astridberges-frisbey.blogspot.fr/2011/05/2003-volkswagen-beetle-interior.html
302 Moved Temporarily 221 B URL HTTP/1.1 astridberges-frisbey.blogspot.fr/2011/05/2003-volkswagen-beetle-interior.html
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash b9c9586b008f5cf4ff7dae7405d993d0
17c22a50584b0f566f98b51c235ef327d70d8b7e
a7ad9099b18fc2a379809c4c6e080ff323d833c63ecdcf3dbd19b2475f038c2e
GET /2011/05/2003-volkswagen-beetle-interior.html HTTP/1.1
Host: astridberges-frisbey.blogspot.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Moved Temporarily
Location: http://astridberges-frisbey.blogspot.com/2011/05/2003-volkswagen-beetle-interior.html
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Tue, 06 Dec 2022 18:03:38 GMT
Expires: Tue, 06 Dec 2022 18:03:38 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 221
Server: GSE
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 5ceaca9fd4ad000cb435820812fc69c8
8168397aaf7b572c89a9c83f46c0b65e4ac509f2
9c4e52e7e17158307d752db0bc3d1fbedae4f305cc301fd73b260f73ab796492
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9C4E52E7E17158307D752DB0BC3D1FBEDAE4F305CC301FD73B260F73AB796492"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10375
Expires: Tue, 06 Dec 2022 20:56:33 GMT
Date: Tue, 06 Dec 2022 18:03:38 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 471 B IP
Hash f83c5e33ba42e312ee398848bbb711f5
caa1fd23b1fbbe883292ded04404c1cfd861eb09
106d08fba45f1e13f85b4b5abc456594878494238933e54b6a06e21ed8a52bc9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 100
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 18:03:38 GMT
Last-Modified: Tue, 06 Dec 2022 18:01:58 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash a0abf10fb7e96c1c98dacf2f013a68b4
acdd839bce85eadc78a8e821e32e00a958d5c0c8
b85d98f8df05431777d96c767ce4c152302ec3f653cdf6e61c8c3fa9574f3255
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B85D98F8DF05431777D96C767CE4C152302EC3F653CDF6E61C8C3FA9574F3255"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3598
Expires: Tue, 06 Dec 2022 19:03:36 GMT
Date: Tue, 06 Dec 2022 18:03:38 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 06 Dec 2022 17:20:25 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2593
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: JE8b3A71CR2X64CN2I3Ck+GRkBhmoGrP15qM3uSkjEpZosclPm31/o/EjP/i2pw8XecFXi5IKfmEg8LeduWKUw==
x-amz-request-id: PBDY0HV7YDR6DNM3
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 06 Dec 2022 17:49:02 GMT
age: 876
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 18:03:38 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
astridberges-frisbey.blogspot.com/2011/05/2003-volkswagen-beetle-interior.html
200 OK 20 kB URL HTTP/1.1 astridberges-frisbey.blogspot.com/2011/05/2003-volkswagen-beetle-interior.html
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (22667)
Hash 55b01f3e39c987a26d231eb9bba7244d
d8bbef44da660d9eee6eb19266ac0600ed877051
a896944597f7f1ec73e1480db43dace23cfc47803aedd1270ba52ae9cfb779ce
GET /2011/05/2003-volkswagen-beetle-interior.html HTTP/1.1
Host: astridberges-frisbey.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Expires: Tue, 06 Dec 2022 18:03:39 GMT
Date: Tue, 06 Dec 2022 18:03:39 GMT
Cache-Control: private, max-age=0
Last-Modified: Wed, 01 Dec 2021 13:42:40 GMT
ETag: W/"5b9c0f573cd11fbf45f5caef285e787224f97121d42663ccc7140943fadd4cd7"
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 19950
Server: GSE
astridberges-frisbey.blogspot.com/js/cookienotice.js
200 OK 2.0 kB URL HTTP/1.1 astridberges-frisbey.blogspot.com/js/cookienotice.js
IP
Hash c4e1ed83d89245089b8a1203be20a377
f3940e1215b89300ef97d57a25993f25243b8688
afa801a129ff6fc98533118275db8a7d4a38fc91f8ab55ed4c19b864255e68d2
GET /js/cookienotice.js HTTP/1.1
Host: astridberges-frisbey.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://astridberges-frisbey.blogspot.com/2011/05/2003-volkswagen-beetle-interior.html
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 2026
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 29 Nov 2022 18:29:34 GMT
Expires: Tue, 06 Dec 2022 18:29:34 GMT
Cache-Control: public, max-age=604800
Last-Modified: Tue, 29 Nov 2022 16:53:51 GMT
Content-Type: text/javascript
Age: 603245
scripts.chitika.net/eminimalls/amm.js
301 Moved Permanently 167 B URL HTTP/1.1 scripts.chitika.net/eminimalls/amm.js
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash f5d40b7259645010f9a248858ad14178
b3051d17a6ec8c9e166bf09a62b48261ab86957b
7f5007068d2b56ea9735e2490d60cff2e72cae312024ac1f6c91158eba47d05d
GET /eminimalls/amm.js HTTP/1.1
Host: scripts.chitika.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://astridberges-frisbey.blogspot.com/
HTTP/1.1 301 Moved Permanently
Server: CloudFront
Date: Tue, 06 Dec 2022 18:03:39 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Location: https://scripts.chitika.net/eminimalls/amm.js
X-Cache: Redirect from cloudfront
Via: 1.1 80d21802b1b80c40e55ccf83433b8eac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: gNE551JXuwd1P47NfrNPK0hAFdx1shk-zhcUlq3JRWOsY-z2dW8SBg==
ymads.com/banner.php?ad=t1rdrm&u=ahk845&w=728&h=90
301 Moved Permanently 178 B URL HTTP/1.1 ymads.com/banner.php?ad=t1rdrm&u=ahk845&w=728&h=90
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash bd2695f4b079c71dbddde3436286fb9c
733c05da132193d6cf1d8e242d12e2525c03bab4
2e04a18ff185ba5b16f762a0538339bc4049aceaef9738edd43af77d2ceb788b
GET /banner.php?ad=t1rdrm&u=ahk845&w=728&h=90 HTTP/1.1
Host: ymads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://astridberges-frisbey.blogspot.com/
HTTP/1.1 301 Moved Permanently
Date: Tue, 06 Dec 2022 18:03:39 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Set-Cookie: AWSALB=LFhAMRzxfLc//vDOicWE/MsR/0XSPCfZAreEkzwAE7yUColzhRx+jAAWMnzHcq64OHiUQJWS9cGn/SG40o7adTQGtnATMt3Lofjvy1GI6O2ohxhOhyBAoOjJMQt4; Expires=Tue, 13 Dec 2022 18:03:39 GMT; Path=/
AWSALBCORS=LFhAMRzxfLc//vDOicWE/MsR/0XSPCfZAreEkzwAE7yUColzhRx+jAAWMnzHcq64OHiUQJWS9cGn/SG40o7adTQGtnATMt3Lofjvy1GI6O2ohxhOhyBAoOjJMQt4; Expires=Tue, 13 Dec 2022 18:03:39 GMT; Path=/; SameSite=None
Server: nginx/1.18.0 (Ubuntu)
Location: https://www.domainmarket.com/buynow/ymads.com
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 4759d6ca26cf8a070066d71b02fac91d
85695e27b097c8d40ea86439854084fc0b3967d3
d20b9793d654c41c562be52e3d5f3840f7bec0db031bda79a42c93959ff88a63
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 18:03:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash d9eb2870e59b2313c46529a862dd2abc
710d2370fd65b0bb34d0c633497f4494258a94e4
3c5603cc9fc783be2538c54616e719e129e59c2cd9f9769f52adf3ebc933bfce
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 18:03:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash d9eb2870e59b2313c46529a862dd2abc
710d2370fd65b0bb34d0c633497f4494258a94e4
3c5603cc9fc783be2538c54616e719e129e59c2cd9f9769f52adf3ebc933bfce
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 18:03:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash d9eb2870e59b2313c46529a862dd2abc
710d2370fd65b0bb34d0c633497f4494258a94e4
3c5603cc9fc783be2538c54616e719e129e59c2cd9f9769f52adf3ebc933bfce
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 18:03:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
200 OK 471 B IP
Hash 0f7dcaa590e32cfd1c075255188d5f06
d4bb4954fefdb3b59560b54adf500e806e252e39
195795c2511b31519134f5eb4442d8708918ecaff72f8e821a5473ad7c97c448
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 83
Cache-Control: max-age=140674
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 18:03:39 GMT
Etag: "638f062a-1d7"
Expires: Thu, 08 Dec 2022 09:08:13 GMT
Last-Modified: Tue, 06 Dec 2022 09:06:50 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471
www.blogger.com/static/v1/widgets/55013136-widget_css_bundle.css
200 OK 6.6 kB URL HTTP/2 www.blogger.com/static/v1/widgets/55013136-widget_css_bundle.css
IP
File type ASCII text, with very long lines (30596)
Hash 6f46e6f68353c7911fe34f31faa1518f
ea4dbfa2f87c18e9c51c59a32dfa9afb9c2c3472
0be7e26374fcff6f423b88e5f2a05d1cfdcb56abb4a78fa125e391989782ae0f
GET /static/v1/widgets/55013136-widget_css_bundle.css HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://astridberges-frisbey.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 6620
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Dec 2022 14:01:43 GMT
expires: Wed, 06 Dec 2023 14:01:43 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 05 Dec 2022 19:52:21 GMT
content-type: text/css
age: 14516
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.blogger.com/static/v1/jsbin/3469866930-comment_from_post_iframe.js
200 OK 6.6 kB URL HTTP/2 www.blogger.com/static/v1/jsbin/3469866930-comment_from_post_iframe.js
IP
File type ASCII text, with very long lines (1441)
Hash f60e5037324bf7fd2256c16929886f09
aae4b1aea3737e0268e3578dd1d0e7cfe6c6d66b
71846da8d45274b77549b110389ab3dbcb8ce042051b5c39547909c1c343dfde
GET /static/v1/jsbin/3469866930-comment_from_post_iframe.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://astridberges-frisbey.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 6573
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Dec 2022 13:44:05 GMT
expires: Wed, 06 Dec 2023 13:44:05 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 06 Dec 2022 04:51:45 GMT
content-type: text/javascript
age: 15574
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 06 Dec 2022 17:11:20 GMT
cache-control: public,max-age=3600
age: 3139
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
apis.google.com/js/platform.js
200 OK 21 kB URL HTTP/2 apis.google.com/js/platform.js
IP
File type ASCII text, with very long lines (1279)
Hash 7ac44ef24e267df17ff72f195b252806
62db12d9ce11a576ccd7fa3544d851c5fd42f3b7
aae7897e7b55999c1b3166309381d19ac488dced51e14071339d8b193a686a61
GET /js/platform.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://astridberges-frisbey.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 20984
