4DF133640%26sref%3DADC%26ADC%3D1506755-640691165-0_Adsterra%26affiliateId%3D1%26pid%3D74340067%26bid%3D37953; AFFILIATE_CAMPAIGN_ID=2397257; btag=81750185_35C0AABF756A4E6AA4FA8DE4DF133640
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 13:00:54 GMT
content-type: image/png
content-length: 20783
cache-control: public, max-age=900, immutable
content-md5: h9w/yaQKmw6P18BRmsJPVA==
last-modified: Tue, 29 Nov 2022 13:35:56 GMT
etag: "0x8DAD20EA4DF7B00"
x-ms-request-id: 2a37beda-301e-0078-10f7-03b1fa000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 516101
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 791a64a7481db503-OSL
X-Firefox-Spdy: h2
assets.adobedtm.com/2ba9756ce24e85b6613a5e44df81f3a5de8f7320/satelliteLib-81fa49b12f4903c5e2b79397db5965ace0d8bfac.js
2.18.172.233200 OK 44 kB URL HTTP/2 assets.adobedtm.com/2ba9756ce24e85b6613a5e44df81f3a5de8f7320/satelliteLib-81fa49b12f4903c5e2b79397db5965ace0d8bfac.js
IP 2.18.172.233:0
File type exported SGML document, ASCII text, with very long lines (32764)
Hash 57198fa839fd954656487c5a3bef02a7
060e710714194b067e8a17554de1f056f3c5fa64
0144349d38a845bda08cbc2654f89da13986be57ce76fa7f49488907aa392edd
GET /2ba9756ce24e85b6613a5e44df81f3a5de8f7320/satelliteLib-81fa49b12f4903c5e2b79397db5965ace0d8bfac.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.mariacasino.nu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "bf8d7656a2457e257e3cf75a01e6a4b7:1554112914"
last-modified: Mon, 01 Apr 2019 10:01:54 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
content-length: 43737
cache-control: max-age=3600
expires: Mon, 30 Jan 2023 14:00:54 GMT
date: Mon, 30 Jan 2023 13:00:54 GMT
access-control-allow-origin: https://welcome.mariacasino.nu
timing-allow-origin: *
X-Firefox-Spdy: h2
a1s-cdn.unibet.com/unibet/bannerflow/scripts/master_tag.js
85.184.96.5200 OK 956 B URL HTTP/2 a1s-cdn.unibet.com/unibet/bannerflow/scripts/master_tag.js
IP 85.184.96.5:0
ASN #47171 Unibet Services Limited
Hash fd48e87ecd4d06d9c5df490b91dc813e
a65a437db44444634e4f41732c590c1d14433b3f
2f786ae3f4577ed970f60aa7a9edf726300a740fdb360a8364db7ff4b7ca8e47
GET /unibet/bannerflow/scripts/master_tag.js HTTP/1.1
Host: a1s-cdn.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.mariacasino.nu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 13:00:54 GMT
content-type: application/javascript
content-length: 956
last-modified: Mon, 25 Apr 2022 12:19:34 GMT
etag: "3bc-5dd7996cc0ce1"
cache-control: max-age=1800, public, must-revalidate
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
set-cookie: clientId=polopoly_desktop; Domain=a1s-cdn.unibet.com; Path=/; SameSite=None; Secure
accept-ranges: bytes
X-Firefox-Spdy: h2
topiku.my.id/ads/728.js
172.67.165.3200 OK 205 B IP 172.67.165.3:0
Hash a85f52089ab066912c299b7fa769bfdc
281fe73ceeebe4b45621087bbef1dc750c4d0567
cf97a18637c8fa932feca8ab071c153eec913093e0c5659a54807d3a4f657ae1
GET /ads/728.js HTTP/1.1
Host: topiku.my.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thespecialreports.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 13:00:49 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sun, 08 Jan 2023 05:31:13 GMT
access-control-allow-origin: *
etag: W/"63ba5521-14c"
expires: Mon, 30 Jan 2023 13:10:49 GMT
cache-control: max-age=14400
x-proxy-cache: MISS
x-github-request-id: 5AE8:5B4F:138D8CD:1A7540D:63D7BF81
via: 1.1 varnish
x-served-by: cache-bma1670-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1675083650.804177,VS0,VE102
vary: Accept-Encoding
x-fastly-request-id: b1c2bf1c799d5320d9e096180f297a906bdc076c
