r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7c60904d097cde276e4e5632cef1b9f1
4f805026462589345d85e8df2d18eafba6237504
12af026999398f4976749e320667d43da3f99b7a2e8254aca7a410a964a106aa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "12AF026999398F4976749E320667D43DA3F99B7A2E8254ACA7A410A964A106AA"
Last-Modified: Thu, 24 Nov 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4776
Expires: Fri, 25 Nov 2022 05:04:35 GMT
Date: Fri, 25 Nov 2022 03:44:59 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash af40a2fcf8debb90c3608002da6c907a
3c75d6c0b557a3bd8d5db50155b8d896e852c145
555617a51ee3077552545a29a3baf0b43e8a82367e4c08110ee480ebedc8b523
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5090
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 03:44:59 GMT
Last-Modified: Fri, 25 Nov 2022 02:20:09 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 567df7db606cf5d0871aa5bc9311b6da
4263faac7cbab2fcaf6661911dcad5091c06be17
e9650e1fdc46fc8678708ddcc37ab369c7a6d50489a004be896f20c7a3a644b0
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 25 Nov 2022 03:19:02 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1557
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 260e9998c20d831b66f1029c8f47aac9
716d630f647c54dc69a7f9c63a6cac294b3df7f7
c9951a909f354174f0075a01c01c3c3aa6960983040e328bfbbbea81aeb405c2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C9951A909F354174F0075A01C01C3C3AA6960983040E328BFBBBEA81AEB405C2"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16714
Expires: Fri, 25 Nov 2022 08:23:33 GMT
Date: Fri, 25 Nov 2022 03:44:59 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: FojPZJYaxcWy7aWW2Zzo2GhLheewgsHHpN55eyIN0iypZ/3RX5oOmseF1tvVmdzHAVf6RHb7zGQ=
x-amz-request-id: J3KJ3ARVZWVE4G1J
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 25 Nov 2022 03:43:41 GMT
age: 78
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
pak-janggut.blogspot.com/2013/03/siapa-sebenarnya-tasha-manshahar.html
142.250.74.161200 OK 15 kB URL HTTP/1.1 pak-janggut.blogspot.com/2013/03/siapa-sebenarnya-tasha-manshahar.html
IP 142.250.74.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (5018)
Hash 74eaf25e3b567dee772bb2cb46b51e45
4f50eff8693703421ddd90f63bb3b39d3eb02e20
f72c0bd3af098d0aef5888adac06ab9e1f6d7e3fc9f669c0497dc15377ffe390
Analyzer Verdict Alert fortinet Malware
GET /2013/03/siapa-sebenarnya-tasha-manshahar.html HTTP/1.1
Host: pak-janggut.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Expires: Fri, 25 Nov 2022 03:44:59 GMT
Date: Fri, 25 Nov 2022 03:44:59 GMT
Cache-Control: private, max-age=0
Last-Modified: Wed, 23 Nov 2022 13:28:39 GMT
ETag: W/"2632c1924d5d6d80a07f9aed010d8e3e5bce62c48b9587f57a98d7493e578c7b"
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 15037
Server: GSE
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 03:44:59 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
pak-janggut.blogspot.com/js/cookienotice.js
142.250.74.161200 OK 2.0 kB URL HTTP/1.1 pak-janggut.blogspot.com/js/cookienotice.js
IP 142.250.74.161:0
Hash c4e1ed83d89245089b8a1203be20a377
f3940e1215b89300ef97d57a25993f25243b8688
afa801a129ff6fc98533118275db8a7d4a38fc91f8ab55ed4c19b864255e68d2
GET /js/cookienotice.js HTTP/1.1
Host: pak-janggut.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/2013/03/siapa-sebenarnya-tasha-manshahar.html
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 2026
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 22 Nov 2022 01:16:51 GMT
Expires: Tue, 29 Nov 2022 01:16:51 GMT
Cache-Control: public, max-age=604800
Last-Modified: Mon, 21 Nov 2022 21:54:35 GMT
Content-Type: text/javascript
Age: 268088
ajax.googleapis.com/ajax/libs/jquery/1.4.4/jquery.min.js
142.250.74.138200 OK 27 kB URL HTTP/1.1 ajax.googleapis.com/ajax/libs/jquery/1.4.4/jquery.min.js
IP 142.250.74.138:0
File type ASCII text, with very long lines (820)
Hash 88ed7d5a26ffff39cbae41fa7b2c615d
5ea49f5aeeb49e8abd640da2f6d657fb57cc5acc
52943bd40a595c39f84e23ddd74755daa4d013b55c709de9b312661e59103ab3
GET /ajax/libs/jquery/1.4.4/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="hosted-libraries-pushers"
Report-To: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Timing-Allow-Origin: *
Content-Length: 27266
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Sun, 20 Nov 2022 06:04:02 GMT
Expires: Mon, 20 Nov 2023 06:04:02 GMT
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Age: 423657
Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
Content-Type: text/javascript; charset=UTF-8
tags.h12-media.com/tags.js?site=4b434a53d7981a49e81903f9d05b6efe&type=728x90
154.51.131.141301 Moved Permanently 211 B URL HTTP/1.1 tags.h12-media.com/tags.js?site=4b434a53d7981a49e81903f9d05b6efe&type=728x90
IP 154.51.131.141:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash d8e41aba175e30cec76c81840b918f0a
6dfb307f00233621fce9ab173f49cd06e2d87937
2385d24a0dd2d25233391aa35b037a002cd1c30b160c06a832047f8e6dd2c18a
GET /tags.js?site=4b434a53d7981a49e81903f9d05b6efe&type=728x90 HTTP/1.1
Host: tags.h12-media.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=UTF-8
Location: https://tags.h12-media.com/tags.js?site=4b434a53d7981a49e81903f9d05b6efe&type=728x90
Server: Microsoft-IIS/10.0
Date: Fri, 25 Nov 2022 03:44:58 GMT
Content-Length: 211
tags.h12-media.com/tags.js?site=4b434a53d7981a49e81903f9d05b6efe&type=sliding&size=160x600&name=From+Right
154.51.131.141301 Moved Permanently 249 B URL HTTP/1.1 tags.h12-media.com/tags.js?site=4b434a53d7981a49e81903f9d05b6efe&type=sliding&size=160x600&name=From+Right
IP 154.51.131.141:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 12d9b2565cb5463a2454530f27a01c8e
f5826ca68e482a740cc0dfe6d541b5e552ddae26
db32e6ede2240f88efd408a33cf7befa41c3d12a21a5c8af362e5f0d03875d42
GET /tags.js?site=4b434a53d7981a49e81903f9d05b6efe&type=sliding&size=160x600&name=From+Right HTTP/1.1
Host: tags.h12-media.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=UTF-8
Location: https://tags.h12-media.com/tags.js?site=4b434a53d7981a49e81903f9d05b6efe&type=sliding&size=160x600&name=From+Right
Server: Microsoft-IIS/10.0
Date: Fri, 25 Nov 2022 03:44:58 GMT
Content-Length: 249
tags.h12-media.com/tags.js?site=4b434a53d7981a49e81903f9d05b6efe&type=300x250
154.51.131.141301 Moved Permanently 212 B URL HTTP/1.1 tags.h12-media.com/tags.js?site=4b434a53d7981a49e81903f9d05b6efe&type=300x250
IP 154.51.131.141:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 6dba0e0c6a1afb54d86bdd57c5d2943a
55a5a3d1bbcba2eda169245becb427b831299f6f
331bdbf606b5a7b744f95bbc31c6d5ecc4aa4e75ce50e308d4b6164217107957
GET /tags.js?site=4b434a53d7981a49e81903f9d05b6efe&type=300x250 HTTP/1.1
Host: tags.h12-media.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=UTF-8
Location: https://tags.h12-media.com/tags.js?site=4b434a53d7981a49e81903f9d05b6efe&type=300x250
Server: Microsoft-IIS/10.0
Date: Fri, 25 Nov 2022 03:44:58 GMT
Content-Length: 212
tags.h12-media.com/tags.js?site=4b434a53d7981a49e81903f9d05b6efe&type=sliding&size=728x90&name=From+Bottom
154.51.131.141301 Moved Permanently 249 B URL HTTP/1.1 tags.h12-media.com/tags.js?site=4b434a53d7981a49e81903f9d05b6efe&type=sliding&size=728x90&name=From+Bottom
IP 154.51.131.141:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash d4e4d4a48ee18114b8518db65a17e250
865aa0d38ee7d823fb08c0320c59fa19d5f9e073
ca13416e5755f3340257b632260ab72602d6c8e660c4a07d93df424cdfafe8b1
GET /tags.js?site=4b434a53d7981a49e81903f9d05b6efe&type=sliding&size=728x90&name=From+Bottom HTTP/1.1
Host: tags.h12-media.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=UTF-8
Location: https://tags.h12-media.com/tags.js?site=4b434a53d7981a49e81903f9d05b6efe&type=sliding&size=728x90&name=From+Bottom
Server: Microsoft-IIS/10.0
Date: Fri, 25 Nov 2022 03:44:58 GMT
Content-Length: 249
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 85c366a970be2cf52f279f054d4c13ea
203d25dc5965e9c45b25948ae4473d09a3e2fdaf
1373f167d86539ac40cfed4722408ded3edd87701107caa70da536dec8278249
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 03:44:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 85c366a970be2cf52f279f054d4c13ea
203d25dc5965e9c45b25948ae4473d09a3e2fdaf
1373f167d86539ac40cfed4722408ded3edd87701107caa70da536dec8278249
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 03:44:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 186f5295f578dc81663537fd23a898a8
212cd5caaa9d44817996854d067e7a4eae843a56
01a37259454aef3bf6436eeac239313c9bb17f58337ad0070c7784f154069e8f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 03:44:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 01f789642d92b84211d7a9391f4e55af
bfcdc40fa2e82882051aa26c61d81ffd98371506
66e2ca388a8696e08f992e3d34fe75dcccd99a0743605f3bf5e6c1c893750f24
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 03:44:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.blogger.com/static/v1/widgets/55013136-widget_css_bundle.css
142.250.74.105200 OK 6.6 kB URL HTTP/2 www.blogger.com/static/v1/widgets/55013136-widget_css_bundle.css
IP 142.250.74.105:0
File type ASCII text, with very long lines (30596)
Hash 6f46e6f68353c7911fe34f31faa1518f
ea4dbfa2f87c18e9c51c59a32dfa9afb9c2c3472
0be7e26374fcff6f423b88e5f2a05d1cfdcb56abb4a78fa125e391989782ae0f
GET /static/v1/widgets/55013136-widget_css_bundle.css HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 6620
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 22 Nov 2022 20:32:38 GMT
expires: Wed, 22 Nov 2023 20:32:38 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 22 Nov 2022 12:53:21 GMT
content-type: text/css
age: 198741
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.blogger.com/static/v1/jsbin/3469866930-comment_from_post_iframe.js
142.250.74.105200 OK 6.6 kB URL HTTP/2 www.blogger.com/static/v1/jsbin/3469866930-comment_from_post_iframe.js
IP 142.250.74.105:0
File type ASCII text, with very long lines (1441)
Hash f60e5037324bf7fd2256c16929886f09
aae4b1aea3737e0268e3578dd1d0e7cfe6c6d66b
71846da8d45274b77549b110389ab3dbcb8ce042051b5c39547909c1c343dfde
GET /static/v1/jsbin/3469866930-comment_from_post_iframe.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 6573
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 22 Nov 2022 18:59:43 GMT
expires: Wed, 22 Nov 2023 18:59:43 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Nov 2022 19:52:12 GMT
content-type: text/javascript
age: 204316
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
apis.google.com/js/platform.js
142.250.74.174200 OK 21 kB URL HTTP/2 apis.google.com/js/platform.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1279)
Hash 7ac44ef24e267df17ff72f195b252806
62db12d9ce11a576ccd7fa3544d851c5fd42f3b7
aae7897e7b55999c1b3166309381d19ac488dced51e14071339d8b193a686a61
GET /js/platform.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 20984
date: Fri, 25 Nov 2022 03:44:59 GMT
expires: Fri, 25 Nov 2022 03:44:59 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "7446758f13887885"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.blogger.com/static/v1/widgets/2342155703-widgets.js
142.250.74.105200 OK 57 kB URL HTTP/2 www.blogger.com/static/v1/widgets/2342155703-widgets.js
IP 142.250.74.105:0
File type ASCII text, with very long lines (2221)
Hash 1217c8e34acb09c7cea97bae4d386ea1
55ee17703d0a7710943e93913bacb49220d98b4b
c2f23437ab938096bf8b40de8b08c4f27bb880b7ef8588481ec5ccc08b58870b
GET /static/v1/widgets/2342155703-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 56726
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 21 Nov 2022 16:02:03 GMT
expires: Tue, 21 Nov 2023 16:02:03 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Nov 2022 00:52:59 GMT
content-type: text/javascript
age: 301376
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 01f789642d92b84211d7a9391f4e55af
bfcdc40fa2e82882051aa26c61d81ffd98371506
66e2ca388a8696e08f992e3d34fe75dcccd99a0743605f3bf5e6c1c893750f24
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 03:44:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 6fe23ae41ec0cbb3d702b1c64028cd13
e0e4d852454a5eae80a797aaa6f0991834dcc19a
47a12f27ec1ec271d17295d822c69d1b49c6a24107f3f7ce06a320688fae7f3c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 03:44:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
connect.facebook.net/en_US/all.js
157.240.200.14200 OK 1.7 kB URL HTTP/1.1 connect.facebook.net/en_US/all.js
IP 157.240.200.14:0
File type ASCII text, with very long lines (1957)
Hash 9839c2e0b93809288e9ff68dbc41e9f0
ac5a85d0fcb27bc67310e7983452909def3ceefe
94210f6cb6024d8ff1bcfd595be3dfb475c0aa47ecc00a7dc0b7e705abd12230
GET /en_US/all.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
HTTP/1.1 200 OK
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Expose-Headers: X-FB-Content-MD5
x-fb-content-md5: fc6e31a4b291ff79dd7fe1c57f8af95d
ETag: "07d197ff860b28325c540c5b39b935e4"
Content-Type: application/x-javascript; charset=utf-8
timing-allow-origin: *
Access-Control-Allow-Origin: *
cross-origin-resource-policy: cross-origin
Expires: Fri, 25 Nov 2022 04:04:27 GMT
Cache-Control: public,max-age=1200,stale-while-revalidate=3600
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
X-Content-Type-Options: nosniff
x-fb-rlafr: 0
X-Frame-Options: DENY
Strict-Transport-Security: max-age=31536000; preload; includeSubDomains
Content-MD5: mDnC4Lk4CSiOn/aNvEHp8A==
X-FB-Debug: FglsK95Esh4ytwBvM8sDDUzNgNv74EiBjb9p3DDr4BEY8ztjpOc99VAT9F2AxQpPF3VePxz2Pf7sXo1jUXBLPA==
Priority: u=3,i
X-FB-TRIP-ID: 1679558926
Date: Fri, 25 Nov 2022 03:44:59 GMT
Alt-Svc: h3=":443"; ma=86400
Connection: keep-alive
Content-Length: 1688
www.widgeo.net/geocompteur/geocity.php?c=geocity_rose&id=2052431&adult=0&cat=news
104.26.10.22200 OK 2.0 kB URL HTTP/1.1 www.widgeo.net/geocompteur/geocity.php?c=geocity_rose&id=2052431&adult=0&cat=news
IP 104.26.10.22:0
File type ASCII text, with very long lines (2149)
Hash 4b0c1a0d1aa4234cf191557e6bb22f21
4bbce4d28e0427fd5208694531db1b6687e0baf7
f8de6883280e63d4cd9b96b7e5e1cf657a2517f9ee1ac3bfb13eb52b62880cff
GET /geocompteur/geocity.php?c=geocity_rose&id=2052431&adult=0&cat=news HTTP/1.1
Host: www.widgeo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 03:44:59 GMT
Content-Type: application/javascript
Content-Length: 2034
Connection: keep-alive
set-cookie: w_js_ads_code=ok; expires=Thu, 01-Dec-2022 03:44:58 GMT; Max-Age=518400; path=/; domain=widgeo.net
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 03:44:58 GMT
content-encoding: gzip
vary: Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qay9TG0zhKeb4OAMz%2BMLcH1VfZMAONxPIf5wuyaA7CkAkaa0IWzP%2FJ1yvT4VLeLTdcz99Mvb0Iw0X9UOCNrv0ltkhlfnMqMSoNY0hce7TaBS0l7NvQg8p3jSDEEqD1xh"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 76f76392bde4b503-OSL
alt-svc: h2=":443"; ma=60
tags.h12-media.com/tags.js?site=4b434a53d7981a49e81903f9d05b6efe&type=sliding&size=160x600&name=From+Right
154.51.131.141200 OK 1.3 kB URL HTTP/2 tags.h12-media.com/tags.js?site=4b434a53d7981a49e81903f9d05b6efe&type=sliding&size=160x600&name=From+Right
IP 154.51.131.141:0
File type ASCII text, with very long lines (715), with CRLF line terminators
Hash d9492c86f50776d99fb5f87c897ef9bf
0251f6229dc4a3a5e4107e53fa3b605dc7ca5837
efec80690685737cb090cc20c82a4e5bf64a5ca33a6de6eccd87685ba618a96e
GET /tags.js?site=4b434a53d7981a49e81903f9d05b6efe&type=sliding&size=160x600&name=From+Right HTTP/1.1
Host: tags.h12-media.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://pak-janggut.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=300,private
content-type: application/x-javascript
content-encoding: gzip
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ARR/3.0
date: Fri, 25 Nov 2022 03:44:59 GMT
content-length: 1346
X-Firefox-Spdy: h2
tags.h12-media.com/tags.js?site=4b434a53d7981a49e81903f9d05b6efe&type=sliding&size=728x90&name=From+Bottom
154.51.131.141200 OK 1.3 kB URL HTTP/2 tags.h12-media.com/tags.js?site=4b434a53d7981a49e81903f9d05b6efe&type=sliding&size=728x90&name=From+Bottom
IP 154.51.131.141:0
File type ASCII text, with very long lines (716), with CRLF line terminators
Hash 827c141790f7849e9867f2860fa0b292
72732598323b41317af2a371f53e16aab77a94fa
8e6319519e2a5a9ea185c720f7fc0da24e82a51842bd019871873c0c984cfff0
GET /tags.js?site=4b434a53d7981a49e81903f9d05b6efe&type=sliding&size=728x90&name=From+Bottom HTTP/1.1
Host: tags.h12-media.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://pak-janggut.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=300,private
content-type: application/x-javascript
content-encoding: gzip
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ARR/3.0
date: Fri, 25 Nov 2022 03:44:59 GMT
content-length: 1346
X-Firefox-Spdy: h2
bdv.bidvertiser.com/BidVertiser.dbm?pid=361547%26bid=1169954
54.241.51.109200 OK 9.0 kB URL HTTP/1.1 bdv.bidvertiser.com/BidVertiser.dbm?pid=361547%26bid=1169954
IP 54.241.51.109:0
File type ASCII text, with CRLF line terminators
Hash 0d489677aaa27440619b64706f2cafe9
b87bf2207059e1db5a939e804c7e586e7b8ad125
0dab6095a7e07c26dc21102cfb0e3e81eda68ed0681d34b23719bd31bc188539
GET /BidVertiser.dbm?pid=361547%26bid=1169954 HTTP/1.1
Host: bdv.bidvertiser.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
HTTP/1.1 200 OK
Content-Type: text/javascript
Pragma: no-cache
Cache-Control: no-store
Expires: -1
Connection: close
Content-Length: 9014
www.linkwithin.com/widget.js
3.19.188.212404 Not Found 162 B URL HTTP/1.1 www.linkwithin.com/widget.js
IP 3.19.188.212:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 1b7c22a214949975556626d7217e9a39
d01c97e2944166ed23e47e4a62ff471ab8fa031f
340c8464c2007ce3f80682e15dfafa4180b641d53c14201b929906b7b0284d87
GET /widget.js HTTP/1.1
Host: www.linkwithin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
HTTP/1.1 404 Not Found
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 25 Nov 2022 03:44:59 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
tags.h12-media.com/tags.js?site=4b434a53d7981a49e81903f9d05b6efe&type=300x250
154.51.131.141200 OK 1.3 kB URL HTTP/2 tags.h12-media.com/tags.js?site=4b434a53d7981a49e81903f9d05b6efe&type=300x250
IP 154.51.131.141:0
File type ASCII text, with very long lines (705), with CRLF line terminators
Hash adfd8af029773a14a599e4f1e0dfdcdb
423df289f331de553ecd55137608b01083292ec5
8789bac84fca2d914978fd37d5e16d390305eacfcaf7ffe527dd18255c2f9a98
GET /tags.js?site=4b434a53d7981a49e81903f9d05b6efe&type=300x250 HTTP/1.1
Host: tags.h12-media.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://pak-janggut.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=300,private
content-type: application/x-javascript
content-encoding: gzip
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ARR/3.0
date: Fri, 25 Nov 2022 03:44:59 GMT
content-length: 1337
X-Firefox-Spdy: h2
tags.h12-media.com/tags.js?site=4b434a53d7981a49e81903f9d05b6efe&type=728x90
154.51.131.141200 OK 1.3 kB URL HTTP/2 tags.h12-media.com/tags.js?site=4b434a53d7981a49e81903f9d05b6efe&type=728x90
IP 154.51.131.141:0
File type ASCII text, with very long lines (704), with CRLF line terminators
Hash 9e2dcc9e5c7e07a21acc62d9887ca4d3
bd3a14abb1cab3850e02b635c420ecc7c8e4ff90
65e989d6c00e712c368bb428eafc6536ca7afcd645f85a92110bee63f3287eee
GET /tags.js?site=4b434a53d7981a49e81903f9d05b6efe&type=728x90 HTTP/1.1
Host: tags.h12-media.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://pak-janggut.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=300,private
content-type: application/x-javascript
content-encoding: gzip
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ARR/3.0
date: Fri, 25 Nov 2022 03:44:59 GMT
content-length: 1336
X-Firefox-Spdy: h2
bdv.bidvertiser.com/BidVertiser.dbm?pid=361547%26bid=1169953
54.241.51.109200 OK 9.0 kB URL HTTP/1.1 bdv.bidvertiser.com/BidVertiser.dbm?pid=361547%26bid=1169953
IP 54.241.51.109:0
File type ASCII text, with CRLF line terminators
Hash 0d489677aaa27440619b64706f2cafe9
b87bf2207059e1db5a939e804c7e586e7b8ad125
0dab6095a7e07c26dc21102cfb0e3e81eda68ed0681d34b23719bd31bc188539
GET /BidVertiser.dbm?pid=361547%26bid=1169953 HTTP/1.1
Host: bdv.bidvertiser.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
HTTP/1.1 200 OK
Content-Type: text/javascript
Pragma: no-cache
Cache-Control: no-store
Expires: -1
Connection: close
Content-Length: 9014
bdv.bidvertiser.com/BidVertiser.dbm?pid=361547%26bid=1169949
54.241.51.109200 OK 9.0 kB URL HTTP/1.1 bdv.bidvertiser.com/BidVertiser.dbm?pid=361547%26bid=1169949
IP 54.241.51.109:0
File type ASCII text, with CRLF line terminators
Hash 0d489677aaa27440619b64706f2cafe9
b87bf2207059e1db5a939e804c7e586e7b8ad125
0dab6095a7e07c26dc21102cfb0e3e81eda68ed0681d34b23719bd31bc188539
GET /BidVertiser.dbm?pid=361547%26bid=1169949 HTTP/1.1
Host: bdv.bidvertiser.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
HTTP/1.1 200 OK
Content-Type: text/javascript
Pragma: no-cache
Cache-Control: no-store
Expires: -1
Connection: close
Content-Length: 9014
bdv.bidvertiser.com/BidVertiser.dbm?pid=361547%26bid=1167641
54.241.51.109200 OK 9.0 kB URL HTTP/1.1 bdv.bidvertiser.com/BidVertiser.dbm?pid=361547%26bid=1167641
IP 54.241.51.109:0
File type ASCII text, with CRLF line terminators
Hash 0d489677aaa27440619b64706f2cafe9
b87bf2207059e1db5a939e804c7e586e7b8ad125
0dab6095a7e07c26dc21102cfb0e3e81eda68ed0681d34b23719bd31bc188539
GET /BidVertiser.dbm?pid=361547%26bid=1167641 HTTP/1.1
Host: bdv.bidvertiser.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
HTTP/1.1 200 OK
Content-Type: text/javascript
Pragma: no-cache
Cache-Control: no-store
Expires: -1
Connection: close
Content-Length: 9014
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Cache-Control, ETag, Pragma, Expires, Backoff, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 25 Nov 2022 03:08:53 GMT
cache-control: public,max-age=3600
age: 2166
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
www.samsengfb.com/samsengfb.js.php?token=8bce1b2342553c8507f0f7f5de798bc3.5912.6741
190.2.139.23200 OK 6.8 kB URL HTTP/1.1 www.samsengfb.com/samsengfb.js.php?token=8bce1b2342553c8507f0f7f5de798bc3.5912.6741
IP 190.2.139.23:0
ASN #49981 WorldStream B.V.