date: Tue, 06 Dec 2022 18:03:39 GMT
expires: Tue, 06 Dec 2022 18:03:39 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "7446758f13887885"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.blogger.com/static/v1/widgets/2342155703-widgets.js
200 OK 157 kB URL HTTP/2 www.blogger.com/static/v1/widgets/2342155703-widgets.js
IP
File type ASCII text, with very long lines (2221)
Size 157 kB (156915 bytes)
Hash 64d62574443f9d2148012af05abf60ac
16fc9b9b71eb94dbfdc15da12e9b3f21dfe1636e
c752966435826f865df5163012e3066bd9f0339b1959098323533be261741246
GET /static/v1/widgets/2342155703-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://astridberges-frisbey.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 156915
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Dec 2022 05:43:30 GMT
expires: Wed, 06 Dec 2023 05:43:30 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 05 Dec 2022 08:51:54 GMT
content-type: text/javascript
age: 44409
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
newbeetle.org/forums/attachments/questions-issues-concerns-problems-new-beetle/60022d1249185019-volkswagen-new-beetle-1-8-turbo-gls-barbie_nb_interior_large.jpg
301 Moved Permanently 0 B URL HTTP/1.1 newbeetle.org/forums/attachments/questions-issues-concerns-problems-new-beetle/60022d1249185019-volkswagen-new-beetle-1-8-turbo-gls-barbie_nb_interior_large.jpg
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /forums/attachments/questions-issues-concerns-problems-new-beetle/60022d1249185019-volkswagen-new-beetle-1-8-turbo-gls-barbie_nb_interior_large.jpg HTTP/1.1
Host: newbeetle.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://astridberges-frisbey.blogspot.com/
HTTP/1.1 301 Moved Permanently
Date: Tue, 06 Dec 2022 18:03:39 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Tue, 06 Dec 2022 19:03:39 GMT
Location: https://newbeetle.org/forums/attachments/questions-issues-concerns-problems-new-beetle/60022d1249185019-volkswagen-new-beetle-1-8-turbo-gls-barbie_nb_interior_large.jpg
Set-Cookie: __cf_bm=drlQa97ZCr79klrqcCqZ2L0fu5emp3pjykgTGP3Qzos-1670349819-0-AYtmjJegNb0H4bcfUaeTdx3fzsEmxmHtJJgTR6/FoBMsm91FMXRMIal7SsIhkuvsx6A404S+xACJ5PPdcMVwuW8AS4OZK80Wgf4BRv7PG187; path=/; expires=Tue, 06-Dec-22 18:33:39 GMT; domain=.newbeetle.org; HttpOnly; SameSite=None
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7756f0862f1c0b3d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
resources.blogblog.com/img/icon18_edit_allbkg.gif
200 OK 162 B URL HTTP/2 resources.blogblog.com/img/icon18_edit_allbkg.gif
IP
File type GIF image data, version 89a, 18 x 18\012- data
Hash c991641178ff05adf0d004298b5eafa9
d8f6ce8ecd92b86d49849360f6b81ceb10b4c941
ca9848e6006cfec8f9ffa29433ade8152204bdb95579200831c6dc0f53dff70b
GET /img/icon18_edit_allbkg.gif HTTP/1.1
Host: resources.blogblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://astridberges-frisbey.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 162
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Dec 2022 14:19:02 GMT
expires: Tue, 13 Dec 2022 14:19:02 GMT
cache-control: public, max-age=604800
last-modified: Tue, 06 Dec 2022 07:54:23 GMT
content-type: image/gif
age: 13477
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 61c0347ac6c6386f747fc196ac5776f9
a914caf7f569c5a2d8bc770725e0b8040130a80f
28c9913abd7f9e0af35e6cf872543e442d5aaf492397c565f16569926e25c91a
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=108788
Date: Tue, 06 Dec 2022 18:03:39 GMT
Etag: "638e81e8-1d7"
Expires: Thu, 08 Dec 2022 00:16:47 GMT
Last-Modified: Mon, 05 Dec 2022 23:42:32 GMT
Server: ECS (dcb/7F37)
X-Cache: Miss from cloudfront
Via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: mJ1REcmQDXExE3IqJwyLMUWFz59mGdHXlw6QLiz47Ewoq0aTp7k49Q==
Age: 2055
ad.ad-u.com/ad.php
302 Found 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ad.php HTTP/1.1
Host: ad.ad-u.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://astridberges-frisbey.blogspot.com/
HTTP/1.1 302 Found
content-length: 0
date: Tue, 06 Dec 2022 18:03:39 GMT
location: https://www.hugedomains.com/domain_profile.cfm?d=ad-u.com
imganuncios.mitula.net/2003_volkswagen_new_beetle_gls_2_0l_glendale_heights_il_93319248746806567.jpg
301 Moved Permanently 167 B URL HTTP/1.1 imganuncios.mitula.net/2003_volkswagen_new_beetle_gls_2_0l_glendale_heights_il_93319248746806567.jpg
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash f5d40b7259645010f9a248858ad14178
b3051d17a6ec8c9e166bf09a62b48261ab86957b
7f5007068d2b56ea9735e2490d60cff2e72cae312024ac1f6c91158eba47d05d
GET /2003_volkswagen_new_beetle_gls_2_0l_glendale_heights_il_93319248746806567.jpg HTTP/1.1
Host: imganuncios.mitula.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://astridberges-frisbey.blogspot.com/
HTTP/1.1 301 Moved Permanently
Server: CloudFront
Date: Tue, 06 Dec 2022 18:03:39 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Location: https://imganuncios.mitula.net/2003_volkswagen_new_beetle_gls_2_0l_glendale_heights_il_93319248746806567.jpg
X-Cache: Redirect from cloudfront
Via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Yif9_pqMNh757sYiy336sd9kzdSxfweC6aSM9Ho7tcm1NHOpbCijiA==
imganuncios.mitula.net/used_2003_volkswagen_beetle_for_sale_92696529107651905.jpg
301 Moved Permanently 167 B URL HTTP/1.1 imganuncios.mitula.net/used_2003_volkswagen_beetle_for_sale_92696529107651905.jpg
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash f5d40b7259645010f9a248858ad14178
b3051d17a6ec8c9e166bf09a62b48261ab86957b
7f5007068d2b56ea9735e2490d60cff2e72cae312024ac1f6c91158eba47d05d
GET /used_2003_volkswagen_beetle_for_sale_92696529107651905.jpg HTTP/1.1
Host: imganuncios.mitula.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://astridberges-frisbey.blogspot.com/
HTTP/1.1 301 Moved Permanently
Server: CloudFront
Date: Tue, 06 Dec 2022 18:03:39 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Location: https://imganuncios.mitula.net/used_2003_volkswagen_beetle_for_sale_92696529107651905.jpg
X-Cache: Redirect from cloudfront
Via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 4PTJ_3GKB_THL6rzagvzmZEZgT6MvIraxwR_49gB13gvM214wFTu7g==
imganuncios.mitula.net/used_2003_volkswagen_beetle_for_sale_93277417196951572.jpg
301 Moved Permanently 167 B URL HTTP/1.1 imganuncios.mitula.net/used_2003_volkswagen_beetle_for_sale_93277417196951572.jpg
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash f5d40b7259645010f9a248858ad14178
b3051d17a6ec8c9e166bf09a62b48261ab86957b
7f5007068d2b56ea9735e2490d60cff2e72cae312024ac1f6c91158eba47d05d
GET /used_2003_volkswagen_beetle_for_sale_93277417196951572.jpg HTTP/1.1
Host: imganuncios.mitula.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://astridberges-frisbey.blogspot.com/
HTTP/1.1 301 Moved Permanently
Server: CloudFront
Date: Tue, 06 Dec 2022 18:03:39 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Location: https://imganuncios.mitula.net/used_2003_volkswagen_beetle_for_sale_93277417196951572.jpg
X-Cache: Redirect from cloudfront
Via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: tP7zBooxwIe9uM81zUieCgW8o--OQx5SnF5AVf6WFLN6rHih9EpEsA==
images02.olx.com/ui/1/30/65/3872565_1.jpg
302 Moved Temporarily 0 B URL HTTP/1.1 images02.olx.com/ui/1/30/65/3872565_1.jpg
IP
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ui/1/30/65/3872565_1.jpg HTTP/1.1
Host: images02.olx.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://astridberges-frisbey.blogspot.com/
HTTP/1.1 302 Moved Temporarily
Server: AkamaiGHost
Content-Length: 0
Location: http://www.olx.com/ui/1/30/65/3872565_1.jpg
Expires: Tue, 06 Dec 2022 18:03:39 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Tue, 06 Dec 2022 18:03:39 GMT
Connection: keep-alive
scripts.chitika.net/eminimalls/amm.js
200 OK 0 B URL HTTP/2 scripts.chitika.net/eminimalls/amm.js
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /eminimalls/amm.js HTTP/1.1
Host: scripts.chitika.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://astridberges-frisbey.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 0
last-modified: Fri, 19 Apr 2019 16:37:52 GMT
server: AmazonS3
date: Tue, 06 Dec 2022 04:27:01 GMT
etag: "d41d8cd98f00b204e9800998ecf8427e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: LJPhDktVzXYG9lAp4UKzRLIf3DGB68r2rEhVVz5JOHgjgEIwL_kQvw==
age: 48999
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 279 B IP
Hash b6cd5053c328eb841134114906cf63cf
43b05291d2b062b11ab9f8ad663d63cbf81e1e7d
d1c87df5506817068080a268dbb929655734c6c977306aa81c4543e588d1e4c8
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2417
Cache-Control: max-age=171090
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 18:03:39 GMT
Etag: "638f73dc-117"
Expires: Thu, 08 Dec 2022 17:35:09 GMT
Last-Modified: Tue, 06 Dec 2022 16:54:52 GMT
Server: ECS (amb/6BB2)
X-Cache: HIT
Content-Length: 279
static.cargurus.com/images/site/2008/08/06/23/24/2009_volkswagen_beetle-pic-42694.jpeg
301 Moved Permanently 0 B URL HTTP/1.1 static.cargurus.com/images/site/2008/08/06/23/24/2009_volkswagen_beetle-pic-42694.jpeg
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /images/site/2008/08/06/23/24/2009_volkswagen_beetle-pic-42694.jpeg HTTP/1.1
Host: static.cargurus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://astridberges-frisbey.blogspot.com/
HTTP/1.1 301 Moved Permanently
Connection: close
Content-Length: 0
Server: Varnish
Retry-After: 0
Location: https://static.cargurus.com/images/site/2008/08/06/23/24/2009_volkswagen_beetle-pic-42694.jpeg
Accept-Ranges: bytes
Date: Tue, 06 Dec 2022 18:03:39 GMT
Via: 1.1 varnish
X-Served-By: cache-bma1659-BMA
X-Cache: HIT
X-Cache-Hits: 0
X-Timer: S1670349820.944052,VS0,VE0
Access-Control-Allow-Origin: *
www.usedcars.com/imageserver/inventory/500x375/100A13/2769802643.jpg
301 Moved Permanently 0 B URL HTTP/1.1 www.usedcars.com/imageserver/inventory/500x375/100A13/2769802643.jpg
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /imageserver/inventory/500x375/100A13/2769802643.jpg HTTP/1.1
