Overview

URLpak-janggut.blogspot.com/2013/03/siapa-sebenarnya-tasha-manshahar.html
IP 142.250.74.161 (United States)
ASN#15169 GOOGLE
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-11-25 03:45:11 UTC
StatusLoading report..
IDS alerts0
Blocklist alert4
urlquery alerts No alerts detected
Tags None

Domain Summary (60)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
4.bp.blogspot.com (3) 11215 2013-05-06 20:18:52 UTC 2020-05-06 03:21:52 UTC 142.250.74.161
push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2020-05-03 10:09:39 UTC 34.214.236.46
content-signature-2.cdn.mozilla.net (1) 1152 No data No data 34.160.144.191
www.shamsuriyadi.com (1) 0 2013-02-02 12:29:37 UTC 2020-09-20 22:58:21 UTC 113.23.169.115 Unknown ranking
my.rtmark.net (1) 9054 2017-08-22 14:11:49 UTC 2022-11-24 08:54:46 UTC 139.45.195.8
pak-janggut.blogspot.com (3) 0 2014-05-28 04:57:25 UTC 2015-03-05 12:47:27 UTC 142.250.74.161 Unknown ranking
bdv.bidvertiser.com (14) 289264 2017-01-31 17:33:07 UTC 2022-11-24 12:52:57 UTC 54.241.51.109
i155.photobucket.com (2) 492446 2019-06-21 20:30:17 UTC 2022-11-24 12:32:46 UTC 143.204.55.106
pagead2.googlesyndication.com (1) 101 2021-02-20 15:52:05 UTC 2022-11-24 10:56:58 UTC 142.250.74.130
i155.photobucket.com (2) 492446 2019-06-21 20:30:17 UTC 2022-11-24 12:32:46 UTC 143.204.55.54
cleverjump.org (3) 459253 2017-01-18 14:34:15 UTC 2022-11-24 21:33:01 UTC 217.23.10.44
www.google.com (1) 7 2016-03-22 03:56:07 UTC 2022-11-24 08:13:00 UTC 142.250.74.164
inklinkor.com (1) 0 2022-04-01 11:44:00 UTC 2022-11-24 11:52:54 UTC 172.67.211.29 Unknown ranking
connect.facebook.net (2) 139 2012-05-22 02:51:28 UTC 2020-02-17 13:26:09 UTC 157.240.200.14
2.bp.blogspot.com (5) 11071 2013-07-04 03:01:31 UTC 2020-04-28 02:17:39 UTC 142.250.74.161
1.bp.blogspot.com (2) 8403 2013-05-06 20:18:52 UTC 2020-05-14 01:22:22 UTC 142.250.74.161
www.googletagmanager.com (1) 75 2013-05-22 02:07:37 UTC 2022-11-24 08:35:27 UTC 142.250.74.168
ocsp.sectigo.com (2) 487 2019-11-29 11:50:24 UTC 2021-09-17 20:05:40 UTC 172.64.155.188
lh3.googleusercontent.com (11) 66 2013-05-30 23:27:19 UTC 2020-05-01 19:11:58 UTC 142.250.74.33
apis.google.com (1) 105 2013-05-30 23:17:44 UTC 2020-05-14 13:59:47 UTC 142.250.74.174
accounts.google.com (1) 81 2016-09-05 09:39:47 UTC 2022-11-24 11:10:26 UTC 216.58.207.237
t.dtscout.com (1) 11951 2017-01-30 04:52:42 UTC 2022-11-24 07:31:22 UTC 172.64.163.7
www.buatcoklat.com (1) 0 2013-05-06 17:11:22 UTC 2022-11-23 04:01:35 UTC 45.79.19.196 Unknown ranking
fonts.googleapis.com (1) 8877 2013-06-10 20:14:26 UTC 2022-11-24 11:11:51 UTC 142.250.74.10
bedrapiona.com (1) 34930 2020-05-08 13:43:48 UTC 2022-11-24 10:29:59 UTC 139.45.197.234
tags.h12-media.com (14) 133206 2015-05-16 16:34:37 UTC 2022-11-25 02:50:18 UTC 154.51.131.141
i66.photobucket.com (10) 0 2015-01-26 22:54:44 UTC 2022-11-23 04:01:35 UTC 143.204.55.54 Domain (photobucket.com) ranked at: 14012
www.linkwithin.com (3) 115766 2015-10-18 23:57:58 UTC 2020-03-18 12:13:58 UTC 3.19.188.212
www7.cbox.ws (2) 507537 2014-04-17 11:09:59 UTC 2022-11-24 13:35:05 UTC 104.149.151.166
logv33.xiti.com (2) 776887 2012-11-23 19:03:55 UTC 2022-11-24 22:48:32 UTC 143.204.46.236
s4.histats.com (1) 12782 2012-05-21 17:14:14 UTC 2022-11-24 08:42:51 UTC 198.27.80.143
tzegilo.com (1) 0 2022-01-14 15:27:15 UTC 2022-11-24 10:18:57 UTC 104.21.84.149 Unknown ranking
ocsp.pki.goog (23) 175 2018-07-01 06:43:07 UTC 2020-05-02 20:58:16 UTC 142.250.74.35
s10.histats.com (2) 15211 2012-05-21 17:14:14 UTC 2020-03-16 19:44:20 UTC 46.105.201.240
www.kekcoklat.com (1) 0 2012-12-07 15:43:31 UTC 2013-07-19 21:37:00 UTC 192.185.225.6 Unknown ranking
play.google.com (1) 34 2018-05-12 00:28:37 UTC 2022-11-24 07:13:40 UTC 142.250.74.110
r3.o.lencr.org (11) 344 No data No data 23.36.76.226
widgets.amung.us (2) 12623 2012-05-21 19:25:54 UTC 2022-11-24 06:31:33 UTC 172.67.8.141
fonts.gstatic.com (5) 0 2014-09-09 00:40:21 UTC 2022-11-24 11:09:52 UTC 216.58.207.195 Domain (gstatic.com) ranked at: 540
www.rahsiakuihraya.com (1) 0 2013-05-12 16:03:35 UTC 2022-07-23 01:56:51 UTC 34.98.99.30 Unknown ranking
de.tynt.com (1) 1252 2013-08-06 01:33:59 UTC 2022-11-24 10:56:37 UTC 67.202.105.34
ajax.googleapis.com (2) 12905 2013-08-16 09:51:31 UTC 2022-11-24 10:54:12 UTC 142.250.74.138
www.gstatic.com (1) 0 2016-07-26 09:37:06 UTC 2022-11-24 11:10:32 UTC 142.250.74.163 Domain (gstatic.com) ranked at: 540
ic.tynt.com (6) 4300 2013-08-06 01:33:59 UTC 2022-11-24 08:07:10 UTC 67.202.105.33
firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-11-24 05:36:55 UTC 34.102.187.140
lh5.ggpht.com (2) 10355 2012-05-30 06:58:35 UTC 2020-05-01 19:11:58 UTC 142.250.74.161
d2b9l3u54v5v39.cloudfront.net (5) 0 2022-11-24 02:54:29 UTC 2022-11-24 12:03:38 UTC 54.230.245.108 Unknown ranking
ocsp.digicert.com (12) 86 2012-05-21 07:02:23 UTC 2020-05-02 20:58:10 UTC 93.184.220.29
www.widgeo.net (22) 774083 2015-01-20 22:41:32 UTC 2022-11-24 20:25:08 UTC 104.26.10.22
www.samsengfb.com (1) 0 2018-08-13 19:48:29 UTC 2022-11-24 03:00:59 UTC 190.2.139.23 Unknown ranking
lh4.ggpht.com (2) 11959 2012-05-30 06:58:35 UTC 2020-03-14 19:32:16 UTC 142.250.74.161
d39f23jfph0ylk.cloudfront.net (1) 0 2022-11-19 20:19:41 UTC 2022-11-24 18:06:31 UTC 143.204.42.149 Unknown ranking
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-11-24 05:30:55 UTC 34.117.237.239
www.blogger.com (3) 8975 2012-05-22 07:35:03 UTC 2020-05-05 09:48:25 UTC 142.250.74.105
whos.amung.us (1) 12687 2017-01-30 05:21:57 UTC 2022-11-24 08:38:16 UTC 172.67.8.141
r3.o.lencr.org (11) 344 No data No data 23.36.77.32
3.bp.blogspot.com (5) 11048 2013-07-04 04:18:40 UTC 2020-05-14 03:02:58 UTC 142.250.74.161
img-getpocket.cdn.mozilla.net (6) 1631 2018-06-21 23:36:00 UTC 2020-02-19 04:43:25 UTC 34.120.237.76
datatechonert.com (1) 46154 2021-12-24 16:44:17 UTC 2022-11-24 11:37:18 UTC 37.48.68.71
lh6.ggpht.com (2) 12395 2018-06-22 09:09:58 UTC 2022-11-24 09:22:09 UTC 142.250.74.1

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-11-25 2 pak-janggut.blogspot.com/2013/03/siapa-sebenarnya-tasha-manshahar.html Malware
2022-11-25 2 www.samsengfb.com/samsengfb.js.php?token=8bce1b2342553c8507f0f7f5de798bc3.5 (...) Malware
2022-11-25 2 cleverjump.org/hit/get-uid.php Malware

mnemonic secure dns
 No alerts detected

Quad9 DNS
Scan Date Severity Indicator Comment
2022-11-25 2 datatechonert.com Sinkholed


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 142.250.74.161
Date UQ / IDS / BL URL IP
2023-01-21 16:46:31 +0000 0 - 0 - 1 wytike.page.link/pQhBiPQ2o7GVemxA8 142.250.74.161
2023-01-21 16:46:26 +0000 0 - 0 - 1 defewyr.page.link/JoAeTra1xCczHZfv7 142.250.74.161
2023-01-21 16:46:19 +0000 0 - 0 - 1 dymuder.page.link/kvtDZbqxU8AkQ2dV7 142.250.74.161
2023-01-21 13:31:38 +0000 0 - 0 - 1 feqesi.page.link/365pd6duvijVApZL9 142.250.74.161
2023-01-21 13:31:24 +0000 0 - 0 - 1 raliwobe.page.link/BCJyT76QUmkH92Uy7 142.250.74.161


Last 5 reports on ASN: GOOGLE
Date UQ / IDS / BL URL IP
2023-01-28 07:00:09 +0000 0 - 0 - 4 usachev.org/OMACH/FBG/office.php 34.102.136.180
2023-01-28 07:00:01 +0000 0 - 0 - 1 hot-mops.com/wp-includes/home/aes.com/outlook (...) 34.102.136.180
2023-01-28 06:59:46 +0000 0 - 0 - 1 www16220.blogspot.am/ 142.250.74.1
2023-01-28 06:59:21 +0000 0 - 0 - 1 bilata.com/xe/login.php 34.102.136.180
2023-01-28 06:56:48 +0000 0 - 0 - 3 khodji076068.blogspot.nl/ 172.217.21.161


Last 5 reports on domain: pak-janggut.blogspot.com
Date UQ / IDS / BL URL IP
2022-12-24 02:17:10 +0000 0 - 0 - 2 pak-janggut.blogspot.com/search/label/Edisi 142.250.74.161
2022-12-19 02:42:26 +0000 0 - 0 - 1 pak-janggut.blogspot.com/search/label/Sasha%2 (...) 172.217.21.161
2022-12-16 03:28:22 +0000 0 - 0 - 2 pak-janggut.blogspot.com/search/label/Saiful% (...) 172.217.21.161
2022-12-14 02:43:02 +0000 0 - 0 - 3 pak-janggut.blogspot.com/search/label/Rozita 172.217.21.161
2022-12-13 03:58:56 +0000 0 - 0 - 3 pak-janggut.blogspot.com/search/label/Faezah% (...) 172.217.21.161


Last 5 reports with similar screenshot
Date UQ / IDS / BL URL IP
2022-12-24 02:17:10 +0000 0 - 0 - 2 pak-janggut.blogspot.com/search/label/Edisi 142.250.74.161
2022-12-16 03:28:22 +0000 0 - 0 - 2 pak-janggut.blogspot.com/search/label/Saiful% (...) 172.217.21.161
2022-12-14 02:43:02 +0000 0 - 0 - 3 pak-janggut.blogspot.com/search/label/Rozita 172.217.21.161
2022-12-13 03:58:56 +0000 0 - 0 - 3 pak-janggut.blogspot.com/search/label/Faezah% (...) 172.217.21.161
2022-11-28 03:13:09 +0000 0 - 0 - 4 pak-janggut.blogspot.com/2013/11/al-fatihah-p (...) 142.250.74.161

JavaScript

Executed Scripts (89)