File type HTML document text\012- HTML document, ASCII text, with very long lines (17112)
Hash 601047c143be58f8ad745ee7095d57e3
2b52b70cd3aba284c42415a595f4c66fac5ce384
4500569b82e6b75d465ef56222d28fbf7be68290cce28f04eec095f03acb133d
Analyzer Verdict Alert fortinet Malware
GET /samsengfb.js.php?token=8bce1b2342553c8507f0f7f5de798bc3.5912.6741 HTTP/1.1
Host: www.samsengfb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Fri, 25 Nov 2022 03:44:59 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding, Accept-Encoding
X-Powered-By: PHP/7.2.34
Content-Encoding: gzip
i66.photobucket.com/albums/h260/toonybug/templatestag.png
143.204.55.54301 Moved Permanently 167 B URL HTTP/1.1 i66.photobucket.com/albums/h260/toonybug/templatestag.png
IP 143.204.55.54:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash f5d40b7259645010f9a248858ad14178
b3051d17a6ec8c9e166bf09a62b48261ab86957b
7f5007068d2b56ea9735e2490d60cff2e72cae312024ac1f6c91158eba47d05d
GET /albums/h260/toonybug/templatestag.png HTTP/1.1
Host: i66.photobucket.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
HTTP/1.1 301 Moved Permanently
Server: CloudFront
Date: Fri, 25 Nov 2022 03:44:59 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Location: https://i66.photobucket.com/albums/h260/toonybug/templatestag.png
X-Cache: Redirect from cloudfront
Via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: BNftfk7kcCbf8vFWldSgpGyMktyxWydz9DEoT4v6oraO8seMfryQ4g==
Vary: Origin
i155.photobucket.com/albums/s282/theviejo/recurso_9_7.jpg
143.204.55.106301 Moved Permanently 167 B URL HTTP/1.1 i155.photobucket.com/albums/s282/theviejo/recurso_9_7.jpg
IP 143.204.55.106:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash f5d40b7259645010f9a248858ad14178
b3051d17a6ec8c9e166bf09a62b48261ab86957b
7f5007068d2b56ea9735e2490d60cff2e72cae312024ac1f6c91158eba47d05d
GET /albums/s282/theviejo/recurso_9_7.jpg HTTP/1.1
Host: i155.photobucket.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
HTTP/1.1 301 Moved Permanently
Server: CloudFront
Date: Fri, 25 Nov 2022 03:44:59 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Location: https://i155.photobucket.com/albums/s282/theviejo/recurso_9_7.jpg
X-Cache: Redirect from cloudfront
Via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 0hxjZk66TKSNnXcaJt2EAvy7OWqkophB5MSeUI7I1z77xZBsDc-AMQ==
Vary: Origin
www.widgeo.net/img/logopm.png
104.26.10.22200 OK 714 B URL HTTP/1.1 www.widgeo.net/img/logopm.png
IP 104.26.10.22:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 3832d6b8d8c47a5cefe6561297b514f6
f7ebe08ccccde9ab79407b9348ffa8fa6c048d8d
c5fda4bddbc21f1d990ef4b42a6350e739a1870c73c6ab240aa921651bfe5a08
GET /img/logopm.png HTTP/1.1
Host: www.widgeo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 03:44:59 GMT
Content-Type: image/webp
Content-Length: 714
Connection: keep-alive
Cf-Bgj: imgq:100,h2pri
Cf-Polished: origFmt=png, origSize=847
Content-Disposition: inline; filename="logopm.webp"
Vary: Accept
cache-control: public, max-age=2592000
expires: Thu, 15 Dec 2022 19:43:44 GMT
last-modified: Thu, 20 Jun 2019 15:14:49 GMT
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 806475
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jglT9P8D8IJgKPYvOEeYCQiNtR8qgZa830AGmchHFlvbbkIvdNiVZPQ4MKjpjh%2BmKuS8Uggc2hA9DXknjAQQjV7ro%2BfE9rEDxINp1dHf0j2IMvRGGzy%2BnXaWCTmjZzjS"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 76f76395ceefb503-OSL
alt-svc: h2=":443"; ma=60
i66.photobucket.com/albums/h260/toonybug/background2-20.jpg
143.204.55.54301 Moved Permanently 167 B URL HTTP/1.1 i66.photobucket.com/albums/h260/toonybug/background2-20.jpg
IP 143.204.55.54:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash f5d40b7259645010f9a248858ad14178
b3051d17a6ec8c9e166bf09a62b48261ab86957b
7f5007068d2b56ea9735e2490d60cff2e72cae312024ac1f6c91158eba47d05d
GET /albums/h260/toonybug/background2-20.jpg HTTP/1.1
Host: i66.photobucket.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
HTTP/1.1 301 Moved Permanently
Server: CloudFront
Date: Fri, 25 Nov 2022 03:44:59 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Location: https://i66.photobucket.com/albums/h260/toonybug/background2-20.jpg
X-Cache: Redirect from cloudfront
Via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 5n5w5-VxH72j4kJgp9KDEBF8ULlhF_XeKx4G7i8DRKdAUto7l297Bg==
Vary: Origin
pagead2.googlesyndication.com/pagead/js/google_top_exp.js
142.250.74.130200 OK 67 B URL HTTP/1.1 pagead2.googlesyndication.com/pagead/js/google_top_exp.js
IP 142.250.74.130:0
Hash 9bbc3ca32ec951a484589ce0e6b4db73
753d6f6183b33b2dee5dde2208fca91c17f5bb13
b8f16a16d2a7ea39a9cc079fdbe3af7d31393d62a853668bdd549e0a0311cb3c
GET /pagead/js/google_top_exp.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
HTTP/1.1 200 OK
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: cafe
Content-Length: 67
X-XSS-Protection: 0
Date: Thu, 24 Nov 2022 10:51:13 GMT
Expires: Thu, 08 Dec 2022 10:51:13 GMT
Cache-Control: public, max-age=1209600
ETag: 13036835877489095579
Content-Type: text/javascript; charset=UTF-8
Age: 60826
tags.h12-media.com/v2/tags.js?placement=4b434a53d7981a49e81903f9d05b6efe&type=728x90&erdal=mercan&size=&appearance=&pname=&debug=&name=&code=&freq=&pb=&bref=http%3A%2F%2Fpak-janggut.blogspot.com%2F2013%2F03%2Fsiapa-sebenarnya-tasha-manshahar.html&href=undefined&rnd=0.19876470246905187&allowbackup=undefined&sability=undefined&cvfsy=undefined&mmtitw=undefined&bpos=undefined&bposscr=undefined&cdim=undefined&ddim=undefined&clngs=undefined&mdi=undefined&mhi=undefined
154.51.131.141301 Moved Permanently 693 B URL HTTP/1.1 tags.h12-media.com/v2/tags.js?placement=4b434a53d7981a49e81903f9d05b6efe&type=728x90&erdal=mercan&size=&appearance=&pname=&debug=&name=&code=&freq=&pb=&bref=http%3A%2F%2Fpak-janggut.blogspot.com%2F2013%2F03%2Fsiapa-sebenarnya-tasha-manshahar.html&href=undefined&rnd=0.19876470246905187&allowbackup=undefined&sability=undefined&cvfsy=undefined&mmtitw=undefined&bpos=undefined&bposscr=undefined&cdim=undefined&ddim=undefined&clngs=undefined&mdi=undefined&mhi=undefined
IP 154.51.131.141:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (650)
Hash 7ee17f71586749e01c0e796552bd0591
e07d2c03c160e0ebab2f4a767d9654c3af443afb
7ea955a487cf9828b88b2f31f34f9df32960ecfa2fc6cb74901d7883f4f26310
GET /v2/tags.js?placement=4b434a53d7981a49e81903f9d05b6efe&type=728x90&erdal=mercan&size=&appearance=&pname=&debug=&name=&code=&freq=&pb=&bref=http%3A%2F%2Fpak-janggut.blogspot.com%2F2013%2F03%2Fsiapa-sebenarnya-tasha-manshahar.html&href=undefined&rnd=0.19876470246905187&allowbackup=undefined&sability=undefined&cvfsy=undefined&mmtitw=undefined&bpos=undefined&bposscr=undefined&cdim=undefined&ddim=undefined&clngs=undefined&mdi=undefined&mhi=undefined HTTP/1.1
Host: tags.h12-media.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=UTF-8
Location: https://tags.h12-media.com/v2/tags.js?placement=4b434a53d7981a49e81903f9d05b6efe&type=728x90&erdal=mercan&size=&appearance=&pname=&debug=&name=&code=&freq=&pb=&bref=http%3A%2F%2Fpak-janggut.blogspot.com%2F2013%2F03%2Fsiapa-sebenarnya-tasha-manshahar.html&href=undefined&rnd=0.19876470246905187&allowbackup=undefined&sability=undefined&cvfsy=undefined&mmtitw=undefined&bpos=undefined&bposscr=undefined&cdim=undefined&ddim=undefined&clngs=undefined&mdi=undefined&mhi=undefined
Server: Microsoft-IIS/10.0
Date: Fri, 25 Nov 2022 03:44:59 GMT
Content-Length: 693
www.linkwithin.com/pixel.png
3.19.188.212200 OK 83 B URL HTTP/1.1 www.linkwithin.com/pixel.png
IP 3.19.188.212:0
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash ca1dba98f5e46c0e7a1549b3d8af9b93
37284bda145ed93cee64997e3d6688cae7d98468
88021da4a13d993a2c94e4d8ddc9bd98b34985d806371e71e0531b37b8a0e081
GET /pixel.png HTTP/1.1
Host: www.linkwithin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 25 Nov 2022 03:44:59 GMT
Content-Type: image/png
Content-Length: 83
Last-Modified: Thu, 18 Jun 2020 22:02:28 GMT
Connection: keep-alive
ETag: "5eebe474-53"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fb6949e7abaa473393f7c604691de14f
599681bba3947709baa603bbae2dd7afd04059a4
36c5165526ea9d34de14d36655ed494d0cffaa11ca3271ee47824ac11246ba13
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4219
Cache-Control: max-age=109929
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 03:44:59 GMT
Etag: "637f3429-1d7"
Expires: Sat, 26 Nov 2022 10:17:08 GMT
Last-Modified: Thu, 24 Nov 2022 09:06:49 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
tags.h12-media.com/v2/tags.js?placement=4b434a53d7981a49e81903f9d05b6efe&type=728x90&erdal=mercan&size=&appearance=&pname=&debug=&name=&code=&freq=&pb=&bref=http%3A%2F%2Fpak-janggut.blogspot.com%2F2013%2F03%2Fsiapa-sebenarnya-tasha-manshahar.html&href=undefined&rnd=0.19876470246905187&allowbackup=undefined&sability=undefined&cvfsy=undefined&mmtitw=undefined&bpos=undefined&bposscr=undefined&cdim=undefined&ddim=undefined&clngs=undefined&mdi=undefined&mhi=undefined
154.51.131.141200 OK 0 B URL HTTP/2 tags.h12-media.com/v2/tags.js?placement=4b434a53d7981a49e81903f9d05b6efe&type=728x90&erdal=mercan&size=&appearance=&pname=&debug=&name=&code=&freq=&pb=&bref=http%3A%2F%2Fpak-janggut.blogspot.com%2F2013%2F03%2Fsiapa-sebenarnya-tasha-manshahar.html&href=undefined&rnd=0.19876470246905187&allowbackup=undefined&sability=undefined&cvfsy=undefined&mmtitw=undefined&bpos=undefined&bposscr=undefined&cdim=undefined&ddim=undefined&clngs=undefined&mdi=undefined&mhi=undefined
IP 154.51.131.141:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v2/tags.js?placement=4b434a53d7981a49e81903f9d05b6efe&type=728x90&erdal=mercan&size=&appearance=&pname=&debug=&name=&code=&freq=&pb=&bref=http%3A%2F%2Fpak-janggut.blogspot.com%2F2013%2F03%2Fsiapa-sebenarnya-tasha-manshahar.html&href=undefined&rnd=0.19876470246905187&allowbackup=undefined&sability=undefined&cvfsy=undefined&mmtitw=undefined&bpos=undefined&bposscr=undefined&cdim=undefined&ddim=undefined&clngs=undefined&mdi=undefined&mhi=undefined HTTP/1.1
Host: tags.h12-media.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://pak-janggut.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: max-age=300,private
content-type: application/x-javascript
server: Microsoft-IIS/10.0
x-powered-by: ARR/3.0
date: Fri, 25 Nov 2022 03:44:59 GMT
content-length: 0
X-Firefox-Spdy: h2
fonts.gstatic.com/s/bentham/v18/VdGeAZQPEpYfmHglGWsxCQ.woff2
216.58.207.195200 OK 18 kB URL HTTP/1.1 fonts.gstatic.com/s/bentham/v18/VdGeAZQPEpYfmHglGWsxCQ.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 17988, version 1.0\012- data
Hash bf6a5846cb67a28b10fc51624b7c2021
aecc7ba490ee2def0bec0ad3bd79ba0caa0a4347
cb9dc64865a8ff81a07712442c9647fe79d1b371cdcbad6047d46bc7ee8254da
GET /s/bentham/v18/VdGeAZQPEpYfmHglGWsxCQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://pak-janggut.blogspot.com
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 17988
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 23 Nov 2022 13:35:15 GMT
Expires: Thu, 23 Nov 2023 13:35:15 GMT
Cache-Control: public, max-age=31536000
Age: 137384
Last-Modified: Tue, 19 Apr 2022 19:21:54 GMT
Content-Type: font/woff2
i66.photobucket.com/albums/h260/toonybug/header2-12.png
143.204.55.54301 Moved Permanently 167 B URL HTTP/1.1 i66.photobucket.com/albums/h260/toonybug/header2-12.png
IP 143.204.55.54:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash f5d40b7259645010f9a248858ad14178
b3051d17a6ec8c9e166bf09a62b48261ab86957b
7f5007068d2b56ea9735e2490d60cff2e72cae312024ac1f6c91158eba47d05d
GET /albums/h260/toonybug/header2-12.png HTTP/1.1
Host: i66.photobucket.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
HTTP/1.1 301 Moved Permanently
Server: CloudFront
Date: Fri, 25 Nov 2022 03:44:59 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Location: https://i66.photobucket.com/albums/h260/toonybug/header2-12.png
X-Cache: Redirect from cloudfront
Via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: PHLpvzEq8pzX1N17VJzQ_yYGiqkpI3BAuvyjoiR2D0B_NQ5RUdWAVA==
Vary: Origin
s10.histats.com/js15.js
46.105.201.240200 OK 4.4 kB IP 46.105.201.240:0
File type HTML document, ASCII text, with very long lines (11088), with no line terminators
Hash 688a4c6f6b98b3bfb618172e90695341
432a0d43c31e466673d13308db9e1ba5e519619c
becf42e9318b096cf691c11947c601c75b0b5ba2a6421fd2e676f62c646c17c5
GET /js15.js HTTP/1.1
Host: s10.histats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
HTTP/1.1 200 OK
date: Fri, 25 Nov 2022 03:39:52 GMT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
x-request-id: 704120907
etag: W/"980881274"
content-type: application/javascript; charset=UTF-8
content-encoding: gzip
vary: Accept-Encoding
x-cdn-pop: sbg
x-cdn-pop-ip: 137.74.120.0/27
x-cacheable: Matched cache
accept-ranges: bytes
content-length: 4405
x-iplb-request-id: 5B5A2A9A:7334_2E69C9F0:0050_63803A3B_5E98:25BA3
x-iplb-instance: 42473
fonts.gstatic.com/s/molengo/v16/I_uuMpWeuBzZNBtQXbNakw.woff2
216.58.207.195200 OK 14 kB URL HTTP/1.1 fonts.gstatic.com/s/molengo/v16/I_uuMpWeuBzZNBtQXbNakw.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 14016, version 1.0\012- data
Hash eca165efaa8a5c693fcf7b3a26cef43b
b5b486f83648089b2653aacdcab3d4516a6aee98
31addde7fb28b34660534c075be0623c663561d371279da1ab9689761db6c7da
GET /s/molengo/v16/I_uuMpWeuBzZNBtQXbNakw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://pak-janggut.blogspot.com
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 14016
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 23 Nov 2022 09:16:06 GMT
Expires: Thu, 23 Nov 2023 09:16:06 GMT
Cache-Control: public, max-age=31536000
Age: 152933
Last-Modified: Tue, 26 Apr 2022 15:27:44 GMT
Content-Type: font/woff2
www.rahsiakuihraya.com/images/ban3.gif
34.98.99.30200 OK 2.6 kB URL HTTP/1.1 www.rahsiakuihraya.com/images/ban3.gif
IP 34.98.99.30:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2551), with no line terminators
Hash 6e0e72649d50296f15557e931c1e05e9
a86f0f6aa222653013fe3c36d434f67057c85e64
895c0f60e59fdd84e53ab7ddb8866c8f49e45386632dca017efedd48313c9e0c
GET /images/ban3.gif HTTP/1.1
Host: www.rahsiakuihraya.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
HTTP/1.1 200 OK
Server: openresty
Date: Fri, 25 Nov 2022 03:44:59 GMT
Content-Type: text/html
Content-Length: 2551
Last-Modified: Wed, 23 Nov 2022 16:09:18 GMT
ETag: "637e45ae-9f7"
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_KtgrS35it06UYLDHWX2lqjXc6cYq/W2GL8Ir/NcJhmYxNo3vs/U052xfSkl3wbZgp1eOKi6QVqfWzvZapoVRww
Set-Cookie: system=PW;Path=/;Max-Age=86400;
caf_ipaddr=91.90.42.154;Path=/;Max-Age=86400;
country=NO;Path=/;Max-Age=86400;
city="";Path=/;Max-Age=86400;
traffic_target=reseller;Path=/;Max-Age=86400;
Accept-Ranges: bytes
Via: 1.1 google
fonts.gstatic.com/s/calligraffitti/v19/46k2lbT3XjDVqJw3DCmCFjE0vkFeOZc.woff2
216.58.207.195200 OK 30 kB URL HTTP/1.1 fonts.gstatic.com/s/calligraffitti/v19/46k2lbT3XjDVqJw3DCmCFjE0vkFeOZc.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 29868, version 1.0\012- data
Hash 8b26cc331e323dda95ea6d0dcf4d7542
1f6b0e5440044f6aa75b1f73d2f9c63a2f75bba9
2d5059c07b957f989ee2ed276e1f6d20428f4d3ed2523e7c305bd3e3ebc092ec
GET /s/calligraffitti/v19/46k2lbT3XjDVqJw3DCmCFjE0vkFeOZc.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://pak-janggut.blogspot.com
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 29868
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 23 Nov 2022 13:27:19 GMT
Expires: Thu, 23 Nov 2023 13:27:19 GMT
Cache-Control: public, max-age=31536000
Age: 137860
Last-Modified: Tue, 19 Apr 2022 19:09:14 GMT
Content-Type: font/woff2
i66.photobucket.com/albums/h260/toonybug/header2-12.png
143.204.55.54200 OK 88 kB URL HTTP/2 i66.photobucket.com/albums/h260/toonybug/header2-12.png
IP 143.204.55.54:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash e77dc4b55a98f0276e869e8233aad288
f77186296a3c1a292896bb5f14300fc3cc73e517
1ab90235b5b9dd020b47882fad9b575eb25f3af7bd95362ad95c9089ab53b146
GET /albums/h260/toonybug/header2-12.png HTTP/1.1
Host: i66.photobucket.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://pak-janggut.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/webp
content-length: 88336
date: Tue, 22 Nov 2022 01:16:53 GMT
cache-control: max-age=31536000, public
content-disposition: inline; filename="header2-12.webp"
expires: Wed, 22 Nov 2023 01:16:53 GMT
server: photobucket
x-amzn-trace-id: Root=1-637c2304-1d4929b631521cda68b259b5
x-request-id: 4wJPPx45KgVSDbB3FLXVe
x-cache: Hit from cloudfront
via: 1.1 814e8c24454087e83cd261a6cf477166.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: rvqpDTOA_tLiUtub0g_r8sPQhcGm5rinbHSF8CARfwCPDfhuL2qu6g==
age: 268087
vary: Accept, Origin
X-Firefox-Spdy: h2
i155.photobucket.com/albums/s282/theviejo/recurso_9_7.jpg
143.204.55.54200 OK 866 B URL HTTP/2 i155.photobucket.com/albums/s282/theviejo/recurso_9_7.jpg
IP 143.204.55.54:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash cc4c3239458044ac24fec670759abe98
1d82930aeb5ee83c27c9cf18e4032c5ccc79fa9e
7e7869c41d518540d17a4197002c2d327bb3b39714f2ae67ede24aeaabc2a6f9
GET /albums/s282/theviejo/recurso_9_7.jpg HTTP/1.1
Host: i155.photobucket.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://pak-janggut.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/webp
content-length: 866
date: Tue, 22 Nov 2022 01:16:52 GMT
cache-control: max-age=31536000, public
content-disposition: inline; filename="recurso_9_7.webp"
expires: Wed, 22 Nov 2023 01:16:52 GMT
server: photobucket
x-amzn-trace-id: Root=1-637c2304-7fef4af7682431c835a5cf1b
x-request-id: Ai-QJIA8IlsPfcNS8tw59
x-cache: Hit from cloudfront
via: 1.1 814e8c24454087e83cd261a6cf477166.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: op4YmDq6h2UH6QMvd02DZcwrxeVu2UGIdX40-SgQC1wYVkX3elLEBg==
age: 268088
vary: Accept, Origin
X-Firefox-Spdy: h2
tags.h12-media.com/v2/tags.js?placement=4b434a53d7981a49e81903f9d05b6efe&type=300x250&erdal=mercan&size=&appearance=&pname=&debug=&name=&code=&freq=&pb=&bref=http%3A%2F%2Fpak-janggut.blogspot.com%2F2013%2F03%2Fsiapa-sebenarnya-tasha-manshahar.html&href=undefined&rnd=0.6674645411412855&allowbackup=undefined&sability=undefined&cvfsy=undefined&mmtitw=undefined&bpos=undefined&bposscr=undefined&cdim=undefined&ddim=undefined&clngs=undefined&mdi=undefined&mhi=undefined
154.51.131.141301 Moved Permanently 693 B URL HTTP/1.1 tags.h12-media.com/v2/tags.js?placement=4b434a53d7981a49e81903f9d05b6efe&type=300x250&erdal=mercan&size=&appearance=&pname=&debug=&name=&code=&freq=&pb=&bref=http%3A%2F%2Fpak-janggut.blogspot.com%2F2013%2F03%2Fsiapa-sebenarnya-tasha-manshahar.html&href=undefined&rnd=0.6674645411412855&allowbackup=undefined&sability=undefined&cvfsy=undefined&mmtitw=undefined&bpos=undefined&bposscr=undefined&cdim=undefined&ddim=undefined&clngs=undefined&mdi=undefined&mhi=undefined
IP 154.51.131.141:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (650)
Hash 6c32c4234b2c130bc60375ee8e5eb1b5
2de4ec1a908f357ad377156e8af6d7c05df8be5c
f87caa8b09b3a00013b91c9e728019912489acd981a7fbed80d57f88d7011a29
GET /v2/tags.js?placement=4b434a53d7981a49e81903f9d05b6efe&type=300x250&erdal=mercan&size=&appearance=&pname=&debug=&name=&code=&freq=&pb=&bref=http%3A%2F%2Fpak-janggut.blogspot.com%2F2013%2F03%2Fsiapa-sebenarnya-tasha-manshahar.html&href=undefined&rnd=0.6674645411412855&allowbackup=undefined&sability=undefined&cvfsy=undefined&mmtitw=undefined&bpos=undefined&bposscr=undefined&cdim=undefined&ddim=undefined&clngs=undefined&mdi=undefined&mhi=undefined HTTP/1.1
Host: tags.h12-media.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=UTF-8
Location: https://tags.h12-media.com/v2/tags.js?placement=4b434a53d7981a49e81903f9d05b6efe&type=300x250&erdal=mercan&size=&appearance=&pname=&debug=&name=&code=&freq=&pb=&bref=http%3A%2F%2Fpak-janggut.blogspot.com%2F2013%2F03%2Fsiapa-sebenarnya-tasha-manshahar.html&href=undefined&rnd=0.6674645411412855&allowbackup=undefined&sability=undefined&cvfsy=undefined&mmtitw=undefined&bpos=undefined&bposscr=undefined&cdim=undefined&ddim=undefined&clngs=undefined&mdi=undefined&mhi=undefined
Server: Microsoft-IIS/10.0
Date: Fri, 25 Nov 2022 03:44:59 GMT
Content-Length: 693
www.buatcoklat.com/images/banner03.gif
45.79.19.196302 Found 0 B URL HTTP/1.1 www.buatcoklat.com/images/banner03.gif
IP 45.79.19.196:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /images/banner03.gif HTTP/1.1
Host: www.buatcoklat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
HTTP/1.1 302 Found
server: openresty/1.13.6.1
date: Fri, 25 Nov 2022 03:44:59 GMT
content-type: text/html; charset=utf-8
content-length: 0
location: https://d39f23jfph0ylk.cloudfront.net/buatcoklat.com.gif
vary: Accept-Language
content-language: en
connection: close
tags.h12-media.com/v2/tags.js?placement=4b434a53d7981a49e81903f9d05b6efe&type=300x250&erdal=mercan&size=&appearance=&pname=&debug=&name=&code=&freq=&pb=&bref=http%3A%2F%2Fpak-janggut.blogspot.com%2F2013%2F03%2Fsiapa-sebenarnya-tasha-manshahar.html&href=undefined&rnd=0.6674645411412855&allowbackup=undefined&sability=undefined&cvfsy=undefined&mmtitw=undefined&bpos=undefined&bposscr=undefined&cdim=undefined&ddim=undefined&clngs=undefined&mdi=undefined&mhi=undefined
154.51.131.141200 OK 0 B URL HTTP/2 tags.h12-media.com/v2/tags.js?placement=4b434a53d7981a49e81903f9d05b6efe&type=300x250&erdal=mercan&size=&appearance=&pname=&debug=&name=&code=&freq=&pb=&bref=http%3A%2F%2Fpak-janggut.blogspot.com%2F2013%2F03%2Fsiapa-sebenarnya-tasha-manshahar.html&href=undefined&rnd=0.6674645411412855&allowbackup=undefined&sability=undefined&cvfsy=undefined&mmtitw=undefined&bpos=undefined&bposscr=undefined&cdim=undefined&ddim=undefined&clngs=undefined&mdi=undefined&mhi=undefined
IP 154.51.131.141:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v2/tags.js?placement=4b434a53d7981a49e81903f9d05b6efe&type=300x250&erdal=mercan&size=&appearance=&pname=&debug=&name=&code=&freq=&pb=&bref=http%3A%2F%2Fpak-janggut.blogspot.com%2F2013%2F03%2Fsiapa-sebenarnya-tasha-manshahar.html&href=undefined&rnd=0.6674645411412855&allowbackup=undefined&sability=undefined&cvfsy=undefined&mmtitw=undefined&bpos=undefined&bposscr=undefined&cdim=undefined&ddim=undefined&clngs=undefined&mdi=undefined&mhi=undefined HTTP/1.1
Host: tags.h12-media.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://pak-janggut.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: max-age=300,private
content-type: application/x-javascript
server: Microsoft-IIS/10.0
x-powered-by: ARR/3.0
date: Fri, 25 Nov 2022 03:44:59 GMT
content-length: 0
X-Firefox-Spdy: h2
2.bp.blogspot.com/-aC4piBxpKVA/UU_y9Zt8beI/AAAAAAABe8E/6SYns877FlA/s320/gambar+biodata+siapa+tasha+manshahar.JPG
142.250.74.161200 OK 26 kB URL HTTP/1.1 2.bp.blogspot.com/-aC4piBxpKVA/UU_y9Zt8beI/AAAAAAABe8E/6SYns877FlA/s320/gambar+biodata+siapa+tasha+manshahar.JPG
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 263x320, components 3\012- data
Hash c3be07240cd2895bfb85622c1df000ea
225d4e1298c2259b45d07bdb09a9b282fdaa4dae