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lMBVJbnozBAbpRLepZ%2FE0gkFoPNbT%2Baj2nlwsNWZzM0s9ZKSA%2BokF234uztWMfidmM9XcpETWPPbda7EkibcO4G95qSpiVUCyvRcnutFwCJBjaKszXElyxfI%2FGugKos%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 791a648b393ab4ed-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 75bf326700e29b1b06e57fb96ee2b064
4f979f28905b65637a058cd44be6c25bb51a42e4
385f7a9c4112c4d674264d02229719e7f82e7039e681db8aaa6685ebab2be0c1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 13:00:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js
142.250.74.42200 OK 30 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js
IP 142.250.74.42:0
File type ASCII text, with very long lines (32030)
Hash 04ba0252a9f264db106d4eaab8df4ccb
cf52d9b3df7839c5c64fbf33aafeced74b3db750
397852429e768ffbd12a78ce4b94f14e3ab4afabf84acb07c0bb5b7798e6e0b2
GET /ajax/libs/jquery/3.1.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.mariacasino.nu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30244
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 29 Jan 2023 17:06:02 GMT
expires: Mon, 29 Jan 2024 17:06:02 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
age: 71692
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Source+Sans+Pro:400,700,700italic,400italic
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Source+Sans+Pro:400,700,700italic,400italic
IP 142.250.74.106:0
GET /css?family=Source+Sans+Pro:400,700,700italic,400italic HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thespecialreports.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 30 Jan 2023 13:00:47 GMT
date: Mon, 30 Jan 2023 13:00:47 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto:300,400,500,700,900
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto:300,400,500,700,900
IP 142.250.74.106:0
GET /css?family=Roboto:300,400,500,700,900 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.mariacasino.nu/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 30 Jan 2023 13:00:54 GMT
date: Mon, 30 Jan 2023 13:00:54 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
topiku.my.id/ads/600.js
172.67.165.3200 OK 0 B IP 172.67.165.3:0
GET /ads/600.js HTTP/1.1
Host: topiku.my.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thespecialreports.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 13:00:49 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sun, 08 Jan 2023 05:31:13 GMT
access-control-allow-origin: *
etag: W/"63ba5521-14d"
expires: Mon, 30 Jan 2023 13:10:49 GMT
cache-control: max-age=14400
x-proxy-cache: MISS
x-github-request-id: 6CEC:152F:151A78B:1C039F9:63D7BF81
via: 1.1 varnish
x-served-by: cache-bma1644-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1675083650.806896,VS0,VE104
vary: Accept-Encoding
x-fastly-request-id: e270f95ed6b592ded3acbcf568180234cc49e85d
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tt2ZDiFtt6VCWYV4hH9h%2FUQw8mkRqEcklfA2kuxS1p%2F2rdZWwdHX4SADWKKgnB95pjHR%2B%2F0cOtG3nXXYrGI5WLitJr08H761ghucH4yerxPZzxaPsCPFgviyKAyPLKw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 791a648b393fb4ed-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css
104.18.11.207200 OK 0 B URL HTTP/2 maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css
IP 104.18.11.207:0
GET /font-awesome/4.5.0/css/font-awesome.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thespecialreports.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 13:00:47 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
cdn-edgestorageid: 565, 617, 617
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
cdn-cachedat: 2021-06-08 19:04:20
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cache-control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
cdn-requestid: e9a84d03a1f7c6aa17012c712a6e5dd5
cdn-status: 200
cdn-cache: HIT
cf-cache-status: HIT