Executed Evals (24)
#1 JavaScript::Eval (size: 31) - SHA256: b5dbe5baef7d7d38216b54fe142812f4e3461e56f792eb77e8ee0f37139a5ade
typeof flb1169949 != "undefined"
#2 JavaScript::Eval (size: 31) - SHA256: 5e15c2a280dddfd9eb61d4a20afcdb3936daee96dc1dcf0703b40f2caba898c3
typeof flb1167641 == "undefined"
#3 JavaScript::Eval (size: 21263) - SHA256: 554645023e7299ea8a0523440ea2108cd98c30f38b44878e66fbdafcd9df9d21
(function() {
    var z = this || self,
        bo = function(b, I, K, O) {
            (K = P((O = P(b), b)), x)(K, b, v(I, Z(O, b)))
        },
        R8 = function(b, I, K) {
            if ("object" == (I = typeof b, I))
                if (b) {
                    if (b instanceof Array) return "array";
                    if (b instanceof Object) return I;
                    if ("[object Window]" == (K = Object.prototype.toString.call(b), K)) return "object";
                    if ("[object Array]" == K || "number" == typeof b.length && "undefined" != typeof b.splice && "undefined" != typeof b.propertyIsEnumerable && !b.propertyIsEnumerable("splice")) return "array";
                    if ("[object Function]" == K || "undefined" != typeof b.call && "undefined" != typeof b.propertyIsEnumerable && !b.propertyIsEnumerable("call")) return "function"
                } else return "null";
            else if ("function" == I && "undefined" == typeof b.call) return "object";
            return I
        },
        Z = function(b, I) {
            if (void 0 === (I = I.K[b], I)) throw [D, 30, b];
            if (I.value) return I.create();
            return I.create(1 * b * b + -48 * b + -64), I.prototype
        },
        f = function(b, I) {
            I.s = ((I.s ? I.s + "~" : "E:") + b.message + ":" + b.stack).slice(0, 2048)
        },
        I8 = function(b, I) {
            (I.push(b[0] << 24 | b[1] << 16 | b[2] << 8 | b[3]), I.push(b[4] << 24 | b[5] << 16 | b[6] << 8 | b[7]), I).push(b[8] << 24 | b[9] << 16 | b[10] << 8 | b[11])
        },
        O1 = function(b, I, K, O) {
            function y() {}
            return {
                invoke: (O = K2(b, (K = void 0, function(R) {
                    y && (I && J(I), K = R, y(), y = void 0)
                }), !!I)[0], function(R, w, q, N) {
                    function u() {
                        K(function(M) {
                            J(function() {
                                R(M)
                            })
                        }, q)
                    }
                    if (!w) return w = O(q), R && R(w), w;
                    K ? u() : (N = y, y = function() {
                        (N(), J)(u)
                    })
                })
            }
        },
        yj = function(b, I, K, O) {
            return Z(356, (k(319, (wl(b, (O = Z(319, b), b.H && O < b.j ? (k(319, b, b.j), qO(b, K)) : k(319, b, K), I)), b), O), b))
        },
        A = function(b, I, K, O, y, R, w, q, N) {
            if (O.L += ((w = (y = (N = (R = (q = (K || O.i++, 0 < O.P && O.I) && O.KI && 1 >= O.v && !O.C && !O.g && (!K || 1 < O.Z - b) && 0 == document.hidden, 4 == O.i)) || q ? O.D() : O.F, N - O.F), y >> 14), O.V) && (O.V ^= w * (y << 2)), O.A = w || O.A, w), R || q) O.F = N, O.i = 0;
            if (!q || N - O.X < O.P - (I ? 255 : K ? 5 : 2)) return false;
            return (k((I = Z((O.Z = b, K ? 351 : 319), O), 319), O, O.j), O.R).push([zJ, I, K ? b + 1 : b]), O.g = J, true
        },
        io = function(b, I) {
            return I[b] << 24 | I[(b | 0) + 1] << 16 | I[(b | 0) + 2] << 8 | I[(b | 0) + 3]
        },
        qO = function(b, I) {
            k(319, ((b.rt.push(b.K.slice()), b).K[319] = void 0, b), I)
        },
        V = function(b, I, K) {
            I[k(K, b, I), uo] = 2796
        },
        JW = function(b, I, K, O, y) {
            for ((b.pI = MO(b.h, ((b.kG = (b.fI = b[E], o8), b).Q2 = PW, {get: function() {
                        return this.concat()
                    }
                })), b).ju = p[b.h](b.pI, {
                    value: {
                        value: {}
                    }
                }), y = [], O = 0; 128 > O; O++) y[O] = String.fromCharCode(O);
            C(true, true, (l(((l([(V(b, (V(b, function(R, w) {
                (w = Z(P(R), R), qO)(R.A, w)
            }, (V(b, function(R, w, q, N) {
                k((w = g((N = P(R), R)), q = P(R), q), R, Z(N, R) >>> w)
            }, (k(97, (V((V(b, (k(230, b, (V(b, (b.uf = (k((k(162, b, (V(b, function(R, w, q, N) {
                (N = Z((w = (q = (w = P(R), N = P(R), P(R)), Z)(w, R), N), R), k)(q, R, +(w == N))
            }, (V(b, (V((V(b, (V(b, (V(b, (V(b, function(R) {
                bo(R, 1)
            }, (k(17, ((V(b, (b.HZ = (V(b, function(R, w) {
                R = (w = P(R), Z(w, R.A)), R[0].removeEventListener(R[1], R[2], c)
            }, (k(507, b, (V(b, function(R, w, q, N, u, M, H) {
                for (u = (q = Z(92, (w = (H = mj((N = P(R), R)), ""), R)), q.length), M = 0; H--;) M = ((M | 0) + (mj(R) | 0)) % u, w += y[q[M]];
                k(N, R, w)
            }, ((V(b, ((V((k((k(366, (k(356, b, (V(b, (V(b, (V(b, (V((k(182, (k(305, (k((b.Su = (V(b, (V(b, function(R, w, q) {
                A(w, false, true, R) || (w = P(R), q = P(R), k(q, R, function(N) {
                    return eval(N)
                }(xP(Z(w, R.A)))))
            }, (V(b, function(R) {
                HW(R, 4)
            }, (k((b.s = (b.DP = (b.L = 1, b.G = void 0, b.rt = [], b.KI = false, (b.W = void 0, b.Y = 0, b.X = (b.o = (b.A = b, []), b.l = (b.v = 0, O = (b.g = null, b.j = 0, (b.S = (b.N = false, void 0), b.wt = 0, window).performance) || {}, (b.P = 0, b).I = !(b.Z = 8001, 1), b.H = [], []), (b.i = void 0, b.U = 25, b.C = void 0, b.R = [], (b.V = void 0, b).RQ = function(R) {
                this.A = R
            }, b).K = [], 0), (b.F = 0, O).timeOrigin || (O.timing || {}).navigationStart) || 0), void 0), 319), b, 0), k(351, b, 0), 475)), 168)), function(R, w, q) {
                0 != (q = Z((w = P(R), q = P(R), q), R), Z(w, R)) && k(319, R, q)
            }), 342), 0), 253), b, []), b), b), b), 0), b), function(R) {
                bo(R, 4)
            }, 267), function(R, w, q, N, u) {
                (q = (u = Z((w = Z((u = P((q = (N = (w = P(R), P)(R), P)(R), R)), w), R.A), u), R), N = Z(N, R), Z)(q, R), 0) !== w && (q = vW(1, R, u, q, w, N), w.addEventListener(N, q, c), k(182, R, [w, N, q]))
            }), 261), function(R, w, q, N, u) {
                (w = (q = P((N = (u = P(R), P)(R), R)), P(R)), q = Z(q, R), w = Z(w, R), N = Z(N, R), k)(u, R, vW(w, R, q, N))
            }), 222), function(R, w, q, N) {
                (w = P((N = (q = P(R), P)(R), R)), k)(w, R, Z(q, R) || Z(N, R))
            }), 381), {})), b), 0), 270), b, z), b), function(R) {
                Zb(R, 3)
            }, 395), V)(b, function(R, w, q) {
                k((q = Z((w = P((q = P(R), R)), q), R), q = R8(q), w), R, q)
            }, 405), function(R, w, q, N) {
                !A(w, false, true, R) && (w = rl(R), q = w.J, N = w.AN, R.A == R || q == R.RQ && N == R) && (k(w.aQ, R, q.apply(N, w.O)), R.F = R.D())
            }), 234), V)(b, function(R) {
                Zb(R, 4)
            }, 203), 335)), [160, 0, 0])), 206)), 0), function() {}), 503), V)(b, function(R, w, q, N, u, M, H, r, m, L, X, G) {
                function Q(n, h) {
                    for (; q < n;) G |= g(R) << q, q += 8;
                    return h = G & (1 << n) - 1, q -= n, G >>= n, h
                }
                for (X = (L = (q = G = (M = P(R), 0), (Q(3) | 0) + 1), u = Q(5), N = 0), m = []; N < u; N++) H = Q(1), m.push(H), X += H ? 0 : 1;
                for (X = (w = (N = ((X | 0) - 1).toString(2).length, []), 0); X < u; X++) m[X] || (w[X] = Q(N));
                for (N = 0; N < u; N++) m[N] && (w[N] = P(R));
                for (r = []; L--;) r.push(Z(P(R), R));
                V(R, function(n, h, Y, NO, t) {
                    for (h = (NO = [], 0), Y = []; h < u; h++) {
                        if (t = w[h], !m[h]) {
                            for (; t >= Y.length;) Y.push(P(n));
                            t = Y[t]
                        }
                        NO.push(t)
                    }
                    n.S = Db(n, (n.C = Db(n, r.slice()), NO))
                }, M)
            }, 94), b), []), 367)), function(R, w, q, N) {
                (N = Z((q = Z((w = (q = P(R), P)(R), q), R), w), R), k)(w, R, N + q)
            }), 58), function(R, w, q, N, u, M) {
                if (!A(w, true, true, R)) {
                    if ("object" == R8((R = Z((M = (w = (M = (q = (w = (N = P(R), P)(R), P(R)), P(R)), Z)(w, R), Z)(M, R), q = Z(q, R), N), R), R))) {
                        for (u in N = [], R) N.push(u);
                        R = N
                    }
                    for (N = (u = (q = 0 < q ? q : 1, 0), R).length; u < N; u += q) w(R.slice(u, (u | 0) + (q | 0)), M)
                }
            }), 341), function(R, w, q, N) {
                if (w = R.rt.pop()) {
                    for (q = g(R); 0 < q; q--) N = P(R), w[N] = R.K[N];
                    R.K = (w[253] = R.K[253], w[97] = R.K[97], w)
                } else k(319, R, R.j)
            }), 327), b), function(R, w, q) {
                w = P(R), q = P(R), k(q, R, "" + Z(w, R))
            }, 455), function(R, w, q, N, u) {
                for (q = (u = P(R), w = mj(R), N = [], 0); q < w; q++) N.push(g(R));
                k(u, R, N)
            }), 34), 117)), T)(4)), 205), b, 524), 0), function(R, w, q, N) {
                N = (w = P((q = (N = P(R), P(R)), R)), Z(N, R)), q = Z(q, R), k(w, R, N in q | 0)
            }), 79), [0, 0, 0])), function(R, w, q, N, u) {
                (q = (u = (N = P(R), P(R)), P)(R), R).A == R && (q = Z(q, R), w = Z(N, R), u = Z(u, R), w[u] = q, 377 == N && (R.G = void 0, 2 == u && (R.V = B(32, R, false), R.G = void 0)))
            }), 474), b), function(R, w, q, N, u, M) {
                A(w, false, true, R) || (N = rl(R.A), w = N.AN, M = N.O, q = N.J, u = M.length, N = N.aQ, w = 0 == u ? new w[q] : 1 == u ? new w[q](M[0]) : 2 == u ? new w[q](M[0], M[1]) : 3 == u ? new w[q](M[0], M[1], M[2]) : 4 == u ? new w[q](M[0], M[1], M[2], M[3]) : 2(), k(N, R, w))
            }, 317), b), 2048), 89)), 473)), function(R, w, q, N) {
                k((N = (q = Z((w = P((N = (q = P(R), P(R)), R)), q), R), Z(N, R)), w), R, q[N])
            }), 380), uo)], b), l)([S, I], b), [f2, K]), b), b))
        },
        l = function(b, I) {
            I.R.splice(0, 0, b)
        },
        XO = function(b, I, K, O) {
            try {
                O = b[((I | 0) + 2) % 3], b[I] = (b[I] | 0) - (b[((I | 0) + 1) % 3] | 0) - (O | 0) ^ (1 == I ? O << K : O >>> K)
            } catch (y) {
                throw y;
            }
        },
        n2 = function(b, I, K) {
            if (3 == b.length) {
                for (K = 0; 3 > K; K++) I[K] += b[K];
                for (b = [13, 8, 13, 12, 16, 5, 3, 10, 15], K = 0; 9 > K; K++) I[3](I, K % 3, b[K])
            }
        },
        GJ = function(b, I, K, O, y) {
            for (y = (K = K[3] | (O = K[2] | 0, 0), 0); 14 > y; y++) I = I >>> 8 | I << 24, I += b | 0, K = K >>> 8 | K << 24, b = b << 3 | b >>> 29, I ^= O + 2298, K += O | 0, K ^= y + 2298, b ^= I, O = O << 3 | O >>> 29, O ^= K;
            return [b >>> 24 & 255, b >>> 16 & 255, b >>> 8 & 255, b >>> 0 & 255, I >>> 24 & 255, I >>> 16 & 255, I >>> 8 & 255, I >>> 0 & 255]
        },
        v = function(b, I, K, O) {
            for (K = (b | 0) - 1, O = []; 0 <= K; K--) O[(b | 0) - 1 - (K | 0)] = I >> 8 * K & 255;
            return O
        },
        wl = function(b, I, K, O, y, R) {
            if (!b.s) {
                b.v++;
                try {
                    for (R = (y = (K = b.j, void 0), 0); --I;) try {
                        if ((O = void 0, b).C) y = hW(b, b.C);
                        else {
                            if (R = Z(319, b), R >= K) break;
                            O = P((k(351, b, R), b)), y = Z(O, b)
                        }
                        A((y && y[$P] & 2048 ? y(b, I) : e([D, 21, O], b, 0), I), false, false, b)
                    } catch (w) {
                        Z(205, b) ? e(w, b, 22) : k(205, b, w)
                    }
                    if (!I) {
                        if (b.CI) {
                            b.v--, wl(b, 216630971487);
                            return
                        }
                        e([D, 33], b, 0)
                    }
                } catch (w) {
                    try {
                        e(w, b, 22)
                    } catch (q) {
                        f(q, b)
                    }
                }
                b.v--
            }
        },
        rl = function(b, I, K, O, y, R) {
            for (R = (K = ((O = (I = b[kP] || {}, P(b)), I.aQ = P(b), I).O = [], b.A == b ? (g(b) | 0) - 1 : 1), P(b)), y = 0; y < K; y++) I.O.push(P(b));
            for (; K--;) I.O[K] = Z(I.O[K], b);
            return (I.J = Z(O, b), I).AN = Z(R, b), I
        },
        vW = function(b, I, K, O, y, R) {
            function w() {
                if (I.A == I) {
                    if (I.K) {
                        var q = [F, O, K, void 0, y, R, arguments];
                        if (2 == b) var N = C(false, false, (l(q, I), I));
                        else if (1 == b) {
                            var u = !I.R.length;
                            (l(q, I), u) && C(false, false, I)
                        } else N = AW(I, q);
                        return N
                    }
                    y && R && y.removeEventListener(R, w, c)
                }
            }
            return w
        },
        E1 = function(b, I, K, O, y, R, w, q) {
            return O = [-9, -48, 48, 29, -71, -79, O, -95, 27, 81], R = Vj, q = b & 7, y = p[K.h](K.pI), y[K.h] = function(N) {
                q += (w = N, 6 + 7 * b), q &= 7
            }, y.concat = function(N) {
                return (w = (N = (N = -46 * I * I * w - -2208 * I * w + (N = I % 16 + 1, 1 * I * I * N) + q + 46 * w * w + O[q + 27 & 7] * I * N - -2944 * w + (R() | 0) * N - N * w, O)[N], void 0), O[(q + 21 & 7) + (b & 2)] = N, O)[q + (b & 2)] = -48, N
            }, y
        },
        C = function(b, I, K, O, y, R) {
            if (K.R.length) {
                K.I = (K.KI = (K.I && 0(), b), true);
                try {
                    y = K.D(), K.F = y, K.X = y, K.i = 0, O = p2(b, K), R = K.D() - K.X, K.Y += R, R < (I ? 0 : 10) || 0 >= K.U-- || (R = Math.floor(R), K.o.push(254 >= R ? R : 254))
                } finally {
                    K.I = false
                }
                return O
            }
        },
        J = z.requestIdleCallback ? function(b) {
            requestIdleCallback(function() {
                b()
            }, {
                timeout: 4
            })
        } : z.setImmediate ? function(b) {
            setImmediate(b)
        } : function(b) {
            setTimeout(b, 0)
        },
        e = function(b, I, K, O, y, R) {
            if (!I.N) {
                if ((b = (K = (0 == (R = Z(253, ((O = void 0, b) && b[0] === D && (O = b[2], K = b[1], b = void 0), I)), R).length && (y = Z(351, I) >> 3, R.push(K, y >> 8 & 255, y & 255), void 0 != O && R.push(O & 255)), ""), b && (b.message && (K += b.message), b.stack && (K += ":" + b.stack)), Z)(97, I), 3) < b) {
                    I.A = (K = (b -= (K = K.slice(0, (b | 0) - 3), (K.length | 0) + 3), Qj)(K), O = I.A, I);
                    try {
                        x(162, I, v(2, K.length).concat(K), 9)
                    } finally {
                        I.A = O
                    }
                }
                k(97, I, b)
            }
        },
        HW = function(b, I, K, O) {
            for (K = (O = P(b), 0); 0 < I; I--) K = K << 8 | g(b);
            k(O, b, K)
        },
        FO = function(b, I) {
            return I(function(K) {
                K(b)
            }), [function() {
                return b
            }]
        },
        cW = function(b, I, K) {
            return I.B(function(O) {
                K = O
            }, false, b), K
        },
        x = function(b, I, K, O, y, R) {
            if (I.A == I)
                for (R = Z(b, I), 162 == b ? (b = function(w, q, N, u) {
                        if ((u = (q = R.length, (q | 0) - 4 >> 3), R.hN) != u) {
                            u = (u << (N = [0, 0, y[R.hN = u, 1], y[2]], 3)) - 4;
                            try {
                                R.bf = GJ(io(u, R), io((u | 0) + 4, R), N)
                            } catch (M) {
                                throw M;
                            }
                        }
                        R.push(R.bf[q & 7] ^ w)
                    }, y = Z(230, I)) : b = function(w) {
                        R.push(w)
                    }, O && b(O & 255), I = K.length, O = 0; O < I; O++) b(K[O])
        },
        TJ = function(b, I) {
            if ((I = (b = null, z).trustedTypes, !I) || !I.createPolicy) return b;
            try {
                b = I.createPolicy("bg", {
                    createHTML: gl,
                    createScript: gl,
                    createScriptURL: gl
                })
            } catch (K) {
                z.console && z.console.error(K.message)
            }
            return b
        },
        p2 = function(b, I, K, O) {
            for (; I.R.length;) {
                K = (I.g = null, I).R.pop();
                try {
                    O = AW(I, K)
                } catch (y) {
                    f(y, I)
                }
                if (b && I.g) {
                    b = I.g, b(function() {
                        C(true, true, I)
                    });
                    break
                }
            }
            return O
        },
        AW = function(b, I, K, O, y) {
            if (O = I[0], O == W) b.U = 25, b.u(I);
            else if (O == E) {
                K = I[1];
                try {
                    y = b.s || b.u(I)
                } catch (R) {
                    f(R, b), y = b.s
                }
                K(y)
            } else if (O == zJ) b.u(I);
            else if (O == S) b.u(I);
            else if (O == f2) {
                try {
                    for (y = 0; y < b.l.length; y++) try {
                        K = b.l[y], K[0][K[1]](K[2])
                    } catch (R) {}
                } catch (R) {}(0, I[b.l = [], 1])(function(R, w) {
                    b.B(R, true, w)
                }, function(R) {
                    l([$P], (R = !b.R.length, b)), R && C(true, false, b)
                })
            } else {
                if (O == F) return y = I[2], k(332, b, I[6]), k(356, b, y), b.u(I);
                O == $P ? (b.H = [], b.K = null, b.o = []) : O == uo && "loading" === z.document.readyState && (b.g = function(R, w) {
                    function q() {
                        w || (w = true, R())
                    }
                    z.document.addEventListener("DOMContentLoaded", q, (w = false, c)), z.addEventListener("load", q, c)
                })
            }
        },
        MO = function(b, I) {
            return p[b](p.prototype, {
                pop: I,
                call: I,
                splice: I,
                document: I,
                replace: I,
                prototype: I,
                length: I,
                propertyIsEnumerable: I,
                floor: I,
                console: I,
                parent: I,
                stack: I
            })
        },
        Db = function(b, I, K) {
            return K = p[b.h](b.ju), K[b.h] = function() {
                return I
            }, K.concat = function(O) {
                I = O
            }, K
        },
        a, Zb = function(b, I, K, O, y) {
            (((y = (K = P((I &= (O = I & 3, 4), y = P(b), b)), Z)(y, b), I) && (y = Qj("" + y)), O) && x(K, b, v(2, y.length)), x)(K, b, y)
        },
        B = function(b, I, K, O, y, R, w, q, N, u, M, H, r, m) {
            if ((r = Z(319, I), r) >= I.j) throw [D, 31];
            for (w = r, u = (H = I.fI.length, b), q = 0; 0 < u;) M = w % 8, R = 8 - (M | 0), N = w >> 3, R = R < u ? R : u, O = I.H[N], K && (y = I, y.G != w >> 6 && (y.G = w >> 6, m = Z(377, y), y.W = GJ(y.V, y.G, [0, 0, m[1], m[2]])), O ^= I.W[N & H]), q |= (O >> 8 - (M | 0) - (R | 0) & (1 << R) - 1) << (u | 0) - (R | 0), w += R, u -= R;
            return k(319, I, (K = q, (r | 0) + (b | 0))), K
        },
        P = function(b, I) {
            if (b.C) return hW(b, b.S);
            return (I = B(8, b, true), I) & 128 && (I ^= 128, b = B(2, b, true), I = (I << 2) + (b | 0)), I
        },
        d, k = function(b, I, K) {
            if (319 == b || 351 == b) I.K[b] ? I.K[b].concat(K) : I.K[b] = Db(I, K);
            else {
                if (I.N && 377 != b) return;
                507 == b || 162 == b || 17 == b || 253 == b || 230 == b ? I.K[b] || (I.K[b] = E1(54, b, I, K)) : I.K[b] = E1(137, b, I, K)
            }
            377 == b && (I.V = B(32, I, false), I.G = void 0)
        },
        Qj = function(b, I, K, O, y) {
            for (y = (I = K = (b = b.replace(/\r\n/g, "\n"), 0), []); I < b.length; I++) O = b.charCodeAt(I), 128 > O ? y[K++] = O : (2048 > O ? y[K++] = O >> 6 | 192 : (55296 == (O & 64512) && I + 1 < b.length && 56320 == (b.charCodeAt(I + 1) & 64512) ? (O = 65536 + ((O & 1023) << 10) + (b.charCodeAt(++I) & 1023), y[K++] = O >> 18 | 240, y[K++] = O >> 12 & 63 | 128) : y[K++] = O >> 12 | 224, y[K++] = O >> 6 & 63 | 128), y[K++] = O & 63 | 128);
            return y
        },
        g = function(b) {
            return b.C ? hW(b, b.S) : B(8, b, true)
        },
        T = function(b, I) {
            for (I = []; b--;) I.push(255 * Math.random() | 0);
            return I
        },
        mj = function(b, I) {
            return (I = g(b), I) & 128 && (I = I & 127 | g(b) << 7), I
        },
        K2 = function(b, I, K, O) {
            return (O = d[b.substring(0, 3) + "_"]) ? O(b.substring(3), I, K) : FO(b, I)
        },
        c = {
            passive: true,
            capture: true
        },
        gl = function(b) {
            return b
        },
        U = function(b, I, K) {
            K = this;
            try {
                JW(this, b, I)
            } catch (O) {
                f(O, this), I(function(y) {
                    y(K.s)
                })
            }
        },
        hW = function(b, I) {
            return (I = I.create().shift(), b.C.create().length || b.S.create().length) || (b.C = void 0, b.S = void 0), I
        },
        kP = String.fromCharCode(105, 110, 116, 101, 103, 67, 104, 101, 99, 107, 66, 121, 112, 97, 115, 115),
        zJ = [],
        f2 = [],
        $P = ((U.prototype.FY = void 0, U).prototype.T = "toString", U.prototype.CI = false, []),
        W = (U.prototype.eu = void 0, []),
        E = [],
        S = [],
        uo = [],
        D = {},
        F = [],
        p = (((I8, T, XO, function() {})(n2), U.prototype).h = "create", D.constructor),
        Vj = ((a = U.prototype, a.nI = function(b, I, K, O, y, R) {
            for (R = [], K = O = 0; K < b.length; K++)
                for (O += I, y = y << I | b[K]; 7 < O;) O -= 8, R.push(y >> O & 255);
            return R
        }, a).GP = function(b, I, K) {
            return b ^ ((I = (I ^= I << 13, I ^= I >> 17, (I ^ I << 5) & K)) || (I = 1), I)
        }, void 0),
        PW = (((a.D = (a.B = (a.Mm = function() {
            return Math.floor(this.Y + (this.D() - this.X))
        }, a.dt = function() {
            return Math.floor(this.D())
        }, a.Oj = function(b, I, K, O, y) {