d93d126fc8726100671fadcb021741c772f7adbc9724874e4c6d0e07e6060095
GET /-aC4piBxpKVA/UU_y9Zt8beI/AAAAAAABe8E/6SYns877FlA/s320/gambar+biodata+siapa+tasha+manshahar.JPG HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v17bc2"
Expires: Sat, 26 Nov 2022 03:45:00 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="gambar biodata siapa tasha manshahar.JPG"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Fri, 25 Nov 2022 03:45:00 GMT
Server: fife
Content-Length: 26133
X-XSS-Protection: 0
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash fa3ba88f6bee30e5a57694e5f49faa65
821c8f9f416c2a69457195026a3e029644ec2c82
b470eddfdeb6599c26456b93b717aa08f71dd73a6882f497a39bcddcdb6f770c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4247
Cache-Control: max-age=141999
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 03:45:00 GMT
Etag: "637fb154-117"
Expires: Sat, 26 Nov 2022 19:11:39 GMT
Last-Modified: Thu, 24 Nov 2022 18:00:52 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 279
i66.photobucket.com/albums/h260/toonybug/postimage.png
143.204.55.54301 Moved Permanently 167 B URL HTTP/1.1 i66.photobucket.com/albums/h260/toonybug/postimage.png
IP 143.204.55.54:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash f5d40b7259645010f9a248858ad14178
b3051d17a6ec8c9e166bf09a62b48261ab86957b
7f5007068d2b56ea9735e2490d60cff2e72cae312024ac1f6c91158eba47d05d
GET /albums/h260/toonybug/postimage.png HTTP/1.1
Host: i66.photobucket.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
HTTP/1.1 301 Moved Permanently
Server: CloudFront
Date: Fri, 25 Nov 2022 03:45:00 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Location: https://i66.photobucket.com/albums/h260/toonybug/postimage.png
X-Cache: Redirect from cloudfront
Via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: x4TKFPSozFnkP_rNO6iZ0DFM8FeqTzmnS9IxxWYPRHmbj5palEg54w==
Vary: Origin
i66.photobucket.com/albums/h260/toonybug/divider-9.png
143.204.55.54301 Moved Permanently 167 B URL HTTP/1.1 i66.photobucket.com/albums/h260/toonybug/divider-9.png
IP 143.204.55.54:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash f5d40b7259645010f9a248858ad14178
b3051d17a6ec8c9e166bf09a62b48261ab86957b
7f5007068d2b56ea9735e2490d60cff2e72cae312024ac1f6c91158eba47d05d
GET /albums/h260/toonybug/divider-9.png HTTP/1.1
Host: i66.photobucket.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
HTTP/1.1 301 Moved Permanently
Server: CloudFront
Date: Fri, 25 Nov 2022 03:45:00 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Location: https://i66.photobucket.com/albums/h260/toonybug/divider-9.png
X-Cache: Redirect from cloudfront
Via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: MI2C3i_7reJ2R7D0qeSr6T4zG4WEMcPq9LVBPGlbH2jlgg4SeNpmIQ==
Vary: Origin
1.bp.blogspot.com/-FKnrqMv8zQk/UU_0DbR3UwI/AAAAAAABe8M/94DbubkMI9g/w72-h72-p-k-no-nu/almy+nadia.jpg
142.250.74.161200 OK 5.0 kB URL HTTP/1.1 1.bp.blogspot.com/-FKnrqMv8zQk/UU_0DbR3UwI/AAAAAAABe8M/94DbubkMI9g/w72-h72-p-k-no-nu/almy+nadia.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, description=Almy Nadia - MAJLIS DOA SELAMAT DAN PELANCARAN FILEM 4 MADU, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 7445bbcb870eac69690129e9bf030c22
b53014de49581764c89280efeee16ad29b413212
2ce37c11b36ba515d52ef84780be47eb64686800fd546fb637e5210006d31122
GET /-FKnrqMv8zQk/UU_0DbR3UwI/AAAAAAABe8M/94DbubkMI9g/w72-h72-p-k-no-nu/almy+nadia.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v17bc4"
Expires: Sat, 26 Nov 2022 03:45:00 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="almy nadia.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Fri, 25 Nov 2022 03:45:00 GMT
Server: fife
Content-Length: 4999
X-XSS-Protection: 0
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash fa3ba88f6bee30e5a57694e5f49faa65
821c8f9f416c2a69457195026a3e029644ec2c82
b470eddfdeb6599c26456b93b717aa08f71dd73a6882f497a39bcddcdb6f770c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4247
Cache-Control: max-age=141999
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 03:45:00 GMT
Etag: "637fb154-117"
Expires: Sat, 26 Nov 2022 19:11:39 GMT
Last-Modified: Thu, 24 Nov 2022 18:00:52 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 279
www.linkwithin.com/widget.js
3.19.188.212404 Not Found 162 B URL HTTP/1.1 www.linkwithin.com/widget.js
IP 3.19.188.212:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 1b7c22a214949975556626d7217e9a39
d01c97e2944166ed23e47e4a62ff471ab8fa031f
340c8464c2007ce3f80682e15dfafa4180b641d53c14201b929906b7b0284d87
GET /widget.js HTTP/1.1
Host: www.linkwithin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
HTTP/1.1 404 Not Found
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 25 Nov 2022 03:45:00 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 490d1c41e2c1a3eab342897ce2cd7cf9
7149af5d9797e2164e27017a232d8ab4486ea468
fe9ddbc5c58cab3d45c1f557244d72009e8ba777d57c308650fd828a785db291
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FE9DDBC5C58CAB3D45C1F557244D72009E8BA777D57C308650FD828A785DB291"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9158
Expires: Fri, 25 Nov 2022 06:17:38 GMT
Date: Fri, 25 Nov 2022 03:45:00 GMT
Connection: keep-alive
i66.photobucket.com/albums/h260/toonybug/templatestag.png
143.204.55.54200 OK 6.1 kB URL HTTP/2 i66.photobucket.com/albums/h260/toonybug/templatestag.png
IP 143.204.55.54:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 034aa733dacc7922e2d827d110a6277b
2bc7f2d7a43f541078f389e430a513d42451165b
aa1194a4bde2d3989823fb461bff38780122f52b25260bd8bbf4ae269627dd46
GET /albums/h260/toonybug/templatestag.png HTTP/1.1
Host: i66.photobucket.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://pak-janggut.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/webp
content-length: 6098
date: Fri, 25 Nov 2022 03:45:00 GMT
cache-control: max-age=31536000, public
content-disposition: inline; filename="templatestag.webp"
expires: Sat, 25 Nov 2023 03:45:00 GMT
server: photobucket
x-amzn-trace-id: Root=1-63803a3c-4d64af16581118f75ca0a78c
x-request-id: Sa-e0pDIz97RVuhS1xZp4
x-cache: Miss from cloudfront
via: 1.1 814e8c24454087e83cd261a6cf477166.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: HP9kOEb0lAopqtp6zTXnVROrQClp3pkS1rh2-8UvmGB1lebUu80riw==
vary: Accept, Origin
X-Firefox-Spdy: h2
lh6.ggpht.com/-69CvTZ1T7PI/UEphIeVC26I/AAAAAAAAcvk/X9m9pPiGWyg/w72-h72-p-k-no-nu/dn_02.1_thumb.jpg?imgmax=800
142.250.74.1200 OK 3.6 kB URL HTTP/1.1 lh6.ggpht.com/-69CvTZ1T7PI/UEphIeVC26I/AAAAAAAAcvk/X9m9pPiGWyg/w72-h72-p-k-no-nu/dn_02.1_thumb.jpg?imgmax=800
IP 142.250.74.1:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 06e9edda8ca1c671beabb7027ad9dc11
26cd39c1b804251e9fe20a9b682830ade2952a13
7824e7f51c3e35861086ddc826439bde13c395785a39073812407e3f57ce932f
GET /-69CvTZ1T7PI/UEphIeVC26I/AAAAAAAAcvk/X9m9pPiGWyg/w72-h72-p-k-no-nu/dn_02.1_thumb.jpg?imgmax=800 HTTP/1.1
Host: lh6.ggpht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v72f9"
Expires: Sat, 26 Nov 2022 03:45:00 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="dn_02.1_thumb.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Fri, 25 Nov 2022 03:45:00 GMT
Server: fife
Content-Length: 3617
X-XSS-Protection: 0
2.bp.blogspot.com/-ksZ_hd6RzpM/T-seqBXs_CI/AAAAAAAAELo/ynsGXBny11o/w72-h72-p-k-no-nu/images+(3).jpg
142.250.74.161200 OK 2.9 kB URL HTTP/1.1 2.bp.blogspot.com/-ksZ_hd6RzpM/T-seqBXs_CI/AAAAAAAAELo/ynsGXBny11o/w72-h72-p-k-no-nu/images+(3).jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 2756c2da9346b93f28644e21480a7b60
3da79d73ec8ad37f2f76b4510dcf52f4d05e725a
e97ba88ff3ded1de349637f3e3aa770d0ac35cd7dd9b7687970431e578a9a27f
GET /-ksZ_hd6RzpM/T-seqBXs_CI/AAAAAAAAELo/ynsGXBny11o/w72-h72-p-k-no-nu/images+(3).jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="images (3).jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 2885
X-XSS-Protection: 0
Date: Fri, 25 Nov 2022 03:45:00 GMT
Expires: Wed, 23 Nov 2022 01:16:52 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v10ba"
Content-Type: image/jpeg
Age: 0
lh6.ggpht.com/-aPd-Q2up9is/UfnTeyMl75I/AAAAAAABzAU/bm2TTgPVFBI/w72-h72-p-k-no-nu/1013400_177175285783447_129086622_n1_thumb.jpg?imgmax=800
142.250.74.1200 OK 3.8 kB URL HTTP/1.1 lh6.ggpht.com/-aPd-Q2up9is/UfnTeyMl75I/AAAAAAABzAU/bm2TTgPVFBI/w72-h72-p-k-no-nu/1013400_177175285783447_129086622_n1_thumb.jpg?imgmax=800
IP 142.250.74.1:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 669cd2e5aaba5c409c6119fa61f87503
33ca74c488dea7f88baa94e46b973159c0ce49e4
de49189aabff54c452860dc1411c15d116768afba903cde1e2a83bef6cd0ead4
GET /-aPd-Q2up9is/UfnTeyMl75I/AAAAAAABzAU/bm2TTgPVFBI/w72-h72-p-k-no-nu/1013400_177175285783447_129086622_n1_thumb.jpg?imgmax=800 HTTP/1.1
Host: lh6.ggpht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="1013400_177175285783447_129086622_n1_thumb.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 3815
X-XSS-Protection: 0
Date: Fri, 25 Nov 2022 03:45:00 GMT
Expires: Thu, 24 Nov 2022 03:59:52 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v1cc06"
Content-Type: image/jpeg
Age: 0
www.widgeo.net/geocompteur/geocity_html.php?id=2052431&c=geocity_rose&size=&nostats=&title=Pak%20Janggut%20Tukang%20Cerita%3A%20Siapa%20Sebenarnya%20Tasha%20Manshahar%3F&ref=pak-janggut.blogspot.com&fullurl=http%3A%2F%2Fpak-janggut.blogspot.com%2F2013%2F03%2Fsiapa-sebenarnya-tasha-manshahar.html
104.26.10.22200 OK 2.1 kB URL HTTP/1.1 www.widgeo.net/geocompteur/geocity_html.php?id=2052431&c=geocity_rose&size=&nostats=&title=Pak%20Janggut%20Tukang%20Cerita%3A%20Siapa%20Sebenarnya%20Tasha%20Manshahar%3F&ref=pak-janggut.blogspot.com&fullurl=http%3A%2F%2Fpak-janggut.blogspot.com%2F2013%2F03%2Fsiapa-sebenarnya-tasha-manshahar.html
IP 104.26.10.22:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (366)
Hash 28d14c688ef2c74c97809f24b036ef06
8257dbe6d1fa1489718a7f6237a59a5a95a38f59
6f507fb6cb26bb483c2a0be683caae4f727b667490bc13d495ad608bf8e6530d
GET /geocompteur/geocity_html.php?id=2052431&c=geocity_rose&size=&nostats=&title=Pak%20Janggut%20Tukang%20Cerita%3A%20Siapa%20Sebenarnya%20Tasha%20Manshahar%3F&ref=pak-janggut.blogspot.com&fullurl=http%3A%2F%2Fpak-janggut.blogspot.com%2F2013%2F03%2Fsiapa-sebenarnya-tasha-manshahar.html HTTP/1.1
Host: www.widgeo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 03:45:00 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
p3p: CP="NOI ADM DEV COM NAV OUR STP"
set-cookie: monpays=NO; expires=Thu, 23-Feb-2023 03:44:58 GMT; Max-Age=7776000; path=/
pays=Norway; expires=Thu, 23-Feb-2023 03:44:58 GMT; Max-Age=7776000; path=/
ville=Oslo; expires=Thu, 23-Feb-2023 03:44:58 GMT; Max-Age=7776000; path=/
idcompteurcc_2052431=done; expires=Sat, 26-Nov-2022 03:44:58 GMT; Max-Age=86400; path=/
online_idcompteurcc_2052431=done; expires=Fri, 25-Nov-2022 03:47:58 GMT; Max-Age=180; path=/
originecc_2052431=United%2BStates%2523United%2BStates%2BCity%252313995%257CCanada%2523Canada%2BCity%25234534%257CCanada%2523Burnaby%25232311%257CUnited%2BStates%2523Boardman%25231720%257CUnited%2BStates%2523Chicago%2523844%257CUnited%2BStates%2523Fort%2BLauderdale%2523650%257CRussian%2BFederation%2523Moscow%2523628%257CNew%2BZealand%2523Auckland%2523528%257CMalaysia%2523Kuala%2BLumpur%2523246%257CKorea%252C%2BRepublic%2Bof%2523Jungnang%2523183%257CGermany%2523Frankfurt%2BAm%2BMain%2523181%257CUnited%2BStates%2523Wilmington%2523166%257CUnited%2BStates%2523Seattle%2523165%257CUnited%2BStates%2523Los%2BAngeles%2523156%257CMalaysia%2523Malaysia%2BCity%2523154%257CNetherlands%2523Netherlands%2BCity%2523150%257CCanada%2523Toronto%2523145%257CUnited%2BKingdom%2523London%2523142%257CUnited%2BStates%2523San%2BJose%2523138%257CRussian%2BFederation%2523Kazan%2523128%257CUnited%2BKingdom%2523United%2BKingdom%2BCity%2523127%257CUnited%2BStates%2523Raleigh%2523119%257CUnited%2BStates%2523Lenexa%2523114%257CIreland%2523Dublin%2523102%257CRussian%2BFederation%2523Saint%2BPetersburg%252397%257CUnited%2BKingdom%2523Bath%252396%257CKorea%252C%2BRepublic%2Bof%2523Korea%252C%2BRepublic%2Bof%2BCity%252381%257CSingapore%2523Singapore%252378%257CUnited%2BStates%2523Las%2BVegas%252371%257C; expires=Fri, 25-Nov-2022 03:47:58 GMT; Max-Age=180; path=/
online_2052431=3; expires=Fri, 25-Nov-2022 03:47:58 GMT; Max-Age=180; path=/
jour_2052431=14; expires=Fri, 25-Nov-2022 03:47:58 GMT; Max-Age=180; path=/
total_2052431=32158; expires=Fri, 25-Nov-2022 03:47:58 GMT; Max-Age=180; path=/
bonus_2052431=2036; expires=Sat, 26-Nov-2022 03:44:58 GMT; Max-Age=86400; path=/
bonus_j_2052431=1; expires=Fri, 25-Nov-2022 03:47:58 GMT; Max-Age=180; path=/
cache-control: public, max-age=180
expires: Fri, 25 Nov 2022 03:47:58 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a2YsLaH9G8K6CBF5roSaIPigQs02CDfVMNjXiloAyWQ%2F3m%2BosMt4OhL2kA5iNSjuYf12a25xy99UmZzTMK2ZKpBQXbblWkGciM5iaVhkI1LNupd%2BzfakjUIBavW7Mo2H"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 76f76396af66b503-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
cleverjump.org/counter.js
217.23.10.44200 OK 5.6 kB URL HTTP/1.1 cleverjump.org/counter.js
IP 217.23.10.44:0
ASN #49981 WorldStream B.V.
File type ASCII text, with CRLF line terminators
Hash 83126dc4af783a2179ab362a5bbec530
b1fe91477d92ab09066f28ddda5b31a4bf0f1689
cb1ef4607e93916a5dd30beae4617069924cb5f10edb65d8f93468c3fbdc1dc4
GET /counter.js HTTP/1.1
Host: cleverjump.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Fri, 25 Nov 2022 03:45:00 GMT
Content-Type: application/javascript
Content-Length: 5571
Last-Modified: Wed, 20 Jan 2021 12:50:32 GMT
Connection: keep-alive
ETag: "60082718-15c3"
Expires: Sat, 26 Nov 2022 03:45:00 GMT
Cache-Control: max-age=86400
Accept-Ranges: bytes
lh4.ggpht.com/-oWRu5vITrsI/UAqrN2SO1lI/AAAAAAAAIII/yjpQEpV6JXQ/w72-h72-p-k-no-nu/Terubuk_panggang_thumb.jpg?imgmax=800
142.250.74.161200 OK 4.4 kB URL HTTP/1.1 lh4.ggpht.com/-oWRu5vITrsI/UAqrN2SO1lI/AAAAAAAAIII/yjpQEpV6JXQ/w72-h72-p-k-no-nu/Terubuk_panggang_thumb.jpg?imgmax=800
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash e5da03200eb0aeb348f5aa8f3bdc9534
7782d977167e02dab1442bb9bcbb4fde45b4c91e
0fe473ced7b8b688f9ec47d08f828c7333e51e1d9050050610c63d921264651d
GET /-oWRu5vITrsI/UAqrN2SO1lI/AAAAAAAAIII/yjpQEpV6JXQ/w72-h72-p-k-no-nu/Terubuk_panggang_thumb.jpg?imgmax=800 HTTP/1.1
Host: lh4.ggpht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v2082"
Expires: Sat, 26 Nov 2022 03:45:00 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="Terubuk_panggang_thumb.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Fri, 25 Nov 2022 03:45:00 GMT
Server: fife
Content-Length: 4438
X-XSS-Protection: 0
3.bp.blogspot.com/-WgXEMBXEJRQ/UOm__1oU6YI/AAAAAAABMSA/kqK7avYG5QU/w72-h72-p-k-no-nu/10+Artis+Hollywod+Terseksi+Dan+tercantik+2012+1+(1).jpg
142.250.74.161200 OK 3.5 kB URL HTTP/1.1 3.bp.blogspot.com/-WgXEMBXEJRQ/UOm__1oU6YI/AAAAAAABMSA/kqK7avYG5QU/w72-h72-p-k-no-nu/10+Artis+Hollywod+Terseksi+Dan+tercantik+2012+1+(1).jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 4e5417d00b66e7bec45ffc63117ab5ab
186e30ae23f1d7bc0ecc416c7e6b73ee03c3fae1
9ec18f8d01dbb5847c7fe4fd1ec7b923781122f3d21687a4205a6ecc81ad4e66
GET /-WgXEMBXEJRQ/UOm__1oU6YI/AAAAAAABMSA/kqK7avYG5QU/w72-h72-p-k-no-nu/10+Artis+Hollywod+Terseksi+Dan+tercantik+2012+1+(1).jpg HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v13120"
Expires: Sat, 26 Nov 2022 03:45:00 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="10 Artis Hollywod Terseksi Dan tercantik 2012 1 (1).jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Fri, 25 Nov 2022 03:45:00 GMT
Server: fife
Content-Length: 3465
X-XSS-Protection: 0
4.bp.blogspot.com/-eVlUkj_6Tbk/UVDU2N60GlI/AAAAAAABfEE/GCKFVi3I8RQ/w72-h72-p-k-no-nu/xlupadotcom116.jpg
142.250.74.161200 OK 3.5 kB URL HTTP/1.1 4.bp.blogspot.com/-eVlUkj_6Tbk/UVDU2N60GlI/AAAAAAABfEE/GCKFVi3I8RQ/w72-h72-p-k-no-nu/xlupadotcom116.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 7268df84f64da1d4fdf6292155aba8ab
58f4088d8c7ed3a06e32bdae018e91b66f382675
77bc4e6b9dafa18c88abec5a07730a708c460234238f36bf9d6d22671cd2ed44
GET /-eVlUkj_6Tbk/UVDU2N60GlI/AAAAAAABfEE/GCKFVi3I8RQ/w72-h72-p-k-no-nu/xlupadotcom116.jpg HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v17c42"
Expires: Sat, 26 Nov 2022 03:45:00 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="xlupadotcom116.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Fri, 25 Nov 2022 03:45:00 GMT
Server: fife
Content-Length: 3528
X-XSS-Protection: 0
lh4.ggpht.com/--vlu7teUNs0/Um3Cy7lLRHI/AAAAAAAB0oE/dJscXxVoaXw/w72-h72-p-k-no-nu/riri_thumb.jpg?imgmax=800
142.250.74.161200 OK 3.3 kB URL HTTP/1.1 lh4.ggpht.com/--vlu7teUNs0/Um3Cy7lLRHI/AAAAAAAB0oE/dJscXxVoaXw/w72-h72-p-k-no-nu/riri_thumb.jpg?imgmax=800
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash f76b86e0e3341faac9a8e122af17e2d4
c74f4789579f53032594af71567303cbdd8bed1a
afe1c1ddef0e6745828102a24f25577748e9c896c223c764b0410202cd2d7ae1
GET /--vlu7teUNs0/Um3Cy7lLRHI/AAAAAAAB0oE/dJscXxVoaXw/w72-h72-p-k-no-nu/riri_thumb.jpg?imgmax=800 HTTP/1.1
Host: lh4.ggpht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v1d718"
Expires: Sat, 26 Nov 2022 03:45:00 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="riri_thumb.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Fri, 25 Nov 2022 03:45:00 GMT
Server: fife
Content-Length: 3306
X-XSS-Protection: 0
www7.cbox.ws/box/?boxid=438668&boxtag=56x6cw&sec=form
104.149.151.166204 No Content 0 B URL HTTP/1.1 www7.cbox.ws/box/?boxid=438668&boxtag=56x6cw&sec=form
IP 104.149.151.166:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /box/?boxid=438668&boxtag=56x6cw&sec=form HTTP/1.1
Host: www7.cbox.ws
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 204 No Content
Server: nginx
Date: Fri, 25 Nov 2022 03:45:00 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
P3P: CP="NOI DSP COR NID CURa OUR NOR"
Expires: Sat, 25 Nov 2023 03:42:14 GMT
Cache-Control: public, max-age=31536000
X-Cache: HIT
lh5.ggpht.com/-TY5qR2KsKBM/Uz7RqU65fwI/AAAAAAAB1UM/K4kU4nVMAFI/w72-h72-p-k-no-nu/ne_03.2_thumb.jpg?imgmax=800
142.250.74.161200 OK 3.8 kB URL HTTP/1.1 lh5.ggpht.com/-TY5qR2KsKBM/Uz7RqU65fwI/AAAAAAAB1UM/K4kU4nVMAFI/w72-h72-p-k-no-nu/ne_03.2_thumb.jpg?imgmax=800
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash d26ed3b792fa31d0c4834ddb9ea91b73
5b01dd674b687ddb9beb222b41c6c54263b15e23
4e2c13e0026723ac8936d083412802039ed947b0f36076fa1b92f4c2299b33ac
GET /-TY5qR2KsKBM/Uz7RqU65fwI/AAAAAAAB1UM/K4kU4nVMAFI/w72-h72-p-k-no-nu/ne_03.2_thumb.jpg?imgmax=800 HTTP/1.1
Host: lh5.ggpht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v1d544"
Expires: Sat, 26 Nov 2022 03:45:00 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="ne_03.2_thumb.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Fri, 25 Nov 2022 03:45:00 GMT
Server: fife
Content-Length: 3834
X-XSS-Protection: 0
www7.cbox.ws/box/?boxid=438668&boxtag=56x6cw&sec=main
104.149.151.166200 OK 653 B URL HTTP/1.1 www7.cbox.ws/box/?boxid=438668&boxtag=56x6cw&sec=main
IP 104.149.151.166:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash d0d05a23cb23fe35908361694e15b565
d14818ca4dc04d998081b92c3975ff6e9f6dcdea
1fe598dd28104053751c17c7371ef1e42ec25c08b513993cbc93a4f6b4b9c716
GET /box/?boxid=438668&boxtag=56x6cw&sec=main HTTP/1.1
Host: www7.cbox.ws
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 25 Nov 2022 03:45:00 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="NOI DSP COR NID CURa OUR NOR"
Expires: Wed, 17 Nov 2004 05:00:00 GMT
Last-Modified: Thu, 25 Nov 2021 03:45:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
X-Cache: MISS
Content-Encoding: gzip
push.services.mozilla.com/
34.214.236.46101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.214.236.46:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 4lpj9RcUn1DSbbRGzT+hpw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: RtE9D9dYwZylM3HxZTpyHG3as8A=
i66.photobucket.com/albums/h260/toonybug/postimage.png
143.204.55.54200 OK 2.0 kB URL HTTP/2 i66.photobucket.com/albums/h260/toonybug/postimage.png
IP 143.204.55.54:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 7c97b842c78875c6ec36e6f15281a0d7
6c74bf1c6f860006eeaf58b4c5d73aeed3a52ce7
a561536555277e841424fa2139b09af34ad672769e8a51ad8f9e316f519d4dc5
GET /albums/h260/toonybug/postimage.png HTTP/1.1
Host: i66.photobucket.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://pak-janggut.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/webp
content-length: 1964
date: Fri, 25 Nov 2022 03:45:00 GMT
cache-control: max-age=31536000, public
content-disposition: inline; filename="postimage.webp"
expires: Sat, 25 Nov 2023 03:45:00 GMT
server: photobucket
x-amzn-trace-id: Root=1-63803a3c-0ab004d96ded7fa643f423b7
x-request-id: -ogpNZdhzVf3ZxCqnaKGp
x-cache: Miss from cloudfront
via: 1.1 814e8c24454087e83cd261a6cf477166.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 4ERW32bzOl3u2QDP-tVwW-JpBhxVJ2i97qVOZGJici_Mmgg8sem7Ow==
vary: Accept, Origin
X-Firefox-Spdy: h2
lh5.ggpht.com/-tie7urc44Hs/UwnqPwM8vMI/AAAAAAAB1N8/NZ46Azx3nG8/w72-h72-p-k-no-nu/pmlkpagetmur1_thumb%25255B1%25255D.jpg?imgmax=800
142.250.74.161200 OK 3.7 kB URL HTTP/1.1 lh5.ggpht.com/-tie7urc44Hs/UwnqPwM8vMI/AAAAAAAB1N8/NZ46Azx3nG8/w72-h72-p-k-no-nu/pmlkpagetmur1_thumb%25255B1%25255D.jpg?imgmax=800
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 68a282e9e18933f7c2327430d2730979
5bad204702f9c3c6cf2e0bed20f09c611aa5511d
0ca5716b4f9fa177e51792a0884b3bf004bb021a2cc564453d3cc2f80214c32a
GET /-tie7urc44Hs/UwnqPwM8vMI/AAAAAAAB1N8/NZ46Azx3nG8/w72-h72-p-k-no-nu/pmlkpagetmur1_thumb%25255B1%25255D.jpg?imgmax=800 HTTP/1.1
Host: lh5.ggpht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v1d4e0"
Expires: Sat, 26 Nov 2022 03:45:00 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="pmlkpagetmur1_thumb[1].jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Fri, 25 Nov 2022 03:45:00 GMT
Server: fife
Content-Length: 3681
X-XSS-Protection: 0
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 5d335a4b2065211a0062025c5ea527b1
08edde7d7d8250b2912342c577600465e3d7e8d4
3b75a760d048030c2b9f966d187192ed0cb16f3488fd4af9d24445710aa23152
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=106073
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 03:45:00 GMT
Etag: "637f3595-118"
Expires: Sat, 26 Nov 2022 09:12:53 GMT
Last-Modified: Thu, 24 Nov 2022 09:12:53 GMT
Server: nginx
Content-Length: 280
www.widgeo.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
104.26.10.22200 OK 3.9 kB URL HTTP/1.1 www.widgeo.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
IP 104.26.10.22:0
File type ASCII text, with very long lines (12331)
Hash 54c87b7a9007d256c837e382cab4170d
6c8f44204021f68596af9ae5a742c3ad1b76a6ec
3a09f98b09786cd8fbe71cc17d07660e767fc1c8d2ea467f912bc328766a54a1
GET /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js HTTP/1.1