Host: www.usedcars.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://astridberges-frisbey.blogspot.com/
HTTP/1.1 301 Moved Permanently
Location: https://www.usedcars.com/imageserver/inventory/500x375/100A13/2769802643.jpg
X-Azure-Ref: 0+4OPYwAAAAD7xLfuUn7kRJ1q4UzMQMKKU1ZHMjBFREdFMDYxNgBmOTNlMzM4Mi00M2Y5LTQ5MmItODY3My1hOTQ4M2FkYzAwOGU=
Date: Tue, 06 Dec 2022 18:03:39 GMT
Content-Length: 0
www.caranddriver.com/var/ezflow_site/storage/images/news/car/09q4/2010_volkswagen_new_beetle_final_edition_coupe_and_convertible-auto_shows/gallery/2009_volkswagen_new_beetle_interior_photo_50/3073763-1-eng-US/2009_volkswagen_new_beetle_05_cd_gallery.jpg
301 Moved Permanently 0 B URL HTTP/1.1 www.caranddriver.com/var/ezflow_site/storage/images/news/car/09q4/2010_volkswagen_new_beetle_final_edition_coupe_and_convertible-auto_shows/gallery/2009_volkswagen_new_beetle_interior_photo_50/3073763-1-eng-US/2009_volkswagen_new_beetle_05_cd_gallery.jpg
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /var/ezflow_site/storage/images/news/car/09q4/2010_volkswagen_new_beetle_final_edition_coupe_and_convertible-auto_shows/gallery/2009_volkswagen_new_beetle_interior_photo_50/3073763-1-eng-US/2009_volkswagen_new_beetle_05_cd_gallery.jpg HTTP/1.1
Host: www.caranddriver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://astridberges-frisbey.blogspot.com/
HTTP/1.1 301 Moved Permanently
Connection: close
Content-Length: 0
Retry-After: 0
Location: https://www.caranddriver.com/var/ezflow_site/storage/images/news/car/09q4/2010_volkswagen_new_beetle_final_edition_coupe_and_convertible-auto_shows/gallery/2009_volkswagen_new_beetle_interior_photo_50/3073763-1-eng-US/2009_volkswagen_new_beetle_05_cd_gallery.jpg
Accept-Ranges: bytes
Date: Tue, 06 Dec 2022 18:03:39 GMT
X-Cache: HIT
set-cookie: geo_continent_code=EU; path=/
geo_country_code=NO; path=/
geo_postal_code=0168; path=/
location_data={"country_code":"NO","postal_code":"0168"}; path=/;
Strict-Transport-Security: max-age=31557600
geo-city: oslo
geo-continent-code: EU
geo-postal-code: 0168
x-country: NO
Link: <https://googletagservices.com>; rel=preconnect, <https://api.backfires.caranddriver.com>; rel=preconnect, <https://securepubads.g.doubleclick.net>; rel=preconnect, <https://cdn.optimizely.com>; rel=preconnect, <https://adservice.google.com>; rel=preconnect, <https://connect.facebook.net>; rel=preconnect, <https://logx.optimizely.com>; rel=preconnect, <https://www.facebook.com>; rel=preconnect, <https://h.nexac.com>; rel=preconnect, <https://gtrk.s3.amazonaws.com>; rel=preconnect, <https://graph.facebook.com>; rel=preconnect, <https://hips.hearstapps.com>; rel=preconnect, <https://nexus.ensighten.com>; rel=preconnect, <https://www.google-analytics.com>; rel=preconnect, <https://www.googletagmanager.com>; rel=preconnect, <https://stats.g.doubleclick.net>; rel=preconnect, <https://www.google.com>; rel=preconnect, <https://tpc.googlesyndication.com>; rel=preconnect, <https://fonts.googleapis.com>; rel=preconnect, <https://img.vast.com>; rel=preconnect, <https://z.moatads.com>; rel=preconnect
X-Robots-Tag: all
Cache-Control: max-age=0, must-revalidate, private
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.geaHZXF2-fw.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/cb=gapi.loaded_0?le=scs
200 OK 58 kB URL HTTP/2 apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.geaHZXF2-fw.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/cb=gapi.loaded_0?le=scs
IP
File type ASCII text, with very long lines (580)
Hash 813b15c3004464f6bd39fd0773b04757
bd2218fe1e647f61132aad70d29cd91fd0416f26
446c6d83404c0fc4bc1ca6e1c0895f9400309185a534b3f4b6d500e668efeadf
GET /_/scs/abc-static/_/js/k=gapi.lb.en.geaHZXF2-fw.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/cb=gapi.loaded_0?le=scs HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://astridberges-frisbey.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 57794
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Dec 2022 13:44:07 GMT
expires: Wed, 06 Dec 2023 13:44:07 GMT
cache-control: public, max-age=31536000
age: 15572
last-modified: Tue, 01 Nov 2022 15:24:55 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash d9eb2870e59b2313c46529a862dd2abc
710d2370fd65b0bb34d0c633497f4494258a94e4
3c5603cc9fc783be2538c54616e719e129e59c2cd9f9769f52adf3ebc933bfce
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 18:03:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pagead2.googlesyndication.com/pagead/js/google_top_exp.js
200 OK 67 B URL HTTP/1.1 pagead2.googlesyndication.com/pagead/js/google_top_exp.js
IP
Hash 9bbc3ca32ec951a484589ce0e6b4db73
753d6f6183b33b2dee5dde2208fca91c17f5bb13
b8f16a16d2a7ea39a9cc079fdbe3af7d31393d62a853668bdd549e0a0311cb3c
GET /pagead/js/google_top_exp.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://astridberges-frisbey.blogspot.com/
HTTP/1.1 200 OK
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: cafe
Content-Length: 67
X-XSS-Protection: 0
Date: Mon, 05 Dec 2022 19:51:21 GMT
Expires: Mon, 19 Dec 2022 19:51:21 GMT
Cache-Control: public, max-age=1209600
ETag: 13036835877489095579
Content-Type: text/javascript; charset=UTF-8
Age: 79939
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: m9I64lfkzewDChcXJVnz8A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: BaxCiwiIIzRkVdueTRJDWi8X4hY=
www.blogger.com/dyn-css/authorization.css?targetBlogID=6072607690950852570&zx=5411be7a-333a-438a-9da4-297a6c51c362
200 OK 21 B URL HTTP/2 www.blogger.com/dyn-css/authorization.css?targetBlogID=6072607690950852570&zx=5411be7a-333a-438a-9da4-297a6c51c362
IP
File type very short file (no magic)
Hash a62e4d501434033d5d177e67d3aafdd0
34f7300c9ed47334cf10826d57af785321e3138b
b0cabcbfed4b1830ab1956efbd2eec32289a968323cb854a47ef98360ed0f522
GET /dyn-css/authorization.css?targetBlogID=6072607690950852570&zx=5411be7a-333a-438a-9da4-297a6c51c362 HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://astridberges-frisbey.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 06 Dec 2022 18:03:39 GMT
last-modified: Tue, 06 Dec 2022 18:03:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-length: 21
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash ee6bfe50f8e4b9c142f971a55496ac26
8c3fd42aaa7fa3ebdedc4f7b0271b8caae166e64
4582e8e1ada92a279cbc5d82904c7fd27b9d4b95bc06c7a8b3c13168978f0b33
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 18:03:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 90bb89323778506c800709be806f955a
c6ede324ff1978df20cac35618f5c41489854651
889e4adfc448c1e34c9b82229466019dadeebc4573c0d027cf6aca23577fee93
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=127961
Date: Tue, 06 Dec 2022 18:03:40 GMT
Etag: "638ebfc7-1d7"
Expires: Thu, 08 Dec 2022 05:36:21 GMT
Last-Modified: Tue, 06 Dec 2022 04:06:31 GMT
Server: ECS (dcb/7F15)
X-Cache: Miss from cloudfront
Via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: R6DS1axAakfAGHeGtetT3fqzcT5x2ugsM42FPN3x0x7kW3zyGRYZvg==
Age: 5391
www.carid.com/images/Volkswagen/Volkswagen-Beetle-Convertible-2003-dash-kits_cat.jpg
301 Moved Permanently 166 B URL HTTP/1.1 www.carid.com/images/Volkswagen/Volkswagen-Beetle-Convertible-2003-dash-kits_cat.jpg
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 3ea1c8d079b38532a6e01a96216ba5e2
598d3ff91d3e252f1e13df8cf0348b270ff2da3f
87a9323ac85ce28867d5d7ce590c8f29b8d1a999961fca71bb33adef48683691
GET /images/Volkswagen/Volkswagen-Beetle-Convertible-2003-dash-kits_cat.jpg HTTP/1.1
Host: www.carid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://astridberges-frisbey.blogspot.com/
HTTP/1.1 301 Moved Permanently
Server: openresty
Date: Tue, 06 Dec 2022 18:03:40 GMT
Content-Type: text/html
Content-Length: 166
Connection: keep-alive
Location: https://www.carid.com/images/Volkswagen/Volkswagen-Beetle-Convertible-2003-dash-kits_cat.jpg
ocsp.digicert.com/
200 OK 278 B IP
Hash 2acfbe44d40ff59a6fdd0755cf6cd1f0
da2d90f84561690bf7fc4338039db959e58263b6
9c2ca1239220e33bc3696f0be6faa25fe0290a75850da3211119a31f8ad693b6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=119012
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 18:03:40 GMT
Etag: "638eb1e0-116"
Expires: Thu, 08 Dec 2022 03:07:12 GMT
Last-Modified: Tue, 06 Dec 2022 03:07:12 GMT
Server: nginx
Content-Length: 278
static.cargurus.com/images/site/2008/08/06/23/24/2009_volkswagen_beetle-pic-42694.jpeg
200 OK 25 kB URL HTTP/2 static.cargurus.com/images/site/2008/08/06/23/24/2009_volkswagen_beetle-pic-42694.jpeg
IP
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 500x315, components 3\012- data
Hash 11cea7ada0ec3692579299eb01584049
95c0d333e5eb5e60cb78758896a826939a9e5f65
6a13d46a9f02ffac3d01972482a986b69fb14bbe5b9e0c5355dad5f689915fa0
GET /images/site/2008/08/06/23/24/2009_volkswagen_beetle-pic-42694.jpeg HTTP/1.1
Host: static.cargurus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://astridberges-frisbey.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: As2Ae20iZvwIsAFeM3hT2hQEb/7o+wc6fhRv4cybM2AG+FxQ4xy2EilRwNK2JnNp03dxvfi1g3Om+UIaQ/0u0A==
x-amz-request-id: GDP3EMJ91DSWV5WG
last-modified: Wed, 08 Sep 2010 15:18:03 GMT
etag: "11cea7ada0ec3692579299eb01584049"
cache-control: max-age=630720000
x-amz-meta-md5-hash: 11cea7ada0ec3692579299eb01584049
content-type: image/jpeg
server: AmazonS3
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Tue, 06 Dec 2022 18:03:40 GMT
age: 329692
x-served-by: cache-iad-kiad7000078-IAD, cache-bma1641-BMA
x-cache: HIT, MISS
x-cache-hits: 5, 0
x-timer: S1670349820.097302,VS0,VE91
access-control-allow-origin: *
content-length: 25129
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 280 B IP
Hash 8bb08a63846c404ad473dc99fad2c947
27829ec49f18684ee0bb127f79c34e73eae1f7d5
3eabe5f3ddb4b323eaebe62f79f514dc1ef5fa4380576f0a7382d6808203d41e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1783
Cache-Control: max-age=141293
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 18:03:40 GMT
Etag: "638f01f2-118"