            for (y = O = 0; y < b.length; y++) O += b.charCodeAt(y), O += O << 10, O ^= O >> 6;
            return O = (b = (O += O << 3, O ^= O >> 11, O) + (O << 15) >>> 0, new Number(b & (1 << I) - 1)), O[0] = (b >>> I) % K, O
        }, function(b, I, K, O, y) {
            if (K = "array" === R8(K) ? K : [K], this.s) b(this.s);
            else try {
                y = [], O = !this.R.length, l([W, y, K], this), l([E, b, y], this), I && !O || C(I, true, this)
            } catch (R) {
                f(R, this), b(this.s)
            }
        }), (window.performance || {}).now ? function() {
            return this.DP + window.performance.now()
        } : function() {
            return +new Date
        }), U.prototype.u = function(b, I) {
            return Vj = (I = (b = {}, {}), function() {
                    return I == b ? -64 : -17
                }),
                function(K, O, y, R, w, q, N, u, M, H, r, m, L, X, G) {
                    I = (u = I, b);
                    try {
                        if (y = K[0], y == S) {
                            L = K[1];
                            try {
                                for (M = H = (R = (q = atob(L), []), 0); H < q.length; H++) O = q.charCodeAt(H), 255 < O && (R[M++] = O & 255, O >>= 8), R[M++] = O;
                                this.H = R, this.j = this.H.length << 3, k(377, this, [0, 0, 0])
                            } catch (Q) {
                                e(Q, this, 17);
                                return
                            }
                            wl(this, 8001)
                        } else if (y == W) K[1].push(Z(97, this), Z(162, this).length, Z(17, this).length, Z(507, this).length), k(356, this, K[2]), this.K[376] && yj(this, 8001, Z(376, this));
                        else {
                            if (y == E) {
                                (X = (G = v(2, ((H = K[2], Z(507, this)).length | 0) + 2), this).A, this).A = this;
                                try {
                                    w = Z(253, this), 0 < w.length && x(507, this, v(2, w.length).concat(w), 10), x(507, this, v(1, this.L), 109), x(507, this, v(1, this[E].length)), q = 0, N = Z(162, this), q += Z(366, this) & 2047, q -= (Z(507, this).length | 0) + 5, 4 < N.length && (q -= (N.length | 0) + 3), 0 < q && x(507, this, v(2, q).concat(T(q)), 15), 4 < N.length && x(507, this, v(2, N.length).concat(N), 156)
                                } finally {
                                    this.A = X
                                }
                                if (r = ((M = T(2).concat(Z(507, this)), M)[1] = M[0] ^ 6, M[3] = M[1] ^ G[0], M[4] = M[1] ^ G[1], this).sj(M)) r = "!" + r;
                                else
                                    for (q = 0, r = ""; q < M.length; q++) m = M[q][this.T](16), 1 == m.length && (m = "0" + m), r += m;
                                return Z(507, (Z(((k(97, (R = r, this), H.shift()), Z)(162, this).length = H.shift(), 17), this).length = H.shift(), this)).length = H.shift(), R
                            }
                            if (y == zJ) yj(this, K[2], K[1]);
                            else if (y == F) return yj(this, 8001, K[1])
                        }
                    } finally {
                        I = u
                    }
                }
        }(), U.prototype).V2 = 0, U.prototype).sj = function(b, I, K, O) {
            if (I = window.btoa) {
                for (O = (K = 0, ""); K < b.length; K += 8192) O += String.fromCharCode.apply(null, b.slice(K, K + 8192));
                b = I(O).replace(/\+/g, "-").replace(/\//g, "_").replace(/=/g, "")
            } else b = void 0;
            return b
        }, U.prototype.XY = 0, /./),
        o8, BW = S.pop.bind((U.prototype[f2] = [0, 0, 1, 1, 0, 1, 1], U.prototype[W])),
        xP = (o8 = MO(U.prototype.h, (PW[U.prototype.T] = BW, {get: BW
        })), U.prototype.gt = void 0, function(b, I) {
            return (I = TJ()) && 1 === b.eval(I.createScript("1")) ? function(K) {
                return I.createScript(K)
            } : function(K) {
                return "" + K
            }
        }(z));
    (40 < (d = z.botguard || (z.botguard = {}), d.m) || (d.m = 41, d.bg = O1, d.a = K2), d).LDL_ = function(b, I, K) {
        return [(K = new U(b, I), function(O) {
            return cW(O, K)
        })]
    };
}).call(this);
#4 JavaScript::Eval (size: 17) - SHA256: 17f5bfdbae6b35ae8bc3b27c069526d694021fe1e37a8027678e770fbb05e061
/*@cc_on!@*/
false
#5 JavaScript::Eval (size: 33) - SHA256: bbe51a296526695cafe5ffbc7a5e1bdc85b5c7ba75c64b1e2de19f13d643ec19
typeof sndmx1169949 == "undefined"
#6 JavaScript::Eval (size: 31) - SHA256: 6e1bb8bf694cc5549a786ee30f85fca25eef3d99a1999c91dc1cbb92b1e5b488
typeof flb1167641 != "undefined"
#7 JavaScript::Eval (size: 33) - SHA256: 1d384768da01dea1bad79c9b3470b80e2e460efe5b654ad4e2b3ca466d569309
typeof sndmx1167641 == "undefined"
#8 JavaScript::Eval (size: 31) - SHA256: 530d95f724f46bb4cabd3f1b704a3112a72f25165c43ca3ec96ae849accc490f
typeof flb1169954 == "undefined"
#9 JavaScript::Eval (size: 22) - SHA256: c4e7ca158015332be1df536c970a209b44cb4744fae720ed1caaefdc87f37f93
0,
function(R) {
    HW(R, 1)
}
#10 JavaScript::Eval (size: 31) - SHA256: f24a20623d3a9db072fe3bde9ab939fc3dcd0dab75ca9e451f38ce180fbb7524
typeof flb1169954 != "undefined"
#11 JavaScript::Eval (size: 31) - SHA256: 415987585a2210822333cad08a413d466a304f414dd2970219c0ba4c34a0c29f
typeof flb1169953 != "undefined"
#12 JavaScript::Eval (size: 31) - SHA256: 52bb630fb0df479932bf9331a74970d10bcabec49c8f5a5f5566460bca6bc562
typeof flb1169953 == "undefined"
#13 JavaScript::Eval (size: 15568) - SHA256: ac67106da7775f013b7cb9730c8cde5cfa186d74c2bff74fe27579bb046366be
/* Anti-spam. Want to say hello? Contact (base64) Ym90Z3VhcmQtY29udGFjdEBnb29nbGUuY29t */
(function() {
    var q = function(b, R) {
            if ((R = (b = K.trustedTypes, null), !b) || !b.createPolicy) return R;
            try {
                R = b.createPolicy("bg", {
                    createHTML: O,
                    createScript: O,
                    createScriptURL: O
                })
            } catch (I) {
                K.console && K.console.error(I.message)
            }
            return R
        },
        K = this || self,
        O = function(b) {
            return b
        };
    (0, eval)(function(b, R) {
        return (R = q()) && 1 === b.eval(R.createScript("1")) ? function(I) {
            return R.createScript(I)
        } : function(I) {
            return "" + I
        }
    }(K)(Array(7824 * Math.random() | 0).join("\n") + '(function(){var z=this||self,bo=function(b,I,K,O){(K=P((O=P(b),b)),x)(K,b,v(I,Z(O,b)))},R8=function(b,I,K){if("object"==(I=typeof b,I))if(b){if(b instanceof Array)return"array";if(b instanceof Object)return I;if("[object Window]"==(K=Object.prototype.toString.call(b),K))return"object";if("[object Array]"==K||"number"==typeof b.length&&"undefined"!=typeof b.splice&&"undefined"!=typeof b.propertyIsEnumerable&&!b.propertyIsEnumerable("splice"))return"array";if("[object Function]"==K||"undefined"!=typeof b.call&&"undefined"!=typeof b.propertyIsEnumerable&&!b.propertyIsEnumerable("call"))return"function"}else return"null";else if("function"==I&&"undefined"==typeof b.call)return"object";return I},Z=function(b,I){if(void 0===(I=I.K[b],I))throw[D,30,b];if(I.value)return I.create();return I.create(1*b*b+-48*b+-64),I.prototype},f=function(b,I){I.s=((I.s?I.s+"~":"E:")+b.message+":"+b.stack).slice(0,2048)},I8=function(b,I){(I.push(b[0]<<24|b[1]<<16|b[2]<<8|b[3]),I.push(b[4]<<24|b[5]<<16|b[6]<<8|b[7]),I).push(b[8]<<24|b[9]<<16|b[10]<<8|b[11])},O1=function(b,I,K,O){function y(){}return{invoke:(O=K2(b,(K=void 0,function(R){y&&(I&&J(I),K=R,y(),y=void 0)}),!!I)[0],function(R,w,q,N){function u(){K(function(M){J(function(){R(M)})},q)}if(!w)return w=O(q),R&&R(w),w;K?u():(N=y,y=function(){(N(),J)(u)})})}},yj=function(b,I,K,O){return Z(356,(k(319,(wl(b,(O=Z(319,b),b.H&&O<b.j?(k(319,b,b.j),qO(b,K)):k(319,b,K),I)),b),O),b))},A=function(b,I,K,O,y,R,w,q,N){if(O.L+=((w=(y=(N=(R=(q=(K||O.i++,0<O.P&&O.I)&&O.KI&&1>=O.v&&!O.C&&!O.g&&(!K||1<O.Z-b)&&0==document.hidden,4==O.i))||q?O.D():O.F,N-O.F),y>>14),O.V)&&(O.V^=w*(y<<2)),O.A=w||O.A,w),R||q)O.F=N,O.i=0;if(!q||N-O.X<O.P-(I?255:K?5:2))return false;return(k((I=Z((O.Z=b,K?351:319),O),319),O,O.j),O.R).push([zJ,I,K?b+1:b]),O.g=J,true},io=function(b,I){return I[b]<<24|I[(b|0)+1]<<16|I[(b|0)+2]<<8|I[(b|0)+3]},qO=function(b,I){k(319,((b.rt.push(b.K.slice()),b).K[319]=void 0,b),I)},V=function(b,I,K){I[k(K,b,I),uo]=2796},JW=function(b,I,K,O,y){for((b.pI=MO(b.h,((b.kG=(b.fI=b[E],o8),b).Q2=PW,{get:function(){return this.concat()}})),b).ju=p[b.h](b.pI,{value:{value:{}}}),y=[],O=0;128>O;O++)y[O]=String.fromCharCode(O);C(true,true,(l(((l([(V(b,(V(b,function(R,w){(w=Z(P(R),R),qO)(R.A,w)},(V(b,function(R,w,q,N){k((w=g((N=P(R),R)),q=P(R),q),R,Z(N,R)>>>w)},(k(97,(V((V(b,(k(230,b,(V(b,(b.uf=(k((k(162,b,(V(b,function(R,w,q,N){(N=Z((w=(q=(w=P(R),N=P(R),P(R)),Z)(w,R),N),R),k)(q,R,+(w==N))},(V(b,(V((V(b,(V(b,(V(b,(V(b,function(R){bo(R,1)},(k(17,((V(b,(b.HZ=(V(b,function(R,w){R=(w=P(R),Z(w,R.A)),R[0].removeEventListener(R[1],R[2],c)},(k(507,b,(V(b,function(R,w,q,N,u,M,H){for(u=(q=Z(92,(w=(H=mj((N=P(R),R)),""),R)),q.length),M=0;H--;)M=((M|0)+(mj(R)|0))%u,w+=y[q[M]];k(N,R,w)},((V(b,((V((k((k(366,(k(356,b,(V(b,(V(b,(V(b,(V((k(182,(k(305,(k((b.Su=(V(b,(V(b,function(R,w,q){A(w,false,true,R)||(w=P(R),q=P(R),k(q,R,function(N){return eval(N)}(xP(Z(w,R.A)))))},(V(b,function(R){HW(R,4)},(k((b.s=(b.DP=(b.L=1,b.G=void 0,b.rt=[],b.KI=false,(b.W=void 0,b.Y=0,b.X=(b.o=(b.A=b,[]),b.l=(b.v=0,O=(b.g=null,b.j=0,(b.S=(b.N=false,void 0),b.wt=0,window).performance)||{},(b.P=0,b).I=!(b.Z=8001,1),b.H=[],[]),(b.i=void 0,b.U=25,b.C=void 0,b.R=[],(b.V=void 0,b).RQ=function(R){this.A=R},b).K=[],0),(b.F=0,O).timeOrigin||(O.timing||{}).navigationStart)||0),void 0),319),b,0),k(351,b,0),475)),168)),function(R,w,q){0!=(q=Z((w=P(R),q=P(R),q),R),Z(w,R))&&k(319,R,q)}),342),0),253),b,[]),b),b),b),0),b),function(R){bo(R,4)},267),function(R,w,q,N,u){(q=(u=Z((w=Z((u=P((q=(N=(w=P(R),P)(R),P)(R),R)),w),R.A),u),R),N=Z(N,R),Z)(q,R),0)!==w&&(q=vW(1,R,u,q,w,N),w.addEventListener(N,q,c),k(182,R,[w,N,q]))}),261),function(R,w,q,N,u){(w=(q=P((N=(u=P(R),P)(R),R)),P(R)),q=Z(q,R),w=Z(w,R),N=Z(N,R),k)(u,R,vW(w,R,q,N))}),222),function(R,w,q,N){(w=P((N=(q=P(R),P)(R),R)),k)(w,R,Z(q,R)||Z(N,R))}),381),{})),b),0),270),b,z),b),function(R){Zb(R,3)},395),V)(b,function(R,w,q){k((q=Z((w=P((q=P(R),R)),q),R),q=R8(q),w),R,q)},405),function(R,w,q,N){!A(w,false,true,R)&&(w=rl(R),q=w.J,N=w.AN,R.A==R||q==R.RQ&&N==R)&&(k(w.aQ,R,q.apply(N,w.O)),R.F=R.D())}),234),V)(b,function(R){Zb(R,4)},203),335)),[160,0,0])),206)),0),function(){}),503),V)(b,function(R,w,q,N,u,M,H,r,m,L,X,G){function Q(n,h){for(;q<n;)G|=g(R)<<q,q+=8;return h=G&(1<<n)-1,q-=n,G>>=n,h}for(X=(L=(q=G=(M=P(R),0),(Q(3)|0)+1),u=Q(5),N=0),m=[];N<u;N++)H=Q(1),m.push(H),X+=H?0:1;for(X=(w=(N=((X|0)-1).toString(2).length,[]),0);X<u;X++)m[X]||(w[X]=Q(N));for(N=0;N<u;N++)m[N]&&(w[N]=P(R));for(r=[];L--;)r.push(Z(P(R),R));V(R,function(n,h,Y,NO,t){for(h=(NO=[],0),Y=[];h<u;h++){if(t=w[h],!m[h]){for(;t>=Y.length;)Y.push(P(n));t=Y[t]}NO.push(t)}n.S=Db(n,(n.C=Db(n,r.slice()),NO))},M)},94),b),[]),367)),function(R,w,q,N){(N=Z((q=Z((w=(q=P(R),P)(R),q),R),w),R),k)(w,R,N+q)}),58),function(R,w,q,N,u,M){if(!A(w,true,true,R)){if("object"==R8((R=Z((M=(w=(M=(q=(w=(N=P(R),P)(R),P(R)),P(R)),Z)(w,R),Z)(M,R),q=Z(q,R),N),R),R))){for(u in N=[],R)N.push(u);R=N}for(N=(u=(q=0<q?q:1,0),R).length;u<N;u+=q)w(R.slice(u,(u|0)+(q|0)),M)}}),341),function(R,w,q,N){if(w=R.rt.pop()){for(q=g(R);0<q;q--)N=P(R),w[N]=R.K[N];R.K=(w[253]=R.K[253],w[97]=R.K[97],w)}else k(319,R,R.j)}),327),b),function(R,w,q){w=P(R),q=P(R),k(q,R,""+Z(w,R))},455),function(R,w,q,N,u){for(q=(u=P(R),w=mj(R),N=[],0);q<w;q++)N.push(g(R));k(u,R,N)}),34),117)),T)(4)),205),b,524),0),function(R,w,q,N){N=(w=P((q=(N=P(R),P(R)),R)),Z(N,R)),q=Z(q,R),k(w,R,N in q|0)}),79),[0,0,0])),function(R,w,q,N,u){(q=(u=(N=P(R),P(R)),P)(R),R).A==R&&(q=Z(q,R),w=Z(N,R),u=Z(u,R),w[u]=q,377==N&&(R.G=void 0,2==u&&(R.V=B(32,R,false),R.G=void 0)))}),474),b),function(R,w,q,N,u,M){A(w,false,true,R)||(N=rl(R.A),w=N.AN,M=N.O,q=N.J,u=M.length,N=N.aQ,w=0==u?new w[q]:1==u?new w[q](M[0]):2==u?new w[q](M[0],M[1]):3==u?new w[q](M[0],M[1],M[2]):4==u?new w[q](M[0],M[1],M[2],M[3]):2(),k(N,R,w))},317),b),2048),89)),473)),function(R,w,q,N){k((N=(q=Z((w=P((N=(q=P(R),P(R)),R)),q),R),Z(N,R)),w),R,q[N])}),380),uo)],b),l)([S,I],b),[f2,K]),b),b))},l=function(b,I){I.R.splice(0,0,b)},XO=function(b,I,K,O){try{O=b[((I|0)+2)%3],b[I]=(b[I]|0)-(b[((I|0)+1)%3]|0)-(O|0)^(1==I?O<<K:O>>>K)}catch(y){throw y;}},n2=function(b,I,K){if(3==b.length){for(K=0;3>K;K++)I[K]+=b[K];for(b=[13,8,13,12,16,5,3,10,15],K=0;9>K;K++)I[3](I,K%3,b[K])}},GJ=function(b,I,K,O,y){for(y=(K=K[3]|(O=K[2]|0,0),0);14>y;y++)I=I>>>8|I<<24,I+=b|0,K=K>>>8|K<<24,b=b<<3|b>>>29,I^=O+2298,K+=O|0,K^=y+2298,b^=I,O=O<<3|O>>>29,O^=K;return[b>>>24&255,b>>>16&255,b>>>8&255,b>>>0&255,I>>>24&255,I>>>16&255,I>>>8&255,I>>>0&255]},v=function(b,I,K,O){for(K=(b|0)-1,O=[];0<=K;K--)O[(b|0)-1-(K|0)]=I>>8*K&255;return O},wl=function(b,I,K,O,y,R){if(!b.s){b.v++;try{for(R=(y=(K=b.j,void 0),0);--I;)try{if((O=void 0,b).C)y=hW(b,b.C);else{if(R=Z(319,b),R>=K)break;O=P((k(351,b,R),b)),y=Z(O,b)}A((y&&y[$P]&2048?y(b,I):e([D,21,O],b,0),I),false,false,b)}catch(w){Z(205,b)?e(w,b,22):k(205,b,w)}if(!I){if(b.CI){b.v--,wl(b,216630971487);return}e([D,33],b,0)}}catch(w){try{e(w,b,22)}catch(q){f(q,b)}}b.v--}},rl=function(b,I,K,O,y,R){for(R=(K=((O=(I=b[kP]||{},P(b)),I.aQ=P(b),I).O=[],b.A==b?(g(b)|0)-1:1),P(b)),y=0;y<K;y++)I.O.push(P(b));for(;K--;)I.O[K]=Z(I.O[K],b);return(I.J=Z(O,b),I).AN=Z(R,b),I},vW=function(b,I,K,O,y,R){function w(){if(I.A==I){if(I.K){var q=[F,O,K,void 0,y,R,arguments];if(2==b)var N=C(false,false,(l(q,I),I));else if(1==b){var u=!I.R.length;(l(q,I),u)&&C(false,false,I)}else N=AW(I,q);return N}y&&R&&y.removeEventListener(R,w,c)}}return w},E1=function(b,I,K,O,y,R,w,q){return O=[-9,-48,48,29,-71,-79,O,-95,27,81],R=Vj,q=b&7,y=p[K.h](K.pI),y[K.h]=function(N){q+=(w=N,6+7*b),q&=7},y.concat=function(N){return(w=(N=(N=-46*I*I*w- -2208*I*w+(N=I%16+1,1*I*I*N)+q+46*w*w+O[q+27&7]*I*N- -2944*w+(R()|0)*N-N*w,O)[N],void 0),O[(q+21&7)+(b&2)]=N,O)[q+(b&2)]=-48,N},y},C=function(b,I,K,O,y,R){if(K.R.length){K.I=(K.KI=(K.I&&0(),b),true);try{y=K.D(),K.F=y,K.X=y,K.i=0,O=p2(b,K),R=K.D()-K.X,K.Y+=R,R<(I?0:10)||0>=K.U--||(R=Math.floor(R),K.o.push(254>=R?R:254))}finally{K.I=false}return O}},J=z.requestIdleCallback?function(b){requestIdleCallback(function(){b()},{timeout:4})}:z.setImmediate?function(b){setImmediate(b)}:function(b){setTimeout(b,0)},e=function(b,I,K,O,y,R){if(!I.N){if((b=(K=(0==(R=Z(253,((O=void 0,b)&&b[0]===D&&(O=b[2],K=b[1],b=void 0),I)),R).length&&(y=Z(351,I)>>3,R.push(K,y>>8&255,y&255),void 0!=O&&R.push(O&255)),""),b&&(b.message&&(K+=b.message),b.stack&&(K+=":"+b.stack)),Z)(97,I),3)<b){I.A=(K=(b-=(K=K.slice(0,(b|0)-3),(K.length|0)+3),Qj)(K),O=I.A,I);try{x(162,I,v(2,K.length).concat(K),9)}finally{I.A=O}}k(97,I,b)}},HW=function(b,I,K,O){for(K=(O=P(b),0);0<I;I--)K=K<<8|g(b);k(O,b,K)},FO=function(b,I){return I(function(K){K(b)}),[function(){return b}]},cW=function(b,I,K){return I.B(function(O){K=O},false,b),K},x=function(b,I,K,O,y,R){if(I.A==I)for(R=Z(b,I),162==b?(b=function(w,q,N,u){if((u=(q=R.length,(q|0)-4>>3),R.hN)!=u){u=(u<<(N=[0,0,y[R.hN=u,1],y[2]],3))-4;try{R.bf=GJ(io(u,R),io((u|0)+4,R),N)}catch(M){throw M;}}R.push(R.bf[q&7]^w)},y=Z(230,I)):b=function(w){R.push(w)},O&&b(O&255),I=K.length,O=0;O<I;O++)b(K[O])},TJ=function(b,I){if((I=(b=null,z).trustedTypes,!I)||!I.createPolicy)return b;try{b=I.createPolicy("bg",{createHTML:gl,createScript:gl,createScriptURL:gl})}catch(K){z.console&&z.console.error(K.message)}return b},p2=function(b,I,K,O){for(;I.R.length;){K=(I.g=null,I).R.pop();try{O=AW(I,K)}catch(y){f(y,I)}if(b&&I.g){b=I.g,b(function(){C(true,true,I)});break}}return O},AW=function(b,I,K,O,y){if(O=I[0],O==W)b.U=25,b.u(I);else if(O==E){K=I[1];try{y=b.s||b.u(I)}catch(R){f(R,b),y=b.s}K(y)}else if(O==zJ)b.u(I);else if(O==S)b.u(I);else if(O==f2){try{for(y=0;y<b.l.length;y++)try{K=b.l[y],K[0][K[1]](K[2])}catch(R){}}catch(R){}(0,I[b.l=[],1])(function(R,w){b.B(R,true,w)},function(R){l([$P],(R=!b.R.length,b)),R&&C(true,false,b)})}else{if(O==F)return y=I[2],k(332,b,I[6]),k(356,b,y),b.u(I);O==$P?(b.H=[],b.K=null,b.o=[]):O==uo&&"loading"===z.document.readyState&&(b.g=function(R,w){function q(){w||(w=true,R())}z.document.addEventListener("DOMContentLoaded",q,(w=false,c)),z.addEventListener("load",q,c)})}},MO=function(b,I){return p[b](p.prototype,{pop:I,call:I,splice:I,document:I,replace:I,prototype:I,length:I,propertyIsEnumerable:I,floor:I,console:I,parent:I,stack:I})},Db=function(b,I,K){return K=p[b.h](b.ju),K[b.h]=function(){return I},K.concat=function(O){I=O},K},a,Zb=function(b,I,K,O,y){(((y=(K=P((I&=(O=I&3,4),y=P(b),b)),Z)(y,b),I)&&(y=Qj(""+y)),O)&&x(K,b,v(2,y.length)),x)(K,b,y)},B=function(b,I,K,O,y,R,w,q,N,u,M,H,r,m){if((r=Z(319,I),r)>=I.j)throw[D,31];for(w=r,u=(H=I.fI.length,b),q=0;0<u;)M=w%8,R=8-(M|0),N=w>>3,R=R<u?R:u,O=I.H[N],K&&(y=I,y.G!=w>>6&&(y.G=w>>6,m=Z(377,y),y.W=GJ(y.V,y.G,[0,0,m[1],m[2]])),O^=I.W[N&H]),q|=(O>>8-(M|0)-(R|0)&(1<<R)-1)<<(u|0)-(R|0),w+=R,u-=R;return k(319,I,(K=q,(r|0)+(b|0))),K},P=function(b,I){if(b.C)return hW(b,b.S);return(I=B(8,b,true),I)&128&&(I^=128,b=B(2,b,true),I=(I<<2)+(b|0)),I},d,k=function(b,I,K){if(319==b||351==b)I.K[b]?I.K[b].concat(K):I.K[b]=Db(I,K);else{if(I.N&&377!=b)return;507==b||162==b||17==b||253==b||230==b?I.K[b]||(I.K[b]=E1(54,b,I,K)):I.K[b]=E1(137,b,I,K)}377==b&&(I.V=B(32,I,false),I.G=void 0)},Qj=function(b,I,K,O,y){for(y=(I=K=(b=b.replace(/\\r\\n/g,"\\n"),0),[]);I<b.length;I++)O=b.charCodeAt(I),128>O?y[K++]=O:(2048>O?y[K++]=O>>6|192:(55296==(O&64512)&&I+1<b.length&&56320==(b.charCodeAt(I+1)&64512)?(O=65536+((O&1023)<<10)+(b.charCodeAt(++I)&1023),y[K++]=O>>18|240,y[K++]=O>>12&63|128):y[K++]=O>>12|224,y[K++]=O>>6&63|128),y[K++]=O&63|128);return y},g=function(b){return b.C?hW(b,b.S):B(8,b,true)},T=function(b,I){for(I=[];b--;)I.push(255*Math.random()|0);return I},mj=function(b,I){return(I=g(b),I)&128&&(I=I&127|g(b)<<7),I},K2=function(b,I,K,O){return(O=d[b.substring(0,3)+"_"])?O(b.substring(3),I,K):FO(b,I)},c={passive:true,capture:true},gl=function(b){return b},U=function(b,I,K){K=this;try{JW(this,b,I)}catch(O){f(O,this),I(function(y){y(K.s)})}},hW=function(b,I){return(I=I.create().shift(),b.C.create().length||b.S.create().length)||(b.C=void 0,b.S=void 0),I},kP=String.fromCharCode(105,110,116,101,103,67,104,101,99,107,66,121,112,97,115,115),zJ=[],f2=[],$P=((U.prototype.FY=void 0,U).prototype.T="toString",U.prototype.CI=false,[]),W=(U.prototype.eu=void 0,[]),E=[],S=[],uo=[],D={},F=[],p=(((I8,T,XO,function(){})(n2),U.prototype).h="create",D.constructor),Vj=((a=U.prototype,a.nI=function(b,I,K,O,y,R){for(R=[],K=O=0;K<b.length;K++)for(O+=I,y=y<<I|b[K];7<O;)O-=8,R.push(y>>O&255);return R},a).GP=function(b,I,K){return b^((I=(I^=I<<13,I^=I>>17,(I^I<<5)&K))||(I=1),I)},void 0),PW=(((a.D=(a.B=(a.Mm=function(){return Math.floor(this.Y+(this.D()-this.X))},a.dt=function(){return Math.floor(this.D())},a.Oj=function(b,I,K,O,y){for(y=O=0;y<b.length;y++)O+=b.charCodeAt(y),O+=O<<10,O^=O>>6;return O=(b=(O+=O<<3,O^=O>>11,O)+(O<<15)>>>0,new Number(b&(1<<I)-1)),O[0]=(b>>>I)%K,O},function(b,I,K,O,y){if(K="array"===R8(K)?K:[K],this.s)b(this.s);else try{y=[],O=!this.R.length,l([W,y,K],this),l([E,b,y],this),I&&!O||C(I,true,this)}catch(R){f(R,this),b(this.s)}}),(window.performance||{}).now?function(){return this.DP+window.performance.now()}:function(){return+new Date}),U.prototype.u=function(b,I){return Vj=(I=(b={},{}),function(){return I==b?-64:-17}),function(K,O,y,R,w,q,N,u,M,H,r,m,L,X,G){I=(u=I,b);try{if(y=K[0],y==S){L=K[1];try{for(M=H=(R=(q=atob(L),[]),0);H<q.length;H++)O=q.charCodeAt(H),255<O&&(R[M++]=O&255,O>>=8),R[M++]=O;this.H=R,this.j=this.H.length<<3,k(377,this,[0,0,0])}catch(Q){e(Q,this,17);return}wl(this,8001)}else if(y==W)K[1].push(Z(97,this),Z(162,this).length,Z(17,this).length,Z(507,this).length),k(356,this,K[2]),this.K[376]&&yj(this,8001,Z(376,this));else{if(y==E){(X=(G=v(2,((H=K[2],Z(507,this)).length|0)+2),this).A,this).A=this;try{w=Z(253,this),0<w.length&&x(507,this,v(2,w.length).concat(w),10),x(507,this,v(1,this.L),109),x(507,this,v(1,this[E].length)),q=0,N=Z(162,this),q+=Z(366,this)&2047,q-=(Z(507,this).length|0)+5,4<N.length&&(q-=(N.length|0)+3),0<q&&x(507,this,v(2,q).concat(T(q)),15),4<N.length&&x(507,this,v(2,N.length).concat(N),156)}finally{this.A=X}if(r=((M=T(2).concat(Z(507,this)),M)[1]=M[0]^6,M[3]=M[1]^G[0],M[4]=M[1]^G[1],this).sj(M))r="!"+r;else for(q=0,r="";q<M.length;q++)m=M[q][this.T](16),1==m.length&&(m="0"+m),r+=m;return Z(507,(Z(((k(97,(R=r,this),H.shift()),Z)(162,this).length=H.shift(),17),this).length=H.shift(),this)).length=H.shift(),R}if(y==zJ)yj(this,K[2],K[1]);else if(y==F)return yj(this,8001,K[1])}}finally{I=u}}}(),U.prototype).V2=0,U.prototype).sj=function(b,I,K,O){if(I=window.btoa){for(O=(K=0,"");K<b.length;K+=8192)O+=String.fromCharCode.apply(null,b.slice(K,K+8192));b=I(O).replace(/\\+/g,"-").replace(/\\//g,"_").replace(/=/g,"")}else b=void 0;return b},U.prototype.XY=0,/./),o8,BW=S.pop.bind((U.prototype[f2]=[0,0,1,1,0,1,1],U.prototype[W])),xP=(o8=MO(U.prototype.h,(PW[U.prototype.T]=BW,{get:BW})),U.prototype.gt=void 0,function(b,I){return(I=TJ())&&1===b.eval(I.createScript("1"))?function(K){return I.createScript(K)}:function(K){return""+K}}(z));(40<(d=z.botguard||(z.botguard={}),d.m)||(d.m=41,d.bg=O1,d.a=K2),d).LDL_=function(b,I,K){return[(K=new U(b,I),function(O){return cW(O,K)})]};}).call(this);'));
}).call(this);
#14 JavaScript::Eval (size: 33) - SHA256: 11e5ac65576a195d513f32bfee18286cf5915dcd2ee7c9674b6367b52d5fa69a
typeof sndmx1169954 == "undefined"
#15 JavaScript::Eval (size: 218) - SHA256: 4c3044f0a0985399ee671b8459eadbb4ed1337b5ac4ee14d8cb7eae273533440
({
    '0': [0, -43, 7, 11],
    '1': [-8, -43, 4, 11],
    '2': [-14, -43, 7, 11],
    '3': [-21, -43, 7, 11],
    '4': [-28, -43, 7, 11],
    '5': [-35, -43, 6, 11],
    '6': [-42, -43, 7, 11],
    '7': [-49, -43, 7, 11],
    '8': [-56, -43, 7, 11],
    '9': [-63, -43, 7, 11],
    ',': [-71, -43, 4, 14]
})
#16 JavaScript::Eval (size: 21) - SHA256: 7618252b7642100c62b5ac68a25f3279c1015b4c783570c8df6d9b62f3c00a00
var sndmx1169953 = 1;
#17 JavaScript::Eval (size: 64) - SHA256: 14ed98b8b82987bce49c9e6a0f9b620434ec92ad83e9815037257823fe34071e
0,
function(R, w, q) {
    k((q = (w = (q = P(R), P(R)), R).K[q] && Z(q, R), w), R, q)
}
#18 JavaScript::Eval (size: 22) - SHA256: d8fc182869d21957579c2a09eae263e41ab53e4c30c4ffa96d93584a64eb6f77
0,
function(R) {
    HW(R, 2)
}
#19 JavaScript::Eval (size: 221) - SHA256: 6859d0e5f66dbb53c8eea90ab0f1fd9d0a470f31a8f1c0f0b7bb3332710e9c4c
({
    '0': [0, -29, 9, 14],
    '1': [-11, -29, 6, 14],
    '2': [-20, -29, 9, 14],
    '3': [-30, -29, 9, 14],
    '4': [-40, -29, 10, 14],
    '5': [-50, -29, 8, 14],
    '6': [-60, -29, 9, 14],
    '7': [-70, -29, 9, 14],
    '8': [-80, -29, 9, 14],
    '9': [-90, -29, 9, 14],
    ',': [-102, -29, 4, 17]
})
#20 JavaScript::Eval (size: 21) - SHA256: b49ad5af21f86593fa1ea52e84d22565e3d97f2813f42fd4ff33aa493e9edfc6
var sndmx1169949 = 1;
#21 JavaScript::Eval (size: 31) - SHA256: 4d1765df23787e6035c82a76d41cda79add85443d87a1379560ec4550c297ac8
typeof flb1169949 == "undefined"
#22 JavaScript::Eval (size: 21) - SHA256: 08f956ffa765cc811a32c7b04e00d454a4f372fc004867d2c9256ce3b03095ab
var sndmx1167641 = 1;
#23 JavaScript::Eval (size: 21) - SHA256: 3d94110cc9d19bca2c7f729e4a61a3d0bce7c000242caff339541f19ca17b8a6
var sndmx1169954 = 1;
#24 JavaScript::Eval (size: 33) - SHA256: 8d73e8d85b55fbfc59e05d9fe16a155217568e421bbfff6cef989d889940e385
typeof sndmx1169953 == "undefined"