Host: www.widgeo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.widgeo.net/geocompteur/geocity_html.php?id=2052431&c=geocity_rose&size=&nostats=&title=Pak%20Janggut%20Tukang%20Cerita%3A%20Siapa%20Sebenarnya%20Tasha%20Manshahar%3F&ref=pak-janggut.blogspot.com&fullurl=http%3A%2F%2Fpak-janggut.blogspot.com%2F2013%2F03%2Fsiapa-sebenarnya-tasha-manshahar.html
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 03:45:00 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 22 Nov 2022 13:35:09 GMT
ETag: W/"637cd00d-302c"
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bG1TPP5imxUUrSzkbTP3lvMArE7JScEOazWweaS2mQ05ce0ekbRuSqYoCzyy1diCahW6Imm1o0AlUIAPvPgMVdTS42RI16Xo6RvTug%2B0VRxMEMYIjjVxvp2riYK0uJ9G"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f76398e8d2b503-OSL
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Expires: Sun, 27 Nov 2022 03:45:00 GMT
Cache-Control: max-age=172800, public
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 5d335a4b2065211a0062025c5ea527b1
08edde7d7d8250b2912342c577600465e3d7e8d4
3b75a760d048030c2b9f966d187192ed0cb16f3488fd4af9d24445710aa23152
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: max-age=106073
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 03:45:00 GMT
Etag: "637f3595-118"
Expires: Sat, 26 Nov 2022 09:12:53 GMT
Last-Modified: Thu, 24 Nov 2022 09:12:53 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 280
www.widgeo.net/geocompteur/shadow/flag_new%20zealand.png
104.26.10.22200 OK 940 B URL HTTP/2 www.widgeo.net/geocompteur/shadow/flag_new%20zealand.png
IP 104.26.10.22:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 8719b63ac81155fd64422298ef8a8b25
c034b5869772ddf1675ebdbeb3c0d3c540738c24
b313f56a36c855a1a34a02b96910ee4307e553a28a6e52bc64e2ab1bc2cfdae5
GET /geocompteur/shadow/flag_new%20zealand.png HTTP/1.1
Host: www.widgeo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.widgeo.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 03:45:00 GMT
content-type: image/webp
content-length: 940
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=1173
content-disposition: inline; filename="flag_new%20zealand.webp"
vary: Accept
cache-control: public, max-age=2592000
expires: Fri, 23 Dec 2022 03:15:52 GMT
last-modified: Thu, 20 Jun 2019 15:14:42 GMT
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 174547
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NtjlkjxauFDVoXF82cOaFOkbV10LjFJnVTBL%2BUh2v7u5TvT0DO07rmQ5sGihO1jo5tP3%2FQHUx4BiwJHkvjPZTHJ86RYA3MGewUsPaiaCrSs8EKz29rKv163WWIJ%2B2z0%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76f76398fa3cb506-OSL
X-Firefox-Spdy: h2
www.widgeo.net/geocompteur/shadow/flag_russian%20federation.png
104.26.10.22200 OK 680 B URL HTTP/2 www.widgeo.net/geocompteur/shadow/flag_russian%20federation.png
IP 104.26.10.22:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 852881aef6d6a8bca3123c3201f64c74
0e5ef2c61383bb79c8a6ea068d9a688631d844fa
41c20a2d0dc8fe26ec1e5c7e71b5d82fc09e7ce0bd30db7abb516474f5c186a1
GET /geocompteur/shadow/flag_russian%20federation.png HTTP/1.1
Host: www.widgeo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.widgeo.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 03:45:00 GMT
content-type: image/webp
content-length: 680
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=857
content-disposition: inline; filename="flag_russian%20federation.webp"
vary: Accept
cache-control: public, max-age=2592000
expires: Mon, 28 Nov 2022 00:43:35 GMT
last-modified: Thu, 20 Jun 2019 15:14:42 GMT
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 2343684
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IeH2gUHvjQJxeEAoNOkmIYk9AQA096RYdlFBf%2BG3G%2F8MlRYYi%2BmmCRlqF0GtPU%2BtYeFS1wwi2ox64LLYRm%2FhA1APx0VH5U9jVmvjiknpGU1RTR609i4bsJCSs2AYD9RS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76f76398fa3bb506-OSL
X-Firefox-Spdy: h2
bdv.bidvertiser.com/BidVertiser.dbm?pid=361547&bid=1169949&RD=3278650831377&DIF=1&bd_ref_v=pak-janggut.blogspot.com&tref=1&win_name=null&docref=&jsrand=3278650831377&js1loc=-&loctitle=%20Pak%20Janggut%20Tukang%20Cerita%3A%20Siapa
54.241.51.109200 OK 6.3 kB URL HTTP/1.1 bdv.bidvertiser.com/BidVertiser.dbm?pid=361547&bid=1169949&RD=3278650831377&DIF=1&bd_ref_v=pak-janggut.blogspot.com&tref=1&win_name=null&docref=&jsrand=3278650831377&js1loc=-&loctitle=%20Pak%20Janggut%20Tukang%20Cerita%3A%20Siapa
IP 54.241.51.109:0
Hash 95bb7c7bf0333fdfdae472903938b1fd
6b7da20deb035379d7d3845018ebce87bc1fce12
777f435bd2ac5b4cc3e1f8da02c4845fc9dd950fa31bb6ee4c0e25e511711eeb
GET /BidVertiser.dbm?pid=361547&bid=1169949&RD=3278650831377&DIF=1&bd_ref_v=pak-janggut.blogspot.com&tref=1&win_name=null&docref=&jsrand=3278650831377&js1loc=-&loctitle=%20Pak%20Janggut%20Tukang%20Cerita%3A%20Siapa HTTP/1.1
Host: bdv.bidvertiser.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Friday, 25-Nov-2022 03:45:00 GMT
Cache-Control: no-store
Last-Modified: Thursday, 25-Nov-2021 03:45:00 GMT
Set-Cookie: bdv_c11p=244; domain=.bidvertiser.com; path=/; expires=Sat, 26-Nov-2022 03:45:00 GMT
bdv_c11p=1_1_1; domain=.bidvertiser.com; path=/; expires=Sat, 26-Nov-2022 03:45:00 GMT
P3P: policyref="http://www.bidvertiser.com/bdv/bidvertiser/p3p.xml", CP="NOI DEV PSA PSD IVA OTP OUR OTR IND OTC"
Content-Type: text/html; charset=utf-8
Content-Len: 5305
CONNECTION: Close
www.widgeo.net/geocompteur/shadow/flag_united%20kingdom.png
104.26.10.22200 OK 1.2 kB URL HTTP/2 www.widgeo.net/geocompteur/shadow/flag_united%20kingdom.png
IP 104.26.10.22:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 0fca0f8c1f72968c8849d783accae326
6d6f3b4500a3f1fccc3474d59c716b2f60a59ea4
c1319ad29f9822f08a6740f0b89e91127cfb11a449f99528f0a7928156032c9e
GET /geocompteur/shadow/flag_united%20kingdom.png HTTP/1.1
Host: www.widgeo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.widgeo.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 03:45:00 GMT
content-type: image/webp
content-length: 1220
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=1459
content-disposition: inline; filename="flag_united%20kingdom.webp"
vary: Accept
cache-control: public, max-age=2592000
expires: Sun, 27 Nov 2022 07:52:38 GMT
last-modified: Thu, 20 Jun 2019 15:14:42 GMT
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 2404342
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ly9DkRcbRmvGM%2Bi9lD7QccwLMBlTbP4DvoRA0%2FwkJpFyu3gfht6TKarrNWOv2KHgR6R1RrOkA0JRuv5z35%2F8QpQmA0%2FuitCJrdjUTuNBca9ePMH5aNnwEK6pNEIEz4IJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76f76398fa41b506-OSL
X-Firefox-Spdy: h2
www.widgeo.net/geocompteur/shadow/flag_netherlands.png
104.26.10.22200 OK 710 B URL HTTP/2 www.widgeo.net/geocompteur/shadow/flag_netherlands.png
IP 104.26.10.22:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 4d48534384964664d122ef558ebf1acd
8cbccb6b66f6161c329f9945b58e79e09640cc90
286ee399704cd53efeabbca51dfc8459fb9633265ae4e9e046610f7d61d087bb
GET /geocompteur/shadow/flag_netherlands.png HTTP/1.1
Host: www.widgeo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.widgeo.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 03:45:00 GMT
content-type: image/webp
content-length: 710
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=892
content-disposition: inline; filename="flag_netherlands.webp"
vary: Accept
cache-control: public, max-age=2592000
expires: Sat, 10 Dec 2022 23:05:41 GMT
last-modified: Thu, 20 Jun 2019 15:14:42 GMT
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 1226359
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GvoNKrakBP1RxF%2BOBV1U03afkbiIIInCx7%2F5iPhMiexiGyIf1WL94ayzAoyyXFQaNwVWqRwlywK14A8Dowa3cHkYHoFiBI3XFCkgsENOAtz5jKjt8hxjIX319JmSrGJd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76f76398fa40b506-OSL
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 5d335a4b2065211a0062025c5ea527b1
08edde7d7d8250b2912342c577600465e3d7e8d4
3b75a760d048030c2b9f966d187192ed0cb16f3488fd4af9d24445710aa23152
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=106073
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 03:45:00 GMT
Etag: "637f3595-118"
Expires: Sat, 26 Nov 2022 09:12:53 GMT
Last-Modified: Thu, 24 Nov 2022 09:12:53 GMT
Server: nginx
Content-Length: 280
www.widgeo.net/geocompteur/shadow/flag_canada.png
104.26.10.22200 OK 886 B URL HTTP/2 www.widgeo.net/geocompteur/shadow/flag_canada.png
IP 104.26.10.22:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 9dfda6415875b226812181f7ea64fcc8
6cdf4ed8b0a4d6a748510ab74d772183a55bdf38
b5e378613935ec7dabd4e11e095b4141b16462909085a185e3a093c8900e6a55
GET /geocompteur/shadow/flag_canada.png HTTP/1.1
Host: www.widgeo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.widgeo.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 03:45:00 GMT
content-type: image/webp
content-length: 886
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=1148
content-disposition: inline; filename="flag_canada.webp"
vary: Accept
cache-control: public, max-age=2592000
expires: Sat, 24 Dec 2022 07:00:43 GMT
last-modified: Thu, 20 Jun 2019 15:14:42 GMT
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 74655
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9wPL%2FxB6cllEE5aeYmr2eM5gESOAiEqZzeuwLFDkeZhaLo%2BvXSkPreEbU%2FmEpIVCJrT%2F2QqEBqNYUfcLYWSp73x9CVIGRYmk7UxR4v2kr3QqwlsfKyHjxEIU%2BqIv80pk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76f76398fa46b506-OSL
X-Firefox-Spdy: h2
www.widgeo.net/geocompteur/shadow/flag_korea,%20republic%20of.png
104.26.10.22200 OK 814 B URL HTTP/2 www.widgeo.net/geocompteur/shadow/flag_korea,%20republic%20of.png
IP 104.26.10.22:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash ec4b0c854ec18061c7bafbe9ac9d1c3b
77c850ef6479e29a631dba64d06ccc1eefb1adc6
48f6236fb62cb417c5d00552052f378bfd1a82ca9f21f341c69390fd346fd439
GET /geocompteur/shadow/flag_korea,%20republic%20of.png HTTP/1.1
Host: www.widgeo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.widgeo.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 03:45:00 GMT
content-type: image/webp
content-length: 814
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=1163
content-disposition: inline; filename="flag_korea,%20republic%20of.webp"
vary: Accept
cache-control: public, max-age=2592000
expires: Sat, 17 Dec 2022 10:21:59 GMT
last-modified: Thu, 20 Jun 2019 15:14:42 GMT
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 667380
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Na9uKIf6TrSbEz7LwiQnwtWTXCtABVZ3NHwKiNbCVMg3U0xZgmw1BxMQ7YSAmZQrwLpIp42lUk3k1dHf3pg6ePeSPlz6I8b9w14n5Zm%2FBiWgQSI%2B0GlyyBcR8U7IWuOh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76f76398fa3eb506-OSL
X-Firefox-Spdy: h2
www.widgeo.net/geocompteur/shadow/flag_singapore.png
104.26.10.22200 OK 768 B URL HTTP/2 www.widgeo.net/geocompteur/shadow/flag_singapore.png
IP 104.26.10.22:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 931d98f74f8bbb82364a40f7c3c5ea3b
f844a679d51126b38659a25e9c71c748da392714
04f122230781518f0b5807695a1c731e33bea9ba0264d612c799485074204627
GET /geocompteur/shadow/flag_singapore.png HTTP/1.1
Host: www.widgeo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.widgeo.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 03:45:00 GMT
content-type: image/webp
content-length: 768
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=939
content-disposition: inline; filename="flag_singapore.webp"
vary: Accept
cache-control: public, max-age=2592000
expires: Sun, 04 Dec 2022 21:13:02 GMT
last-modified: Thu, 20 Jun 2019 15:14:42 GMT
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 1751517
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JTvXhsP8XfiAWw3z9DiX%2FmDgCjGvjK%2BkIrACCQAAivuY3tOOh9pwvmz1dWuaRsNpb%2FN6vvCuWy0bVDQPgqyx8JpkmBLBRBLhLKk9luMhUqAugikvBxydCeXozwYK8LQa"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76f76398fa45b506-OSL
X-Firefox-Spdy: h2
www.widgeo.net/geocompteur/shadow/flag_germany.png
104.26.10.22200 OK 686 B URL HTTP/2 www.widgeo.net/geocompteur/shadow/flag_germany.png
IP 104.26.10.22:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 1c667705cee250254b246ed54d521b22
ebb8e80e0820a7e73926c5d2ff02c5f74c9925b1
1b4f1b8a79090e222e116c0bb9a7333a8b88f41dd2172122f67e8c0f1a6c2e21
GET /geocompteur/shadow/flag_germany.png HTTP/1.1
Host: www.widgeo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.widgeo.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 03:45:00 GMT
content-type: image/webp
content-length: 686
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=873
content-disposition: inline; filename="flag_germany.webp"
vary: Accept
cache-control: public, max-age=2592000
expires: Sat, 26 Nov 2022 19:27:53 GMT
last-modified: Thu, 20 Jun 2019 15:14:42 GMT
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 2449027
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O2tqFJWxuBgFTNn5dZd%2Bop31v1Drn9PX8J4Bjd4kfO3tu5q7Vng20F0B%2FCsUtTzSnjHqWOtB5LHq%2FzZ1BXbmxnTSLTgUbD64VzeVLeBFmlVFRKQatqLorK%2FwwlxVbIFX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76f76398fa3fb506-OSL
X-Firefox-Spdy: h2
www.widgeo.net/geocompteur/shadow/flag_ireland.png
104.26.10.22200 OK 712 B URL HTTP/2 www.widgeo.net/geocompteur/shadow/flag_ireland.png
IP 104.26.10.22:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 8e55f246106bcd5ae49ef1a026ec80d3
a5afe18fe64456cbb16e31287f4106228267f584
eaf4b1563a65fb7bd06ace795835a00a4f491a48506996bd65c161d35002351e
GET /geocompteur/shadow/flag_ireland.png HTTP/1.1
Host: www.widgeo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.widgeo.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 03:45:00 GMT
content-type: image/webp
content-length: 712
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=937
content-disposition: inline; filename="flag_ireland.webp"
vary: Accept
cache-control: public, max-age=2592000
expires: Fri, 23 Dec 2022 12:40:14 GMT
last-modified: Thu, 20 Jun 2019 15:14:42 GMT
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 140685
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0OjBcp0H683%2Fav9IF3PuM6qcldF7mqS0wsdBC8CZsOMaxGq0zn2Y11dQje8a0a9q52kcyQo5tFz26pSJ%2Fi13AuDyJJ3k2YAxAYaAs5oKazWN53m35qRUyaZNMw64Wu2v"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76f76398fa43b506-OSL
X-Firefox-Spdy: h2
www.widgeo.net/geocompteur/shadow/flag_united%20states.png
104.26.10.22200 OK 1.0 kB URL HTTP/2 www.widgeo.net/geocompteur/shadow/flag_united%20states.png
IP 104.26.10.22:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 03d9bb2b449e6e964d86aec6d71b6856
e9b1da7fa7d59eaa78b2e2ad681c1e126fb55aa8
6baa676f5ca2682fd2d7945ca2d3b06759d8a1bdd4974e4c3e00b80643410399
GET /geocompteur/shadow/flag_united%20states.png HTTP/1.1
Host: www.widgeo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.widgeo.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 03:45:00 GMT
content-type: image/webp
content-length: 1008
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=1214
content-disposition: inline; filename="flag_united%20states.webp"
vary: Accept
cache-control: public, max-age=2592000
expires: Thu, 15 Dec 2022 19:39:07 GMT
last-modified: Thu, 20 Jun 2019 15:14:42 GMT
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 806752
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NCpQgQhIkeVKF6twSBL7l8h719mor3asRs%2BkuMeWfI4J%2BW95ETi%2FahLbO5StejZZxz1dsQ%2BVUs134iaT1s4JIToqWpNAREonEDr5IBb6xCCesaPqzfv0vcur6Vv4U53c"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76f76398fa44b506-OSL
X-Firefox-Spdy: h2
cleverjump.org/hit?z0;s1280*1024*24;fRzRhAJ0YIgDBn2kJX7NwdP03EnbkSG;cshb2;r;uhttp%3A%2F%2Fpak-janggut.blogspot.com%2F2013%2F03%2Fsiapa-sebenarnya-tasha-manshahar.html;hPak%20Janggut%20Tukang%20Cerita%3A%20Siapa%20Sebenarnya%20Tasha%20Manshahar%3F;0.16462144719185323
217.23.10.44200 OK 0 B URL HTTP/1.1 cleverjump.org/hit?z0;s1280*1024*24;fRzRhAJ0YIgDBn2kJX7NwdP03EnbkSG;cshb2;r;uhttp%3A%2F%2Fpak-janggut.blogspot.com%2F2013%2F03%2Fsiapa-sebenarnya-tasha-manshahar.html;hPak%20Janggut%20Tukang%20Cerita%3A%20Siapa%20Sebenarnya%20Tasha%20Manshahar%3F;0.16462144719185323
IP 217.23.10.44:0
ASN #49981 WorldStream B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /hit?z0;s1280*1024*24;fRzRhAJ0YIgDBn2kJX7NwdP03EnbkSG;cshb2;r;uhttp%3A%2F%2Fpak-janggut.blogspot.com%2F2013%2F03%2Fsiapa-sebenarnya-tasha-manshahar.html;hPak%20Janggut%20Tukang%20Cerita%3A%20Siapa%20Sebenarnya%20Tasha%20Manshahar%3F;0.16462144719185323 HTTP/1.1
Host: cleverjump.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Fri, 25 Nov 2022 03:45:00 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.2.34
P3P: CP=CleverJump
Set-Cookie: _cjuh=r7BthF9p3jApSS6cFSGTre30n5Ufz9; expires=Sat, 25-Nov-2023 03:45:00 GMT; Max-Age=31536000; path=/hit; httponly; SameSite=None; Secure
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 5d335a4b2065211a0062025c5ea527b1
08edde7d7d8250b2912342c577600465e3d7e8d4
3b75a760d048030c2b9f966d187192ed0cb16f3488fd4af9d24445710aa23152
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=106073
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 03:45:00 GMT
Etag: "637f3595-118"
Expires: Sat, 26 Nov 2022 09:12:53 GMT
Last-Modified: Thu, 24 Nov 2022 09:12:53 GMT
Server: nginx
Content-Length: 280
i66.photobucket.com/albums/h260/toonybug/divider-9.png
143.204.55.54200 OK 24 kB URL HTTP/2 i66.photobucket.com/albums/h260/toonybug/divider-9.png
IP 143.204.55.54:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 1e9929d28305d0d1ee747a5cc2720950
7e30aa627a668c6fb4255263eea518d48a39f847
3ec6ad44f4ed89b90afc1db1d8f36e87558691e4741d00ddd804dbb22e7bf145
GET /albums/h260/toonybug/divider-9.png HTTP/1.1
Host: i66.photobucket.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://pak-janggut.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/webp
content-length: 23600
date: Fri, 25 Nov 2022 03:45:00 GMT
cache-control: max-age=31536000, public
content-disposition: inline; filename="divider-9.webp"
expires: Sat, 25 Nov 2023 03:45:00 GMT
server: photobucket
x-amzn-trace-id: Root=1-63803a3c-3702e4ea743e5a8519bf1176
x-request-id: ViM0jw_Rq3QQf9CMPoHZl
x-cache: Miss from cloudfront
via: 1.1 814e8c24454087e83cd261a6cf477166.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ZcW9xPRnNnAl9iKQswAb1E6GwEXaxn6_21V_e0WnxYV8ivRzWgfM4Q==
vary: Accept, Origin
X-Firefox-Spdy: h2
www.widgeo.net/tcm_t_u.js
104.26.10.22200 OK 0 B URL HTTP/2 www.widgeo.net/tcm_t_u.js
IP 104.26.10.22:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tcm_t_u.js HTTP/1.1
Host: www.widgeo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 03:45:00 GMT
content-type: application/javascript
content-length: 0
cf-bgj: minify
cf-polished: origSize=4360
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 02:34:50 GMT
last-modified: Sat, 01 Oct 2022 00:32:25 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 4209
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7U0KMbkwvn2QkKDvBMB7rLODh5au2o6EEG6e20mTG11FEAG5RtK3Mzu156kD9Vm%2FADOOAKDvS44cSrKFVLgFCzT2t6W5CmdTP2Pyi04cbgmVVs%2BNbcrDBydJILnggjzM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76f763999a67b506-OSL
X-Firefox-Spdy: h2
bdv.bidvertiser.com/BidVertiser.dbm?pid=361547%26bid=1169953
54.241.51.109200 OK 9.0 kB URL HTTP/1.1 bdv.bidvertiser.com/BidVertiser.dbm?pid=361547%26bid=1169953
IP 54.241.51.109:0
File type ASCII text, with CRLF line terminators
Hash 0d489677aaa27440619b64706f2cafe9
b87bf2207059e1db5a939e804c7e586e7b8ad125
0dab6095a7e07c26dc21102cfb0e3e81eda68ed0681d34b23719bd31bc188539
GET /BidVertiser.dbm?pid=361547%26bid=1169953 HTTP/1.1
Host: bdv.bidvertiser.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
HTTP/1.1 200 OK
Content-Type: text/javascript
Pragma: no-cache
Cache-Control: no-store
Expires: -1
Connection: close
Content-Length: 9014
www.kekcoklat.com/images/banner/banner180.gif
192.185.225.6200 OK 58 kB URL HTTP/1.1 www.kekcoklat.com/images/banner/banner180.gif
IP 192.185.225.6:0
ASN #46606 UNIFIEDLAYER-AS-1
File type GIF image data, version 89a, 180 x 60\012- data
Hash a741428fab4e3f6215f41f8a41200be3
2f2110a1ea3f1fe6be661d72e61b51c7fdbb2a87
68fc167c81c53c0f80769227b3db5ce7cbddef69e0c00fc3512714edf03faf91
GET /images/banner/banner180.gif HTTP/1.1
Host: www.kekcoklat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 03:45:00 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Tue, 08 May 2012 04:36:55 GMT
Accept-Ranges: bytes
Content-Length: 57811
Keep-Alive: timeout=5, max=75
Content-Type: image/gif
bdv.bidvertiser.com/BidVertiser.dbm?pid=361547&bid=1167641&RD=5719595215452&DIF=1&bd_ref_v=pak-janggut.blogspot.com&tref=1&win_name=null&docref=&jsrand=5719595215452&js1loc=-&loctitle=%20Pak%20Janggut%20Tukang%20Cerita%3A%20Siapa
54.241.51.109200 OK 26 kB URL HTTP/1.1 bdv.bidvertiser.com/BidVertiser.dbm?pid=361547&bid=1167641&RD=5719595215452&DIF=1&bd_ref_v=pak-janggut.blogspot.com&tref=1&win_name=null&docref=&jsrand=5719595215452&js1loc=-&loctitle=%20Pak%20Janggut%20Tukang%20Cerita%3A%20Siapa
IP 54.241.51.109:0
Hash dac80ae7970470c21f46f06614f13675
6131c5951a52f73e726452e25e750bb32c5c41d9
493ab25ac08e51b0b1702ea2773f5df933d0bf97b899e6c69eb978e0edea481a
GET /BidVertiser.dbm?pid=361547&bid=1167641&RD=5719595215452&DIF=1&bd_ref_v=pak-janggut.blogspot.com&tref=1&win_name=null&docref=&jsrand=5719595215452&js1loc=-&loctitle=%20Pak%20Janggut%20Tukang%20Cerita%3A%20Siapa HTTP/1.1
Host: bdv.bidvertiser.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Friday, 25-Nov-2022 03:45:00 GMT
Cache-Control: no-store
Last-Modified: Thursday, 25-Nov-2021 03:45:00 GMT
Set-Cookie: bdv_c11p=244; domain=.bidvertiser.com; path=/; expires=Sat, 26-Nov-2022 03:45:00 GMT
bdv_c11p=1_1_1; domain=.bidvertiser.com; path=/; expires=Sat, 26-Nov-2022 03:45:00 GMT
P3P: policyref="http://www.bidvertiser.com/bdv/bidvertiser/p3p.xml", CP="NOI DEV PSA PSD IVA OTP OUR OTR IND OTC"
Content-Type: text/html; charset=utf-8
Content-Len: 5305
CONNECTION: Close
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash f7801fe8b983652ae788bc952856c2ed
f3898da21792b146a9f856e87ed3520d76277fb8
faa1bc8a9887e2dc694ff645546ea16cb96ac4bd1b0c460aef95f2cced100d6b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 03:45:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 6fe23ae41ec0cbb3d702b1c64028cd13
e0e4d852454a5eae80a797aaa6f0991834dcc19a
47a12f27ec1ec271d17295d822c69d1b49c6a24107f3f7ce06a320688fae7f3c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 03:45:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu
142.250.74.164200 OK 665 B URL HTTP/2 www.google.com/recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu
IP 142.250.74.164:0
File type ASCII text, with very long lines (1034), with no line terminators
Hash 34e37af4d526255a20a2056cd5f4addf
bcac186d6a49539e69a3f67aa08d0188966f5623
51a2c479b272414cb9d7e1ec62edffbad01217068b73d516d33cb8f26a4fc634
GET /recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Fri, 25 Nov 2022 03:45:00 GMT
date: Fri, 25 Nov 2022 03:45:00 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 665
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cleverjump.org/hit/get-uid.php
217.23.10.44200 OK 30 B URL HTTP/1.1 cleverjump.org/hit/get-uid.php
IP 217.23.10.44:0
ASN #49981 WorldStream B.V.