Expires: Thu, 08 Dec 2022 09:18:33 GMT
Last-Modified: Tue, 06 Dec 2022 08:48:50 GMT
Server: ECS (amb/6B9B)
X-Cache: HIT
Content-Length: 280
images.dealerrevs.com/pictures/45639850.jpg
200 OK 23 kB URL HTTP/1.1 images.dealerrevs.com/pictures/45639850.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 480x360, components 3\012- data
Hash f9f0d95bb7bbfd2b5d314c032ac03e09
d0e0fc2250f0522b9794fac1ab3d26c2f4a492ae
628b9646cf4ad87f2f7bf9bdb04732e8428fa8492b997680e75c9be3ce748cfd
GET /pictures/45639850.jpg HTTP/1.1
Host: images.dealerrevs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://astridberges-frisbey.blogspot.com/
HTTP/1.1 200 OK
Server: nginx/1.10.2
Date: Tue, 06 Dec 2022 18:03:40 GMT
Content-Type: image/jpeg
Content-Length: 22592
Last-Modified: Tue, 22 Feb 2011 00:31:52 GMT
Connection: keep-alive
ETag: "4d6303f8-5840"
Expires: Mon, 06 Mar 2023 18:03:40 GMT
Cache-Control: max-age=7776000
Accept-Ranges: bytes
www.olx.com/ui/1/30/65/3872565_1.jpg
301 Moved Permanently 162 B URL HTTP/1.1 www.olx.com/ui/1/30/65/3872565_1.jpg
IP
ASN #20940 Akamai International B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /ui/1/30/65/3872565_1.jpg HTTP/1.1
Host: www.olx.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://astridberges-frisbey.blogspot.com/
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Server: nginx
Content-Type: text/html
Content-Length: 162
Location: https://www.olx.com/ui/1/30/65/3872565_1.jpg
Accept-Ranges: bytes
Strict-Transport-Security: max-age=31536000
Expires: Tue, 06 Dec 2022 18:03:40 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Tue, 06 Dec 2022 18:03:40 GMT
Connection: keep-alive
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash d75a839f5184fb636d638a0b543686b7
978422bcc50793f1c6bbda2afb7ae0434834e583
7d56b93ffd8bac9da4b8e54a5648e316cfea875ec1eb9f0427d294a37eb63768
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=97147
Date: Tue, 06 Dec 2022 18:03:40 GMT
Etag: "638e4b49-1d7"
Expires: Wed, 07 Dec 2022 21:02:47 GMT
Last-Modified: Mon, 05 Dec 2022 19:49:29 GMT
Server: ECS (dcb/7EA2)
X-Cache: Miss from cloudfront
Via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: m10w1vqGNIYAcvDBjj-KfmDOsvbL4C4jTro9xo5NmgqOK1ij3fnVLg==
Age: 4398
ocsp.digicert.com/
200 OK 471 B IP
Hash 58ff9e71bcc5eb9b4b5828fb980fcc3f
c84343eb719e4b1f510ba57c92ac42d66cfdb0eb
d7480ac225b92090a74afd77e772385b31c05a79211b487c5408d89a0b9031df
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=106040
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 18:03:40 GMT
Etag: "638e7f34-1d7"
Expires: Wed, 07 Dec 2022 23:31:00 GMT
Last-Modified: Mon, 05 Dec 2022 23:31:00 GMT
Server: nginx
Content-Length: 471
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash d75a839f5184fb636d638a0b543686b7
978422bcc50793f1c6bbda2afb7ae0434834e583
7d56b93ffd8bac9da4b8e54a5648e316cfea875ec1eb9f0427d294a37eb63768
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=96124
Date: Tue, 06 Dec 2022 18:03:40 GMT
Etag: "638e4b49-1d7"
Expires: Wed, 07 Dec 2022 20:45:44 GMT
Last-Modified: Mon, 05 Dec 2022 19:49:29 GMT
Server: ECS (bsa/EB14)
X-Cache: Miss from cloudfront
Via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: --8NJFe-Myq4ef1TbgLgjgAk58v5E0Z0NBpV6fxGonCv0NcsitQ7Ow==
Age: 3375
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash d75a839f5184fb636d638a0b543686b7
978422bcc50793f1c6bbda2afb7ae0434834e583
7d56b93ffd8bac9da4b8e54a5648e316cfea875ec1eb9f0427d294a37eb63768
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=97568
Date: Tue, 06 Dec 2022 18:03:40 GMT
Etag: "638e4b49-1d7"
Expires: Wed, 07 Dec 2022 21:09:48 GMT
Last-Modified: Mon, 05 Dec 2022 19:49:29 GMT
Server: ECS (nyb/1D2A)
X-Cache: Miss from cloudfront
Via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: ccII4aDTCGdALi4lwa7wiD24yNQBM-jfrW7s0QgCPiaL4GgwCgsTjA==
Age: 4819
www.olx.com/ui/1/30/65/3872565_1.jpg
404 Not Found 146 B URL HTTP/1.1 www.olx.com/ui/1/30/65/3872565_1.jpg
IP
ASN #20940 Akamai International B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /ui/1/30/65/3872565_1.jpg HTTP/1.1
Host: www.olx.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://astridberges-frisbey.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 404 Not Found
Server: nginx
Content-Type: text/html
Content-Length: 146
Expires: Tue, 06 Dec 2022 18:03:40 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Tue, 06 Dec 2022 18:03:40 GMT
Connection: keep-alive
images02.olx.com/ui/1/30/65/3872565_1.jpg
302 Moved Temporarily 0 B URL HTTP/1.1 images02.olx.com/ui/1/30/65/3872565_1.jpg
IP
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ui/1/30/65/3872565_1.jpg HTTP/1.1
Host: images02.olx.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://astridberges-frisbey.blogspot.com/
HTTP/1.1 302 Moved Temporarily
Server: AkamaiGHost
Content-Length: 0
Location: http://www.olx.com/ui/1/30/65/3872565_1.jpg
Expires: Tue, 06 Dec 2022 18:03:40 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Tue, 06 Dec 2022 18:03:40 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 727 B IP
Hash 63b78dd8322f66e33c6d5ed3d56d0b4e
180874ba30babd30447e65e723f4dfa7238321e7
2abb5249d4ac4b7d29671aeb4014fc8289763afbecc4ede3d14837c9c23cb470
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=126215
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 18:03:40 GMT
Etag: "638ece03-2d7"
Expires: Thu, 08 Dec 2022 05:07:15 GMT
Last-Modified: Tue, 06 Dec 2022 05:07:15 GMT
Server: nginx
Content-Length: 727
www.autobase.com/photos/00640/1091/10918150_001.jpg
404 Not Found 1.2 kB URL HTTP/1.1 www.autobase.com/photos/00640/1091/10918150_001.jpg
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 5343c1a8b203c162a3bf3870d9f50fd4
04b5b886c20d88b57eea6d8ff882624a4ac1e51d
dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f
GET /photos/00640/1091/10918150_001.jpg HTTP/1.1
Host: www.autobase.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://astridberges-frisbey.blogspot.com/
HTTP/1.1 404 Not Found
Content-Type: text/html
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Tue, 06 Dec 2022 18:03:39 GMT
Content-Length: 1245
www.caranddriver.com/var/ezflow_site/storage/images/news/car/09q4/2010_volkswagen_new_beetle_final_edition_coupe_and_convertible-auto_shows/gallery/2009_volkswagen_new_beetle_interior_photo_50/3073763-1-eng-US/2009_volkswagen_new_beetle_05_cd_gallery.jpg
404 Not Found 38 kB URL HTTP/2 www.caranddriver.com/var/ezflow_site/storage/images/news/car/09q4/2010_volkswagen_new_beetle_final_edition_coupe_and_convertible-auto_shows/gallery/2009_volkswagen_new_beetle_interior_photo_50/3073763-1-eng-US/2009_volkswagen_new_beetle_05_cd_gallery.jpg
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (65536), with no line terminators
Hash 504ecf926220dc5fbd4b1fc546c1b695
39167ae6713a4500a5011f13a74ea4a0768fe6a2
2bc3d3a8bdd0885c44a43b04560996cadfb666bfd4b273b51a0fd955ee32fa8e
GET /var/ezflow_site/storage/images/news/car/09q4/2010_volkswagen_new_beetle_final_edition_coupe_and_convertible-auto_shows/gallery/2009_volkswagen_new_beetle_interior_photo_50/3073763-1-eng-US/2009_volkswagen_new_beetle_05_cd_gallery.jpg HTTP/1.1
Host: www.caranddriver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://astridberges-frisbey.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
content-encoding: gzip
content-security-policy: upgrade-insecure-requests; default-src https: data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:;
content-type: text/html; charset=utf-8
etag: "qqx8tkaxpf3k66"
expires: Tue, 06 Dec 2022 18:03:40 GMT
pragma: no-cache
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-frame-options: DENY
x-gdpr-site: 0
x-xss-protection: 1; mode=block
accept-ranges: bytes
age: 0
date: Tue, 06 Dec 2022 18:03:40 GMT
x-cache: MISS, MISS
vary: X-Arb, X-GDPR, X-ADSFREE, Accept-Encoding
set-cookie: _perhip=; expires=Mon, 06 Dec 2021 18:03:40 GMT; path=/;
_HFID=; httponly; expires=Mon, 06 Dec 2021 18:03:40 GMT; secure; path=/;
_HFID=; expires=Mon, 06 Dec 2021 18:03:40 GMT; secure; path=/;
location_data={"country_code":"NO","postal_code":"0168"}; path=/;
strict-transport-security: max-age=31557600
geo-city: oslo
geo-continent-code: EU
geo-postal-code: 0168
x-country: NO
link: <https://googletagservices.com>; rel=preconnect, <https://api.backfires.caranddriver.com>; rel=preconnect, <https://securepubads.g.doubleclick.net>; rel=preconnect, <https://cdn.optimizely.com>; rel=preconnect, <https://adservice.google.com>; rel=preconnect, <https://connect.facebook.net>; rel=preconnect, <https://logx.optimizely.com>; rel=preconnect, <https://www.facebook.com>; rel=preconnect, <https://h.nexac.com>; rel=preconnect, <https://gtrk.s3.amazonaws.com>; rel=preconnect, <https://graph.facebook.com>; rel=preconnect, <https://hips.hearstapps.com>; rel=preconnect, <https://nexus.ensighten.com>; rel=preconnect, <https://www.google-analytics.com>; rel=preconnect, <https://www.googletagmanager.com>; rel=preconnect, <https://stats.g.doubleclick.net>; rel=preconnect, <https://www.google.com>; rel=preconnect, <https://tpc.googlesyndication.com>; rel=preconnect, <https://fonts.googleapis.com>; rel=preconnect, <https://img.vast.com>; rel=preconnect, <https://z.moatads.com>; rel=preconnect
x-robots-tag: all
cache-control: max-age=0, must-revalidate, private
content-length: 37895
X-Firefox-Spdy: h2
www.olx.com/ui/1/30/65/3872565_1.jpg
301 Moved Permanently 162 B URL HTTP/1.1 www.olx.com/ui/1/30/65/3872565_1.jpg
IP
ASN #20940 Akamai International B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /ui/1/30/65/3872565_1.jpg HTTP/1.1
Host: www.olx.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://astridberges-frisbey.blogspot.com/
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Server: nginx
Content-Type: text/html
Content-Length: 162
Location: https://www.olx.com/ui/1/30/65/3872565_1.jpg
Accept-Ranges: bytes
Strict-Transport-Security: max-age=31536000
Expires: Tue, 06 Dec 2022 18:03:40 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Tue, 06 Dec 2022 18:03:40 GMT