age: 20527895
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 791a647c1cb7b4eb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
topiku.my.id/ads/directpop.js
172.67.165.3200 OK 0 B URL HTTP/2 topiku.my.id/ads/directpop.js
IP 172.67.165.3:0
GET /ads/directpop.js HTTP/1.1
Host: topiku.my.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thespecialreports.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 13:00:49 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sun, 08 Jan 2023 05:31:13 GMT
access-control-allow-origin: *
etag: W/"63ba5521-137"
expires: Mon, 30 Jan 2023 12:03:40 GMT
cache-control: max-age=14400
x-proxy-cache: MISS
x-github-request-id: 0E1C:0ADF:4DE846:7234E0:63D7AFC4
via: 1.1 varnish
x-served-by: cache-bma1627-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1675083650.809394,VS0,VE93
vary: Accept-Encoding
x-fastly-request-id: f667869056917049870f684ccf65a3302573380d
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GbbAlnUaBQPPY8SVs7XpWzy6RomSQ4RpsBmUi2bStzIFX0%2F9gQguWyHOeIPNrXfZjf5vximU0h%2FggScKKjJ%2BatAC6FGmLlyEFfh%2BIYLUPtLRTqEYLnri2GZkdghX9Y4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 791a648b3946b4ed-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
welcome.mariacasino.nu/no/pop/casino/2022/index.html?mktid=1:81750185:74340067-37953&btag=81750185_35C0AABF756A4E6AA4FA8DE4DF133640&bid=37953&campaignId=2397257&pid=74340067
104.18.25.188200 OK 0 B URL HTTP/2 welcome.mariacasino.nu/no/pop/casino/2022/index.html?mktid=1:81750185:74340067-37953&btag=81750185_35C0AABF756A4E6AA4FA8DE4DF133640&bid=37953&campaignId=2397257&pid=74340067
IP 104.18.25.188:0
GET /no/pop/casino/2022/index.html?mktid=1:81750185:74340067-37953&btag=81750185_35C0AABF756A4E6AA4FA8DE4DF133640&bid=37953&campaignId=2397257&pid=74340067 HTTP/1.1
Host: welcome.mariacasino.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ucbt=node0bhyh3iayzuewzsx7x8krmf1m1; uniattr=ST.0.T; uniattr_ref=; campaignId=2397257; framework.forceBigLandingArea=; affiliateId=1; B-TAG=81750185_35C0AABF756A4E6AA4FA8DE4DF133640; BID=37953; PID=74340067; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.mariacasino.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2397257%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fcasino%2F2022%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.mariacasino.nu%26btag%3D81750185_35C0AABF756A4E6AA4FA8DE4DF133640%26sref%3DADC%26ADC%3D1506755-640691165-0_Adsterra%26affiliateId%3D1%26pid%3D74340067%26bid%3D37953; AFFILIATE_CAMPAIGN_ID=2397257
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 13:00:54 GMT
content-type: text/html; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: L2akXslp2trAwResQfYe7w==
last-modified: Tue, 29 Nov 2022 13:35:55 GMT
x-ms-request-id: 1017229b-601e-0028-04aa-3473aa000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: MISS
vary: Accept-Encoding
set-cookie: btag=81750185_35C0AABF756A4E6AA4FA8DE4DF133640;max-age=2592000; domain=.mariacasino.nu;path=/;secure;samesite=none;httponly
server: cloudflare
cf-ray: 791a64a4dc30b503-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.mariacasino.nu/no/pop/casino/2022/styles.css
104.18.25.188200 OK 0 B URL HTTP/2 welcome.mariacasino.nu/no/pop/casino/2022/styles.css
IP 104.18.25.188:0
GET /no/pop/casino/2022/styles.css HTTP/1.1
Host: welcome.mariacasino.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.mariacasino.nu/no/pop/casino/2022/index.html?mktid=1:81750185:74340067-37953&btag=81750185_35C0AABF756A4E6AA4FA8DE4DF133640&bid=37953&campaignId=2397257&pid=74340067