Executed Writes (6)
#1 JavaScript::Write (size: 16129) - SHA256: 08df46841b207f14a4c6aea1524962438069ee0803533321096a1adfb4999eb7
< div id = "shbNetPaddingWr"
class = "shbNetPopupWr"
style = "display:none;" > < table id = "shbNetPaddingTable"
class = "shbNetPopupTable"
style = "display:none;"
width = "100%"
height = "100%"
cellspacing = "0"
cellpadding = "0" > < tr style = "background:none;" > < td id = "shbNetPopupCell"
class = "shbNetPopupCell" > < div id = "shbNetPaddingPopup"
class = "shbNetPopup" > < div > < div style = "padding:15px 0 0 0;" > < div > < div style = "display:inline-block; width:16%; padding:0 0 5px; vertical-align:top;"
data - type = "api"
data - custom = "" > < div style = "max-width:95%;" > < span style = "color:#737373; font-size:11px;" > < article > We had a great experience shopping
for a living room set.Jeran, our sales associate, was very professional, knowledgeable, and personal. < a href = 'https://www.giftmedia.ch/cat/chargeurs-sans-fils-technologie-electronique/' > chargeur induction personnalisable < /a></article > < /span> </div > < div style = "max-width:95%;" > < span style = "color:#9a9a9a; font-size:12px;" > < /span> </div > < /div> <div style="display:inline-block; width:16%; padding:0 0 5px; vertical-align:top;" data-type="api" data-custom=""> <div style="max-width:95%;"> <span style="color:#737373; font-size:11px;"><article>We had lunch at 3 midday. Lots of noise, lots of waiting and lots of missing dishes. Not a great experience <a href='https:/ / dor2dor.co.uk / leaflet - design - printing - and - door - drops / '>leaflet designs 150</a></article></span> </div> <div style="max-width:95%;"> <span style="color:#9a9a9a; font-size:12px;"></span> </div> </div> <div style="display:inline-block; width:16%; padding:0 0 5px; vertical-align:top;" data-type="api" data-custom=""> <div style="max-width:95%;"> <span style="color:#737373; font-size:11px;"><article>Great place to purchase Appliances , Electronics and Furniture also the cheapest. I Would recommend looking here before buying anywhere else first. <a href='
https: //chuyengiadongphuc.com/may-dong-phuc-cong-so/'>dong phuc cong so moi nhat</a></article></span> </div> <div style="max-width:95%;"> <span style="color:#9a9a9a; font-size:12px;"></span> </div> </div> <div style="display:inline-block; width:16%; padding:0 0 5px; vertical-align:top;" data-type="api" data-custom=""> <div style="max-width:95%;"> <span style="color:#737373; font-size:11px;"><article>When we are in Kampen we always drink delicious coffee with an excellent pastry mmmm <a href='https://toulouseweb.com/fiche/le-pier-toulouse-hotel'>le pier toulouse</a></article></span> </div> <div style="max-width:95%;"> <span style="color:#9a9a9a; font-size:12px;"></span> </div> </div> <div style="display:inline-block; width:16%; padding:0 0 5px; vertical-align:top;" data-type="api" data-custom=""> <div style="max-width:95%;"> <span style="color:#737373; font-size:11px;"><article>The lobby was beautiful... the casino floor was clean, and the whole place was very elegant. <a href='https://crescocustommetals.com/services/welding-mig-tig-services/'>welding solution company</a></article></span> </div> <div style="max-width:95%;"> <span style="color:#9a9a9a; font-size:12px;"></span> </div> </div> <div style="display:inline-block; width:16%; padding:0 0 5px; vertical-align:top;" data-type="api" data-custom=""> <div style="max-width:95%;"> <span style="color:#737373; font-size:11px;"><article>Good place, very clean and comfortable, it is recommended. <a href='https://www.moqless.com/product-category/darts-shirts/'>players darts shirts</a></article></span> </div> <div style="max-width:95%;"> <span style="color:#9a9a9a; font-size:12px;"></span> </div> </div> </div> <div> <div style="display:inline-block; width:16%; padding:0 0 5px; vertical-align:top;" data-type="api" data-custom=""> <div style="max-width:95%;"> <span style="color:#737373; font-size:11px;"><article>Nickel to redesign its premises and make custom furniture. A good respondent and serious <a href='https://ipekdiseskisehir.com/pedodonti-pediatrik-dishekimligi-cocuk-dis-hekimligi.html'>&ccedil;ocuk di_ merkezi</a></article></span> </div> <div style="max-width:95%;"> <span style="color:#9a9a9a; font-size:12px;"></span> </div> </div> <div style="display:inline-block; width:16%; padding:0 0 5px; vertical-align:top;" data-type="api" data-custom=""> <div style="max-width:95%;"> <span style="color:#737373; font-size:11px;"><article>A small glass of orange juice presses at 4.40 on the terrace, it is making fun of the world. Served in addition by a not very pleasant staff. To flee.... <a href='https://pavementmanagementpro.com/'>asphalt paving estimating software</a></article></span> </div> <div style="max-width:95%;"> <span style="color:#9a9a9a; font-size:12px;"></span> </div> </div> <div style="display:inline-block; width:16%; padding:0 0 5px; vertical-align:top;" data-type="api" data-custom=""> <div style="max-width:95%;"> <span style="color:#737373; font-size:11px;"><article>Its convenient to have free underground parking, and its easy to visit every floor! <a href='https://okebets.net/'>okebet login ph</a></article></span> </div> <div style="max-width:95%;"> <span style="color:#9a9a9a; font-size:12px;"></span> </div> </div> <div style="display:inline-block; width:16%; padding:0 0 5px; vertical-align:top;" data-type="api" data-custom=""> <div style="max-width:95%;"> <span style="color:#737373; font-size:11px;"><article>Great food and drinks. During the spring, summer and fall they have a great deck that overlooks the Plymouth harbor. <a href='https://www.shroomskincare.skin/'>mushroom skin care products shop</a></article></span> </div> <div style="max-width:95%;"> <span style="color:#9a9a9a; font-size:12px;"></span> </div> </div> <div style="display:inline-block; width:16%; padding:0 0 5px; vertical-align:top;" data-type="api" data-custom=""> <div style="max-width:95%;"> <span style="color:#737373; font-size:11px;"><article>Been going here for years. Always good service and nice place. Sometimes its a bit too loud but they play good music and sports on TV. <a href='https://printitza.co.za/'>printitza flyer printing shop near me</a></article></span> </div> <div style="max-width:95%;"> <span style="color:#9a9a9a; font-size:12px;"></span> </div> </div> <div style="display:inline-block; width:16%; padding:0 0 5px; vertical-align:top;" data-type="api" data-custom=""> <div style="max-width:95%;"> <span style="color:#737373; font-size:11px;"><article>Great place with very service from the staff, especially the one receptionist and one in the restaurant. The food was ok. Lack of elevator. Would have liked to have a fitness room and pool here, but otherwise it was very good. <a href='https://besthomewatertreatmentsystems.com/'>residential water treatment</a></article></span> </div> <div style="max-width:95%;"> <span style="color:#9a9a9a; font-size:12px;"></span> </div> </div> </div> <div> <div style="display:inline-block; width:16%; padding:0 0 5px; vertical-align:top;" data-type="api" data-custom=""> <div style="max-width:95%;"> <span style="color:#737373; font-size:11px;"><article>Its a place of peace and quiet in the middle of the city where everyone is go go go... And in central park its a place to relax and get away from the city without having to leave the city. <a href='https://www.zapperstore.com/manufacturer/manufacturer'>dr.clark clinic</a></article></span> </div> <div style="max-width:95%;"> <span style="color:#9a9a9a; font-size:12px;"></span> </div> </div> <div style="display:inline-block; width:16%; padding:0 0 5px; vertical-align:top;" data-type="api" data-custom=""> <div style="max-width:95%;"> <span style="color:#737373; font-size:11px;"><article>Excellent compassionate home care for your loved ones! <a href='https://neasdendentalclinic.co.uk/'>dentist neasden</a></article></span> </div> <div style="max-width:95%;"> <span style="color:#9a9a9a; font-size:12px;"></span> </div> </div> <div style="display:inline-block; width:16%; padding:0 0 5px; vertical-align:top;" data-type="api" data-custom=""> <div style="max-width:95%;"> <span style="color:#737373; font-size:11px;"><article>Issac was very knowledgeable and was able to answer all of our questions. He was also able to quickly resolve the issue with our sump pump. <a href='https://zoogvpn.com/fr-fr/products/vpn-for-windows/'>vpn gratuit pour pc</a></article></span> </div> <div style="max-width:95%;"> <span style="color:#9a9a9a; font-size:12px;"></span> </div> </div> <div style="display:inline-block; width:16%; padding:0 0 5px; vertical-align:top;" data-type="api" data-custom=""> <div style="max-width:95%;"> <span style="color:#737373; font-size:11px;"><article>Much, much smaller than I expected. Pop culture is enormous, but they focus heavily on Seattle-based pop culture. Disappointing <a href='https://dinepalace.com/listings/maros-bistro/'>maro's oakville delivery</a></article></span> </div> <div style="max-width:95%;"> <span style="color:#9a9a9a; font-size:12px;"></span> </div> </div> <div style="display:inline-block; width:16%; padding:0 0 5px; vertical-align:top;" data-type="api" data-custom=""> <div style="max-width:95%;"> <span style="color:#737373; font-size:11px;"><article>An Amazing zoo with lots of wildlife. Little penguins were amazing! <a href='https://www.mpexsolutions.com/'>managed labor solutions</a></article></span> </div> <div style="max-width:95%;"> <span style="color:#9a9a9a; font-size:12px;"></span> </div> </div> <div style="display:inline-block; width:16%; padding:0 0 5px; vertical-align:top;" data-type="api" data-custom=""> <div style="max-width:95%;"> <span style="color:#737373; font-size:11px;"><article>Everyone was wonderful and helpful. I didnt have to wait long and the waiting area was comfortable. <a href='https://hod-konem.com/c1-nastolnie_igri/filter/1p-2'>:>;>=870B>@K <8AA8O 15</a></article></span> </div> <div style="max-width:95%;"> <span style="color:#9a9a9a; font-size:12px;"></span> </div> </div> </div> <div> <div style="display:inline-block; width:16%; padding:0 0 5px; vertical-align:top;" data-type="api" data-custom=""> <div style="max-width:95%;"> <span style="color:#737373; font-size:11px;"><article>Beautiful hotel with lots to do. Easy access to other casinos as well <a href='https://asgindy.com/'>https://asgindy.com/</a></article></span> </div> <div style="max-width:95%;"> <span style="color:#9a9a9a; font-size:12px;"></span> </div> </div> <div style="display:inline-block; width:16%; padding:0 0 5px; vertical-align:top;" data-type="api" data-custom=""> <div style="max-width:95%;"> <span style="color:#737373; font-size:11px;"><article>Still the classic quintessential Colorado ski area! <a href='https://www.dreamlandpharmacy.com/products/quaaludes-300mg'>wuaaludes</a></article></span> </div> <div style="max-width:95%;"> <span style="color:#9a9a9a; font-size:12px;"></span> </div> </div> <div style="display:inline-block; width:16%; padding:0 0 5px; vertical-align:top;" data-type="api" data-custom=""> <div style="max-width:95%;"> <span style="color:#737373; font-size:11px;"><article>Nice service and good price, the line to pay moves fast <a href='https://xuanhoa.net.vn/'>gh� vn ph&ograve;ng</a></article></span> </div> <div style="max-width:95%;"> <span style="color:#9a9a9a; font-size:12px;"></span> </div> </div> <div style="display:inline-block; width:16%; padding:0 0 5px; vertical-align:top;" data-type="api" data-custom=""> <div style="max-width:95%;"> <span style="color:#737373; font-size:11px;"><article>There is two museums in one, and it s beautiful. Definitely will need some time to go thorough all of it because there is couple floors. <a href='https://kwinside.com/'>kwinside.com</a></article></span> </div> <div style="max-width:95%;"> <span style="color:#9a9a9a; font-size:12px;"></span> </div> </div> <div style="display:inline-block; width:16%; padding:0 0 5px; vertical-align:top;" data-type="api" data-custom=""> <div style="max-width:95%;"> <span style="color:#737373; font-size:11px;"><article>Glad he is back (for several years already) Long live Broese. <a href='https://batumiexpert.com/'>bulgaria 2013 prices</a></article></span> </div> <div style="max-width:95%;"> <span style="color:#9a9a9a; font-size:12px;"></span> </div> </div> <div style="display:inline-block; width:16%; padding:0 0 5px; vertical-align:top;" data-type="api" data-custom=""> <div style="max-width:95%;"> <span style="color:#737373; font-size:11px;"><article>Good cinema, lots of theaters fun movies but food costs a capital <a href='https://semalt.com/qa/park-toos.html'>iddcr fees and charges</a></article></span> </div> <div style="max-width:95%;"> <span style="color:#9a9a9a; font-size:12px;"></span> </div> </div> </div> <div> <div style="display:inline-block; width:16%; padding:0 0 5px; vertical-align:top;" data-type="api" data-custom=""> <div style="max-width:95%;"> <span style="color:#737373; font-size:11px;"><article>Upscale french restaurant . Had good time here with office collegue and their family. <a href='https://trustburn.com/reviews/vogomo-pte-ltd'>vogomo pte ltd</a></article></span> </div> <div style="max-width:95%;"> <span style="color:#9a9a9a; font-size:12px;"></span> </div> </div> <div style="display:inline-block; width:16%; padding:0 0 5px; vertical-align:top;" data-type="api" data-custom=""> <div style="max-width:95%;"> <span style="color:#737373; font-size:11px;"><article>Thanks to corona the lines were small, no wait times, food was quality and prepared quickly. <a href='https://trustburn.com/reviews/wenzhou-wuhuan-refrigeration-accessories-factory'>Wenzhou wuhuan refrigeration accessories factory ()���6�M��)</a></article></span> </div> <div style="max-width:95%;"> <span style="color:#9a9a9a; font-size:12px;"></span> </div> </div> <div style="display:inline-block; width:16%; padding:0 0 5px; vertical-align:top;" data-type="api" data-custom=""> <div style="max-width:95%;"> <span style="color:#737373; font-size:11px;"><article>Great food. Fine dining prices. Fairly casual space. <a href='https://sites.google.com/view/atiodownloadfree-ja'>save from youtube mp4</a></article></span> </div> <div style="max-width:95%;"> <span style="color:#9a9a9a; font-size:12px;"></span> </div> </div> <div style="display:inline-block; width:16%; padding:0 0 5px; vertical-align:top;" data-type="api" data-custom=""> <div style="max-width:95%;"> <span style="color:#737373; font-size:11px;"><article>They automatically (with my approval) send new filter each year. Easy way to always remember to change humidifier filter. this works great for me. Excellent service and reasonable pricing. <a href='https://sites.google.com/view/bakfdownloadfree-ga'>google chrome extension store</a></article></span> </div> <div style="max-width:95%;"> <span style="color:#9a9a9a; font-size:12px;"></span> </div> </div> <div style="display:inline-block; width:16%; padding:0 0 5px; vertical-align:top;" data-type="api" data-custom=""> <div style="max-width:95%;"> <span style="color:#737373; font-size:11px;"><article>Treats customers like superstars, highly recommend <a href='https://sites.google.com/view/aalddownloadfree-hi'>youtube music download pc</a></article></span> </div> <div style="max-width:95%;"> <span style="color:#9a9a9a; font-size:12px;"></span> </div> </div> <div style="display:inline-block; width:16%; padding:0 0 5px; vertical-align:top;" data-type="api" data-custom=""> <div style="max-width:95%;"> <span style="color:#737373; font-size:11px;"><article>The place is aesthetics, cozy. The food is good too! <a href='https://sites.google.com/view/nvwdownloadfree-is/'>download video youtube mp4</a></article></span> </div> <div style="max-width:95%;"> <span style="color:#9a9a9a; font-size:12px;"></span> </div> </div> </div> <div> <div style="display:inline-block; width:16%; padding:0 0 5px; vertical-align:top;" data-type="api" data-custom=""> <div style="max-width:95%;"> <span style="color:#737373; font-size:11px;"><article> <a href='https://sites.google.com/view/aueodownloadfree-hi'>video recorder download</a></article></span> </div> <div style="max-width:95%;"> <span style="color:#9a9a9a; font-size:12px;"></span> </div> </div> </div> <div style="clear:both;"></div> </div> </div> </div> </td> </tr> </table> </div>
#2 JavaScript::Write (size: 378) - SHA256: daef134f92803db5965014b60a712d4ad8d350dfda93757c6c0e66f5fe6ac3ca
< iframe src = "//www.widgeo.net/geocompteur/geocity_html.php?id=2052431&c=geocity_rose&size=&nostats=&title=Pak%20Janggut%20Tukang%20Cerita%3A%20Siapa%20Sebenarnya%20Tasha%20Manshahar%3F&ref=pak-janggut.blogspot.com&fullurl=http%3A%2F%2Fpak-janggut.blogspot.com%2F2013%2F03%2Fsiapa-sebenarnya-tasha-manshahar.html"
width = "164"
height = "314"
scrolling = "no"
frameborder = "0" > < /iframe>
#3 JavaScript::Write (size: 119) - SHA256: 7422a02fee39661fea672af2cded718e5f71bc8e7899a55ac4ee5a1cb93d66db
< iframe src = "https://www.widgeo.net/hitparade.php?pagexiti=geocity_rose"
width = "0"
height = "0"
frameborder = "0" > < /iframe>
#4 JavaScript::Write (size: 77) - SHA256: aa5040129e29d9fd5521128308150fb0db3e301800f50798324c13f9fc4d3b73
< script src = 'http://s10.histats.com/js15.js'
type = 'text/javascript' > < /script>
#5 JavaScript::Write (size: 60) - SHA256: 35337c488c05a6765273d4b6da11ef5f01490c8fd77a89867f968c3768d59f12
< div id = "histats_counter_6612"
style = "display: none;" > < /div>
#6 JavaScript::Write (size: 24) - SHA256: a3ba8250ebf2c8e28e99b0cbcb48488777fa3f512e83a7a56930803eb5d35e05
< xmp style = display: none >