Connection: keep-alive
www.blogger.com/img/logo-16.png
200 OK 279 B URL HTTP/1.1 www.blogger.com/img/logo-16.png
IP
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 5ffecab6c722bb0adc3fce8d83b27993
0e59b05d3da526e82bb4f5d47c5d94e2a318dafb
cca664ca16fde285160e80eae6ba4501c27b1dd1ce09aec1e84caa74b5baff53
GET /img/logo-16.png HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://astridberges-frisbey.blogspot.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 279
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 06 Dec 2022 07:09:35 GMT
Expires: Tue, 13 Dec 2022 07:09:35 GMT
Cache-Control: public, max-age=604800
Last-Modified: Mon, 05 Dec 2022 06:50:28 GMT
Content-Type: image/png
Age: 39245
www.olx.com/ui/1/30/65/3872565_1.jpg
404 Not Found 146 B URL HTTP/1.1 www.olx.com/ui/1/30/65/3872565_1.jpg
IP
ASN #20940 Akamai International B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /ui/1/30/65/3872565_1.jpg HTTP/1.1
Host: www.olx.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://astridberges-frisbey.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 404 Not Found
Server: nginx
Content-Type: text/html
Content-Length: 146
Expires: Tue, 06 Dec 2022 18:03:40 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Tue, 06 Dec 2022 18:03:40 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 278 B IP
Hash 2acfbe44d40ff59a6fdd0755cf6cd1f0
da2d90f84561690bf7fc4338039db959e58263b6
9c2ca1239220e33bc3696f0be6faa25fe0290a75850da3211119a31f8ad693b6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: max-age=119012
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 18:03:40 GMT
Etag: "638eb1e0-116"
Expires: Thu, 08 Dec 2022 03:07:12 GMT
Last-Modified: Tue, 06 Dec 2022 03:07:12 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 278
www.carid.com/images/Volkswagen/Volkswagen-Beetle-Convertible-2003-dash-kits_cat.jpg
301 Moved Permanently 162 B URL HTTP/2 www.carid.com/images/Volkswagen/Volkswagen-Beetle-Convertible-2003-dash-kits_cat.jpg
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /images/Volkswagen/Volkswagen-Beetle-Convertible-2003-dash-kits_cat.jpg HTTP/1.1
Host: www.carid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://astridberges-frisbey.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: openresty
date: Tue, 06 Dec 2022 18:03:40 GMT
content-type: text/html
content-length: 162
location: https://images.carid.com/Volkswagen/Volkswagen-Beetle-Convertible-2003-dash-kits_cat.jpg
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
an.images.dmotorworks.com/20110419/RP2510/3M402364_01.jpg
404 Not Found 1.1 kB URL HTTP/1.1 an.images.dmotorworks.com/20110419/RP2510/3M402364_01.jpg
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1054), with no line terminators
Hash 498917457e83b28413b39a6eedd818e4
9a5cde09f774554e83249ea2a3aaf050e593aaec
7991984577e2c644d581a6059c897623b291b4b8cba7de5b33c535467469b5ec
GET /20110419/RP2510/3M402364_01.jpg HTTP/1.1
Host: an.images.dmotorworks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://astridberges-frisbey.blogspot.com/
HTTP/1.1 404 Not Found
Date: Tue, 06 Dec 2022 18:03:40 GMT
Server: Apache
Content-Type: text/html;charset=utf-8
Content-Length: 1054
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
www.777seo.com/seo.php?username=billymoon
302 Found 0 B URL HTTP/1.1 www.777seo.com/seo.php?username=billymoon
IP
ASN #133618 Trellian Pty. Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /seo.php?username=billymoon HTTP/1.1
Host: www.777seo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://astridberges-frisbey.blogspot.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Tue, 06 Dec 2022 18:03:40 GMT
Server: Apache/2.4.38 (Debian)
Set-Cookie: __tad=1670349820.4176922; expires=Fri, 03-Dec-2032 18:03:40 GMT; Max-Age=315360000
Location: http://ww38.777seo.com/seo.php?username=billymoon&subid1=20221207-0503-40ec-a7e8-cafab1665da1
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8
my.blueadvertise.com/__adserver/insertions/display.php?token=MTA4ODF8NzI4eDkwfDcyOHw5MHwz
302 Found 0 B URL HTTP/1.1 my.blueadvertise.com/__adserver/insertions/display.php?token=MTA4ODF8NzI4eDkwfDcyOHw5MHwz
IP
ASN #133618 Trellian Pty. Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /__adserver/insertions/display.php?token=MTA4ODF8NzI4eDkwfDcyOHw5MHwz HTTP/1.1
Host: my.blueadvertise.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://astridberges-frisbey.blogspot.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Tue, 06 Dec 2022 18:03:40 GMT
Server: Apache/2.4.38 (Debian)
Set-Cookie: __tad=1670349820.5863774; expires=Fri, 03-Dec-2032 18:03:40 GMT; Max-Age=315360000
Location: http://ww38.my.blueadvertise.com/__adserver/insertions/display.php?token=MTA4ODF8NzI4eDkwfDcyOHw5MHwz&subid1=20221207-0503-4070-8f6f-e94598aa028a
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8
my.blueadvertise.com/__adserver/insertions/display.php?token=MTA4ODF8MTYweDYwMHwxNjB8NjAwfDM=
302 Found 0 B URL HTTP/1.1 my.blueadvertise.com/__adserver/insertions/display.php?token=MTA4ODF8MTYweDYwMHwxNjB8NjAwfDM=
IP
ASN #133618 Trellian Pty. Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /__adserver/insertions/display.php?token=MTA4ODF8MTYweDYwMHwxNjB8NjAwfDM= HTTP/1.1
Host: my.blueadvertise.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://astridberges-frisbey.blogspot.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Tue, 06 Dec 2022 18:03:40 GMT
Server: Apache/2.4.38 (Debian)
Set-Cookie: __tad=1670349820.5312045; expires=Fri, 03-Dec-2032 18:03:40 GMT; Max-Age=315360000
Location: http://ww38.my.blueadvertise.com/__adserver/insertions/display.php?token=MTA4ODF8MTYweDYwMHwxNjB8NjAwfDM=&subid1=20221207-0503-4011-897a-f9c61e9daa7c
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8
www.besthitsnow.com/b1.php?id=billymoon
302 Found 11 B URL HTTP/1.1 www.besthitsnow.com/b1.php?id=billymoon
IP
ASN #60781 LeaseWeb Netherlands B.V.
File type ASCII text, with no line terminators
Hash 32682312d17c7cbf18e73594f5570319
60e22121bdd0bc71cdb2bae2a3aa577006b2eae9
e55fb1a1d731153e943b68844af12dcce8bfac917c98ffdea64c80da0607dd47
GET /b1.php?id=billymoon HTTP/1.1
Host: www.besthitsnow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://astridberges-frisbey.blogspot.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 11
date: Tue, 06 Dec 2022 18:03:40 GMT
location: http://ww1.besthitsnow.com
server: nginx
set-cookie: sid=504a9c10-7590-11ed-89c3-df3b5ab7f5fa; path=/; domain=.besthitsnow.com; expires=Sun, 24 Dec 2090 21:17:47 GMT; max-age=2147483647; HttpOnly
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 5006b8e985c5838b7fd2f2b558a65bc4
183ff15e0faedf346305fd6fe1c70c9c7a1eef4a
fcbfec9f5fd0e10d44778c1df64d8612281cd39881cdfd0aa8ca30d13655655a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 18:03:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu
200 OK 665 B URL HTTP/2 www.google.com/recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu
IP
File type ASCII text, with very long lines (1034), with no line terminators
Hash 34e37af4d526255a20a2056cd5f4addf
bcac186d6a49539e69a3f67aa08d0188966f5623
51a2c479b272414cb9d7e1ec62edffbad01217068b73d516d33cb8f26a4fc634
GET /recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Tue, 06 Dec 2022 18:03:40 GMT
date: Tue, 06 Dec 2022 18:03:40 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 665
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
newbeetle.org/attachments/barbie_nb_interior_large-jpg.60022/
301 Moved Permanently 472 B URL HTTP/2 newbeetle.org/attachments/barbie_nb_interior_large-jpg.60022/
IP
Hash e24f2da4ed2e3cd07b0999a67550d634
6e2277e734fd0015849c3554dd2cf2ae289c2cf2
74dc14d7d9ba8bba4a162680e59801af1d7c2995639df51f32ff2f3d4d0b0051
GET /attachments/barbie_nb_interior_large-jpg.60022/ HTTP/1.1
Host: newbeetle.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://astridberges-frisbey.blogspot.com/
Connection: keep-alive
Cookie: __cf_bm=_ftRqcgcX73TFTtF7fi4U.XcSSZPJmvlVym4JFMh34c-1670349820-0-AR874Jqgs+uft5A8VJ6uxJptb0LPD0fvGIP0B7x5kAzmpEiPKjDQ6baLGvT2lcE87YcF5mzthL6+vNc+MQU9KXt6j4/QpJvbZjf+XCp9MsFb
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
date: Tue, 06 Dec 2022 18:03:40 GMT
content-type: text/html; charset=utf-8
location: https://www.newbeetle.org/attachments/barbie_nb_interior_large-jpg.60022/
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
last-modified: Tue, 06 Dec 2022 18:03:40 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: private, no-cache, max-age=0
x-cluster-node: xenforo-91717439-7cf8bc8689-6m8hk
x-ua-compatible: IE=Edge,chrome=1
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' https://data-labeling.platforum.cloud/
x-envoy-upstream-service-time: 53
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: BYPASS
set-cookie: isInTestGroup_sidebarMiddleAd9010=1; expires=Thu, 05-Dec-2024 18:03:40 GMT; Max-Age=63072000; path=/; HttpOnly
experiment_sidebarMiddleAd9010=sidebarMiddleAdExp; expires=Thu, 05-Dec-2024 18:03:40 GMT; Max-Age=63072000; path=/; HttpOnly
vary: Accept-Encoding
server: cloudflare
cf-ray: 7756f08a9c13b518-OSL
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js
200 OK 163 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js
IP
File type ASCII text, with very long lines (730)
Size 163 kB (162976 bytes)
Hash 79d18cf4265108d7cecca1bf4ada6109
e51d0285a545381d4c39e9e0292a650ffeeecbb9
59ce7253f371df0833c3f72d4748ef812002b90a49413c56d0ca7c40bb5a0ab6
GET /recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
Origin: https://www.blogger.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 162976
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Dec 2022 11:03:19 GMT
expires: Wed, 06 Dec 2023 11:03:19 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 14 Nov 2022 03:01:59 GMT
content-type: text/javascript
age: 25222
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash e24f2da4ed2e3cd07b0999a67550d634