Cookie: __ucbt=node0bhyh3iayzuewzsx7x8krmf1m1; uniattr=ST.0.T; uniattr_ref=; campaignId=2397257; framework.forceBigLandingArea=; affiliateId=1; B-TAG=81750185_35C0AABF756A4E6AA4FA8DE4DF133640; BID=37953; PID=74340067; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.mariacasino.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2397257%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fcasino%2F2022%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.mariacasino.nu%26btag%3D81750185_35C0AABF756A4E6AA4FA8DE4DF133640%26sref%3DADC%26ADC%3D1506755-640691165-0_Adsterra%26affiliateId%3D1%26pid%3D74340067%26bid%3D37953; AFFILIATE_CAMPAIGN_ID=2397257; btag=81750185_35C0AABF756A4E6AA4FA8DE4DF133640
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 13:00:54 GMT
content-type: text/css; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: nHGY+uZf3VZaIBaHkSPKCQ==
last-modified: Tue, 29 Nov 2022 13:35:55 GMT
etag: W/"0x8DAD20EA45DDAAB"
x-ms-request-id: 4ad10bc9-001e-002e-3ef7-034015000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 516103
vary: Accept-Encoding
server: cloudflare
cf-ray: 791a64a73feab503-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.mariacasino.nu/no/pop/casino/2022/main.js
104.18.25.188200 OK 0 B URL HTTP/2 welcome.mariacasino.nu/no/pop/casino/2022/main.js
IP 104.18.25.188:0
GET /no/pop/casino/2022/main.js HTTP/1.1
Host: welcome.mariacasino.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.mariacasino.nu/no/pop/casino/2022/index.html?mktid=1:81750185:74340067-37953&btag=81750185_35C0AABF756A4E6AA4FA8DE4DF133640&bid=37953&campaignId=2397257&pid=74340067
Cookie: __ucbt=node0bhyh3iayzuewzsx7x8krmf1m1; uniattr=ST.0.T; uniattr_ref=; campaignId=2397257; framework.forceBigLandingArea=; affiliateId=1; B-TAG=81750185_35C0AABF756A4E6AA4FA8DE4DF133640; BID=37953; PID=74340067; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.mariacasino.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2397257%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fcasino%2F2022%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.mariacasino.nu%26btag%3D81750185_35C0AABF756A4E6AA4FA8DE4DF133640%26sref%3DADC%26ADC%3D1506755-640691165-0_Adsterra%26affiliateId%3D1%26pid%3D74340067%26bid%3D37953; AFFILIATE_CAMPAIGN_ID=2397257; btag=81750185_35C0AABF756A4E6AA4FA8DE4DF133640
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 13:00:54 GMT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=900, immutable
content-md5: HUKMSjGdEVR6I7ylcruk3g==
last-modified: Tue, 29 Nov 2022 13:35:56 GMT
etag: W/"0x8DAD20EA4F7BA6F"
x-ms-request-id: 5a127d26-401e-0062-37f7-03d025000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 377598
vary: Accept-Encoding
server: cloudflare
cf-ray: 791a64a73ffab503-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.mariacasino.nu/custom.js
104.18.25.188200 OK 0 B URL HTTP/2 welcome.mariacasino.nu/custom.js
IP 104.18.25.188:0
GET /custom.js HTTP/1.1
Host: welcome.mariacasino.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.mariacasino.nu/no/pop/casino/2022/index.html?mktid=1:81750185:74340067-37953&btag=81750185_35C0AABF756A4E6AA4FA8DE4DF133640&bid=37953&campaignId=2397257&pid=74340067
Cookie: __ucbt=node0bhyh3iayzuewzsx7x8krmf1m1; uniattr=ST.0.T; uniattr_ref=; campaignId=2397257; framework.forceBigLandingArea=; affiliateId=1; B-TAG=81750185_35C0AABF756A4E6AA4FA8DE4DF133640; BID=37953; PID=74340067; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.mariacasino.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2397257%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fcasino%2F2022%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.mariacasino.nu%26btag%3D81750185_35C0AABF756A4E6AA4FA8DE4DF133640%26sref%3DADC%26ADC%3D1506755-640691165-0_Adsterra%26affiliateId%3D1%26pid%3D74340067%26bid%3D37953; AFFILIATE_CAMPAIGN_ID=2397257; btag=81750185_35C0AABF756A4E6AA4FA8DE4DF133640