File type ASCII text, with no line terminators
Hash e5052e1a91cc47a316f57daf8adc042b
4af14f1a3e59020f75f16491f3c72e7445631c5b
f6a6ca8b4abcf26c15d5f01a67f197de02a569c2d883db9968fb9b91f188966f
Analyzer Verdict Alert fortinet Malware
GET /hit/get-uid.php HTTP/1.1
Host: cleverjump.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://pak-janggut.blogspot.com
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
Cookie: _cjuh=r7BthF9p3jApSS6cFSGTre30n5Ufz9
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Fri, 25 Nov 2022 03:45:00 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.2.34
Access-Control-Allow-Origin: http://pak-janggut.blogspot.com
Access-Control-Allow-Credentials: true
play.google.com/log?format=json&hasfast=true&authuser=0
142.250.74.110200 OK 0 B URL HTTP/2 play.google.com/log?format=json&hasfast=true&authuser=0
IP 142.250.74.110:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Referer: https://www.blogger.com/
Origin: https://www.blogger.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.blogger.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Fri, 25 Nov 2022 03:45:00 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: CONSENT=PENDING+650; expires=Sun, 24-Nov-2024 03:45:00 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 25 Nov 2022 03:45:00 GMT
cache-control: private
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash dd0dd96ca622aa07354fabdd0da767bf
a29eaa02a81dabed2c12be20a89d65a5a0417524
6a670e9031ec8c94bdc91c47a2d6a4ca2bd95fe032fec28888a8e6d7dc163cb4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 03:45:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash aee1eaa2ef2d0edbb0bc5703979e6439
8baa6d1cdd85ce2c5b6e30bd7a60096eeafce4db
095cc1e6ce8241ba22f88cb66d752587909fea3dc66936a72c369ef74b3134f1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 03:45:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.widgeo.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
104.26.10.22200 OK 4.0 kB URL HTTP/2 www.widgeo.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
IP 104.26.10.22:0
File type ASCII text, with very long lines (12331)
Hash 90667e6832a33b1f07ffcdccf8f06d2f
5a79f00328c43d5ffddc42c08a4f026232c4fc1b
d709a1a53d68b9a576b314e5e8ea9fb57a8b309aa2bfaf00295bb5eaa967073c
GET /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js HTTP/1.1
Host: www.widgeo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.widgeo.net/hitparade.php?pagexiti=geocity_rose
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 03:45:00 GMT
content-type: application/javascript
last-modified: Tue, 22 Nov 2022 13:35:09 GMT
etag: W/"637cd00d-302c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hct%2Ff1bMjh1D%2B8mdLtU6pxn6IBQR0Ox7EyCZd6J01YWNaZmcVqZKCoMNnhI%2B3JS7VIhSqErHDazztSXTE%2FlvuhPvFkyGHGFnbaY2D6thbRtrtEI73yb6nKqYKJEmO9l1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f7639b4b09b506-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Sun, 27 Nov 2022 03:45:00 GMT
cache-control: max-age=172800, public
content-encoding: gzip
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=G-RP7FMTL79Y
142.250.74.168200 OK 76 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-RP7FMTL79Y
IP 142.250.74.168:0
File type ASCII text, with very long lines (19102)
Hash 755214f930ca0a829d94f4d5efd824c3
9930a0ce92a577600809a6112dce20444eda1702
6ba2065604ad2974d1e50b741039655a7bf43f571708664bf326cb101f9bf7b4
GET /gtag/js?id=G-RP7FMTL79Y HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.widgeo.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 25 Nov 2022 03:45:00 GMT
expires: Fri, 25 Nov 2022 03:45:00 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 75990
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js
142.250.74.163200 OK 163 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js
IP 142.250.74.163:0
File type ASCII text, with very long lines (730)
Size 163 kB (162976 bytes)
Hash 79d18cf4265108d7cecca1bf4ada6109
e51d0285a545381d4c39e9e0292a650ffeeecbb9
59ce7253f371df0833c3f72d4748ef812002b90a49413c56d0ca7c40bb5a0ab6
GET /recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
Origin: https://www.blogger.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 162976
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Nov 2022 09:43:42 GMT
expires: Fri, 24 Nov 2023 09:43:42 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 14 Nov 2022 03:01:59 GMT
content-type: text/javascript
age: 64878
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash dd0dd96ca622aa07354fabdd0da767bf
a29eaa02a81dabed2c12be20a89d65a5a0417524
6a670e9031ec8c94bdc91c47a2d6a4ca2bd95fe032fec28888a8e6d7dc163cb4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 03:45:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash aee1eaa2ef2d0edbb0bc5703979e6439
8baa6d1cdd85ce2c5b6e30bd7a60096eeafce4db
095cc1e6ce8241ba22f88cb66d752587909fea3dc66936a72c369ef74b3134f1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 03:45:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.shamsuriyadi.com/ccimages/banner180.gif
113.23.169.115200 OK 65 kB URL HTTP/1.1 www.shamsuriyadi.com/ccimages/banner180.gif
IP 113.23.169.115:0
ASN #38182 Extreme Broadband - Total Broadband Experience
File type GIF image data, version 89a, 180 x 60\012- data
Hash e1c391f5ab9c77da204bd9f541a68295
542f2c2871453154990ab8fab80862d2d9fac376
f73d96f6cfea71b678c762ccba4f9d5ec7acdd8cd55fce78434f7368a853a6ac
GET /ccimages/banner180.gif HTTP/1.1
Host: www.shamsuriyadi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=31536000
expires: Sat, 25 Nov 2023 03:44:58 GMT
content-type: image/gif
last-modified: Mon, 05 Mar 2012 05:04:54 GMT
etag: "fee3-4f544976-0;;;"
accept-ranges: bytes
content-length: 65251
date: Fri, 25 Nov 2022 03:44:58 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
logv33.xiti.com/hit.xiti?s=281802&p=geocity_rose&hl=3x45x0&r=1280x1024x24x24&ref=http://pak-janggut.blogspot.com/
143.204.46.236302 Found 148 B URL HTTP/2 logv33.xiti.com/hit.xiti?s=281802&p=geocity_rose&hl=3x45x0&r=1280x1024x24x24&ref=http://pak-janggut.blogspot.com/
IP 143.204.46.236:0
File type HTML document, ASCII text
Hash dbe7b83ef90333319be1786e7bc9d107
ce5d62ed8f7ad95dabfcfe3d2c28c5557926aaa8
8e2dea9e73ab500daebaef5935c473e6355911c5d7024393a2ec965a3ff45cc5
GET /hit.xiti?s=281802&p=geocity_rose&hl=3x45x0&r=1280x1024x24x24&ref=http://pak-janggut.blogspot.com/ HTTP/1.1
Host: logv33.xiti.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.widgeo.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=utf-8
content-length: 148
date: Fri, 25 Nov 2022 03:45:00 GMT
cache-control: no-store
location: /hit.xiti?s=281802&p=geocity_rose&hl=3x45x0&r=1280x1024x24x24&ref=http://pak-janggut.blogspot.com/&Rdt=On
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
set-cookie: idrxvr=4AAA91B5-CD73-4251-A6E4-EF9455993F84; Path=/; Domain=xiti.com; Expires=Mon, 25 Dec 2023 03:45:00 GMT; HttpOnly
atidx=4AAA91B5-CD73-4251-A6E4-EF9455993F84; Path=/; Domain=xiti.com; Expires=Mon, 25 Dec 2023 03:45:00 GMT; HttpOnly; Secure
atid=4AAA91B5-CD73-4251-A6E4-EF9455993F84; Path=/; Domain=xiti.com; Expires=Mon, 25 Dec 2023 03:45:00 GMT; HttpOnly; Secure; SameSite=None
strict-transport-security: max-age=15768000
x-cache: Miss from cloudfront
via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: NuWP6iilQcUh0vCu77McTS5PHgjomzlmbaa935UTkKl-NBTPXb0z1Q==
X-Firefox-Spdy: h2
i66.photobucket.com/albums/h260/toonybug/background2-20.jpg
143.204.55.54200 OK 227 kB URL HTTP/2 i66.photobucket.com/albums/h260/toonybug/background2-20.jpg
IP 143.204.55.54:0
File type RIFF (little-endian) data, Web/P image\012- data
Size 227 kB (226614 bytes)
Hash ef7477fb8ee9a569a09ee99354e024bc
1a7406d2f52fe0a9ead58edd224c0994a9c82fe5
6c1d19b7a44d5762cb0d83a48844d4d109b1a64f31278a9673e6a69fce21fa44
GET /albums/h260/toonybug/background2-20.jpg HTTP/1.1
Host: i66.photobucket.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://pak-janggut.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/webp
content-length: 226614
date: Fri, 25 Nov 2022 03:45:00 GMT
cache-control: max-age=31536000, public
content-disposition: inline; filename="background2-20.webp"
expires: Sat, 25 Nov 2023 03:45:00 GMT
server: photobucket
x-amzn-trace-id: Root=1-63803a3c-00c7226f7d8f27e43fa0b097
x-request-id: RA3vKkIJ72xRAM-6cXB2Q
x-cache: Miss from cloudfront
via: 1.1 814e8c24454087e83cd261a6cf477166.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: nOZoKhDTceRpeJ5dTf8njvrzJkAkC9XfS6PkHE4Z8fbNnfEWzJFNbQ==
vary: Accept, Origin
X-Firefox-Spdy: h2
logv33.xiti.com/hit.xiti?s=281802&p=geocity_rose&hl=3x45x0&r=1280x1024x24x24&ref=http://pak-janggut.blogspot.com/&Rdt=On
143.204.46.236200 OK 373 B URL HTTP/2 logv33.xiti.com/hit.xiti?s=281802&p=geocity_rose&hl=3x45x0&r=1280x1024x24x24&ref=http://pak-janggut.blogspot.com/&Rdt=On
IP 143.204.46.236:0
File type GIF image data, version 89a, 39 x 25\012- data
Hash 29cb2a1e585dff1f4282449fdbbab2d7
075d147195f9dba1862a6f3990d219d7c4389225
86fd3be02ab9497ebb14a884fb226386cd0db257b234b005f0000326ae8c9081
GET /hit.xiti?s=281802&p=geocity_rose&hl=3x45x0&r=1280x1024x24x24&ref=http://pak-janggut.blogspot.com/&Rdt=On HTTP/1.1
Host: logv33.xiti.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.widgeo.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/gif
content-length: 373
date: Fri, 25 Nov 2022 03:45:00 GMT
cache-control: no-store
strict-transport-security: max-age=15768000
x-cache: Miss from cloudfront
via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: J8WANk_qIamVtQpqU3hHuiuTnrPp21rr5f22HZWtvsWxkzQk7CKJ7Q==
X-Firefox-Spdy: h2
bdv.bidvertiser.com/BidVertiser.dbm?pid=361547&bid=1169954&RD=17625795075553&DIF=1&bd_ref_v=pak-janggut.blogspot.com&tref=1&win_name=null&docref=&jsrand=17625795075553&js1loc=-&loctitle=%20Pak%20Janggut%20Tukang%20Cerita%3A%20Siapa
54.241.51.109200 OK 20 kB URL HTTP/1.1 bdv.bidvertiser.com/BidVertiser.dbm?pid=361547&bid=1169954&RD=17625795075553&DIF=1&bd_ref_v=pak-janggut.blogspot.com&tref=1&win_name=null&docref=&jsrand=17625795075553&js1loc=-&loctitle=%20Pak%20Janggut%20Tukang%20Cerita%3A%20Siapa
IP 54.241.51.109:0
Hash c82ca31025c503768f197d43506facf6
65a1fc82a965cd1a12ee006c75a55869a421d914
90e95e7f953b9eb44abc0c2b74ae2340a8b4ffebaca591c90f270affb16332d1
GET /BidVertiser.dbm?pid=361547&bid=1169954&RD=17625795075553&DIF=1&bd_ref_v=pak-janggut.blogspot.com&tref=1&win_name=null&docref=&jsrand=17625795075553&js1loc=-&loctitle=%20Pak%20Janggut%20Tukang%20Cerita%3A%20Siapa HTTP/1.1
Host: bdv.bidvertiser.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Friday, 25-Nov-2022 03:45:00 GMT
Cache-Control: no-store
Last-Modified: Thursday, 25-Nov-2021 03:45:00 GMT
Set-Cookie: bdv_c11p=244; domain=.bidvertiser.com; path=/; expires=Sat, 26-Nov-2022 03:45:00 GMT
bdv_c11p=1_1_1; domain=.bidvertiser.com; path=/; expires=Sat, 26-Nov-2022 03:45:00 GMT
P3P: policyref="http://www.bidvertiser.com/bdv/bidvertiser/p3p.xml", CP="NOI DEV PSA PSD IVA OTP OUR OTR IND OTC"
Content-Type: text/html; charset=utf-8
Content-Len: 4161
CONNECTION: Close
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Nov 2022 21:46:16 GMT
expires: Fri, 24 Nov 2023 21:46:16 GMT
cache-control: public, max-age=31536000
age: 21525
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4544
Expires: Fri, 25 Nov 2022 05:00:45 GMT
Date: Fri, 25 Nov 2022 03:45:01 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4544
Expires: Fri, 25 Nov 2022 05:00:45 GMT
Date: Fri, 25 Nov 2022 03:45:01 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4518
Expires: Fri, 25 Nov 2022 05:00:19 GMT
Date: Fri, 25 Nov 2022 03:45:01 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4518
Expires: Fri, 25 Nov 2022 05:00:19 GMT
Date: Fri, 25 Nov 2022 03:45:01 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4518
Expires: Fri, 25 Nov 2022 05:00:19 GMT
Date: Fri, 25 Nov 2022 03:45:01 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4ba10698-9bc6-45a1-b97d-7209a0a31f7c.jpeg
34.120.237.76200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4ba10698-9bc6-45a1-b97d-7209a0a31f7c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7d0105e45becaf777227cac49e320321
d279a0b70061fe3d8268f1e69c515c0c4439dc80
ea9571213d9a57318cde036c108d4c973c627ce4cd225534ee246349ed4ba3a9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4ba10698-9bc6-45a1-b97d-7209a0a31f7c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5211
x-amzn-requestid: 706d0037-bbff-417a-9fa3-8ebbbf7b4df1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cIB8wFOToAMF12Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fe384-01b6908212b2ab9c5caa34a0;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:00 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: JbjUiHcVu2ytN848RqI8Ygkd0R9YCnq_OeFdc5Y5JTymA2k9HN4lZA==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 21:35:01 GMT
etag: "d279a0b70061fe3d8268f1e69c515c0c4439dc80"
content-type: image/jpeg
age: 22200
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00e89fb5-5cb3-4f68-936b-5ee31d6061bc.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00e89fb5-5cb3-4f68-936b-5ee31d6061bc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8b6ee13d43732f7c764a49500d092865
5d15fd672e968d59b541e4d5d0d01cd5e69f4075
fc3623d527147e1c6aab399251ed8d527e6eefdee6ad7183f00df2613498bfe4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00e89fb5-5cb3-4f68-936b-5ee31d6061bc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8006
x-amzn-requestid: 78aab013-df11-464b-a1c7-ee41b7e77b40
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cIB-AHSrIAMFvKw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fe38c-4d795f410a57fc2c21d7075d;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:08 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: NntLZ3wUdcX9kEo-afFLU0TPKgqAlSK3bToNh2mmoqoyLBJINNk7ow==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 21:54:39 GMT
age: 21022
etag: "5d15fd672e968d59b541e4d5d0d01cd5e69f4075"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9e23502-5ace-42f4-a990-42412dc7e04e.jpeg
34.120.237.76200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9e23502-5ace-42f4-a990-42412dc7e04e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f6292a2988fb4505d0098553b8e99ddc
9b8aafcda0e22edcc16d3048f4b88659d3b42419
16b7b473229c5e519ab81b385c50277424f3f3b2a5d7647035e84ba58e44f3be
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9e23502-5ace-42f4-a990-42412dc7e04e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6385
x-amzn-requestid: 1946379e-4e55-4f88-af6f-1b97b23ed91d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b_c6lHpkIAMFUkw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637c7510-6b1a2a885ccfed6a79ecfc6a;Sampled=0
x-amzn-remapped-date: Tue, 22 Nov 2022 07:06:56 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: dqSKXJ-wDRV1EvLG8O8iL1658j4HdMmxR3nD-UkRKhW-N9UWjeQ3rA==
via: 1.1 feda34dcbf6a00e232656b7983c2c7f0.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 07:34:35 GMT
age: 72626
etag: "9b8aafcda0e22edcc16d3048f4b88659d3b42419"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F68dc3a7e-f975-440d-a07f-305243b24788.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F68dc3a7e-f975-440d-a07f-305243b24788.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c71b83b77af9bb19b3845048a3008b43
050da47a42e16a83c1d59419055961fe9f1f4cc0
cb36e84116edbaa02347bc53611a8318ac8284ac71346006cb95688a6a08f662
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F68dc3a7e-f975-440d-a07f-305243b24788.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10531
x-amzn-requestid: aa926e70-4b20-40ba-849d-50e96cab8bea
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cICPAHoqoAMFXHA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fe3f9-28cdb407069866236c99a0c7;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 21:36:57 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: G4LR5DxkDi5dC9OLvwdK6-e2bbGjJMWLInRD1r_CKYKxFMqOoG1Z0w==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 21:55:47 GMT
age: 20954
etag: "050da47a42e16a83c1d59419055961fe9f1f4cc0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
34.120.237.76200 OK 4.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 841a4b110022a99ddea6f7bf66df0fa1
126771b86638108050cf57c0d12faa27f80f0edb
240fbffc1f9104433297d3ff7afba2d0b58d7f1b13d9a9260a1bad25216665db
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4309
x-amzn-requestid: 47c2739d-73c5-4d91-914c-fe635cb09772
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b1U8xGxgIAMF-qQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63786851-6fbe19dc5c4c20dd657604e3;Sampled=0
x-amzn-remapped-date: Sat, 19 Nov 2022 05:23:29 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: j_8oVo464QMWMnmkxQJIDRhaIVmwhzCTHe4A57OdmaUr9HcyTtBUjg==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 2750b94b402c92287d764b5fa115a042.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 05:04:28 GMT
age: 81633
etag: "126771b86638108050cf57c0d12faa27f80f0edb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7d60bb22-4a30-4570-8561-eb3a2833a058.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7d60bb22-4a30-4570-8561-eb3a2833a058.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f59a591b222397ff0f01c22a0786e660
6a8504212141af411a18ce58960c8bb52e8116ac
624847cfdfcd770d2dee8a2b85f3c7c480cda58ba2aef1135184f3dffc30d1f1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7d60bb22-4a30-4570-8561-eb3a2833a058.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8277
x-amzn-requestid: e84a5668-cd91-42af-b6de-5eb694ea56e6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cIB-KFtmIAMF00Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fe38d-64513fb257d83b9847c82929;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: O4PtH20kVWgH-Jf_TivPqMqjnwrZB_8XvZAkDDzLLFPXVjqzkz1YJw==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 21:59:22 GMT
age: 20739
etag: "6a8504212141af411a18ce58960c8bb52e8116ac"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
bdv.bidvertiser.com/BidVertiser.dbm?pid=361547&bid=1169953&RD=8765006991792&DIF=1&bd_ref_v=pak-janggut.blogspot.com&tref=1&win_name=null&docref=&jsrand=8765006991792&js1loc=-&loctitle=%20Pak%20Janggut%20Tukang%20Cerita%3A%20Siapa
54.241.51.109200 OK 9.4 kB URL HTTP/1.1 bdv.bidvertiser.com/BidVertiser.dbm?pid=361547&bid=1169953&RD=8765006991792&DIF=1&bd_ref_v=pak-janggut.blogspot.com&tref=1&win_name=null&docref=&jsrand=8765006991792&js1loc=-&loctitle=%20Pak%20Janggut%20Tukang%20Cerita%3A%20Siapa
IP 54.241.51.109:0
Hash ae7432f8c6dbdb4a7418ea140057c952
8b9d8aaeac4d692702f9720f7456cd4f14da62f3
0373dab06a19362adcfb1ab8f2304274b799cfd9985ad96e2f8cbbdb96e7ee72
GET /BidVertiser.dbm?pid=361547&bid=1169953&RD=8765006991792&DIF=1&bd_ref_v=pak-janggut.blogspot.com&tref=1&win_name=null&docref=&jsrand=8765006991792&js1loc=-&loctitle=%20Pak%20Janggut%20Tukang%20Cerita%3A%20Siapa HTTP/1.1
Host: bdv.bidvertiser.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Friday, 25-Nov-2022 03:45:01 GMT
Cache-Control: no-store
Last-Modified: Thursday, 25-Nov-2021 03:45:01 GMT
Set-Cookie: bdv_c11p=244; domain=.bidvertiser.com; path=/; expires=Sat, 26-Nov-2022 03:45:01 GMT
bdv_c11p=1_1_1; domain=.bidvertiser.com; path=/; expires=Sat, 26-Nov-2022 03:45:01 GMT
P3P: policyref="http://www.bidvertiser.com/bdv/bidvertiser/p3p.xml", CP="NOI DEV PSA PSD IVA OTP OUR OTR IND OTC"
Content-Type: text/html; charset=utf-8
Content-Len: 7615
CONNECTION: Close
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 670dda5fda45a89db08867e9109f65b7
2a64bc381f8e795fe7a46a98c3e8add2f1ade404
7c2085a52a32eab3f4ab73c4ab3718cf1e7d67502e83001ce45d2857b37a0755
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1622
Cache-Control: max-age=92910
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 03:45:03 GMT
Etag: "637efbd7-1d7"
Expires: Sat, 26 Nov 2022 05:33:33 GMT
Last-Modified: Thu, 24 Nov 2022 05:06:31 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
connect.facebook.net/en_US/all.js?hash=f6c9e8aec7e2ff0f242f3501309e6825
157.240.200.14200 OK 87 kB URL HTTP/2 connect.facebook.net/en_US/all.js?hash=f6c9e8aec7e2ff0f242f3501309e6825
IP 157.240.200.14:0
File type ASCII text, with very long lines (18734)
Hash d3c6e21ee60dbb926f5f49b08d3168b0
cc775c12191353aafedaf96fd1202677e7af8ea5
692233cc892eb7f332f026c87cbd60bcb8d1faaaa77e2de0f7c5bf78bc64d0c2
GET /en_US/all.js?hash=f6c9e8aec7e2ff0f242f3501309e6825 HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://pak-janggut.blogspot.com
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: b585da0e901b86cd6c15d085b1330e1f
etag: "5bf0cf22652e69a6706401b4ee3d40de"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Sat, 25 Nov 2023 01:50:25 GMT
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: 08biHuYNu5JvX0mwjTFosA==
x-fb-debug: xwlHXVrW1iLbyClQ51uRlLyPABZvTgefAG9Rxt3Fot1MMIAMQy/lrmMVziJfLN99F8jJZaqFi2ZbZl6V+wo4+Q==
priority: u=3,i
content-length: 86715
x-fb-trip-id: 1679558926
date: Fri, 25 Nov 2022 03:45:03 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 670dda5fda45a89db08867e9109f65b7
2a64bc381f8e795fe7a46a98c3e8add2f1ade404
7c2085a52a32eab3f4ab73c4ab3718cf1e7d67502e83001ce45d2857b37a0755
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1622
Cache-Control: max-age=92910
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 03:45:03 GMT
Etag: "637efbd7-1d7"
Expires: Sat, 26 Nov 2022 05:33:33 GMT
Last-Modified: Thu, 24 Nov 2022 05:06:31 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
pak-janggut.blogspot.com/favicon.ico
142.250.74.161200 OK 412 B URL HTTP/1.1 pak-janggut.blogspot.com/favicon.ico
IP 142.250.74.161:0
File type MS Windows icon resource - 2 icons, 32x32, 8 bits/pixel, 16x16, 8 bits/pixel\012- data
Hash 501c61a70f5c41181aa050d9110909ca
5b985d5671a7caf686fdfb1df13488c4407f6c9f
c4aaf001607ee331f6871b4dbbf45942b1e197726714fd106e46d70cc10ee97e
GET /favicon.ico HTTP/1.1
Host: pak-janggut.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/2013/03/siapa-sebenarnya-tasha-manshahar.html
Cookie: ck_TCM_pop=1; HstCfa1960718=1669347899513; HstCla1960718=1669347899513; HstCmu1960718=1669347899513; HstPn1960718=1; HstPt1960718=1; HstCnv1960718=1; HstCns1960718=1; cj_uid=r7BthF9p3jApSS6cFSGTre30n5Ufz9
HTTP/1.1 200 OK
Content-Type: image/x-icon; charset=UTF-8
Expires: Fri, 25 Nov 2022 03:45:03 GMT
Date: Fri, 25 Nov 2022 03:45:03 GMT
Cache-Control: private, max-age=86400
Last-Modified: Wed, 23 Nov 2022 13:28:39 GMT
ETag: W/"2632c1924d5d6d80a07f9aed010d8e3e5bce62c48b9587f57a98d7493e578c7b"
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 412
Server: GSE
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e4187a43946d8ea5337bb1347757b7a6
05dd65dd513f85c93974052ac7fa227aaf250fe4
495169482368a285ec3b8581b00365be1dd6c011d0278437bc55be18a6231adf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "495169482368A285EC3B8581B00365BE1DD6C011D0278437BC55BE18A6231ADF"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14804
Expires: Fri, 25 Nov 2022 07:51:47 GMT
Date: Fri, 25 Nov 2022 03:45:03 GMT
Connection: keep-alive
widgets.amung.us/colored.js
172.67.8.141200 OK 3.2 kB URL HTTP/1.1 widgets.amung.us/colored.js
IP 172.67.8.141:0
File type ASCII text, with very long lines (8596), with no line terminators
Hash fb2d2d6ae1380dd532a4f653267faf5e
5f1c850f1872fc8b43ec5bb2ebc29a76c77292b9
df88edf6843167ac3284b229fca9e2ef641db2c5b7abce9f638d7fc5d260713f
GET /colored.js HTTP/1.1
Host: widgets.amung.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 03:45:03 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
last-modified: Fri, 11 Nov 2022 22:14:56 GMT
etag: W/"636ec960-2194"
expires: Sat, 26 Nov 2022 03:45:03 GMT
cache-control: max-age=86400
access-control-allow-origin: *
content-encoding: gzip
CF-Cache-Status: EXPIRED
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f763ab9e7bb51b-OSL
s4.histats.com/stats/1960718.php?1960718&@f16&@g1&@h1&@i1&@j1669347899513&@k0&@l1&@mPak%20Janggut%20Tukang%20Cerita%3A%20Siapa%20Sebenarnya%20Tasha%20Manshahar%3F&@n0&@o1000&@q0&@r0&@s4005&@ten-US&@u1280&@b1:80803159&@b3:1669347900&@b4:js15.js&@b5:0&@a-_0.2.1&@vhttp%3A%2F%2Fpak-janggut.blogspot.com%2F2013%2F03%2Fsiapa-sebenarnya-tasha-manshahar.html&@w
198.27.80.143200 OK 103 B URL HTTP/1.1 s4.histats.com/stats/1960718.php?1960718&@f16&@g1&@h1&@i1&@j1669347899513&@k0&@l1&@mPak%20Janggut%20Tukang%20Cerita%3A%20Siapa%20Sebenarnya%20Tasha%20Manshahar%3F&@n0&@o1000&@q0&@r0&@s4005&@ten-US&@u1280&@b1:80803159&@b3:1669347900&@b4:js15.js&@b5:0&@a-_0.2.1&@vhttp%3A%2F%2Fpak-janggut.blogspot.com%2F2013%2F03%2Fsiapa-sebenarnya-tasha-manshahar.html&@w
IP 198.27.80.143:0
File type ASCII text, with no line terminators
Hash 9d64000b9fa00f66900b6538c984786b
cd8201c128d8263e7a2b914bd63a1182d4c9101c
224073dd7864f57ed4a6e0c392d3fad1e58cef49018dc8c18238cc5bda517160
GET /stats/1960718.php?1960718&@f16&@g1&@h1&@i1&@j1669347899513&@k0&@l1&@mPak%20Janggut%20Tukang%20Cerita%3A%20Siapa%20Sebenarnya%20Tasha%20Manshahar%3F&@n0&@o1000&@q0&@r0&@s4005&@ten-US&@u1280&@b1:80803159&@b3:1669347900&@b4:js15.js&@b5:0&@a-_0.2.1&@vhttp%3A%2F%2Fpak-janggut.blogspot.com%2F2013%2F03%2Fsiapa-sebenarnya-tasha-manshahar.html&@w HTTP/1.1
Host: s4.histats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 03:45:03 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 103
Connection: close
d39f23jfph0ylk.cloudfront.net/buatcoklat.com.gif
143.204.42.149200 OK 4.4 kB URL HTTP/2 d39f23jfph0ylk.cloudfront.net/buatcoklat.com.gif
IP 143.204.42.149:0
File type GIF image data, version 87a, 253 x 43\012- data
Hash 40da375b710fa50b7ac80e6fa6631301
1fb8573a11db47e18dcb9d63b59703698a515d38
4d87f9330df397e20ff54a229705d34c3db2e1cc25c247046aa033b42b2e6482
GET /buatcoklat.com.gif HTTP/1.1
Host: d39f23jfph0ylk.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://pak-janggut.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 4361
last-modified: Sat, 02 Jul 2022 06:39:13 GMT
accept-ranges: bytes
server: AmazonS3
date: Fri, 25 Nov 2022 03:45:04 GMT
etag: "40da375b710fa50b7ac80e6fa6631301"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: RVNOe7bxhKS1ggsXCPvy7hZEBLoEbrWDlDxFUdXJkx7EhTBYqvZmAw==