6e2277e734fd0015849c3554dd2cf2ae289c2cf2
74dc14d7d9ba8bba4a162680e59801af1d7c2995639df51f32ff2f3d4d0b0051
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 18:03:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ww1.besthitsnow.com/
200 OK 1.1 kB IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1508), with no line terminators
Hash cf4dc6862ed8f0137aa1cc57d0c4220b
7cbdc096a5019113ef7edc722d1fa25300a129a1
7ba06a0562cdd0c41397bf86e7d7c700c9521a6c0a60ee42d1db1704c7e77736
GET / HTTP/1.1
Host: ww1.besthitsnow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://astridberges-frisbey.blogspot.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: openresty
Date: Tue, 06 Dec 2022 18:03:41 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: parking_session=4570dc9e-6547-b14d-cd6c-f693ad5d476b; expires=Tue, 06-Dec-2022 18:18:41 GMT; Max-Age=900; path=/; HttpOnly
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_LJ3iEuT62c0exEmL/g6EUprxMqAfQgm/pDeQqE/mJH2UigX+HkVuIctdJYr1UDPn+14zvQVNUDRXBJDDKCk9rA==
Accept-CH: sec-ch-prefers-color-scheme
Critical-CH: sec-ch-prefers-color-scheme
Vary: sec-ch-prefers-color-scheme
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Encoding: gzip
www.usedcars.com/imageserver/inventory/500x375/100A13/2769802643.jpg
404 Not Found 8.6 kB URL HTTP/2 www.usedcars.com/imageserver/inventory/500x375/100A13/2769802643.jpg
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2638)
Hash 6220372b0984ac0431498d38f855a559
15305ab9d24461ea6b83553de09df5d23d953bf2
afac52920ac4be94b7e158290a6aaa28032a5e7bdfe2ac58e4ffa5a2cda3ac38
GET /imageserver/inventory/500x375/100A13/2769802643.jpg HTTP/1.1
Host: www.usedcars.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://astridberges-frisbey.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
cache-control: public, max-age=31536000, s-maxage=31536000
content-type: text/html; charset=utf-8
content-encoding: gzip
etag: "1ddc-+Nqv7NzdN1zpRQ3cpd3pVCYxV4I"
vary: Accept-Encoding
request-context: appId=cid-v1:d191015c-c8f6-4ee6-9fc1-09d3f95eb7a1
strict-transport-security: max-age=63072000
x-frame-options: DENY
x-download-options: noopen
x-content-type-options: nosniff
x-xss-protection: 1
x-powered-by: Next.js
x-cache: CONFIG_NOCACHE
x-azure-ref: 0/IOPYwAAAAA3621kS6PPS4cD9ynSrS+GU1ZHMjBFREdFMDUxOABmOTNlMzM4Mi00M2Y5LTQ5MmItODY3My1hOTQ4M2FkYzAwOGU=
date: Tue, 06 Dec 2022 18:03:40 GMT
X-Firefox-Spdy: h2
ww38.my.blueadvertise.com/__adserver/insertions/display.php?token=MTA4ODF8MTYweDYwMHwxNjB8NjAwfDM=&subid1=20221207-0503-4011-897a-f9c61e9daa7c
200 OK 6.0 kB URL HTTP/1.1 ww38.my.blueadvertise.com/__adserver/insertions/display.php?token=MTA4ODF8MTYweDYwMHwxNjB8NjAwfDM=&subid1=20221207-0503-4011-897a-f9c61e9daa7c
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2655)
Hash 0c5dca03b8df38e88086c8413061fd3b
f834424032eaaedc8f496f78868a25e147e116d6
67bcf84659b770dddd5efc21d90c1894ad4da2328d240e35fa5252f04817a043
GET /__adserver/insertions/display.php?token=MTA4ODF8MTYweDYwMHwxNjB8NjAwfDM=&subid1=20221207-0503-4011-897a-f9c61e9daa7c HTTP/1.1
Host: ww38.my.blueadvertise.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://astridberges-frisbey.blogspot.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 18:03:41 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Vary: Accept-Encoding
X-Buckets: bucket103
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_PXS7GTKlQMXHMjf1EzBebYrurcrTSp3dd6FW0vTYQTDcfBglbIpNwdLILOrsbaDGuuFUc48OjRYhGilpJkt8UA==
X-Template: tpl_CleanPeppermintBlack_twoclick
X-Language: norwegian
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-CH-Lifetime: 30
Content-Encoding: gzip
ww38.my.blueadvertise.com/__adserver/insertions/display.php?token=MTA4ODF8NzI4eDkwfDcyOHw5MHwz&subid1=20221207-0503-4070-8f6f-e94598aa028a
200 OK 6.0 kB URL HTTP/1.1 ww38.my.blueadvertise.com/__adserver/insertions/display.php?token=MTA4ODF8NzI4eDkwfDcyOHw5MHwz&subid1=20221207-0503-4070-8f6f-e94598aa028a
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2655)
Hash 126b38b5a97c4eb727bbbec4ef67eb78
8c6415b71043730aad59b98629351877240eba10
465d24a75854010fb22b5baae5b36fb3d1faa2c307995afb9bf2d98dbc34c454
GET /__adserver/insertions/display.php?token=MTA4ODF8NzI4eDkwfDcyOHw5MHwz&subid1=20221207-0503-4070-8f6f-e94598aa028a HTTP/1.1
Host: ww38.my.blueadvertise.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://astridberges-frisbey.blogspot.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 18:03:41 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Vary: Accept-Encoding
X-Buckets: bucket103
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_hAA240BjS2KKy4spJ6Zu+eQRLWuCvM3rGFbm6OdRniHFoS+deC6xte47PAzEoE4n6zmpiDsBu2uOmWmDvh1AJQ==
X-Template: tpl_CleanPeppermintBlack_twoclick
X-Language: norwegian
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-CH-Lifetime: 30
Content-Encoding: gzip
www.sendptp.com/sbanner.php?u=billymoon
302 Found 0 B URL HTTP/1.1 www.sendptp.com/sbanner.php?u=billymoon
IP
ASN #133618 Trellian Pty. Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sbanner.php?u=billymoon HTTP/1.1
Host: www.sendptp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://astridberges-frisbey.blogspot.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Tue, 06 Dec 2022 18:03:41 GMT
Server: Apache/2.4.38 (Debian)
Set-Cookie: __tad=1670349821.6433966; expires=Fri, 03-Dec-2032 18:03:41 GMT; Max-Age=315360000
Location: http://ww38.sendptp.com/sbanner.php?u=billymoon
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8
images.carid.com/Volkswagen/Volkswagen-Beetle-Convertible-2003-dash-kits_cat.jpg
404 Not Found 0 B URL HTTP/2 images.carid.com/Volkswagen/Volkswagen-Beetle-Convertible-2003-dash-kits_cat.jpg
IP
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /Volkswagen/Volkswagen-Beetle-Convertible-2003-dash-kits_cat.jpg HTTP/1.1
Host: images.carid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://astridberges-frisbey.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
server: nginx
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.2.27
content-length: 0
date: Tue, 06 Dec 2022 18:03:41 GMT
X-Firefox-Spdy: h2
d38psrni17bvxu.cloudfront.net/scripts/maincaf.js
200 OK 7.0 kB URL HTTP/1.1 d38psrni17bvxu.cloudfront.net/scripts/maincaf.js
IP
File type ASCII text, with very long lines (316)
Hash 3c7567521347bf95b105ffa7fdc7da86
08739adacbf1300c74d8ae1cf100d00d9fbd0e5f
0e32bca6b67dfdeed3f9b988ddcec1adf0502549a130a78c4ace64c318a7ea29
Analyzer Verdict Alert fortinet Malware
GET /scripts/maincaf.js HTTP/1.1
Host: d38psrni17bvxu.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww38.777seo.com/
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 7006
Connection: keep-alive
Server: nginx
Date: Tue, 06 Dec 2022 02:41:52 GMT
Last-Modified: Tue, 15 Nov 2022 15:10:24 GMT
Accept-Ranges: bytes
ETag: "6373abe0-1b5e"
X-Cache: Hit from cloudfront
Via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: GF5U73j51n9CXLaNIfEa6wEbkZx6l25bR27K3uM1NoXO2r968dPz2g==
Age: 55309
ww1.besthitsnow.com/js/parking.2.100.2.js
200 OK 22 kB URL HTTP/1.1 ww1.besthitsnow.com/js/parking.2.100.2.js
IP
File type HTML document, ASCII text, with very long lines (65536), with no line terminators
Hash 239c79e8ead12ade233b4b98f3a1d68d
ebb33fbc73ffa07c517270874bef61576c7aecf6
148cf1738ec4c4800fa6e1fa02ea75d6cc76c5d0096b11dc1af4b47ffbcf2d0b
GET /js/parking.2.100.2.js HTTP/1.1
Host: ww1.besthitsnow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww1.besthitsnow.com/
HTTP/1.1 200 OK
Server: openresty
Date: Tue, 06 Dec 2022 18:03:41 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Mon, 14 Nov 2022 17:46:11 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Encoding: gzip
www.google.com/adsense/domains/caf.js
200 OK 54 kB URL HTTP/1.1 www.google.com/adsense/domains/caf.js
IP
File type ASCII text, with very long lines (1885)
Hash 38bab3c6ccb019bd62d64142d7e19d90
4d8aaf07a19e2a86a9566ba9b3fe6ddd32b8f386
05c93a63c1af05afd643d5fdb4cc4c899a162d21c87d407130f7aa81b9bd546f
GET /adsense/domains/caf.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww38.777seo.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="ads-afs-ui"
Report-To: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
Date: Tue, 06 Dec 2022 18:03:41 GMT
Expires: Tue, 06 Dec 2022 18:03:41 GMT
Cache-Control: private, max-age=3600
ETag: "3609449013642164181"
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: sffe
X-XSS-Protection: 0
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash cd4f7adad3fe34548fa20fc8bcd9dfb8
89d9e0523fd6141bb3599dfe631af767a48ce10a
988b706c3c6accc138214ba147bfb17b01ae8ae34c98e3d6ded4e5340b63fa27
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 18:03:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10702
Expires: Tue, 06 Dec 2022 21:02:03 GMT
Date: Tue, 06 Dec 2022 18:03:41 GMT
Connection: keep-alive
c.parkingcrew.net/scripts/sale_form.js
200 OK 761 B URL HTTP/1.1 c.parkingcrew.net/scripts/sale_form.js
IP
Hash 64f809e06446647e192fce8d1ec34e09
5b7ced07da42e205067afa88615317a277a4a82c
f52cbd664986ad7ed6e71c448e2d31d1a16463e4d9b7bca0c6be278649ccc4f3
GET /scripts/sale_form.js HTTP/1.1
Host: c.parkingcrew.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww38.777seo.com/
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 18:03:41 GMT
Content-Type: application/javascript
Content-Length: 761
Connection: keep-alive
Last-Modified: Tue, 12 May 2020 14:25:52 GMT
ETag: "5ebab1f0-2f9"
Accept-Ranges: bytes
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10702
Expires: Tue, 06 Dec 2022 21:02:03 GMT
Date: Tue, 06 Dec 2022 18:03:41 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10702
Expires: Tue, 06 Dec 2022 21:02:03 GMT
Date: Tue, 06 Dec 2022 18:03:41 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10702
Expires: Tue, 06 Dec 2022 21:02:03 GMT
Date: Tue, 06 Dec 2022 18:03:41 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 54 kB IP
ASN #20940 Akamai International B.V.