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 13:00:54 GMT
content-type: application/javascript
content-md5: AaOIILzruhXFCZo/dsUAMw==
last-modified: Tue, 31 May 2022 08:03:43 GMT
etag: W/"0x8DA42DC14A64A3D"
x-ms-request-id: 56b93167-801e-0020-39f6-0369a5000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 516719
vary: Accept-Encoding
server: cloudflare
cf-ray: 791a64a7480fb503-OSL
content-encoding: br
X-Firefox-Spdy: h2
welcome.mariacasino.nu/no/pop/casino/2022/maria-logo.svg
104.18.25.188200 OK 0 B URL HTTP/2 welcome.mariacasino.nu/no/pop/casino/2022/maria-logo.svg
IP 104.18.25.188:0
GET /no/pop/casino/2022/maria-logo.svg HTTP/1.1
Host: welcome.mariacasino.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://welcome.mariacasino.nu/no/pop/casino/2022/index.html?mktid=1:81750185:74340067-37953&btag=81750185_35C0AABF756A4E6AA4FA8DE4DF133640&bid=37953&campaignId=2397257&pid=74340067
Cookie: __ucbt=node0bhyh3iayzuewzsx7x8krmf1m1; uniattr=ST.0.T; uniattr_ref=; campaignId=2397257; framework.forceBigLandingArea=; affiliateId=1; B-TAG=81750185_35C0AABF756A4E6AA4FA8DE4DF133640; BID=37953; PID=74340067; AFFILIATE_REQUEST_URL=https%3A%2F%2Fwww.mariacasino.nu%2Fstan%2Fcampaign.do%3FcmpId%3D2397257%26affiliateId%3D1%26unibetTarget%3D%2Fno%2Fpop%2Fcasino%2F2022%2Findex.html%26targetDomain%3Dhttps%3A%2F%2Fwelcome.mariacasino.nu%26btag%3D81750185_35C0AABF756A4E6AA4FA8DE4DF133640%26sref%3DADC%26ADC%3D1506755-640691165-0_Adsterra%26affiliateId%3D1%26pid%3D74340067%26bid%3D37953; AFFILIATE_CAMPAIGN_ID=2397257; btag=81750185_35C0AABF756A4E6AA4FA8DE4DF133640
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 13:00:54 GMT
content-type: image/svg+xml
cache-control: public, max-age=900, immutable
content-md5: A/evXSZJMSEi63VEXU58wA==
last-modified: Tue, 29 Nov 2022 13:35:55 GMT
etag: W/"0x8DAD20EA476B63E"
x-ms-request-id: 5a1280b9-401e-0062-10f7-03d025000000
x-ms-version: 2014-02-14
x-ms-lease-status: unlocked
x-ms-lease-state: available
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cf-cache-status: HIT
age: 516102
vary: Accept-Encoding
server: cloudflare
cf-ray: 791a64a74812b503-OSL
content-encoding: br
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Poppins:400,700,600,500,300
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Poppins:400,700,600,500,300
IP 142.250.74.106:0
GET /css?family=Poppins:400,700,600,500,300 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thespecialreports.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 30 Jan 2023 13:00:47 GMT
date: Mon, 30 Jan 2023 13:00:47 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
topiku.my.id/ads/250.js
172.67.165.3200 OK 0 B IP 172.67.165.3:0
GET /ads/250.js HTTP/1.1
Host: topiku.my.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thespecialreports.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 13:00:49 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sun, 08 Jan 2023 05:31:13 GMT
access-control-allow-origin: *
etag: W/"63ba5521-14d"
expires: Mon, 30 Jan 2023 13:10:49 GMT
cache-control: max-age=14400
x-proxy-cache: MISS
x-github-request-id: 540E:3723:A6BAE8:E85FEA:63D7BF81
via: 1.1 varnish
x-served-by: cache-bma1656-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1675083650.803815,VS0,VE106
vary: Accept-Encoding
x-fastly-request-id: b731b3371a0fd0d4f9d5101c207fba5d25f4a6f9
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BqYVKSHYh2qrvNwB2HttJZUsByWh4b1a3%2BqJvjXoHiDmmxzIgb9k5RQPUzlS8Cfk73ADd%2FY1KyfbXh%2BfPXheTqGy2sTpzhh%2FTnzLdGlCeDVc4yUhjt1EAVKeMcjgwGs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 791a648b3935b4ed-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2