X-Firefox-Spdy: h2
bdv.bidvertiser.com/bidvertiser.dbm?pid=361547&bid=1169954&RD=39138708706647&DIF=2
54.241.51.109200 OK 764 B URL HTTP/1.1 bdv.bidvertiser.com/bidvertiser.dbm?pid=361547&bid=1169954&RD=39138708706647&DIF=2
IP 54.241.51.109:0
Hash ebadf721975280da2ceb9914a7a48eff
87d2df1be653cbe21cd192cb258b9ceef9b9ad46
77634365c3cb78ae68263508dc849d7068cbb145a9a34df52ff6031821707a0d
GET /bidvertiser.dbm?pid=361547&bid=1169954&RD=39138708706647&DIF=2 HTTP/1.1
Host: bdv.bidvertiser.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
HTTP/1.1 200 OK
Date: Friday, 25-Nov-2022 03:45:03 GMT
Cache-Control: no-store
Last-Modified: Thursday, 25-Nov-2021 03:45:03 GMT
P3P: policyref="http://www.bidvertiser.com/bdv/bidvertiser/p3p.xml", CP="NOI DEV PSA PSD IVA OTP OUR OTR IND OTC"
Content-Type: text/javascript; charset=utf-8
Content-Len: 0
CONNECTION: Close
bdv.bidvertiser.com/bidvertiser.dbm?pid=361547&bid=1169953&RD=22849049921653&DIF=2
54.241.51.109200 OK 709 B URL HTTP/1.1 bdv.bidvertiser.com/bidvertiser.dbm?pid=361547&bid=1169953&RD=22849049921653&DIF=2
IP 54.241.51.109:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (666)
Hash 2b8a4d869320beceef4511ff112b48af
891b51672cabfc0730192544f153321b9fc5e05f
7374dd8a486d68c66d73690d786f9b00ff7bb6abc1dd9dd26c99f63274e51622
GET /bidvertiser.dbm?pid=361547&bid=1169953&RD=22849049921653&DIF=2 HTTP/1.1
Host: bdv.bidvertiser.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
HTTP/1.1 200 OK
Date: Friday, 25-Nov-2022 03:45:03 GMT
Cache-Control: no-store
Last-Modified: Thursday, 25-Nov-2021 03:45:03 GMT
P3P: policyref="http://www.bidvertiser.com/bdv/bidvertiser/p3p.xml", CP="NOI DEV PSA PSD IVA OTP OUR OTR IND OTC"
Content-Type: text/javascript; charset=utf-8
Content-Len: 0
CONNECTION: Close
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 54f24adb80ed3e82590fae1e776d2df6
502bcc08679c733c00caab73fb2facaaa2f04fe7
581b3030b7c35b78f5537d3fffd0630add6c5e4b7873f7b97cb71fc0993a6fe6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "581B3030B7C35B78F5537D3FFFD0630ADD6C5E4B7873F7B97CB71FC0993A6FE6"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9303
Expires: Fri, 25 Nov 2022 06:20:08 GMT
Date: Fri, 25 Nov 2022 03:45:05 GMT
Connection: keep-alive
tags.h12-media.com/v2/tags.js?placement=4b434a53d7981a49e81903f9d05b6efe&type=sliding&erdal=mercan&size=&appearance=&pname=&debug=&name=From%20Bottom&code=&freq=&pb=&bref=http%3A%2F%2Fpak-janggut.blogspot.com%2F2013%2F03%2Fsiapa-sebenarnya-tasha-manshahar.html%23&href=undefined&rnd=0.39632657821660633&allowbackup=undefined&sability=undefined&cvfsy=undefined&mmtitw=undefined&bpos=undefined&bposscr=undefined&cdim=undefined&ddim=undefined&clngs=undefined&mdi=undefined&mhi=undefined
154.51.131.141200 OK 0 B URL HTTP/2 tags.h12-media.com/v2/tags.js?placement=4b434a53d7981a49e81903f9d05b6efe&type=sliding&erdal=mercan&size=&appearance=&pname=&debug=&name=From%20Bottom&code=&freq=&pb=&bref=http%3A%2F%2Fpak-janggut.blogspot.com%2F2013%2F03%2Fsiapa-sebenarnya-tasha-manshahar.html%23&href=undefined&rnd=0.39632657821660633&allowbackup=undefined&sability=undefined&cvfsy=undefined&mmtitw=undefined&bpos=undefined&bposscr=undefined&cdim=undefined&ddim=undefined&clngs=undefined&mdi=undefined&mhi=undefined
IP 154.51.131.141:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v2/tags.js?placement=4b434a53d7981a49e81903f9d05b6efe&type=sliding&erdal=mercan&size=&appearance=&pname=&debug=&name=From%20Bottom&code=&freq=&pb=&bref=http%3A%2F%2Fpak-janggut.blogspot.com%2F2013%2F03%2Fsiapa-sebenarnya-tasha-manshahar.html%23&href=undefined&rnd=0.39632657821660633&allowbackup=undefined&sability=undefined&cvfsy=undefined&mmtitw=undefined&bpos=undefined&bposscr=undefined&cdim=undefined&ddim=undefined&clngs=undefined&mdi=undefined&mhi=undefined HTTP/1.1
Host: tags.h12-media.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://pak-janggut.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: max-age=300,private
content-type: application/x-javascript
server: Microsoft-IIS/10.0
x-powered-by: ARR/3.0
date: Fri, 25 Nov 2022 03:45:04 GMT
content-length: 0
X-Firefox-Spdy: h2
tags.h12-media.com/v2/tags.js?placement=4b434a53d7981a49e81903f9d05b6efe&type=sliding&erdal=mercan&size=&appearance=&pname=&debug=&name=From%20Right&code=&freq=&pb=&bref=http%3A%2F%2Fpak-janggut.blogspot.com%2F2013%2F03%2Fsiapa-sebenarnya-tasha-manshahar.html%23&href=undefined&rnd=0.46645305261500536&allowbackup=undefined&sability=undefined&cvfsy=undefined&mmtitw=undefined&bpos=undefined&bposscr=undefined&cdim=undefined&ddim=undefined&clngs=undefined&mdi=undefined&mhi=undefined
154.51.131.141200 OK 0 B URL HTTP/2 tags.h12-media.com/v2/tags.js?placement=4b434a53d7981a49e81903f9d05b6efe&type=sliding&erdal=mercan&size=&appearance=&pname=&debug=&name=From%20Right&code=&freq=&pb=&bref=http%3A%2F%2Fpak-janggut.blogspot.com%2F2013%2F03%2Fsiapa-sebenarnya-tasha-manshahar.html%23&href=undefined&rnd=0.46645305261500536&allowbackup=undefined&sability=undefined&cvfsy=undefined&mmtitw=undefined&bpos=undefined&bposscr=undefined&cdim=undefined&ddim=undefined&clngs=undefined&mdi=undefined&mhi=undefined
IP 154.51.131.141:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v2/tags.js?placement=4b434a53d7981a49e81903f9d05b6efe&type=sliding&erdal=mercan&size=&appearance=&pname=&debug=&name=From%20Right&code=&freq=&pb=&bref=http%3A%2F%2Fpak-janggut.blogspot.com%2F2013%2F03%2Fsiapa-sebenarnya-tasha-manshahar.html%23&href=undefined&rnd=0.46645305261500536&allowbackup=undefined&sability=undefined&cvfsy=undefined&mmtitw=undefined&bpos=undefined&bposscr=undefined&cdim=undefined&ddim=undefined&clngs=undefined&mdi=undefined&mhi=undefined HTTP/1.1
Host: tags.h12-media.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://pak-janggut.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: max-age=300,private
content-type: application/x-javascript
server: Microsoft-IIS/10.0
x-powered-by: ARR/3.0
date: Fri, 25 Nov 2022 03:45:04 GMT
content-length: 0
X-Firefox-Spdy: h2
d2b9l3u54v5v39.cloudfront.net/css/88x726.css?cbst=2
54.230.245.108200 OK 2.9 kB URL HTTP/1.1 d2b9l3u54v5v39.cloudfront.net/css/88x726.css?cbst=2
IP 54.230.245.108:0
File type ASCII text, with CRLF line terminators
Hash 4168b5a2517e8d07be159017f22759e7
ade414bcff8b8babb58bf6369fdbc7b8e2cf67b6
816427321da11d1632fac7711648e373bcbc01cf8b7b372d7b9178827906430a
GET /css/88x726.css?cbst=2 HTTP/1.1
Host: d2b9l3u54v5v39.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bdv.bidvertiser.com/
HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 2866
Connection: keep-alive
Last-Modified: Thu, 18 Jan 2018 16:19:40 GMT
Accept-Ranges: bytes
Server: Microsoft-IIS/10.0
Date: Fri, 25 Nov 2022 02:01:42 GMT
ETag: "8ae83247890d31:0"
X-Cache: Hit from cloudfront
Via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 7Xi8Xfbmv6uPf2wQniu-G7RHsOmH0eoDPH0PdmYiILGNz8KRlkeG3Q==
Age: 7866
d2b9l3u54v5v39.cloudfront.net/css/58x466.css?cbst=2
54.230.245.108200 OK 2.8 kB URL HTTP/1.1 d2b9l3u54v5v39.cloudfront.net/css/58x466.css?cbst=2
IP 54.230.245.108:0
File type ASCII text, with CRLF line terminators
Hash d58909e3606e94cade8eca195ab40f2e
e6363f5074ba81376c31b4cd770f0b0344621e24
68cec5539b0b468c927628d857780b25c5be36223db516828dce541b1c167c00
GET /css/58x466.css?cbst=2 HTTP/1.1
Host: d2b9l3u54v5v39.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bdv.bidvertiser.com/
HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 2831
Connection: keep-alive
Last-Modified: Thu, 18 Jan 2018 16:19:13 GMT
Accept-Ranges: bytes
Server: Microsoft-IIS/10.0
Date: Thu, 24 Nov 2022 21:02:08 GMT
ETag: "ec706f147890d31:0"
X-Cache: Hit from cloudfront
Via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: EIZHIAjyX6JmJFTo79sjthdIug5N6OD5ok8Y9J4oLFttXGwB3Rdd7w==
Age: 24177
d2b9l3u54v5v39.cloudfront.net/activejs/bdv_fsthd.js
54.230.245.108200 OK 1.2 kB URL HTTP/1.1 d2b9l3u54v5v39.cloudfront.net/activejs/bdv_fsthd.js
IP 54.230.245.108:0
File type ASCII text, with CRLF line terminators
Hash 263303c015aaddbd3c417327b3b50823
c5c4f7ec9f5c1a2cfafad6b5810ed0da2080d3cb
871bcbf1631eba9d4218fddb8dd96a075fdf33725e1ff991b345808c15c66617
GET /activejs/bdv_fsthd.js HTTP/1.1
Host: d2b9l3u54v5v39.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bdv.bidvertiser.com/
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 1199
Connection: keep-alive
Last-Modified: Thu, 14 Jan 2021 11:27:17 GMT
Accept-Ranges: bytes
Server: Microsoft-IIS/10.0
Date: Thu, 24 Nov 2022 06:12:52 GMT
ETag: "977ef3668ead61:0"
X-Cache: Hit from cloudfront
Via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: OgTSQ9vzUWj8f32C4hFMUG9KOlz-cL4HMIiVFIJvzgiehsaFBQwjwg==
Age: 77533
d2b9l3u54v5v39.cloudfront.net/css/default.css
54.230.245.108200 OK 1.5 kB URL HTTP/1.1 d2b9l3u54v5v39.cloudfront.net/css/default.css
IP 54.230.245.108:0
File type ASCII text, with CRLF line terminators
Hash 8ea20baef891abad5a169261301f1b0d
b983c5b36da773d38fc2d9d56fb1e462080ac0f8
27306e4a14ab04d39e59d9d73d6fac0fca90bbab3da5d9358c0000b9119c90af
GET /css/default.css HTTP/1.1
Host: d2b9l3u54v5v39.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bdv.bidvertiser.com/
HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 1489
Connection: keep-alive
Last-Modified: Mon, 21 Sep 2015 08:25:40 GMT
Accept-Ranges: bytes
Server: Microsoft-IIS/10.0
Date: Thu, 24 Nov 2022 07:35:31 GMT
ETag: "70d0ec1947f4d01:0"
X-Cache: Hit from cloudfront
Via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: AmJxu9ScAGcoVGGvqSO_zG-6m8Ly5hTt4VpwIBii2_FscuXhL10ycg==
Age: 72574
d2b9l3u54v5v39.cloudfront.net/css/598x158.css?cbst=2
54.230.245.108200 OK 2.8 kB URL HTTP/1.1 d2b9l3u54v5v39.cloudfront.net/css/598x158.css?cbst=2
IP 54.230.245.108:0
File type ASCII text, with CRLF line terminators
Hash 68d57d3699fb5df19a82f9792073203f
8cba5e108ef62b9b68d991eca1a1c409bb016f01
49617ae18de9b53d3d940741d580dbe36ba050c5d07cd32fd937904cf00bde2d
GET /css/598x158.css?cbst=2 HTTP/1.1
Host: d2b9l3u54v5v39.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bdv.bidvertiser.com/
HTTP/1.1 200 OK
Content-Type: text/css
Content-Length: 2817
Connection: keep-alive
Last-Modified: Thu, 18 Jan 2018 16:21:47 GMT
Accept-Ranges: bytes
Server: Microsoft-IIS/10.0
Date: Fri, 25 Nov 2022 03:45:05 GMT
ETag: "82363f707890d31:0"
X-Cache: Hit from cloudfront
Via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: hcKlmz4XW7VjxzVvnu1bCR5lyN76l3rK3JADp7wEmjqbh8kpJ9ftcQ==
Age: 15137
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 4af780570d49b327d38dc189095448e9
1dd4193a2afeb237c5e475b603b1cbd137f7f97e
f25ef2e65d3c2acbba49b5d36c2fe37f8d404fa3b0ea5cdd6c93ac1685a6129a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 03:45:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash e38e74658bc09f31293e68f2fd628762
aadc5b43ce978177f8fb2d5ba7ab8417421c8f91
93c3977f649fea81454e1d7206240bed42a5091240a7c8e35917e12f91884243
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6224
Cache-Control: max-age=109062
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 03:45:05 GMT
Etag: "637f28f7-118"
Expires: Sat, 26 Nov 2022 10:02:47 GMT
Last-Modified: Thu, 24 Nov 2022 08:19:03 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 280
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
216.58.207.195200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.widgeo.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Nov 2022 05:42:51 GMT
expires: Fri, 24 Nov 2023 05:42:51 GMT
cache-control: public, max-age=31536000
age: 79334
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.widgeo.net/geocompteur/img/tmp/earth_red.png
104.26.10.22200 OK 2.6 kB URL HTTP/2 www.widgeo.net/geocompteur/img/tmp/earth_red.png
IP 104.26.10.22:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 58980cc45f0ee0efffdc30ade3c1e295
ed75a1ea320a5a5993f2d8c27b2873bde09364e7
e994d6dfb98c97b89266605ccb40fade20b65078c94749428fd2d2485725a602
GET /geocompteur/img/tmp/earth_red.png HTTP/1.1
Host: www.widgeo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.widgeo.net/geocompteur/css/city_css.php?c=geocity_rose
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 03:45:05 GMT
content-type: image/webp
content-length: 2616
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=3362
content-disposition: inline; filename="earth_red.webp"
vary: Accept
cache-control: public, max-age=2592000
expires: Fri, 23 Dec 2022 04:01:36 GMT
last-modified: Thu, 20 Jun 2019 15:14:42 GMT
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 171808
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LIl7rcQjUIzQYchFRN0uwqR4s09nD8grq8cV0ko5lJW3Y2CS5VeOQ8gE4CChNS1qnG%2BnUl7noF1lARJSKq6cxhxvzs2cQQPqIMDuAULnwlMUO%2FBXsdE%2FMp8r%2FnLxqJwR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76f763b8ccf8b506-OSL
X-Firefox-Spdy: h2
www.widgeo.net/geocompteur/img/tmp/geocity_rose.png
104.26.10.22200 OK 1.5 kB URL HTTP/2 www.widgeo.net/geocompteur/img/tmp/geocity_rose.png
IP 104.26.10.22:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash fd8fcb06a3c68c043307fabecea3593f
0e5bc3f93162c0ead5a509577d5e044220bb0a34
20b0d8b04ef5ea8054fa50e23cb038e81f2af5b15bde64a1af632a9a65e6c5b9
GET /geocompteur/img/tmp/geocity_rose.png HTTP/1.1
Host: www.widgeo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.widgeo.net/geocompteur/css/city_css.php?c=geocity_rose
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 03:45:05 GMT
content-type: image/webp
content-length: 1456
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=2256
content-disposition: inline; filename="geocity_rose.webp"
vary: Accept
cache-control: public, max-age=2592000
expires: Tue, 20 Dec 2022 21:55:24 GMT
last-modified: Thu, 20 Jun 2019 15:14:42 GMT
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 366581
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YHEEmrgnuGBUJcdcomf11I7HcN3EwjhLJurPYRoob6BSzyn9QzUXht9D34ZxgUldfbDufQPqGJOKLqYPfDtDLaqky2StSf0uTs%2BxNwT9u0AwjIfxGYdjDOclSpga%2B9%2BA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76f763b8ccf9b506-OSL
X-Firefox-Spdy: h2
tzegilo.com/stattag.js
104.21.84.149200 OK 5.7 kB IP 104.21.84.149:0
File type ASCII text, with very long lines (12966), with no line terminators
Hash 07a2e416978524c842e6d58997124b25
3f880346ce92731fffd41b75586948e140d07fc8
b5fefc35c222a8e87bc1d297d42de72a59d0d793fdc6dd45506f02b4be13e476
GET /stattag.js HTTP/1.1
Host: tzegilo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 03:45:05 GMT
content-type: application/javascript
last-modified: Wed, 23 Nov 2022 15:07:42 GMT
etag: W/"637e373e-32a6"
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 5394
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tu2z7ZZqu8%2BRAMaS%2FzkeXuv%2B99zTKv4DyXyavm2SSEx%2FK%2FfAET9Ia9nJwACHT9AbK%2FvHSTKHLMsXLfx6QIdrrRtIefVJPWnPIMo2VESz6mlgbX9%2FXi0RqESUzVu78w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f763b8bde6b4eb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
s10.histats.com/counters/cc_4005.js
46.105.201.240200 OK 10 kB URL HTTP/2 s10.histats.com/counters/cc_4005.js
IP 46.105.201.240:0
File type HTML document, ASCII text, with very long lines (21567), with no line terminators
Hash 096cf348f0068d652c2128f18cc46da4
b90081b21984348905e9593393b2110e9dbc4c9f
a876e91a38cad8b3ef87b7c76ca065b4c230fdaec10fd73892ce153e8b36d6ab
GET /counters/cc_4005.js HTTP/1.1
Host: s10.histats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 03:32:43 GMT
etag: "186401612"
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
x-request-id: 846858277
content-type: text/javascript
content-encoding: br
x-grace: full
x-cdn-pop: sbg
x-cdn-pop-ip: 137.74.120.0/27
x-cacheable: Matched cache
accept-ranges: bytes
content-length: 10284
X-Firefox-Spdy: h2
whos.amung.us/pingjs/?k=uweqylw0i29o&t=Pak%20Janggut%20Tukang%20Cerita%3A%20Siapa%20Sebenarnya%20Tasha%20Manshahar%3F&c=u&x=http%3A%2F%2Fpak-janggut.blogspot.com%2F2013%2F03%2Fsiapa-sebenarnya-tasha-manshahar.html%23&y=&a=0&d=6.495&v=27&r=4863
172.67.8.141200 OK 50 B URL HTTP/1.1 whos.amung.us/pingjs/?k=uweqylw0i29o&t=Pak%20Janggut%20Tukang%20Cerita%3A%20Siapa%20Sebenarnya%20Tasha%20Manshahar%3F&c=u&x=http%3A%2F%2Fpak-janggut.blogspot.com%2F2013%2F03%2Fsiapa-sebenarnya-tasha-manshahar.html%23&y=&a=0&d=6.495&v=27&r=4863
IP 172.67.8.141:0
File type ASCII text, with no line terminators
Hash 9ece318dc82d1838404eeb8f76f44095
14543bdbdfe7af372189883afbc6047d30a38f3e
c17ca995e4839135c72e29e17ebc979f751b81e439d14d529e19c88ee7c52807
GET /pingjs/?k=uweqylw0i29o&t=Pak%20Janggut%20Tukang%20Cerita%3A%20Siapa%20Sebenarnya%20Tasha%20Manshahar%3F&c=u&x=http%3A%2F%2Fpak-janggut.blogspot.com%2F2013%2F03%2Fsiapa-sebenarnya-tasha-manshahar.html%23&y=&a=0&d=6.495&v=27&r=4863 HTTP/1.1
Host: whos.amung.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 03:45:05 GMT
Content-Type: text/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
content-encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76f763b83859b4ff-OSL
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 94d86bd8aa3fb64d5ef4ba39b2093f46
f6f8b969e6d14af88dcd584c72ad52d904d459e9
43bbb48a1a37a33c18036773457c75408e907c1fd7297a42152aee29f396066e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "43BBB48A1A37A33C18036773457C75408E907C1FD7297A42152AEE29F396066E"
Last-Modified: Thu, 24 Nov 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19678
Expires: Fri, 25 Nov 2022 09:13:03 GMT
Date: Fri, 25 Nov 2022 03:45:05 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash e38e74658bc09f31293e68f2fd628762
aadc5b43ce978177f8fb2d5ba7ab8417421c8f91
93c3977f649fea81454e1d7206240bed42a5091240a7c8e35917e12f91884243
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6224
Cache-Control: max-age=109062
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 03:45:05 GMT
Etag: "637f28f7-118"
Expires: Sat, 26 Nov 2022 10:02:47 GMT
Last-Modified: Thu, 24 Nov 2022 08:19:03 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 280
ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js
142.250.74.138200 OK 25 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js
IP 142.250.74.138:0
File type ASCII text, with very long lines (820)
Hash cc24419c482370498f3c227ac73d666b
37fc103ace873f47102e0ca88eb4735bc6806750
152fa070788f0cf29dc062f03860897c39c7ffa13e6eee2dc3e5dc131ecbc7aa
GET /ajax/libs/jquery/1.4.2/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.widgeo.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 24715
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 19 Nov 2022 12:33:40 GMT
expires: Sun, 19 Nov 2023 12:33:40 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 486685
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
my.rtmark.net/gid.js?userId=a7ffae5775144e84a06f7a66f0bedb08
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?userId=a7ffae5775144e84a06f7a66f0bedb08
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash e4ef67998e519f17b73bde3e706777e8
acf185a4ce11d7f876d5cd970d666a0a847bf2bf
df0f7086d742dacf53b17cf5dd51e2b0df7cecc5b3b69b1f22980fe33e40f857
GET /gid.js?userId=a7ffae5775144e84a06f7a66f0bedb08 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://pak-janggut.blogspot.com
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 03:45:05 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: http://pak-janggut.blogspot.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=a7ffae5775144e84a06f7a66f0bedb08; expires=Sat, 25 Nov 2023 03:45:05 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash e61028bc752671cea11924bc1a42a422
b2555d630c063dda53f0e5a84324759e42b48352
23c45f9941b1a476fe0cd4650c9ea13a22e05e5640025e380b13faa4997109ca
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 03:45:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
accounts.google.com/ServiceLogin?passive=true&continue=https://www.blogger.com/followers.g?blogID%3D3330746960625431196%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByM2YjU4NDgiByM4YWI1YWMqByNmZmQ5NjYyByMzODc2MWQ6ByM2YjU4NDhCByM4YWI1YWNKByM2YjU4NDhSByM4YWI1YWNaC3RyYW5zcGFyZW50%26pageSize%3D21%26postID%3D7765189477053995880%26origin%3Dhttp://pak-janggut.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.geaHZXF2-fw.O/d%253D1/rs%253DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/m%253D__features__%26bpli%3D1&followup=https://www.blogger.com/followers.g?blogID%3D3330746960625431196%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByM2YjU4NDgiByM4YWI1YWMqByNmZmQ5NjYyByMzODc2MWQ6ByM2YjU4NDhCByM4YWI1YWNKByM2YjU4NDhSByM4YWI1YWNaC3RyYW5zcGFyZW50%26pageSize%3D21%26postID%3D7765189477053995880%26origin%3Dhttp://pak-janggut.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.geaHZXF2-fw.O/d%253D1/rs%253DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/m%253D__features__%26bpli%3D1&go=true
216.58.207.237302 Found 494 B URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https://www.blogger.com/followers.g?blogID%3D3330746960625431196%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByM2YjU4NDgiByM4YWI1YWMqByNmZmQ5NjYyByMzODc2MWQ6ByM2YjU4NDhCByM4YWI1YWNKByM2YjU4NDhSByM4YWI1YWNaC3RyYW5zcGFyZW50%26pageSize%3D21%26postID%3D7765189477053995880%26origin%3Dhttp://pak-janggut.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.geaHZXF2-fw.O/d%253D1/rs%253DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/m%253D__features__%26bpli%3D1&followup=https://www.blogger.com/followers.g?blogID%3D3330746960625431196%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByM2YjU4NDgiByM4YWI1YWMqByNmZmQ5NjYyByMzODc2MWQ6ByM2YjU4NDhCByM4YWI1YWNKByM2YjU4NDhSByM4YWI1YWNaC3RyYW5zcGFyZW50%26pageSize%3D21%26postID%3D7765189477053995880%26origin%3Dhttp://pak-janggut.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.geaHZXF2-fw.O/d%253D1/rs%253DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/m%253D__features__%26bpli%3D1&go=true
IP 216.58.207.237:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (534)
Hash 0fd843f4eeaa8506dc83d670824b8ea8
214a111893083136313fe82843605dbc43223ad6
81dc8d68d4088b48b9b934292d0bf5f38c0d7e22bbc6f7c157cac4f5b91b2b8e
GET /ServiceLogin?passive=true&continue=https://www.blogger.com/followers.g?blogID%3D3330746960625431196%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByM2YjU4NDgiByM4YWI1YWMqByNmZmQ5NjYyByMzODc2MWQ6ByM2YjU4NDhCByM4YWI1YWNKByM2YjU4NDhSByM4YWI1YWNaC3RyYW5zcGFyZW50%26pageSize%3D21%26postID%3D7765189477053995880%26origin%3Dhttp://pak-janggut.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.geaHZXF2-fw.O/d%253D1/rs%253DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/m%253D__features__%26bpli%3D1&followup=https://www.blogger.com/followers.g?blogID%3D3330746960625431196%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByM2YjU4NDgiByM4YWI1YWMqByNmZmQ5NjYyByMzODc2MWQ6ByM2YjU4NDhCByM4YWI1YWNKByM2YjU4NDhSByM4YWI1YWNaC3RyYW5zcGFyZW50%26pageSize%3D21%26postID%3D7765189477053995880%26origin%3Dhttp://pak-janggut.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.geaHZXF2-fw.O/d%253D1/rs%253DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/m%253D__features__%26bpli%3D1&go=true HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://pak-janggut.blogspot.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 25 Nov 2022 03:45:05 GMT
location: https://www.blogger.com/followers.g?blogID=3330746960625431196&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByM2YjU4NDgiByM4YWI1YWMqByNmZmQ5NjYyByMzODc2MWQ6ByM2YjU4NDhCByM4YWI1YWNKByM2YjU4NDhSByM4YWI1YWNaC3RyYW5zcGFyZW50&pageSize=21&postID=7765189477053995880&origin=http%3A%2F%2Fpak-janggut.blogspot.com%2F&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.geaHZXF2-fw.O%2Fd%3D1%2Frs%3DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ%2Fm%3D__features__&bpli=1
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-security-policy: script-src 'nonce-o6ayA9RUpUHvD2ciPouZiw' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 494
server: GSE
set-cookie: __Host-GAPS=1:pVBF5OOWG86AosDevzfeL4qvSOp5vg:nduSjWiDz6xTlkYV;Path=/;Expires=Sun, 24-Nov-2024 03:45:05 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
widgets.amung.us/colwid/?c=ff77e82d00ca
172.67.8.141200 OK 4.0 kB URL HTTP/1.1 widgets.amung.us/colwid/?c=ff77e82d00ca
IP 172.67.8.141:0
File type PNG image data, 116 x 57, 8-bit/color RGBA, non-interlaced\012- data
Hash 54c64aa8587c69df6f10b0763891b0b4
74f60d1fa9eb41d431dd3fe36d91e0c274ab7608
79d32b58eba104fc11044721004222599f3c6a2769f33ad0b7522f4536c5592c
GET /colwid/?c=ff77e82d00ca HTTP/1.1
Host: widgets.amung.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 03:45:05 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
content-disposition: filename=wau-widget.png
expires: Sat, 26 Nov 2022 03:45:05 GMT
cache-control: max-age=2678400
access-control-allow-origin: *
CF-Cache-Status: MISS
Last-Modified: Fri, 25 Nov 2022 03:45:05 GMT
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f763b98cd5b51b-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 24bbb1799a4197ca54d07a718929c244
306e1db159c6462ac16527788f772c0615f3741d
5f3ac2e0666918f3c4a525d1d0e811059b5f5143c10883e8c9dd8726938f3797
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 03:45:05 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 23 Nov 2022 23:33:45 GMT
Expires: Wed, 30 Nov 2022 23:33:44 GMT
Etag: "306e1db159c6462ac16527788f772c0615f3741d"
Cache-Control: max-age=502718,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76f763b9af58b51e-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash ba98650cceb17a47ac0f34de3c3c2574
78e21c7a408c8ef34065defa22dbcb926f562d9b
8a311b1ba0b977b6b27fd02043471f29e6608bbe3c2cabe904b09f5f04510d98
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 03:45:05 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 22 Nov 2022 01:33:16 GMT
Expires: Tue, 29 Nov 2022 01:33:15 GMT
Etag: "78e21c7a408c8ef34065defa22dbcb926f562d9b"
Cache-Control: max-age=337089,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76f763bace16b51d-OSL
datatechonert.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
37.48.68.71200 OK 12 B URL HTTP/1.1 datatechonert.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
IP 37.48.68.71:0
ASN #60781 LeaseWeb Netherlands B.V.