File type gzip compressed data, max compression\012- data
Hash c8da8f4615d128fcd920e9665e609fbf
93c0d6987aad541ab3453abbae2c5bc4517704e9
6a7796de7652eee0e7aa6becc59962c98e3b642eacef71adccae231f2d07185d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10702
Expires: Tue, 06 Dec 2022 21:02:03 GMT
Date: Tue, 06 Dec 2022 18:03:41 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feff698a5-ffc4-43ea-b7a3-b681cafeb108.jpeg
200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feff698a5-ffc4-43ea-b7a3-b681cafeb108.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5d72fb8d20c29763234c2817b119d11b
d4924ec714f5157bcb2fddcb5f768188a3dd37dc
e9aa59142e0673ed3f58b36beaca48213c678dbe4655f9c4b64581cb0f6f22f6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feff698a5-ffc4-43ea-b7a3-b681cafeb108.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12830
x-amzn-requestid: 66f5f2fa-8472-4484-bbea-20ece7e98b1f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cmcsxGDyIAMFX4Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638c0e51-146167697890d9312ce3dbac;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 03:04:49 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: WMeay1i2pxnboCB3Qcwb2ray4tnyEzO89tQrHCfGdI3s9kJsMWvzBw==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 03:41:05 GMT
age: 51756
etag: "d4924ec714f5157bcb2fddcb5f768188a3dd37dc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faeae6973-c3cb-4597-8dcc-f36e4cd35fda.jpeg
200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faeae6973-c3cb-4597-8dcc-f36e4cd35fda.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5529617b0748f2d8c82ef99c1ac116a8
a862b74508113ae72b56b9b3de0c75ba559b9032
376a82ae4a5b80f59fb746be79bca569b03a74c345845c7bbf15189964b0bb96
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faeae6973-c3cb-4597-8dcc-f36e4cd35fda.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11469
x-amzn-requestid: f60a3f0d-38f7-4f82-bdd5-9e31814ab1d9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSuZGAXIAMFwuA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64c2-5b4b99e779a0aaa71a311a1c;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:10 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: bWcuXixVA50JUynSO7ar3nWfjsTa5iOteSYq88bWPlQvz__1qfv7Uw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:41:49 GMT
age: 73312
etag: "a862b74508113ae72b56b9b3de0c75ba559b9032"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffaf0de04-19bf-4944-9ac5-5178afafb192.jpeg
200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffaf0de04-19bf-4944-9ac5-5178afafb192.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7f2c354a00ab51d4a41221b6bf191c10
01ceb7233fe05ad8dff3a0a43eef879ea2b83ec4
7d3c8417e1db0db41ceb8b4bf3f506864392dd1ad29319a06a8a6055f6f2ed12
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffaf0de04-19bf-4944-9ac5-5178afafb192.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11352
x-amzn-requestid: 7c3fc7bb-eb1f-46ec-8e92-b6ffc6261848
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSwuF1ToAMFiIA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64d1-7c53152a279f00595b9886bd;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:25 GMT
x-amz-cf-pop: SFO5-P2, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: EQorA5VTb0s2BEIWBkdkhDho-bLdLVvu8LnAIQsQqsIjgBLneYqCzg==
via: 1.1 b6d577696b14c86cbfeb5b3459f38c50.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:48:22 GMT
age: 72919
etag: "01ceb7233fe05ad8dff3a0a43eef879ea2b83ec4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg
200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b15136d60fd0a5e0f657a4f5c75d540f
36082b7329d473829178f280cb71a83b1531e486
79478269b1f5dcfd1e45ccd4264fa44805b37c5c8fec820bcbd2fa1689dfbbd8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11224
x-amzn-requestid: 938de0b8-1055-4416-9ad7-162ab5f4db9f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csUINEwdoAMFuOw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e6701-38b079ef341bb17e567de773;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:47:45 GMT
x-amz-cf-pop: YVR50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tGtiCE9C3j0BUruNaFN2j1mKxCSouLmocmTXpmLMBJaLNyVwkXu1gQ==
via: 1.1 f0ac467993db44dbfc36b778dfcaf73c.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 22:09:28 GMT
age: 71653
etag: "36082b7329d473829178f280cb71a83b1531e486"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d735c66-8946-4145-a67f-e17dd48087bc.jpeg
200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d735c66-8946-4145-a67f-e17dd48087bc.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 38b97436af942d5eb1111ca7043259a0
0234fe32c84c4711f0619714f3ac6d3db1b717d3
a76a7721355abbaecd5c8cb5218e7e4626dc345eb26e7541c71bf4ceaa7ae5d8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d735c66-8946-4145-a67f-e17dd48087bc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11175
x-amzn-requestid: 9c93ddca-1247-44af-a364-e617f69ace26
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSzYEnEoAMFa2A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64e2-7d38ea383725901524bc2ca0;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: fNsYsKfPUM8QaG7-F1tSBDdsNit1BfYpWddNssXwyFO2HgdA0RpjAQ==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:54:21 GMT
age: 72560
etag: "0234fe32c84c4711f0619714f3ac6d3db1b717d3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F70fb9d31-10e5-4323-9fbd-ed451a00e6b1.jpeg
200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F70fb9d31-10e5-4323-9fbd-ed451a00e6b1.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7e1b54923ba506fde6b21c5bfb51ccc8
366aa3ab0790c496ea51bc08d1f2ff3358530d9e
a993ca6dc9a1f854f4542f9221e4f90060825ea863974b5163a9d3e284dc4663
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F70fb9d31-10e5-4323-9fbd-ed451a00e6b1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10594
x-amzn-requestid: eee9f193-eef5-44bf-997a-877fa206749e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSyIHpGoAMF1fw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64da-0a9190f7698dbf2f73bb1575;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:34 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: T28mItwomGU8iDJ18lUF7ZrFuyh_P3ZTwUtA4AC5qZ5C5FQurDMgmQ==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:54:01 GMT
age: 72580
etag: "366aa3ab0790c496ea51bc08d1f2ff3358530d9e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
d38psrni17bvxu.cloudfront.net/themes/cleanPeppermintBlack_657d9013/img/bottom.png
200 OK 3.4 kB URL HTTP/1.1 d38psrni17bvxu.cloudfront.net/themes/cleanPeppermintBlack_657d9013/img/bottom.png
IP
File type PNG image data, 459 x 156, 8-bit colormap, non-interlaced\012- data
Hash 8f00618489c9024bc741a161effb2e32
7e3146cfd561806169d6201b01ccbe37a256dfc5
ee13da8e8d4bd49a7fdd595de382a3c7dbfef6f8555aeca5292c8c80da75f355
GET /themes/cleanPeppermintBlack_657d9013/img/bottom.png HTTP/1.1
Host: d38psrni17bvxu.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww38.777seo.com/
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 3359
Connection: keep-alive
Server: nginx
Date: Mon, 05 Dec 2022 18:03:49 GMT
Last-Modified: Thu, 23 Jun 2022 10:44:43 GMT
Accept-Ranges: bytes
ETag: "62b4441b-d1f"
X-Cache: Hit from cloudfront
Via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: btYiSvHGk4bB_AhsWINEqsnJ7S21OQtMPVeTLmC7Mq7C9S9DwHR_IQ==
Age: 86392
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash ee6bfe50f8e4b9c142f971a55496ac26
8c3fd42aaa7fa3ebdedc4f7b0271b8caae166e64
4582e8e1ada92a279cbc5d82904c7fd27b9d4b95bc06c7a8b3c13168978f0b33
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 18:03:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash ee6bfe50f8e4b9c142f971a55496ac26
8c3fd42aaa7fa3ebdedc4f7b0271b8caae166e64
4582e8e1ada92a279cbc5d82904c7fd27b9d4b95bc06c7a8b3c13168978f0b33
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 18:03:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
play.google.com/log?format=json&hasfast=true&authuser=0
200 OK 0 B URL HTTP/2 play.google.com/log?format=json&hasfast=true&authuser=0
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Referer: https://www.blogger.com/
Origin: https://www.blogger.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.blogger.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Tue, 06 Dec 2022 18:03:41 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: CONSENT=PENDING+081; expires=Thu, 05-Dec-2024 18:03:41 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 06 Dec 2022 18:03:41 GMT
cache-control: private
X-Firefox-Spdy: h2
play.google.com/log?format=json&hasfast=true
200 OK 131 B URL HTTP/2 play.google.com/log?format=json&hasfast=true
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash babb6f090aeebc6f421624475b4aefff
06079b7547949822c118224e51604f4c5ebf80c8
b2fe8b91f31edc7284cc9690e90dd4a38d985598374df68967d917590beb55dd
POST /log?format=json&hasfast=true HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
Content-Type: application/x-www-form-urlencoded;charset=utf-8
Content-Length: 1527
Origin: https://www.blogger.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://www.blogger.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web
content-type: text/plain; charset=UTF-8
content-encoding: gzip
date: Tue, 06 Dec 2022 18:03:41 GMT
server: Playlog
cache-control: private
content-length: 131
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: __Secure-ENID=8.SE=cM6_cCTbeT_liFhIm6beyUqo-aM3oleGRWvDv2jUXz9pluBBaw13izmnEiuzeN_qf1EINKq5bI-ytx5KYR7Uio2qjttNvPu1MWqCR1raCbiT7ihSzd8V9BetM_M7FCtDPIxX3ai6Opx625fLCBSF0yAwINeqsKbiPmKibbZU_48; expires=Sat, 06-Jan-2024 10:21:59 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=lax
CONSENT=PENDING+085; expires=Thu, 05-Dec-2024 18:03:41 GMT; path=/; domain=.google.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 06 Dec 2022 18:03:41 GMT
X-Firefox-Spdy: h2
play.google.com/log?format=json&hasfast=true&authuser=0
200 OK 131 B URL HTTP/2 play.google.com/log?format=json&hasfast=true&authuser=0
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash babb6f090aeebc6f421624475b4aefff
06079b7547949822c118224e51604f4c5ebf80c8
b2fe8b91f31edc7284cc9690e90dd4a38d985598374df68967d917590beb55dd
POST /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
X-Goog-AuthUser: 0
Content-Type: application/x-www-form-urlencoded;charset=utf-8
Content-Length: 2975
Origin: https://www.blogger.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://www.blogger.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web
content-type: text/plain; charset=UTF-8
content-encoding: gzip
date: Tue, 06 Dec 2022 18:03:41 GMT
server: Playlog
cache-control: private
content-length: 131
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: NID=511=Nb2dcxFz1tk3ZnFMj2Nw5fOwh9oJp0tYovppeAVegBGGO8hb-kfHTbsT18vzQDzbt_YzVIt0Ud4bzxh_q215t5CH5hGCthubhztVtlXXLDBo5rwZip4jO7VyoV-NbGGqCM8Sg8UE-XqZNeGh6J6OxCk8OfCniJ5Rs_qE3g_vINk; expires=Wed, 07-Jun-2023 18:03:41 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+953; expires=Thu, 05-Dec-2024 18:03:41 GMT; path=/; domain=.google.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 06 Dec 2022 18:03:41 GMT
X-Firefox-Spdy: h2
ww38.777seo.com/seo.php?username=billymoon&subid1=20221207-0503-40ec-a7e8-cafab1665da1&_xafvr=ZjNhNjkzYjAyZWFhZjU1NjcyMTdlODlhYmE4OWRjOTQ1ZThlNmRmOCw2MzhmODNmZDFkZDFh
200 OK 2.7 kB URL HTTP/1.1 ww38.777seo.com/seo.php?username=billymoon&subid1=20221207-0503-40ec-a7e8-cafab1665da1&_xafvr=ZjNhNjkzYjAyZWFhZjU1NjcyMTdlODlhYmE4OWRjOTQ1ZThlNmRmOCw2MzhmODNmZDFkZDFh
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash f3b93edc55c615ac9c469d5cecc1df17
46ed8f6872f64259e131e40569dc1169bcd44041
3c327432d66df6eedcbb132b5e75430724f7096a6bd370bfc9f4c647b38d86e7
GET /seo.php?username=billymoon&subid1=20221207-0503-40ec-a7e8-cafab1665da1&_xafvr=ZjNhNjkzYjAyZWFhZjU1NjcyMTdlODlhYmE4OWRjOTQ1ZThlNmRmOCw2MzhmODNmZDFkZDFh HTTP/1.1
Host: ww38.777seo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww38.777seo.com/seo.php?username=billymoon&subid1=20221207-0503-40ec-a7e8-cafab1665da1
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 18:03:41 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Vary: Accept-Encoding
X-Redirect: zeropark_yahoo
X-Template: tpl_CleanPeppermintBlack_twoclick
X-Language: norwegian
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-CH-Lifetime: 30
Content-Encoding: gzip
c.parkingcrew.net/scripts/sale_form.js
200 OK 761 B URL HTTP/1.1 c.parkingcrew.net/scripts/sale_form.js
IP
Hash 64f809e06446647e192fce8d1ec34e09