HTTP Transactions (216)


Request Response
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "12AF026999398F4976749E320667D43DA3F99B7A2E8254ACA7A410A964A106AA"
Last-Modified: Thu, 24 Nov 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4776
Expires: Fri, 25 Nov 2022 05:04:35 GMT
Date: Fri, 25 Nov 2022 03:44:59 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5090
Cache-Control: 'max-age=158059'
Date: Fri, 25 Nov 2022 03:44:59 GMT
Last-Modified: Fri, 25 Nov 2022 02:20:09 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 25 Nov 2022 03:19:02 GMT
cache-control: public,max-age=3600
age: 1557
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    567df7db606cf5d0871aa5bc9311b6da
Sha1:   4263faac7cbab2fcaf6661911dcad5091c06be17
Sha256: e9650e1fdc46fc8678708ddcc37ab369c7a6d50489a004be896f20c7a3a644b0
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C9951A909F354174F0075A01C01C3C3AA6960983040E328BFBBBEA81AEB405C2"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16714
Expires: Fri, 25 Nov 2022 08:23:33 GMT
Date: Fri, 25 Nov 2022 03:44:59 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: FojPZJYaxcWy7aWW2Zzo2GhLheewgsHHpN55eyIN0iypZ/3RX5oOmseF1tvVmdzHAVf6RHb7zGQ=
x-amz-request-id: J3KJ3ARVZWVE4G1J
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 25 Nov 2022 03:43:41 GMT
age: 78
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    9ebddc2b260d081ebbefee47c037cb28
Sha1:   492bad62a7ca6a74738921ef5ae6f0be5edebf39
Sha256: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
                                        