File type JSON data\012- , ASCII text, with no line terminators
Hash adb4650bfc9d2a73d4dd69583b0ceb14
1ce399d6e936232aaf2192cd7903a279c5015f22
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed
Analyzer Verdict Alert quad9 Sinkholed
POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f HTTP/1.1
Host: datatechonert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 941
Origin: http://pak-janggut.blogspot.com
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Fri, 25 Nov 2022 03:45:05 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: http://pak-janggut.blogspot.com
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 6670d72d487e9659c04c74563b60a962
47d621aed97253a6023c4f22a34260a831c406c1
f1bafc7a8db870f25ddb3b368e7b86196d1fffabfcae65a4c04c224a667890cb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 03:45:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash ee7dfd7708b6cba74ec79aa7266a4e9e
d36a19314341fcb8effad1ba4a3e5d5e444b5294
62f49a3cbefcd2d52fddf4c35d7d978f2cc3482683fe201667d5f34df67ba13b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 03:45:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lh3.googleusercontent.com/a-/ACNPEu9sm09eO5usG1vqE2iNuVSCoAkq-DwmkloUaSq0hA=s96-p
142.250.74.33200 OK 5.1 kB URL HTTP/2 lh3.googleusercontent.com/a-/ACNPEu9sm09eO5usG1vqE2iNuVSCoAkq-DwmkloUaSq0hA=s96-p
IP 142.250.74.33:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 96x96, components 3\012- data
Hash 75c8879902b971264714f3bdae93ec23
fa22a4863a614340d3fdb4eef0a7f41b6d5acfac
e272d42585424d074af74c147ca28bea86fae0ee5b863cced885d93c82a45534
GET /a-/ACNPEu9sm09eO5usG1vqE2iNuVSCoAkq-DwmkloUaSq0hA=s96-p HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v24a2"
expires: Sat, 26 Nov 2022 03:45:06 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Fri, 25 Nov 2022 03:45:06 GMT
server: fife
content-length: 5088
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/a-/ACNPEu8ZT_BDw1f_jAtPXwWnoATk-qLYUqpmYHtdjzd5U7A=s96-p
142.250.74.33200 OK 6.6 kB URL HTTP/2 lh3.googleusercontent.com/a-/ACNPEu8ZT_BDw1f_jAtPXwWnoATk-qLYUqpmYHtdjzd5U7A=s96-p
IP 142.250.74.33:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 96x96, components 3\012- data
Hash fd8555abd947065bd7b665975bd077c2
ba6d34b8ed3c1fea7b50b94564c0242b6f47e234
7161f295858a390be9a3a7abc1861fb651b7150718f3f1f41971bc7e7b49d9c5
GET /a-/ACNPEu8ZT_BDw1f_jAtPXwWnoATk-qLYUqpmYHtdjzd5U7A=s96-p HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 6579
x-xss-protection: 0
date: Fri, 25 Nov 2022 03:45:06 GMT
expires: Tue, 15 Nov 2022 10:41:39 GMT
cache-control: public, max-age=86400, no-transform
etag: "v8298"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash ee7dfd7708b6cba74ec79aa7266a4e9e
d36a19314341fcb8effad1ba4a3e5d5e444b5294
62f49a3cbefcd2d52fddf4c35d7d978f2cc3482683fe201667d5f34df67ba13b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 03:45:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 6670d72d487e9659c04c74563b60a962
47d621aed97253a6023c4f22a34260a831c406c1
f1bafc7a8db870f25ddb3b368e7b86196d1fffabfcae65a4c04c224a667890cb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 03:45:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
2.bp.blogspot.com/-6CJapH-LO2U/T3BQXyK0SpI/AAAAAAAAAA0/-ip6dt991jE/s45-c/3.jpg
142.250.74.161200 OK 1.7 kB URL HTTP/2 2.bp.blogspot.com/-6CJapH-LO2U/T3BQXyK0SpI/AAAAAAAAAA0/-ip6dt991jE/s45-c/3.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 45x45, components 3\012- data
Hash 3ca675e0655fedbc0a2188cbb234afa8
2c8e15607147f1191fdc2c1e36a88ab4831a78c3
60b1608bc686e7d47d25ce10e7f37950a5dd115c56f42545299bcda6ca84fb5a
GET /-6CJapH-LO2U/T3BQXyK0SpI/AAAAAAAAAA0/-ip6dt991jE/s45-c/3.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="3.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 1707
x-xss-protection: 0
date: Fri, 25 Nov 2022 03:45:06 GMT
expires: Wed, 23 Nov 2022 01:16:53 GMT
cache-control: public, max-age=86400, no-transform
etag: "vd"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
2.bp.blogspot.com/-a2a8F1cZ1pA/UtDEQAf7UKI/AAAAAAAABSs/Pw78LKftJSM/s45-c/*
142.250.74.161200 OK 1.8 kB URL HTTP/2 2.bp.blogspot.com/-a2a8F1cZ1pA/UtDEQAf7UKI/AAAAAAAABSs/Pw78LKftJSM/s45-c/*
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, software=Google], baseline, precision 8, 45x45, components 3\012- data
Hash 99fab51d6ad334c42a05f0db6cc8532f
b5619d3d6a023d183e3524204ce1181536583572
2c634c594cdc4cc67f259a1af221cc120b66c2326bc7ca6afec0cda9daadb901
GET /-a2a8F1cZ1pA/UtDEQAf7UKI/AAAAAAAABSs/Pw78LKftJSM/s45-c/* HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="*.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 1810
x-xss-protection: 0
date: Fri, 25 Nov 2022 03:45:06 GMT
expires: Fri, 11 Nov 2022 04:36:36 GMT
cache-control: public, max-age=86400, no-transform
etag: "v52c"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 6670d72d487e9659c04c74563b60a962
47d621aed97253a6023c4f22a34260a831c406c1
f1bafc7a8db870f25ddb3b368e7b86196d1fffabfcae65a4c04c224a667890cb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 03:45:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
4.bp.blogspot.com/-l_MtnsNlBZI/XHvfOsHoUdI/AAAAAAAAPDg/ffItTCsQJ78ztuaKYyC7mW6zFw_j0TtpgCK4BGAYYCw/s45-c/IMG_20190222_212513-01.jpeg
142.250.74.161200 OK 2.4 kB URL HTTP/2 4.bp.blogspot.com/-l_MtnsNlBZI/XHvfOsHoUdI/AAAAAAAAPDg/ffItTCsQJ78ztuaKYyC7mW6zFw_j0TtpgCK4BGAYYCw/s45-c/IMG_20190222_212513-01.jpeg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 45x45, components 3\012- data
Hash afad5c0f078b437134f587059f3dbf9c
f82a657abf5ad086ea0294bec117a5b676409727
71e5321d2134f07f83b4369c454d6549f533f9d67e4a742d0b3c07aacb7a93bc
GET /-l_MtnsNlBZI/XHvfOsHoUdI/AAAAAAAAPDg/ffItTCsQJ78ztuaKYyC7mW6zFw_j0TtpgCK4BGAYYCw/s45-c/IMG_20190222_212513-01.jpeg HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="IMG_20190222_212513-01.jpeg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 2386
x-xss-protection: 0
date: Fri, 25 Nov 2022 03:45:06 GMT
expires: Thu, 17 Nov 2022 16:46:03 GMT
cache-control: public, max-age=86400, no-transform
etag: "v3c3b"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
3.bp.blogspot.com/-SNHNQmxoVNs/TvVAp5vIAhI/AAAAAAAABWw/asRFhUakkO8/s45-c/DSC05641.JPG
142.250.74.161200 OK 2.0 kB URL HTTP/2 3.bp.blogspot.com/-SNHNQmxoVNs/TvVAp5vIAhI/AAAAAAAABWw/asRFhUakkO8/s45-c/DSC05641.JPG
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 45x45, components 3\012- data
Hash 4baee26cd326fe1bac951002f135cb97
fb115c64a6e8c90954147e1685e7bf84b099c56e
caac06f13c005445b14fd2479ddda47be11487bd12e0db5d395a9f3a9e0e763b
GET /-SNHNQmxoVNs/TvVAp5vIAhI/AAAAAAAABWw/asRFhUakkO8/s45-c/DSC05641.JPG HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="DSC05641.JPG"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 1953
x-xss-protection: 0
date: Fri, 25 Nov 2022 03:45:06 GMT
expires: Sun, 13 Nov 2022 03:40:03 GMT
cache-control: public, max-age=86400, no-transform
etag: "v56c"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.widgeo.net/geocompteur/geowidget_js.js
104.26.10.22200 OK 454 B URL HTTP/2 www.widgeo.net/geocompteur/geowidget_js.js
IP 104.26.10.22:0
File type ASCII text, with very long lines (866)
Hash d4ba2b8c2fdc2ae74929fa12dcb424dc
02b5e7443a3299ae621d55b00b6efdd70bc00270
8e8d932770b10dc69178c6f4b795f018cf041eadd55df5fb0c324084fcf6af85
GET /geocompteur/geowidget_js.js HTTP/1.1
Host: www.widgeo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.widgeo.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 03:45:05 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=2217
cache-control: public, max-age=604800
expires: Tue, 29 Nov 2022 12:50:42 GMT
last-modified: Thu, 13 Feb 2020 12:35:42 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 226462
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J3uclWGgyLJIxu7amgKwLTjqdpzODenyFOrVcOxI7ltNzMEtFKV007usL27h0kdph3RKVc4Uajn7%2F04AJLKPCwZAjQj8Q%2FfcPg6aSX59GQhxJobgCWeM5rqlg9HQzA%2By"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76f763b8dd02b506-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash ee7dfd7708b6cba74ec79aa7266a4e9e
d36a19314341fcb8effad1ba4a3e5d5e444b5294
62f49a3cbefcd2d52fddf4c35d7d978f2cc3482683fe201667d5f34df67ba13b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 03:45:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
1.bp.blogspot.com/-HjKHUtLKg90/WF04GLHhgdI/AAAAAAAAVF0/_AJxJm6ixcQS2kRLe85rf5BtrQNw2l2IgCK4B/s45-c/boa.jpg
142.250.74.161200 OK 1.5 kB URL HTTP/2 1.bp.blogspot.com/-HjKHUtLKg90/WF04GLHhgdI/AAAAAAAAVF0/_AJxJm6ixcQS2kRLe85rf5BtrQNw2l2IgCK4B/s45-c/boa.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 45x45, components 3\012- data
Hash 2c53c52d7f8e27257535cfddaf818761
2b0aaeae7b0e715d7c6194e514591fd0c2a350b4
8d10c19235052321c5bf4aa25f86083366ca7c2c25e4ed71991d1902148bbd52
GET /-HjKHUtLKg90/WF04GLHhgdI/AAAAAAAAVF0/_AJxJm6ixcQS2kRLe85rf5BtrQNw2l2IgCK4B/s45-c/boa.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="boa.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 1508
x-xss-protection: 0
date: Fri, 25 Nov 2022 03:45:06 GMT
expires: Wed, 16 Nov 2022 03:56:00 GMT
cache-control: public, max-age=86400, no-transform
etag: "v545e"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 6670d72d487e9659c04c74563b60a962
47d621aed97253a6023c4f22a34260a831c406c1
f1bafc7a8db870f25ddb3b368e7b86196d1fffabfcae65a4c04c224a667890cb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 03:45:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 6670d72d487e9659c04c74563b60a962
47d621aed97253a6023c4f22a34260a831c406c1
f1bafc7a8db870f25ddb3b368e7b86196d1fffabfcae65a4c04c224a667890cb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 03:45:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 6670d72d487e9659c04c74563b60a962
47d621aed97253a6023c4f22a34260a831c406c1
f1bafc7a8db870f25ddb3b368e7b86196d1fffabfcae65a4c04c224a667890cb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 03:45:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lh3.googleusercontent.com/p/AF1QipOEn9dswkY4CumDXosvqWFeexkMpQcqHsM3IIrg=s45-c?key=CMK-n9G43sO93AE
142.250.74.33200 OK 3.3 kB URL HTTP/2 lh3.googleusercontent.com/p/AF1QipOEn9dswkY4CumDXosvqWFeexkMpQcqHsM3IIrg=s45-c?key=CMK-n9G43sO93AE
IP 142.250.74.33:0
File type PNG image data, 45 x 45, 8-bit/color RGB, non-interlaced\012- data
Hash 1377170ceb9a6f6b23761f26fa15ae67
46838ef55fa2bfb9b79b410f0ae68286c08db0e3
6dfc06e20d620704d268bdcd08e805918b19228b081a25542de1454101452ca2
GET /p/AF1QipOEn9dswkY4CumDXosvqWFeexkMpQcqHsM3IIrg=s45-c?key=CMK-n9G43sO93AE HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "vbe2d"
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: private, max-age=86400, no-transform
content-disposition: inline;filename="Profile picture.png"
content-type: image/png
vary: Origin
x-content-type-options: nosniff
date: Fri, 25 Nov 2022 03:45:06 GMT
server: fife
content-length: 3339
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
4.bp.blogspot.com/_efYYsFWNGPw/S6GCbKmYGCI/AAAAAAAABXI/kakzSVFIr8o/S45-s45-c/dn100x50.gif
142.250.74.161200 OK 3.4 kB URL HTTP/2 4.bp.blogspot.com/_efYYsFWNGPw/S6GCbKmYGCI/AAAAAAAABXI/kakzSVFIr8o/S45-s45-c/dn100x50.gif
IP 142.250.74.161:0
File type PNG image data, 45 x 45, 8-bit/color RGB, non-interlaced\012- data
Hash 6e7b6548fbba2f4c7ebf3063af3db330
75d615a98bb4cc181351d6d3592fe7a64abe7e0c
ed91f355e8a19ac0f139736c37970c621dfd8c671b789ca03ecd83d9e9202f68
GET /_efYYsFWNGPw/S6GCbKmYGCI/AAAAAAAABXI/kakzSVFIr8o/S45-s45-c/dn100x50.gif HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="dn100x50.png"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 3429
x-xss-protection: 0
date: Fri, 25 Nov 2022 03:45:06 GMT
expires: Wed, 23 Nov 2022 01:16:54 GMT
cache-control: public, max-age=86400, no-transform
etag: "v572"
content-type: image/png
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
3.bp.blogspot.com/-6GdEdpO3Gdg/WDIAt5uPizI/AAAAAAAAC48/-Hv8HOF8eF0PnEk8Uyv_XnAWaIF4nKY4gCK4B/s45-c/*
142.250.74.161200 OK 1.2 kB URL HTTP/2 3.bp.blogspot.com/-6GdEdpO3Gdg/WDIAt5uPizI/AAAAAAAAC48/-Hv8HOF8eF0PnEk8Uyv_XnAWaIF4nKY4gCK4B/s45-c/*
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 45x45, components 3\012- data
Hash 423e44e1f3bc9ca1a9e53e6d39169a6f
148addc1613b225d191d2c8d46985c70d81ae7e8
2daf6ebc1e8581e6dcb816e7f4ef64c3c9f8f42773440f3e5d4c260825dc6432
GET /-6GdEdpO3Gdg/WDIAt5uPizI/AAAAAAAAC48/-Hv8HOF8eF0PnEk8Uyv_XnAWaIF4nKY4gCK4B/s45-c/* HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="*.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 1151
x-xss-protection: 0
date: Fri, 25 Nov 2022 03:45:06 GMT
expires: Mon, 21 Nov 2022 00:28:28 GMT
cache-control: public, max-age=86400, no-transform
etag: "vba1"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
2.bp.blogspot.com/-FyYmc13_oNk/YtWsTpzMOtI/AAAAAAAAax4/b1WkV59-xokJGVLGV14OAlAKc8zgv5pMwCK4BGAYYCw/s45-c/1657207902075.png
142.250.74.161200 OK 3.0 kB URL HTTP/2 2.bp.blogspot.com/-FyYmc13_oNk/YtWsTpzMOtI/AAAAAAAAax4/b1WkV59-xokJGVLGV14OAlAKc8zgv5pMwCK4BGAYYCw/s45-c/1657207902075.png
IP 142.250.74.161:0
File type PNG image data, 45 x 45, 8-bit/color RGBA, non-interlaced\012- data
Hash 420b8479d6a82697e5a84e7d4fcbcfda
1087ab065b87e34f659de2e18d07d2f59b74a2bd
062a3b33b7eecc1336b7f7b7b9129201091e945104a8d0017a4261753c2fbd13
GET /-FyYmc13_oNk/YtWsTpzMOtI/AAAAAAAAax4/b1WkV59-xokJGVLGV14OAlAKc8zgv5pMwCK4BGAYYCw/s45-c/1657207902075.png HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="1657207902075.png"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 3027
x-xss-protection: 0
date: Fri, 25 Nov 2022 03:45:06 GMT
expires: Wed, 23 Nov 2022 01:16:54 GMT
cache-control: public, max-age=86400, no-transform
etag: "v6b21"
content-type: image/png
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=w!uweqylw0i29o&lm=0&ts=1669347905298&dn=TC&iso=0&img=http%3A%2F%2F2.bp.blogspot.com%2F-aC4piBxpKVA%2FUU_y9Zt8beI%2FAAAAAAABe8E%2F6SYns877FlA%2Fw1200-h630-p-k-no-nu%2Fgambar%2Bbiodata%2Bsiapa%2Btasha%2Bmanshahar.JPG&ct=Siapa%20Sebenarnya%20Tasha%20Manshahar%3F&t=Pak%20Janggut%20Tukang%20Cerita%3A%20Siapa%20Sebenarnya%20Tasha%20Manshahar%3F&cu=http%3A%2F%2Fpak-janggut.blogspot.com%2F2013%2F03%2Fsiapa-sebenarnya-tasha-manshahar.html
67.202.105.33204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!uweqylw0i29o&lm=0&ts=1669347905298&dn=TC&iso=0&img=http%3A%2F%2F2.bp.blogspot.com%2F-aC4piBxpKVA%2FUU_y9Zt8beI%2FAAAAAAABe8E%2F6SYns877FlA%2Fw1200-h630-p-k-no-nu%2Fgambar%2Bbiodata%2Bsiapa%2Btasha%2Bmanshahar.JPG&ct=Siapa%20Sebenarnya%20Tasha%20Manshahar%3F&t=Pak%20Janggut%20Tukang%20Cerita%3A%20Siapa%20Sebenarnya%20Tasha%20Manshahar%3F&cu=http%3A%2F%2Fpak-janggut.blogspot.com%2F2013%2F03%2Fsiapa-sebenarnya-tasha-manshahar.html
IP 67.202.105.33:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!uweqylw0i29o&lm=0&ts=1669347905298&dn=TC&iso=0&img=http%3A%2F%2F2.bp.blogspot.com%2F-aC4piBxpKVA%2FUU_y9Zt8beI%2FAAAAAAABe8E%2F6SYns877FlA%2Fw1200-h630-p-k-no-nu%2Fgambar%2Bbiodata%2Bsiapa%2Btasha%2Bmanshahar.JPG&ct=Siapa%20Sebenarnya%20Tasha%20Manshahar%3F&t=Pak%20Janggut%20Tukang%20Cerita%3A%20Siapa%20Sebenarnya%20Tasha%20Manshahar%3F&cu=http%3A%2F%2Fpak-janggut.blogspot.com%2F2013%2F03%2Fsiapa-sebenarnya-tasha-manshahar.html HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Fri, 25 Nov 2022 03:45:06 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/p/AF1QipOc5oVmpkwLSuI_Ba2qZh8_sYEUWY0Gt1bpuP7Y=s45-c?key=COKk8_uMmY3xIw
142.250.74.33200 OK 3.4 kB URL HTTP/2 lh3.googleusercontent.com/p/AF1QipOc5oVmpkwLSuI_Ba2qZh8_sYEUWY0Gt1bpuP7Y=s45-c?key=COKk8_uMmY3xIw
IP 142.250.74.33:0
File type PNG image data, 45 x 45, 8-bit/color RGB, non-interlaced\012- data
Hash 672c6a659f5b4e0fccde03020e6e91c2
bd61f22277929a2132c6cc7e081d87ab5e2a9496
ebac13e4b0796f7e385d84ee6daf306265af10c8b67354790b78d7b2af946dda
GET /p/AF1QipOc5oVmpkwLSuI_Ba2qZh8_sYEUWY0Gt1bpuP7Y=s45-c?key=COKk8_uMmY3xIw HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v271e"
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: private, max-age=86400, no-transform
content-disposition: inline;filename="Profile picture.png"
content-type: image/png
vary: Origin
x-content-type-options: nosniff
date: Fri, 25 Nov 2022 03:45:06 GMT
server: fife
content-length: 3391
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/p/AF1QipNWwZDeonv-h87yzNRTUYGU4T8PuLIsEqr_yaJQ=s45-c?key=CJeUyZWt8_K-lgE
142.250.74.33200 OK 4.2 kB URL HTTP/2 lh3.googleusercontent.com/p/AF1QipNWwZDeonv-h87yzNRTUYGU4T8PuLIsEqr_yaJQ=s45-c?key=CJeUyZWt8_K-lgE
IP 142.250.74.33:0
File type PNG image data, 45 x 45, 8-bit/color RGB, non-interlaced\012- data
Hash dffcc95ac2f05220da08a60accb12d7d
1d14320be034c6f7bad646e4e7a446d1ccbca0aa
520d2a43c8eeb16590a2a8b538f34ce166bcb3b23e3d565100ed5872d6987abe
GET /p/AF1QipNWwZDeonv-h87yzNRTUYGU4T8PuLIsEqr_yaJQ=s45-c?key=CJeUyZWt8_K-lgE HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v2b9b"
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: private, max-age=86400, no-transform
content-disposition: inline;filename="Profile picture.png"
content-type: image/png
vary: Origin
x-content-type-options: nosniff
date: Fri, 25 Nov 2022 03:45:06 GMT
server: fife
content-length: 4197
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/p/AF1QipNCI3gfVvw3moJryrsqQyNwZ4zv6KV1WzCC6oD7=s45-c?key=CI39gaO4suKFyAE
142.250.74.33200 OK 5.5 kB URL HTTP/2 lh3.googleusercontent.com/p/AF1QipNCI3gfVvw3moJryrsqQyNwZ4zv6KV1WzCC6oD7=s45-c?key=CI39gaO4suKFyAE
IP 142.250.74.33:0
File type PNG image data, 45 x 45, 8-bit/color RGB, non-interlaced\012- data
Hash 214954def0d349df98a04a6d3a8638ac
3770b41d6ba7d798c4b7d3a629230e0231e3acff
3964579f74a9550bbd726706541193eeaceb5db31ca1cf234f29942d1893e3b9
GET /p/AF1QipNCI3gfVvw3moJryrsqQyNwZ4zv6KV1WzCC6oD7=s45-c?key=CI39gaO4suKFyAE HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v131c"
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: private, max-age=86400, no-transform
content-disposition: inline;filename="Profile picture.png"
content-type: image/png
vary: Origin
x-content-type-options: nosniff
date: Fri, 25 Nov 2022 03:45:06 GMT
server: fife
content-length: 5543
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/p/AF1QipOjeQnPAhFtBXHRFzTuHvGRFuuRRLaVIQiHqQRK=s45-c?key=CNzb563G_YfV6gE
142.250.74.33200 OK 4.4 kB URL HTTP/2 lh3.googleusercontent.com/p/AF1QipOjeQnPAhFtBXHRFzTuHvGRFuuRRLaVIQiHqQRK=s45-c?key=CNzb563G_YfV6gE
IP 142.250.74.33:0
File type PNG image data, 45 x 45, 8-bit/color RGB, non-interlaced\012- data
Hash 846538a41e9d5e1dcec315a103d57e2b
237d7df220da8aa15cd2c8644bf05d03beed5bb0
4403b2a019bbe8f90dd58478a4b32281ae0024ef9f4bbf6b16b27540fc60cae1
GET /p/AF1QipOjeQnPAhFtBXHRFzTuHvGRFuuRRLaVIQiHqQRK=s45-c?key=CNzb563G_YfV6gE HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v6101"
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: private, max-age=86400, no-transform
content-disposition: inline;filename="Profile picture.png"
content-type: image/png
vary: Origin
x-content-type-options: nosniff
date: Fri, 25 Nov 2022 03:45:06 GMT
server: fife