5b7ced07da42e205067afa88615317a277a4a82c
f52cbd664986ad7ed6e71c448e2d31d1a16463e4d9b7bca0c6be278649ccc4f3
GET /scripts/sale_form.js HTTP/1.1
Host: c.parkingcrew.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww38.777seo.com/
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 18:03:41 GMT
Content-Type: application/javascript
Content-Length: 761
Connection: keep-alive
Last-Modified: Tue, 12 May 2020 14:25:52 GMT
ETag: "5ebab1f0-2f9"
Accept-Ranges: bytes
ww38.777seo.com/favicon.ico
200 OK 0 B URL HTTP/1.1 ww38.777seo.com/favicon.ico
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: ww38.777seo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww38.777seo.com/seo.php?username=billymoon&subid1=20221207-0503-40ec-a7e8-cafab1665da1&_xafvr=ZjNhNjkzYjAyZWFhZjU1NjcyMTdlODlhYmE4OWRjOTQ1ZThlNmRmOCw2MzhmODNmZDFkZDFh
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 18:03:41 GMT
Content-Type: image/x-icon
Content-Length: 0
Connection: keep-alive
Server: nginx
Last-Modified: Tue, 12 May 2020 14:25:52 GMT
ETag: "5ebab1f0-0"
Accept-Ranges: bytes
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 38d1b99b93c7c08728c7f6fc6a92ef48
473b4bf9cad865141ed3c05c0bfae9cc91c2d859
19ef1237b8ff7755ed42bb73e5ffca2e7d4de397d7bd3fce0a915ae6a3878ecd
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=110490
Date: Tue, 06 Dec 2022 18:03:42 GMT
Etag: "638e7b07-1d7"
Expires: Thu, 08 Dec 2022 00:45:12 GMT
Last-Modified: Mon, 05 Dec 2022 23:13:11 GMT
Server: ECS (dcb/7F13)
X-Cache: Miss from cloudfront
Via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: sTX9s9UH0QbCj4mZBv5TwVEmeHR1RTLCYPzqPKxrTZdLN4xNhWfZYw==
Age: 5521
brigi-jar.com/lander?dn=777seo.com&feedid=c29bc710-7228-11ec-932e-0a0baae9769b&tag=1
200 OK 11 kB URL HTTP/2 brigi-jar.com/lander?dn=777seo.com&feedid=c29bc710-7228-11ec-932e-0a0baae9769b&tag=1
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1924)
Hash 70a7f3c15d8721076d0bce1c5d4e131c
006dbc4b2a3747c49e7a99ad4ce616e207ae85f5
2b02b8a9ecb05d082a730a315548df83eb24e1a656518ace732c62edc820fc04
GET /lander?dn=777seo.com&feedid=c29bc710-7228-11ec-932e-0a0baae9769b&tag=1 HTTP/1.1
Host: brigi-jar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ww38.777seo.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Dec 2022 18:03:42 GMT
content-type: text/html;charset=UTF-8
content-length: 10723
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash c10bc583c46449dc192a809398b4e814
ff0f7ad905d32d7f3d01e4054552d0ad551503a5
defd2b2559e55c9c6c0f8be9b23c53c4e781a736feae3dd73b4d203b69cfcc57
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 18:03:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
brigi-jar.com/main.js
200 OK 480 B IP
Hash 91558066fecbfc1f6f77842f6aa85a6c
6bb5c5f2cb4efaf30a8ab810e1b453dcb4df108e
efa0d78cbfa66831e490b26d1bb55b14f6c9f8f3a04b1d08403947abd25908ed
GET /main.js HTTP/1.1
Host: brigi-jar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://brigi-jar.com/lander?dn=777seo.com&feedid=c29bc710-7228-11ec-932e-0a0baae9769b&tag=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 18:03:42 GMT
content-type: application/javascript
content-length: 480
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
last-modified: Mon, 05 Dec 2022 10:19:13 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2
brigi-jar.com/style.css
200 OK 6.0 kB IP
Hash 2eb024ad11ef5f2e503bfb60117c25d8
235b5ca1205cc2ca3d0b8e4f98ce022512b05c0f
d8efc1d8e1100baf07f4105119fde6f8fe760a9efebf189adc5d9b3dfccc9e0a
GET /style.css HTTP/1.1
Host: brigi-jar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://brigi-jar.com/lander?dn=777seo.com&feedid=c29bc710-7228-11ec-932e-0a0baae9769b&tag=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 18:03:42 GMT
content-type: text/css
content-length: 5981
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
last-modified: Mon, 05 Dec 2022 10:19:13 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Poppins:300
200 OK 870 B URL HTTP/2 fonts.googleapis.com/css?family=Poppins:300
IP
Hash 03c4623805ae13c195f738cb9455a52a
ddb5092bfb166d2e56f78b12a31060f8a4ed380c
69fa0a4fb57f63b4414d60ce51a8381c9e0ef6e480cb5ce546de285aeb10aaa6
GET /css?family=Poppins:300 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://brigi-jar.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 06 Dec 2022 18:03:42 GMT
date: Tue, 06 Dec 2022 18:03:42 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
brigi-jar.com/empty.gif
200 OK 42 B IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /empty.gif HTTP/1.1
Host: brigi-jar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://brigi-jar.com/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 18:03:43 GMT
content-type: image/gif
content-length: 42
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
last-modified: Mon, 05 Dec 2022 10:19:13 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2
www.hugedomains.com/domain_profile.cfm?d=ad-u.com
200 OK 3.0 kB URL HTTP/2 www.hugedomains.com/domain_profile.cfm?d=ad-u.com
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1467), with CRLF, LF line terminators
Hash 36097c614bb25d9a3eda25662dd94cee
eadb90e9fadb1ec70a4122e2a34e5b8a5218130f
f38fcc0fadb7cf16f33b55193d4de2e16637e8f722afb6943c8764f1c444e512
GET /domain_profile.cfm?d=ad-u.com HTTP/1.1
Host: www.hugedomains.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://astridberges-frisbey.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Dec 2022 18:03:40 GMT
content-type: text/html; charset=utf-8
cache-control: private
vary: Accept-Encoding
set-cookie: site_version_phase=108; expires=Fri, 01-Dec-2023 18:03:40 GMT; path=/
site_version=HDv3; expires=Fri, 01-Dec-2023 18:03:40 GMT; path=/
captcha-tracker=; expires=Mon, 05-Dec-2022 18:03:40 GMT; path=/
x-powered-by: ASP.NET
lb: TclPrdLbHd1
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LM6uPa7J%2BQcE9sJGCkxb3b9IEoDqgh5mgD0N0Z6YN2FNU8Josbjgj6UGfPtIcI2B70eRE8RtPrzrkhiPnCpBIagU67J5wDuiAo2VdzsUj849dBX9zmhFQ97r4%2FsfKOngc9S4lYc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7756f08869870b3d-OSL
content-encoding: br
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
200 OK 8.2 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
IP
File type gzip compressed data, max compression\012- data
Hash 5c298f1563a3daf0901b0caedffd30fe
42aeefcb01cff04e65fb57ead0c98f240d303f59
7586f2286a2ca1802951681f2e0b7493037031c8d149bc65cfeb0d6d06ccc46e
GET /s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://brigi-jar.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:28:50 GMT
expires: Thu, 30 Nov 2023 19:28:50 GMT
cache-control: public, max-age=31536000
age: 513293
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 6b6e0fff7709484b45bfd0db482f92f2
8a7985bf468502e41c75611e14c67e85c16a0f03
827797cefa9a43ff4d562cc453f65121b9a0d35f0ec97bd45de96f8973f55349
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=107950
Date: Tue, 06 Dec 2022 18:03:43 GMT
Etag: "638e81fb-1d7"
Expires: Thu, 08 Dec 2022 00:02:53 GMT
Last-Modified: Mon, 05 Dec 2022 23:42:51 GMT
Server: ECS (dcb/7FA4)
X-Cache: Miss from cloudfront
Via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: eN76IH-GH5O-HUoUzfgxXbEnDrCH-sbG27P5-F1L1Ag7zcBvLo-Ncw==
Age: 1202
fonts.googleapis.com/css?family=Poppins
200 OK 25 kB URL HTTP/2 fonts.googleapis.com/css?family=Poppins
IP
Hash 9b515faff9f2b01db4f92f6f8c843a47
a34e8b0be8fa5f6d7d178feeac70b9be9fa204f8
a37e145535935b18b4cf23ca791db97e2e08b1b296c11ddff7d85c0cdfd661bc
GET /css?family=Poppins HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://brigi-jar.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 06 Dec 2022 18:03:42 GMT
date: Tue, 06 Dec 2022 18:03:42 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
newbeetle.org/forums/attachments/questions-issues-concerns-problems-new-beetle/60022d1249185019-volkswagen-new-beetle-1-8-turbo-gls-barbie_nb_interior_large.jpg
301 Moved Permanently 0 B URL HTTP/2 newbeetle.org/forums/attachments/questions-issues-concerns-problems-new-beetle/60022d1249185019-volkswagen-new-beetle-1-8-turbo-gls-barbie_nb_interior_large.jpg
IP
GET /forums/attachments/questions-issues-concerns-problems-new-beetle/60022d1249185019-volkswagen-new-beetle-1-8-turbo-gls-barbie_nb_interior_large.jpg HTTP/1.1
Host: newbeetle.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://astridberges-frisbey.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Tue, 06 Dec 2022 18:03:40 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
last-modified: Tue, 06 Dec 2022 18:03:40 GMT
location: /attachments/barbie_nb_interior_large-jpg.60022/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: private, no-cache, max-age=0
vary: Accept-Encoding
x-cluster-node: xenforo-91717439-7cf8bc8689-l6vrw
x-ua-compatible: IE=Edge,chrome=1
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' https://data-labeling.platforum.cloud/
x-envoy-upstream-service-time: 188
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: BYPASS
set-cookie: isInTestGroup_sidebarMiddleAd9010=1; expires=Thu, 05-Dec-2024 18:03:40 GMT; Max-Age=63072000; path=/; HttpOnly
experiment_sidebarMiddleAd9010=sidebarMiddleAdExp; expires=Thu, 05-Dec-2024 18:03:40 GMT; Max-Age=63072000; path=/; HttpOnly
xf_csrf=Z8eHxr_Qt99m0cxh; path=/; secure
__cf_bm=_ftRqcgcX73TFTtF7fi4U.XcSSZPJmvlVym4JFMh34c-1670349820-0-AR874Jqgs+uft5A8VJ6uxJptb0LPD0fvGIP0B7x5kAzmpEiPKjDQ6baLGvT2lcE87YcF5mzthL6+vNc+MQU9KXt6j4/QpJvbZjf+XCp9MsFb; path=/; expires=Tue, 06-Dec-22 18:33:40 GMT; domain=.newbeetle.org; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 7756f08838b4b518-OSL
X-Firefox-Spdy: h2
www.domainmarket.com/buynow/ymads.com
200 OK 0 B URL HTTP/2 www.domainmarket.com/buynow/ymads.com
IP
GET /buynow/ymads.com HTTP/1.1
Host: www.domainmarket.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://astridberges-frisbey.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Dec 2022 18:03:40 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=172800
access-control-allow-origin: *
access-control-allow-methods: GET
last-modified: Tue, 06 Dec 2022 09:47:06 GMT
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hEL0siXkE4cevdTpEqNrIqn6h0uYy9Ou%2FZcVvwHys9mgeIGiyriXDAJE2oEzXLSZf4zewpPquJIjZRQlJ73heOFK%2B%2BSAgDclfD12QHZ3YzAyLV4%2Bwwd7c5teb2xgLfu%2FUZQC3Db5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7756f086fed0b518-OSL
content-encoding: br
X-Firefox-Spdy: h2
imganuncios.mitula.net/used_2003_volkswagen_beetle_for_sale_92696529107651905.jpg
403 Forbidden 0 B URL HTTP/2 imganuncios.mitula.net/used_2003_volkswagen_beetle_for_sale_92696529107651905.jpg
IP
GET /used_2003_volkswagen_beetle_for_sale_92696529107651905.jpg HTTP/1.1
Host: imganuncios.mitula.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://astridberges-frisbey.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
content-type: application/xml
date: Tue, 06 Dec 2022 18:03:39 GMT
server: AmazonS3
x-cache: Error from cloudfront
via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: L_-Wv6a_mDDs4aC8lMltY5W4xfVJQhKCEzn3-jlKK-UccFy6fUgJtg==
X-Firefox-Spdy: h2
imganuncios.mitula.net/used_2003_volkswagen_beetle_for_sale_93277417196951572.jpg
403 Forbidden 0 B URL HTTP/2 imganuncios.mitula.net/used_2003_volkswagen_beetle_for_sale_93277417196951572.jpg
IP
GET /used_2003_volkswagen_beetle_for_sale_93277417196951572.jpg HTTP/1.1
Host: imganuncios.mitula.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://astridberges-frisbey.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
content-type: application/xml
date: Tue, 06 Dec 2022 18:03:40 GMT
server: AmazonS3
x-cache: Error from cloudfront
via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: d6AKSen35VpaaK4ix__vk8CVaWiVSuryJulJ80ykWL2TXAGl8ELlTg==
X-Firefox-Spdy: h2
imganuncios.mitula.net/2003_volkswagen_new_beetle_gls_2_0l_glendale_heights_il_93319248746806567.jpg
403 Forbidden 0 B URL HTTP/2 imganuncios.mitula.net/2003_volkswagen_new_beetle_gls_2_0l_glendale_heights_il_93319248746806567.jpg
IP
GET /2003_volkswagen_new_beetle_gls_2_0l_glendale_heights_il_93319248746806567.jpg HTTP/1.1
Host: imganuncios.mitula.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://astridberges-frisbey.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
content-type: application/xml
date: Tue, 06 Dec 2022 18:03:39 GMT
server: AmazonS3
x-cache: Error from cloudfront
via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: spJ5h6cqpGpKaaAYAA1z3ofHs1ITtKd1R065WwcRWP0SW7Ow19K-NA==
X-Firefox-Spdy: h2
142.250.74.161
103.224.212.220
23.36.77.32
104.16.69.82
185.53.178.30
5.79.79.210
93.184.220.29