                                            GET /2013/03/siapa-sebenarnya-tasha-manshahar.html HTTP/1.1 
Host: pak-janggut.blogspot.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         142.250.74.161
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Expires: Fri, 25 Nov 2022 03:44:59 GMT
Date: Fri, 25 Nov 2022 03:44:59 GMT
Cache-Control: private, max-age=0
Last-Modified: Wed, 23 Nov 2022 13:28:39 GMT
ETag: W/"2632c1924d5d6d80a07f9aed010d8e3e5bce62c48b9587f57a98d7493e578c7b"
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 15037
Server: GSE


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (5018)
Size:   15037
Md5:    74eaf25e3b567dee772bb2cb46b51e45
Sha1:   4f50eff8693703421ddd90f63bb3b39d3eb02e20
Sha256: f72c0bd3af098d0aef5888adac06ab9e1f6d7e3fc9f669c0497dc15377ffe390

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Fri, 25 Nov 2022 03:44:59 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /js/cookienotice.js HTTP/1.1 
Host: pak-janggut.blogspot.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/2013/03/siapa-sebenarnya-tasha-manshahar.html

search
                                         142.250.74.161
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 2026
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 22 Nov 2022 01:16:51 GMT
Expires: Tue, 29 Nov 2022 01:16:51 GMT
Cache-Control: public, max-age=604800
Last-Modified: Mon, 21 Nov 2022 21:54:35 GMT
Age: 268088


--- Additional Info ---
Magic:  ASCII text
Size:   2026
Md5:    c4e1ed83d89245089b8a1203be20a377
Sha1:   f3940e1215b89300ef97d57a25993f25243b8688
Sha256: afa801a129ff6fc98533118275db8a7d4a38fc91f8ab55ed4c19b864255e68d2
                                        
                                            GET /ajax/libs/jquery/1.4.4/jquery.min.js HTTP/1.1 
Host: ajax.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/

search
                                         142.250.74.138
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
                                        
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="hosted-libraries-pushers"
Report-To: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Timing-Allow-Origin: *
Content-Length: 27266
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Sun, 20 Nov 2022 06:04:02 GMT
Expires: Mon, 20 Nov 2023 06:04:02 GMT
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Age: 423657
Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT


--- Additional Info ---
Magic:  ASCII text, with very long lines (820)
Size:   27266
Md5:    88ed7d5a26ffff39cbae41fa7b2c615d
Sha1:   5ea49f5aeeb49e8abd640da2f6d657fb57cc5acc
Sha256: 52943bd40a595c39f84e23ddd74755daa4d013b55c709de9b312661e59103ab3
                                        
                                            GET /tags.js?site=4b434a53d7981a49e81903f9d05b6efe&type=728x90 HTTP/1.1 
Host: tags.h12-media.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/

search
                                         154.51.131.141
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=UTF-8
                                        
Location: https://tags.h12-media.com/tags.js?site=4b434a53d7981a49e81903f9d05b6efe&type=728x90
Server: Microsoft-IIS/10.0
Date: Fri, 25 Nov 2022 03:44:58 GMT
Content-Length: 211


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text
Size:   211
Md5:    d8e41aba175e30cec76c81840b918f0a
Sha1:   6dfb307f00233621fce9ab173f49cd06e2d87937
Sha256: 2385d24a0dd2d25233391aa35b037a002cd1c30b160c06a832047f8e6dd2c18a
                                        
                                            GET /tags.js?site=4b434a53d7981a49e81903f9d05b6efe&type=sliding&size=160x600&name=From+Right HTTP/1.1 
Host: tags.h12-media.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/

search
                                         154.51.131.141
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=UTF-8
                                        
Location: https://tags.h12-media.com/tags.js?site=4b434a53d7981a49e81903f9d05b6efe&type=sliding&size=160x600&name=From+Right
Server: Microsoft-IIS/10.0
Date: Fri, 25 Nov 2022 03:44:58 GMT
Content-Length: 249


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text
Size:   249
Md5:    12d9b2565cb5463a2454530f27a01c8e
Sha1:   f5826ca68e482a740cc0dfe6d541b5e552ddae26
Sha256: db32e6ede2240f88efd408a33cf7befa41c3d12a21a5c8af362e5f0d03875d42
                                        
                                            GET /tags.js?site=4b434a53d7981a49e81903f9d05b6efe&type=300x250 HTTP/1.1 
Host: tags.h12-media.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/

search
                                         154.51.131.141
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=UTF-8
                                        
Location: https://tags.h12-media.com/tags.js?site=4b434a53d7981a49e81903f9d05b6efe&type=300x250
Server: Microsoft-IIS/10.0
Date: Fri, 25 Nov 2022 03:44:58 GMT
Content-Length: 212


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text
Size:   212
Md5:    6dba0e0c6a1afb54d86bdd57c5d2943a
Sha1:   55a5a3d1bbcba2eda169245becb427b831299f6f
Sha256: 331bdbf606b5a7b744f95bbc31c6d5ecc4aa4e75ce50e308d4b6164217107957
                                        
                                            GET /tags.js?site=4b434a53d7981a49e81903f9d05b6efe&type=sliding&size=728x90&name=From+Bottom HTTP/1.1 
Host: tags.h12-media.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/

search
                                         154.51.131.141
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=UTF-8
                                        
Location: https://tags.h12-media.com/tags.js?site=4b434a53d7981a49e81903f9d05b6efe&type=sliding&size=728x90&name=From+Bottom
Server: Microsoft-IIS/10.0
Date: Fri, 25 Nov 2022 03:44:58 GMT
Content-Length: 249


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text
Size:   249
Md5:    d4e4d4a48ee18114b8518db65a17e250
Sha1:   865aa0d38ee7d823fb08c0320c59fa19d5f9e073
Sha256: ca13416e5755f3340257b632260ab72602d6c8e660c4a07d93df424cdfafe8b1
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 25 Nov 2022 03:44:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 25 Nov 2022 03:44:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 25 Nov 2022 03:44:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 25 Nov 2022 03:44:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /static/v1/widgets/55013136-widget_css_bundle.css HTTP/1.1 
Host: www.blogger.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.105
HTTP/2 200 OK
content-type: text/css
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 6620
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 22 Nov 2022 20:32:38 GMT
expires: Wed, 22 Nov 2023 20:32:38 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 22 Nov 2022 12:53:21 GMT
age: 198741
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (30596)
Size:   6620
Md5:    6f46e6f68353c7911fe34f31faa1518f
Sha1:   ea4dbfa2f87c18e9c51c59a32dfa9afb9c2c3472
Sha256: 0be7e26374fcff6f423b88e5f2a05d1cfdcb56abb4a78fa125e391989782ae0f
                                        
                                            GET /static/v1/jsbin/3469866930-comment_from_post_iframe.js HTTP/1.1 
Host: www.blogger.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.105
HTTP/2 200 OK
content-type: text/javascript
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 6573
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 22 Nov 2022 18:59:43 GMT
expires: Wed, 22 Nov 2023 18:59:43 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Nov 2022 19:52:12 GMT
age: 204316
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1441)
Size:   6573
Md5:    f60e5037324bf7fd2256c16929886f09
Sha1:   aae4b1aea3737e0268e3578dd1d0e7cfe6c6d66b
Sha256: 71846da8d45274b77549b110389ab3dbcb8ce042051b5c39547909c1c343dfde
                                        
                                            GET /js/platform.js HTTP/1.1 
Host: apis.google.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.174
HTTP/2 200 OK
content-type: text/javascript
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 20984
date: Fri, 25 Nov 2022 03:44:59 GMT
expires: Fri, 25 Nov 2022 03:44:59 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "7446758f13887885"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1279)
Size:   20984
Md5:    7ac44ef24e267df17ff72f195b252806
Sha1:   62db12d9ce11a576ccd7fa3544d851c5fd42f3b7
Sha256: aae7897e7b55999c1b3166309381d19ac488dced51e14071339d8b193a686a61
                                        
                                            GET /static/v1/widgets/2342155703-widgets.js HTTP/1.1 
Host: www.blogger.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.105
HTTP/2 200 OK
content-type: text/javascript
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 56726
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 21 Nov 2022 16:02:03 GMT
expires: Tue, 21 Nov 2023 16:02:03 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Nov 2022 00:52:59 GMT
age: 301376
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2221)
Size:   56726
Md5:    1217c8e34acb09c7cea97bae4d386ea1
Sha1:   55ee17703d0a7710943e93913bacb49220d98b4b
Sha256: c2f23437ab938096bf8b40de8b08c4f27bb880b7ef8588481ec5ccc08b58870b
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 25 Nov 2022 03:44:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 25 Nov 2022 03:44:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /en_US/all.js HTTP/1.1 
Host: connect.facebook.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/

search
                                         157.240.200.14
HTTP/1.1 200 OK
Content-Type: application/x-javascript; charset=utf-8
                                        
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Expose-Headers: X-FB-Content-MD5
x-fb-content-md5: fc6e31a4b291ff79dd7fe1c57f8af95d
ETag: "07d197ff860b28325c540c5b39b935e4"
timing-allow-origin: *
Access-Control-Allow-Origin: *
cross-origin-resource-policy: cross-origin
Expires: Fri, 25 Nov 2022 04:04:27 GMT
Cache-Control: public,max-age=1200,stale-while-revalidate=3600
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
X-Content-Type-Options: nosniff
x-fb-rlafr: 0
X-Frame-Options: DENY
Strict-Transport-Security: max-age=31536000; preload; includeSubDomains
Content-MD5: mDnC4Lk4CSiOn/aNvEHp8A==
X-FB-Debug: FglsK95Esh4ytwBvM8sDDUzNgNv74EiBjb9p3DDr4BEY8ztjpOc99VAT9F2AxQpPF3VePxz2Pf7sXo1jUXBLPA==
Priority: u=3,i
X-FB-TRIP-ID: 1679558926
Date: Fri, 25 Nov 2022 03:44:59 GMT
Alt-Svc: h3=":443"; ma=86400
Connection: keep-alive
Content-Length: 1688


--- Additional Info ---
Magic:  ASCII text, with very long lines (1957)
Size:   1688
Md5:    9839c2e0b93809288e9ff68dbc41e9f0
Sha1:   ac5a85d0fcb27bc67310e7983452909def3ceefe
Sha256: 94210f6cb6024d8ff1bcfd595be3dfb475c0aa47ecc00a7dc0b7e705abd12230
                                        
                                            GET /geocompteur/geocity.php?c=geocity_rose&id=2052431&adult=0&cat=news HTTP/1.1 
Host: www.widgeo.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/

search
                                         104.26.10.22
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Fri, 25 Nov 2022 03:44:59 GMT
Content-Length: 2034
Connection: keep-alive
set-cookie: w_js_ads_code=ok; expires=Thu, 01-Dec-2022 03:44:58 GMT; Max-Age=518400; path=/; domain=widgeo.net
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 03:44:58 GMT
content-encoding: gzip
vary: Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qay9TG0zhKeb4OAMz%2BMLcH1VfZMAONxPIf5wuyaA7CkAkaa0IWzP%2FJ1yvT4VLeLTdcz99Mvb0Iw0X9UOCNrv0ltkhlfnMqMSoNY0hce7TaBS0l7NvQg8p3jSDEEqD1xh"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 76f76392bde4b503-OSL
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  ASCII text, with very long lines (2149)
Size:   2034
Md5:    4b0c1a0d1aa4234cf191557e6bb22f21
Sha1:   4bbce4d28e0427fd5208694531db1b6687e0baf7
Sha256: f8de6883280e63d4cd9b96b7e5e1cf657a2517f9ee1ac3bfb13eb52b62880cff
                                        
                                            GET /tags.js?site=4b434a53d7981a49e81903f9d05b6efe&type=sliding&size=160x600&name=From+Right HTTP/1.1 
Host: tags.h12-media.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://pak-janggut.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         154.51.131.141
HTTP/2 200 OK
content-type: application/x-javascript
                                        
cache-control: max-age=300,private
content-encoding: gzip
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ARR/3.0
date: Fri, 25 Nov 2022 03:44:59 GMT
content-length: 1346
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (715), with CRLF line terminators
Size:   1346
Md5:    d9492c86f50776d99fb5f87c897ef9bf
Sha1:   0251f6229dc4a3a5e4107e53fa3b605dc7ca5837
Sha256: efec80690685737cb090cc20c82a4e5bf64a5ca33a6de6eccd87685ba618a96e
                                        
                                            GET /tags.js?site=4b434a53d7981a49e81903f9d05b6efe&type=sliding&size=728x90&name=From+Bottom HTTP/1.1 
Host: tags.h12-media.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://pak-janggut.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         154.51.131.141
HTTP/2 200 OK
content-type: application/x-javascript
                                        
cache-control: max-age=300,private
content-encoding: gzip
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ARR/3.0
date: Fri, 25 Nov 2022 03:44:59 GMT
content-length: 1346
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (716), with CRLF line terminators
Size:   1346
Md5:    827c141790f7849e9867f2860fa0b292
Sha1:   72732598323b41317af2a371f53e16aab77a94fa
Sha256: 8e6319519e2a5a9ea185c720f7fc0da24e82a51842bd019871873c0c984cfff0
                                        
                                            GET /BidVertiser.dbm?pid=361547%26bid=1169954 HTTP/1.1 
Host: bdv.bidvertiser.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/

search
                                         54.241.51.109
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Pragma: no-cache
Cache-Control: no-store
Expires: -1
Connection: close
Content-Length: 9014


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   9014
Md5:    0d489677aaa27440619b64706f2cafe9
Sha1:   b87bf2207059e1db5a939e804c7e586e7b8ad125
Sha256: 0dab6095a7e07c26dc21102cfb0e3e81eda68ed0681d34b23719bd31bc188539
                                        
                                            GET /widget.js HTTP/1.1 
Host: www.linkwithin.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/

search
                                         3.19.188.212
HTTP/1.1 404 Not Found
Content-Type: text/html
                                        
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 25 Nov 2022 03:44:59 GMT
Content-Length: 162
Connection: keep-alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   162
Md5:    1b7c22a214949975556626d7217e9a39
Sha1:   d01c97e2944166ed23e47e4a62ff471ab8fa031f
Sha256: 340c8464c2007ce3f80682e15dfafa4180b641d53c14201b929906b7b0284d87
                                        
                                            GET /tags.js?site=4b434a53d7981a49e81903f9d05b6efe&type=300x250 HTTP/1.1 
Host: tags.h12-media.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://pak-janggut.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         154.51.131.141
HTTP/2 200 OK
content-type: application/x-javascript
                                        
cache-control: max-age=300,private
content-encoding: gzip
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ARR/3.0
date: Fri, 25 Nov 2022 03:44:59 GMT
content-length: 1337
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (705), with CRLF line terminators
Size:   1337
Md5:    adfd8af029773a14a599e4f1e0dfdcdb
Sha1:   423df289f331de553ecd55137608b01083292ec5
Sha256: 8789bac84fca2d914978fd37d5e16d390305eacfcaf7ffe527dd18255c2f9a98
                                        
                                            GET /tags.js?site=4b434a53d7981a49e81903f9d05b6efe&type=728x90 HTTP/1.1 
Host: tags.h12-media.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://pak-janggut.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         154.51.131.141
HTTP/2 200 OK
content-type: application/x-javascript
                                        
cache-control: max-age=300,private
content-encoding: gzip
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ARR/3.0
date: Fri, 25 Nov 2022 03:44:59 GMT
content-length: 1336
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (704), with CRLF line terminators
Size:   1336
Md5:    9e2dcc9e5c7e07a21acc62d9887ca4d3
Sha1:   bd3a14abb1cab3850e02b635c420ecc7c8e4ff90
Sha256: 65e989d6c00e712c368bb428eafc6536ca7afcd645f85a92110bee63f3287eee
                                        
                                            GET /BidVertiser.dbm?pid=361547%26bid=1169953 HTTP/1.1 
Host: bdv.bidvertiser.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/

search
                                         54.241.51.109
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Pragma: no-cache
Cache-Control: no-store
Expires: -1
Connection: close
Content-Length: 9014


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   9014
Md5:    0d489677aaa27440619b64706f2cafe9
Sha1:   b87bf2207059e1db5a939e804c7e586e7b8ad125
Sha256: 0dab6095a7e07c26dc21102cfb0e3e81eda68ed0681d34b23719bd31bc188539
                                        
                                            GET /BidVertiser.dbm?pid=361547%26bid=1169949 HTTP/1.1 
Host: bdv.bidvertiser.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/

search
                                         54.241.51.109
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Pragma: no-cache
Cache-Control: no-store
Expires: -1
Connection: close
Content-Length: 9014


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   9014
Md5:    0d489677aaa27440619b64706f2cafe9
Sha1:   b87bf2207059e1db5a939e804c7e586e7b8ad125
Sha256: 0dab6095a7e07c26dc21102cfb0e3e81eda68ed0681d34b23719bd31bc188539
                                        
                                            GET /BidVertiser.dbm?pid=361547%26bid=1167641 HTTP/1.1 
Host: bdv.bidvertiser.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/

search
                                         54.241.51.109
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Pragma: no-cache
Cache-Control: no-store
Expires: -1
Connection: close
Content-Length: 9014


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   9014
Md5:    0d489677aaa27440619b64706f2cafe9
Sha1:   b87bf2207059e1db5a939e804c7e586e7b8ad125
Sha256: 0dab6095a7e07c26dc21102cfb0e3e81eda68ed0681d34b23719bd31bc188539
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Cache-Control, ETag, Pragma, Expires, Backoff, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 25 Nov 2022 03:08:53 GMT
cache-control: public,max-age=3600
age: 2166
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            GET /samsengfb.js.php?token=8bce1b2342553c8507f0f7f5de798bc3.5912.6741 HTTP/1.1 
Host: www.samsengfb.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/

search
                                         190.2.139.23
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx/1.20.2
Date: Fri, 25 Nov 2022 03:44:59 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding, Accept-Encoding
X-Powered-By: PHP/7.2.34
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document, ASCII text, with very long lines (17112)
Size:   6787
Md5:    601047c143be58f8ad745ee7095d57e3
Sha1:   2b52b70cd3aba284c42415a595f4c66fac5ce384
Sha256: 4500569b82e6b75d465ef56222d28fbf7be68290cce28f04eec095f03acb133d