content-length: 4423
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
de.tynt.com/deb/v2?id=w!uweqylw0i29o&dn=TC&cc=1&r=
67.202.105.34200 OK 4 B URL HTTP/2 de.tynt.com/deb/v2?id=w!uweqylw0i29o&dn=TC&cc=1&r=
IP 67.202.105.34:0
File type ASCII text, with no line terminators
Hash 350fd6ef6446635f7a8f608434a405ec
a4b6c275ac2c80ec925b5c0c5c6abb79ba897356
d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179
GET /deb/v2?id=w!uweqylw0i29o&dn=TC&cc=1&r= HTTP/1.1
Host: de.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=86400
expires: Sat, 26 Nov 2022 03:45:06 GMT
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type: application/javascript
content-length: 4
date: Fri, 25 Nov 2022 03:45:05 GMT
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/p/AF1QipMRn3ssADqmxxQw8WyTpbO7ez7yNAtSyzxsLuh_=s45-c?key=CNa_2q_bj_zg8gE
142.250.74.33200 OK 5.2 kB URL HTTP/2 lh3.googleusercontent.com/p/AF1QipMRn3ssADqmxxQw8WyTpbO7ez7yNAtSyzxsLuh_=s45-c?key=CNa_2q_bj_zg8gE
IP 142.250.74.33:0
File type PNG image data, 45 x 45, 8-bit/color RGB, non-interlaced\012- data
Hash cdaf673bfe7dbc5e729bcfa73bf9ef22
36d5da096e666cb65c0e50f91812441c297ca197
c5d90b055ad482aeae4510e7b7a51d8e003388c94a0e524b41da32002b7bde8b
GET /p/AF1QipMRn3ssADqmxxQw8WyTpbO7ez7yNAtSyzxsLuh_=s45-c?key=CNa_2q_bj_zg8gE HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v323d"
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: private, max-age=86400, no-transform
content-disposition: inline;filename="Profile picture.png"
content-type: image/png
vary: Origin
x-content-type-options: nosniff
date: Fri, 25 Nov 2022 03:45:06 GMT
server: fife
content-length: 5177
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
3.bp.blogspot.com/-V-f0RwnYuMo/Vxrz2L3m2cI/AAAAAAAAMnY/CDfnQjbjj4MOMpirTn4ezzNvZFaO230ZQCK4B/s45-c/irfan3.jpg
142.250.74.161200 OK 2.2 kB URL HTTP/2 3.bp.blogspot.com/-V-f0RwnYuMo/Vxrz2L3m2cI/AAAAAAAAMnY/CDfnQjbjj4MOMpirTn4ezzNvZFaO230ZQCK4B/s45-c/irfan3.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 45x45, components 3\012- data
Hash 0516e8aaee06ea09a4b340e0b82181b3
6ed562b861805c6e191128a9869ad2e384c33c49
331cea53b7ce5d6095a1cb7f180c96e7d9acc69065c6559635722ae1afcc3463
GET /-V-f0RwnYuMo/Vxrz2L3m2cI/AAAAAAAAMnY/CDfnQjbjj4MOMpirTn4ezzNvZFaO230ZQCK4B/s45-c/irfan3.jpg HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="irfan3.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 2179
x-xss-protection: 0
date: Fri, 25 Nov 2022 03:45:06 GMT
expires: Wed, 23 Nov 2022 01:16:53 GMT
cache-control: public, max-age=86400, no-transform
etag: "v3278"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/p/AF1QipOEBc78rwMCaw4pbkmN31x4HvwSDk6wgwJ2FH9_=s45-c?key=CJCt4JiI4NP6KA
142.250.74.33200 OK 4.8 kB URL HTTP/2 lh3.googleusercontent.com/p/AF1QipOEBc78rwMCaw4pbkmN31x4HvwSDk6wgwJ2FH9_=s45-c?key=CJCt4JiI4NP6KA
IP 142.250.74.33:0
File type PNG image data, 45 x 45, 8-bit/color RGB, non-interlaced\012- data
Hash 9019a1e07522f0e04d33c5e7dd75f59e
1e23f221a4200e67ce4ac9fe81cd15593ad5a259
6f259a700e64b7ebdbcdc159c28b3f97c8de16827b02c131aac85b25da7561c7
GET /p/AF1QipOEBc78rwMCaw4pbkmN31x4HvwSDk6wgwJ2FH9_=s45-c?key=CJCt4JiI4NP6KA HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v290f"
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: private, max-age=86400, no-transform
content-disposition: inline;filename="Profile picture.png"
content-type: image/png
vary: Origin
x-content-type-options: nosniff
date: Fri, 25 Nov 2022 03:45:06 GMT
server: fife
content-length: 4825
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=w!uweqylw0i29o&lm=0&ts=1669347905298&dn=TC&iso=0&img=http%3A%2F%2F2.bp.blogspot.com%2F-aC4piBxpKVA%2FUU_y9Zt8beI%2FAAAAAAABe8E%2F6SYns877FlA%2Fw1200-h630-p-k-no-nu%2Fgambar%2Bbiodata%2Bsiapa%2Btasha%2Bmanshahar.JPG&ct=Siapa%20Sebenarnya%20Tasha%20Manshahar%3F&t=Pak%20Janggut%20Tukang%20Cerita%3A%20Siapa%20Sebenarnya%20Tasha%20Manshahar%3F
67.202.105.33204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!uweqylw0i29o&lm=0&ts=1669347905298&dn=TC&iso=0&img=http%3A%2F%2F2.bp.blogspot.com%2F-aC4piBxpKVA%2FUU_y9Zt8beI%2FAAAAAAABe8E%2F6SYns877FlA%2Fw1200-h630-p-k-no-nu%2Fgambar%2Bbiodata%2Bsiapa%2Btasha%2Bmanshahar.JPG&ct=Siapa%20Sebenarnya%20Tasha%20Manshahar%3F&t=Pak%20Janggut%20Tukang%20Cerita%3A%20Siapa%20Sebenarnya%20Tasha%20Manshahar%3F
IP 67.202.105.33:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!uweqylw0i29o&lm=0&ts=1669347905298&dn=TC&iso=0&img=http%3A%2F%2F2.bp.blogspot.com%2F-aC4piBxpKVA%2FUU_y9Zt8beI%2FAAAAAAABe8E%2F6SYns877FlA%2Fw1200-h630-p-k-no-nu%2Fgambar%2Bbiodata%2Bsiapa%2Btasha%2Bmanshahar.JPG&ct=Siapa%20Sebenarnya%20Tasha%20Manshahar%3F&t=Pak%20Janggut%20Tukang%20Cerita%3A%20Siapa%20Sebenarnya%20Tasha%20Manshahar%3F HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Fri, 25 Nov 2022 03:45:06 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/a-/ACNPEu-2HsX7oVI20q4nL34UlJFHA6eK22fDbUaOfnC6Rg=s96-p
142.250.74.33200 OK 4.6 kB URL HTTP/2 lh3.googleusercontent.com/a-/ACNPEu-2HsX7oVI20q4nL34UlJFHA6eK22fDbUaOfnC6Rg=s96-p
IP 142.250.74.33:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 96x96, components 3\012- data
Hash ea51f20a8882f399a8f9c9c3ef81899e
1cd491fd55a2d386319e93ac70b38e04b4a7a2ea
d0bfa71b939ac8a6d7c705c643db81469bb3a6640e9d347e6f6ba212f5539c98
GET /a-/ACNPEu-2HsX7oVI20q4nL34UlJFHA6eK22fDbUaOfnC6Rg=s96-p HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 4565
x-xss-protection: 0
date: Fri, 25 Nov 2022 03:45:06 GMT
expires: Sun, 20 Nov 2022 05:04:51 GMT
cache-control: public, max-age=86400, no-transform
etag: "v11f"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/p/AF1QipNB_mfBlRYQachQtwH2U-p7lIXgtlMqL0oVZ4ZZ=s45-c?key=CJfIve-s1IyvsgE
142.250.74.33200 OK 3.8 kB URL HTTP/2 lh3.googleusercontent.com/p/AF1QipNB_mfBlRYQachQtwH2U-p7lIXgtlMqL0oVZ4ZZ=s45-c?key=CJfIve-s1IyvsgE
IP 142.250.74.33:0
File type PNG image data, 45 x 45, 8-bit/color RGB, non-interlaced\012- data
Hash 2aef9032987f0b48a3d42bf9ae5811a3
db4c78d61bc66b106e6163f2ecc4605bf408331c
b5c66faa840338ac9d19262cb06fbc15bfe4f965bbf71b956f6f25b18965b09e
GET /p/AF1QipNB_mfBlRYQachQtwH2U-p7lIXgtlMqL0oVZ4ZZ=s45-c?key=CJfIve-s1IyvsgE HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v4"
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: private, max-age=86400, no-transform
content-disposition: inline;filename="Profile picture.png"
content-type: image/png
vary: Origin
x-content-type-options: nosniff
date: Fri, 25 Nov 2022 03:45:06 GMT
server: fife
content-length: 3809
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=w!uweqylw0i29o&lm=0&ts=1669347905298&dn=TC&iso=0&img=http%3A%2F%2F2.bp.blogspot.com%2F-aC4piBxpKVA%2FUU_y9Zt8beI%2FAAAAAAABe8E%2F6SYns877FlA%2Fw1200-h630-p-k-no-nu%2Fgambar%2Bbiodata%2Bsiapa%2Btasha%2Bmanshahar.JPG&ct=Siapa%20Sebenarnya%20Tasha%20Manshahar%3F
67.202.105.33204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!uweqylw0i29o&lm=0&ts=1669347905298&dn=TC&iso=0&img=http%3A%2F%2F2.bp.blogspot.com%2F-aC4piBxpKVA%2FUU_y9Zt8beI%2FAAAAAAABe8E%2F6SYns877FlA%2Fw1200-h630-p-k-no-nu%2Fgambar%2Bbiodata%2Bsiapa%2Btasha%2Bmanshahar.JPG&ct=Siapa%20Sebenarnya%20Tasha%20Manshahar%3F
IP 67.202.105.33:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!uweqylw0i29o&lm=0&ts=1669347905298&dn=TC&iso=0&img=http%3A%2F%2F2.bp.blogspot.com%2F-aC4piBxpKVA%2FUU_y9Zt8beI%2FAAAAAAABe8E%2F6SYns877FlA%2Fw1200-h630-p-k-no-nu%2Fgambar%2Bbiodata%2Bsiapa%2Btasha%2Bmanshahar.JPG&ct=Siapa%20Sebenarnya%20Tasha%20Manshahar%3F HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Fri, 25 Nov 2022 03:45:06 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
3.bp.blogspot.com/-TlgYh-wBM3M/U99iwdQgGPI/AAAAAAAACrc/UWt6D9231rU/s45-c/*
142.250.74.161200 OK 1.9 kB URL HTTP/2 3.bp.blogspot.com/-TlgYh-wBM3M/U99iwdQgGPI/AAAAAAAACrc/UWt6D9231rU/s45-c/*
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, software=Google], baseline, precision 8, 45x45, components 3\012- data
Hash b70a390b0b8c4f4bee8829cc1a59d1dd
46917da08d914b4cc594a1332b163c98004ab337
60b54b8ea208150f2cbbced26a89bd408ebfd9366b6186dc9e7b445ef25624ab
GET /-TlgYh-wBM3M/U99iwdQgGPI/AAAAAAAACrc/UWt6D9231rU/s45-c/* HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="*.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 1941
x-xss-protection: 0
date: Fri, 25 Nov 2022 03:45:06 GMT
expires: Fri, 18 Nov 2022 22:04:17 GMT
cache-control: public, max-age=86400, no-transform
etag: "vab8"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=w!uweqylw0i29o&lm=0&ts=1669347905298&dn=TC&iso=0&img=http%3A%2F%2F2.bp.blogspot.com%2F-aC4piBxpKVA%2FUU_y9Zt8beI%2FAAAAAAABe8E%2F6SYns877FlA%2Fw1200-h630-p-k-no-nu%2Fgambar%2Bbiodata%2Bsiapa%2Btasha%2Bmanshahar.JPG&ct=Siapa%20Sebenarnya%20Tasha%20Manshahar%3F
67.202.105.33204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!uweqylw0i29o&lm=0&ts=1669347905298&dn=TC&iso=0&img=http%3A%2F%2F2.bp.blogspot.com%2F-aC4piBxpKVA%2FUU_y9Zt8beI%2FAAAAAAABe8E%2F6SYns877FlA%2Fw1200-h630-p-k-no-nu%2Fgambar%2Bbiodata%2Bsiapa%2Btasha%2Bmanshahar.JPG&ct=Siapa%20Sebenarnya%20Tasha%20Manshahar%3F
IP 67.202.105.33:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!uweqylw0i29o&lm=0&ts=1669347905298&dn=TC&iso=0&img=http%3A%2F%2F2.bp.blogspot.com%2F-aC4piBxpKVA%2FUU_y9Zt8beI%2FAAAAAAABe8E%2F6SYns877FlA%2Fw1200-h630-p-k-no-nu%2Fgambar%2Bbiodata%2Bsiapa%2Btasha%2Bmanshahar.JPG&ct=Siapa%20Sebenarnya%20Tasha%20Manshahar%3F HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Fri, 25 Nov 2022 03:45:06 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=w!uweqylw0i29o&lm=0&ts=1669347905298&dn=TC&iso=0&img=http%3A%2F%2F2.bp.blogspot.com%2F-aC4piBxpKVA%2FUU_y9Zt8beI%2FAAAAAAABe8E%2F6SYns877FlA%2Fw1200-h630-p-k-no-nu%2Fgambar%2Bbiodata%2Bsiapa%2Btasha%2Bmanshahar.JPG
67.202.105.33204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!uweqylw0i29o&lm=0&ts=1669347905298&dn=TC&iso=0&img=http%3A%2F%2F2.bp.blogspot.com%2F-aC4piBxpKVA%2FUU_y9Zt8beI%2FAAAAAAABe8E%2F6SYns877FlA%2Fw1200-h630-p-k-no-nu%2Fgambar%2Bbiodata%2Bsiapa%2Btasha%2Bmanshahar.JPG
IP 67.202.105.33:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!uweqylw0i29o&lm=0&ts=1669347905298&dn=TC&iso=0&img=http%3A%2F%2F2.bp.blogspot.com%2F-aC4piBxpKVA%2FUU_y9Zt8beI%2FAAAAAAABe8E%2F6SYns877FlA%2Fw1200-h630-p-k-no-nu%2Fgambar%2Bbiodata%2Bsiapa%2Btasha%2Bmanshahar.JPG HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Fri, 25 Nov 2022 03:45:06 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=w!uweqylw0i29o&lm=0&ts=1669347905298&dn=TC&iso=0
67.202.105.33204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!uweqylw0i29o&lm=0&ts=1669347905298&dn=TC&iso=0
IP 67.202.105.33:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!uweqylw0i29o&lm=0&ts=1669347905298&dn=TC&iso=0 HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Fri, 25 Nov 2022 03:45:07 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
inklinkor.com/tag.min.js
172.67.211.29200 OK 0 B IP 172.67.211.29:0
GET /tag.min.js HTTP/1.1
Host: inklinkor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 03:45:00 GMT
content-type: text/javascript; charset=utf-8
x-trace-id: 46b3b8a9e34f94ddf1308b4fa0d1ac21
cache-control: max-age=86400
last-modified: Wed, 23 Nov 2022 10:04:39 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
expires: Sat, 26 Nov 2022 03:37:32 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 448
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vFe8TFNeZxQ5%2FURbO9juNe6O5T2mIL%2BWA7LEkWMODsYas4l2U33FdpnbdQvIkpZN2Ue718ts3i6Q4TcaoDrOlcxjagofpMwte8AD28bWxfJKoYBFbaoAlgbH6ngXfEcL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f76397ab8b0b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
bdv.bidvertiser.com/BidVertiser.dbm?pid=361547&bid=1169953&RD=61549405721785&DIF=1&bd_ref_v=pak-janggut.blogspot.com&tref=1&win_name=null&docref=&jsrand=61549405721785&js1loc=-&loctitle=%20Pak%20Janggut%20Tukang%20Cerita%3A%20Siapa
54.241.51.109200 OK 0 B URL HTTP/1.1 bdv.bidvertiser.com/BidVertiser.dbm?pid=361547&bid=1169953&RD=61549405721785&DIF=1&bd_ref_v=pak-janggut.blogspot.com&tref=1&win_name=null&docref=&jsrand=61549405721785&js1loc=-&loctitle=%20Pak%20Janggut%20Tukang%20Cerita%3A%20Siapa
IP 54.241.51.109:0
GET /BidVertiser.dbm?pid=361547&bid=1169953&RD=61549405721785&DIF=1&bd_ref_v=pak-janggut.blogspot.com&tref=1&win_name=null&docref=&jsrand=61549405721785&js1loc=-&loctitle=%20Pak%20Janggut%20Tukang%20Cerita%3A%20Siapa HTTP/1.1
Host: bdv.bidvertiser.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Friday, 25-Nov-2022 03:45:01 GMT
Cache-Control: no-store
Last-Modified: Thursday, 25-Nov-2021 03:45:01 GMT
Set-Cookie: bdv_c11p=244; domain=.bidvertiser.com; path=/; expires=Sat, 26-Nov-2022 03:45:01 GMT
bdv_c11p=1_1_1; domain=.bidvertiser.com; path=/; expires=Sat, 26-Nov-2022 03:45:01 GMT
P3P: policyref="http://www.bidvertiser.com/bdv/bidvertiser/p3p.xml", CP="NOI DEV PSA PSD IVA OTP OUR OTR IND OTC"
Content-Type: text/html; charset=utf-8
Content-Len: 7615
CONNECTION: Close
bdv.bidvertiser.com/bidvertiser.dbm?pid=361547&bid=1167641&RD=3174163277307&DIF=2
54.241.51.109200 OK 0 B URL HTTP/1.1 bdv.bidvertiser.com/bidvertiser.dbm?pid=361547&bid=1167641&RD=3174163277307&DIF=2
IP 54.241.51.109:0
GET /bidvertiser.dbm?pid=361547&bid=1167641&RD=3174163277307&DIF=2 HTTP/1.1
Host: bdv.bidvertiser.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
HTTP/1.1 200 OK
Date: Friday, 25-Nov-2022 03:45:03 GMT
Cache-Control: no-store
Last-Modified: Thursday, 25-Nov-2021 03:45:03 GMT
P3P: policyref="http://www.bidvertiser.com/bdv/bidvertiser/p3p.xml", CP="NOI DEV PSA PSD IVA OTP OUR OTR IND OTC"
Content-Type: text/javascript; charset=utf-8
Content-Len: 0
CONNECTION: Close
fonts.googleapis.com/css?family=Open+Sans:400,700
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans:400,700
IP 142.250.74.10:0
GET /css?family=Open+Sans:400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.widgeo.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 25 Nov 2022 03:45:05 GMT
date: Fri, 25 Nov 2022 03:45:05 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.widgeo.net/hitparade.php?pagexiti=geocity_rose
104.26.10.22200 OK 0 B URL HTTP/2 www.widgeo.net/hitparade.php?pagexiti=geocity_rose
IP 104.26.10.22:0
GET /hitparade.php?pagexiti=geocity_rose HTTP/1.1
Host: www.widgeo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 03:45:00 GMT
content-type: text/html; charset=UTF-8
cache-control: public, max-age=180
expires: Fri, 25 Nov 2022 03:47:59 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qin8M5VGNbxvLOgI2Q7MwwbKrYOBwUro6FPiYN0f5FnZny993prwqUpwvkUEfl4dn64bMC%2FQ4KPPLKaidyE9vgWz3Di0TKKeByJ9j7niBXIB7t3x5ktyXEchCJvjT2W8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76f76399aa6ab506-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.widgeo.net/geocompteur/css/city_css.php?c=geocity_rose
104.26.10.22200 OK 0 B URL HTTP/2 www.widgeo.net/geocompteur/css/city_css.php?c=geocity_rose
IP 104.26.10.22:0
GET /geocompteur/css/city_css.php?c=geocity_rose HTTP/1.1
Host: www.widgeo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.widgeo.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 03:45:00 GMT
content-type: text/css;charset=UTF-8
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 03:44:58 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BDIJOHv9exjAa7L%2FjNw13c57RHY7UQxD9XvZhzwoL9oCJtKCGnLnI2cItgTuGGKhBHugVhhdCUpZSPJm0uSQxU%2FxS35X7MS4LZMNS%2B6nz%2FrDkW5l7I72PDA8ogjdj8yA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76f763990a48b506-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.widgeo.net/tcm.js
104.26.10.22200 OK 0 B IP 104.26.10.22:0
GET /tcm.js HTTP/1.1
Host: www.widgeo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 03:45:00 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=3693
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 04:47:23 GMT
last-modified: Wed, 12 Oct 2022 00:08:47 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 514656
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nkI4Udf6RLJe%2BcteeJdCwFM7ZaelidOMIotAk15FKogDzMB0AlzOWTPvZtEaZeCrZtTVeRZC91nOd4eCYrO6Avv26YKGW31bYW4NKUN9qnrzFLqbP2MZKvVL%2BZtUsZpa"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76f76398fa3ab506-OSL
content-encoding: br
X-Firefox-Spdy: h2
bedrapiona.com/5/3294720/?oo=1&js_build=iclick-v1.454.0
139.45.197.234200 OK 0 B URL HTTP/2 bedrapiona.com/5/3294720/?oo=1&js_build=iclick-v1.454.0
IP 139.45.197.234:0
GET /5/3294720/?oo=1&js_build=iclick-v1.454.0 HTTP/1.1
Host: bedrapiona.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://pak-janggut.blogspot.com
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 03:45:05 GMT
content-type: application/json
x-trace-id: a74f705c9d22320fe6cc57359264d9e4
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: http://pak-janggut.blogspot.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=a7ffae5775144e84a06f7a66f0bedb08; expires=Sat, 25 Nov 2023 03:45:05 GMT; path=/; secure; SameSite=None
oaidts=1669347905; expires=Sat, 25 Nov 2023 03:45:05 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
bdv.bidvertiser.com/bidvertiser.dbm?pid=361547&bid=1169949&RD=6581708225277&DIF=2
54.241.51.109200 OK 0 B URL HTTP/1.1 bdv.bidvertiser.com/bidvertiser.dbm?pid=361547&bid=1169949&RD=6581708225277&DIF=2
IP 54.241.51.109:0
GET /bidvertiser.dbm?pid=361547&bid=1169949&RD=6581708225277&DIF=2 HTTP/1.1
Host: bdv.bidvertiser.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
HTTP/1.1 200 OK
Date: Friday, 25-Nov-2022 03:45:03 GMT
Cache-Control: no-store
Last-Modified: Thursday, 25-Nov-2021 03:45:03 GMT
P3P: policyref="http://www.bidvertiser.com/bdv/bidvertiser/p3p.xml", CP="NOI DEV PSA PSD IVA OTP OUR OTR IND OTC"
Content-Type: text/javascript; charset=utf-8
Content-Len: 0
CONNECTION: Close
t.dtscout.com/i/?l=http%3A%2F%2Fpak-janggut.blogspot.com%2F2013%2F03%2Fsiapa-sebenarnya-tasha-manshahar.html%23&j=
172.64.163.7200 OK 0 B URL HTTP/2 t.dtscout.com/i/?l=http%3A%2F%2Fpak-janggut.blogspot.com%2F2013%2F03%2Fsiapa-sebenarnya-tasha-manshahar.html%23&j=
IP 172.64.163.7:0
GET /i/?l=http%3A%2F%2Fpak-janggut.blogspot.com%2F2013%2F03%2Fsiapa-sebenarnya-tasha-manshahar.html%23&j= HTTP/1.1
Host: t.dtscout.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 03:45:03 GMT
content-type: application/javascript
x-s: mtl3
set-cookie: m=1; Domain=dtscout.com; Expires=Fri, 25-Nov-2022 05:08:23 GMT; Max-Age=5000; Path=/; SameSite=None; Secure
oa=1; Domain=dtscout.com; Expires=Fri, 25-Nov-2022 07:45:03 GMT; Max-Age=14400; Path=/; SameSite=None; Secure
df=1669347903; Domain=dtscout.com; Expires=Sun, 05-Mar-2023 03:45:03 GMT; Max-Age=8640000; Path=/; SameSite=None; Secure
x-t: 0.602
expires: Fri, 25 Nov 2022 03:45:02 GMT
cache-control: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YImcA85GU%2BQxx1mtnzMWxyatpAoXrae5P3%2F6KAzsGvwei3aS%2FCLm7WVMidf0xn7Qtg2O9q2a3AyyD5QcQ14AoTcyaNbkV%2Fgz4YDWSHNT3DEBV8tMeWPHlVO2moXwFqvg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76f763adab6b06e9-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2