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /albums/h260/toonybug/templatestag.png HTTP/1.1 
Host: i66.photobucket.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/

search
                                         143.204.55.54
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
                                        
Server: CloudFront
Date: Fri, 25 Nov 2022 03:44:59 GMT
Content-Length: 167
Connection: keep-alive
Location: https://i66.photobucket.com/albums/h260/toonybug/templatestag.png
X-Cache: Redirect from cloudfront
Via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: BNftfk7kcCbf8vFWldSgpGyMktyxWydz9DEoT4v6oraO8seMfryQ4g==
Vary: Origin


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   167
Md5:    f5d40b7259645010f9a248858ad14178
Sha1:   b3051d17a6ec8c9e166bf09a62b48261ab86957b
Sha256: 7f5007068d2b56ea9735e2490d60cff2e72cae312024ac1f6c91158eba47d05d
                                        
                                            GET /albums/s282/theviejo/recurso_9_7.jpg HTTP/1.1 
Host: i155.photobucket.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/

search
                                         143.204.55.106
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
                                        
Server: CloudFront
Date: Fri, 25 Nov 2022 03:44:59 GMT
Content-Length: 167
Connection: keep-alive
Location: https://i155.photobucket.com/albums/s282/theviejo/recurso_9_7.jpg
X-Cache: Redirect from cloudfront
Via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 0hxjZk66TKSNnXcaJt2EAvy7OWqkophB5MSeUI7I1z77xZBsDc-AMQ==
Vary: Origin


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   167
Md5:    f5d40b7259645010f9a248858ad14178
Sha1:   b3051d17a6ec8c9e166bf09a62b48261ab86957b
Sha256: 7f5007068d2b56ea9735e2490d60cff2e72cae312024ac1f6c91158eba47d05d
                                        
                                            GET /img/logopm.png HTTP/1.1 
Host: www.widgeo.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/

search
                                         104.26.10.22
HTTP/1.1 200 OK
Content-Type: image/webp
                                        
Date: Fri, 25 Nov 2022 03:44:59 GMT
Content-Length: 714
Connection: keep-alive
Cf-Bgj: imgq:100,h2pri
Cf-Polished: origFmt=png, origSize=847
Content-Disposition: inline; filename="logopm.webp"
Vary: Accept
cache-control: public, max-age=2592000
expires: Thu, 15 Dec 2022 19:43:44 GMT
last-modified: Thu, 20 Jun 2019 15:14:49 GMT
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 806475
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jglT9P8D8IJgKPYvOEeYCQiNtR8qgZa830AGmchHFlvbbkIvdNiVZPQ4MKjpjh%2BmKuS8Uggc2hA9DXknjAQQjV7ro%2BfE9rEDxINp1dHf0j2IMvRGGzy%2BnXaWCTmjZzjS"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 76f76395ceefb503-OSL
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   714
Md5:    3832d6b8d8c47a5cefe6561297b514f6
Sha1:   f7ebe08ccccde9ab79407b9348ffa8fa6c048d8d
Sha256: c5fda4bddbc21f1d990ef4b42a6350e739a1870c73c6ab240aa921651bfe5a08
                                        
                                            GET /albums/h260/toonybug/background2-20.jpg HTTP/1.1 
Host: i66.photobucket.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/

search
                                         143.204.55.54
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
                                        
Server: CloudFront
Date: Fri, 25 Nov 2022 03:44:59 GMT
Content-Length: 167
Connection: keep-alive
Location: https://i66.photobucket.com/albums/h260/toonybug/background2-20.jpg
X-Cache: Redirect from cloudfront
Via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 5n5w5-VxH72j4kJgp9KDEBF8ULlhF_XeKx4G7i8DRKdAUto7l297Bg==
Vary: Origin


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   167
Md5:    f5d40b7259645010f9a248858ad14178
Sha1:   b3051d17a6ec8c9e166bf09a62b48261ab86957b
Sha256: 7f5007068d2b56ea9735e2490d60cff2e72cae312024ac1f6c91158eba47d05d
                                        
                                            GET /pagead/js/google_top_exp.js HTTP/1.1 
Host: pagead2.googlesyndication.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/

search
                                         142.250.74.130
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
                                        
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: cafe
Content-Length: 67
X-XSS-Protection: 0
Date: Thu, 24 Nov 2022 10:51:13 GMT
Expires: Thu, 08 Dec 2022 10:51:13 GMT
Cache-Control: public, max-age=1209600
ETag: 13036835877489095579
Age: 60826


--- Additional Info ---
Magic:  ASCII text
Size:   67
Md5:    9bbc3ca32ec951a484589ce0e6b4db73
Sha1:   753d6f6183b33b2dee5dde2208fca91c17f5bb13
Sha256: b8f16a16d2a7ea39a9cc079fdbe3af7d31393d62a853668bdd549e0a0311cb3c
                                        
                                            GET /v2/tags.js?placement=4b434a53d7981a49e81903f9d05b6efe&type=728x90&erdal=mercan&size=&appearance=&pname=&debug=&name=&code=&freq=&pb=&bref=http%3A%2F%2Fpak-janggut.blogspot.com%2F2013%2F03%2Fsiapa-sebenarnya-tasha-manshahar.html&href=undefined&rnd=0.19876470246905187&allowbackup=undefined&sability=undefined&cvfsy=undefined&mmtitw=undefined&bpos=undefined&bposscr=undefined&cdim=undefined&ddim=undefined&clngs=undefined&mdi=undefined&mhi=undefined HTTP/1.1 
Host: tags.h12-media.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/

search
                                         154.51.131.141
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=UTF-8
                                        
Location: https://tags.h12-media.com/v2/tags.js?placement=4b434a53d7981a49e81903f9d05b6efe&type=728x90&erdal=mercan&size=&appearance=&pname=&debug=&name=&code=&freq=&pb=&bref=http%3A%2F%2Fpak-janggut.blogspot.com%2F2013%2F03%2Fsiapa-sebenarnya-tasha-manshahar.html&href=undefined&rnd=0.19876470246905187&allowbackup=undefined&sability=undefined&cvfsy=undefined&mmtitw=undefined&bpos=undefined&bposscr=undefined&cdim=undefined&ddim=undefined&clngs=undefined&mdi=undefined&mhi=undefined
Server: Microsoft-IIS/10.0
Date: Fri, 25 Nov 2022 03:44:59 GMT
Content-Length: 693


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (650)
Size:   693
Md5:    7ee17f71586749e01c0e796552bd0591
Sha1:   e07d2c03c160e0ebab2f4a767d9654c3af443afb
Sha256: 7ea955a487cf9828b88b2f31f34f9df32960ecfa2fc6cb74901d7883f4f26310
                                        
                                            GET /pixel.png HTTP/1.1 
Host: www.linkwithin.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/

search
                                         3.19.188.212
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 25 Nov 2022 03:44:59 GMT
Content-Length: 83
Last-Modified: Thu, 18 Jun 2020 22:02:28 GMT
Connection: keep-alive
ETag: "5eebe474-53"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Size:   83
Md5:    ca1dba98f5e46c0e7a1549b3d8af9b93
Sha1:   37284bda145ed93cee64997e3d6688cae7d98468
Sha256: 88021da4a13d993a2c94e4d8ddc9bd98b34985d806371e71e0531b37b8a0e081
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4219
Cache-Control: max-age=109929
Date: Fri, 25 Nov 2022 03:44:59 GMT
Etag: "637f3429-1d7"
Expires: Sat, 26 Nov 2022 10:17:08 GMT
Last-Modified: Thu, 24 Nov 2022 09:06:49 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /v2/tags.js?placement=4b434a53d7981a49e81903f9d05b6efe&type=728x90&erdal=mercan&size=&appearance=&pname=&debug=&name=&code=&freq=&pb=&bref=http%3A%2F%2Fpak-janggut.blogspot.com%2F2013%2F03%2Fsiapa-sebenarnya-tasha-manshahar.html&href=undefined&rnd=0.19876470246905187&allowbackup=undefined&sability=undefined&cvfsy=undefined&mmtitw=undefined&bpos=undefined&bposscr=undefined&cdim=undefined&ddim=undefined&clngs=undefined&mdi=undefined&mhi=undefined HTTP/1.1 
Host: tags.h12-media.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://pak-janggut.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         154.51.131.141
HTTP/2 200 OK
content-type: application/x-javascript
                                        
cache-control: max-age=300,private
server: Microsoft-IIS/10.0
x-powered-by: ARR/3.0
date: Fri, 25 Nov 2022 03:44:59 GMT
content-length: 0
X-Firefox-Spdy: h2

                                        
                                            GET /s/bentham/v18/VdGeAZQPEpYfmHglGWsxCQ.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://pak-janggut.blogspot.com
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/

search
                                         216.58.207.195
HTTP/1.1 200 OK
Content-Type: font/woff2
                                        
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 17988
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 23 Nov 2022 13:35:15 GMT
Expires: Thu, 23 Nov 2023 13:35:15 GMT
Cache-Control: public, max-age=31536000
Age: 137384
Last-Modified: Tue, 19 Apr 2022 19:21:54 GMT


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 17988, version 1.0\012- data
Size:   17988
Md5:    bf6a5846cb67a28b10fc51624b7c2021
Sha1:   aecc7ba490ee2def0bec0ad3bd79ba0caa0a4347
Sha256: cb9dc64865a8ff81a07712442c9647fe79d1b371cdcbad6047d46bc7ee8254da
                                        
                                            GET /albums/h260/toonybug/header2-12.png HTTP/1.1 
Host: i66.photobucket.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/

search
                                         143.204.55.54
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
                                        
Server: CloudFront
Date: Fri, 25 Nov 2022 03:44:59 GMT
Content-Length: 167
Connection: keep-alive
Location: https://i66.photobucket.com/albums/h260/toonybug/header2-12.png
X-Cache: Redirect from cloudfront
Via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: PHLpvzEq8pzX1N17VJzQ_yYGiqkpI3BAuvyjoiR2D0B_NQ5RUdWAVA==
Vary: Origin


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   167
Md5:    f5d40b7259645010f9a248858ad14178
Sha1:   b3051d17a6ec8c9e166bf09a62b48261ab86957b
Sha256: 7f5007068d2b56ea9735e2490d60cff2e72cae312024ac1f6c91158eba47d05d
                                        
                                            GET /js15.js HTTP/1.1 
Host: s10.histats.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/

search
                                         46.105.201.240
HTTP/1.1 200 OK
content-type: application/javascript; charset=UTF-8
                                        
date: Fri, 25 Nov 2022 03:39:52 GMT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
x-request-id: 704120907
etag: W/"980881274"
content-encoding: gzip
vary: Accept-Encoding
x-cdn-pop: sbg
x-cdn-pop-ip: 137.74.120.0/27
x-cacheable: Matched cache
accept-ranges: bytes
content-length: 4405
x-iplb-request-id: 5B5A2A9A:7334_2E69C9F0:0050_63803A3B_5E98:25BA3
x-iplb-instance: 42473


--- Additional Info ---
Magic:  HTML document, ASCII text, with very long lines (11088), with no line terminators
Size:   4405
Md5:    688a4c6f6b98b3bfb618172e90695341
Sha1:   432a0d43c31e466673d13308db9e1ba5e519619c
Sha256: becf42e9318b096cf691c11947c601c75b0b5ba2a6421fd2e676f62c646c17c5
                                        
                                            GET /s/molengo/v16/I_uuMpWeuBzZNBtQXbNakw.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://pak-janggut.blogspot.com
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/

search
                                         216.58.207.195
HTTP/1.1 200 OK
Content-Type: font/woff2
                                        
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 14016
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 23 Nov 2022 09:16:06 GMT
Expires: Thu, 23 Nov 2023 09:16:06 GMT
Cache-Control: public, max-age=31536000
Age: 152933
Last-Modified: Tue, 26 Apr 2022 15:27:44 GMT


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 14016, version 1.0\012- data
Size:   14016
Md5:    eca165efaa8a5c693fcf7b3a26cef43b
Sha1:   b5b486f83648089b2653aacdcab3d4516a6aee98
Sha256: 31addde7fb28b34660534c075be0623c663561d371279da1ab9689761db6c7da
                                        
                                            GET /images/ban3.gif HTTP/1.1 
Host: www.rahsiakuihraya.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/

search
                                         34.98.99.30
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Server: openresty
Date: Fri, 25 Nov 2022 03:44:59 GMT
Content-Length: 2551
Last-Modified: Wed, 23 Nov 2022 16:09:18 GMT
ETag: "637e45ae-9f7"
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_KtgrS35it06UYLDHWX2lqjXc6cYq/W2GL8Ir/NcJhmYxNo3vs/U052xfSkl3wbZgp1eOKi6QVqfWzvZapoVRww
Set-Cookie: system=PW;Path=/;Max-Age=86400; caf_ipaddr=91.90.42.154;Path=/;Max-Age=86400; country=NO;Path=/;Max-Age=86400; city="";Path=/;Max-Age=86400; traffic_target=reseller;Path=/;Max-Age=86400;
Accept-Ranges: bytes
Via: 1.1 google


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2551), with no line terminators
Size:   2551
Md5:    6e0e72649d50296f15557e931c1e05e9
Sha1:   a86f0f6aa222653013fe3c36d434f67057c85e64
Sha256: 895c0f60e59fdd84e53ab7ddb8866c8f49e45386632dca017efedd48313c9e0c
                                        
                                            GET /s/calligraffitti/v19/46k2lbT3XjDVqJw3DCmCFjE0vkFeOZc.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://pak-janggut.blogspot.com
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/

search
                                         216.58.207.195
HTTP/1.1 200 OK
Content-Type: font/woff2
                                        
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 29868
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 23 Nov 2022 13:27:19 GMT
Expires: Thu, 23 Nov 2023 13:27:19 GMT
Cache-Control: public, max-age=31536000
Age: 137860
Last-Modified: Tue, 19 Apr 2022 19:09:14 GMT


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 29868, version 1.0\012- data
Size:   29868
Md5:    8b26cc331e323dda95ea6d0dcf4d7542
Sha1:   1f6b0e5440044f6aa75b1f73d2f9c63a2f75bba9
Sha256: 2d5059c07b957f989ee2ed276e1f6d20428f4d3ed2523e7c305bd3e3ebc092ec
                                        
                                            GET /albums/h260/toonybug/header2-12.png HTTP/1.1 
Host: i66.photobucket.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://pak-janggut.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         143.204.55.54
HTTP/2 200 OK
content-type: image/webp
                                        
content-length: 88336
date: Tue, 22 Nov 2022 01:16:53 GMT
cache-control: max-age=31536000, public
content-disposition: inline; filename="header2-12.webp"
expires: Wed, 22 Nov 2023 01:16:53 GMT
server: photobucket
x-amzn-trace-id: Root=1-637c2304-1d4929b631521cda68b259b5
x-request-id: 4wJPPx45KgVSDbB3FLXVe
x-cache: Hit from cloudfront
via: 1.1 814e8c24454087e83cd261a6cf477166.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: rvqpDTOA_tLiUtub0g_r8sPQhcGm5rinbHSF8CARfwCPDfhuL2qu6g==
age: 268087
vary: Accept, Origin
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   88336
Md5:    e77dc4b55a98f0276e869e8233aad288
Sha1:   f77186296a3c1a292896bb5f14300fc3cc73e517
Sha256: 1ab90235b5b9dd020b47882fad9b575eb25f3af7bd95362ad95c9089ab53b146
                                        
                                            GET /albums/s282/theviejo/recurso_9_7.jpg HTTP/1.1 
Host: i155.photobucket.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://pak-janggut.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         143.204.55.54
HTTP/2 200 OK
content-type: image/webp
                                        
content-length: 866
date: Tue, 22 Nov 2022 01:16:52 GMT
cache-control: max-age=31536000, public
content-disposition: inline; filename="recurso_9_7.webp"
expires: Wed, 22 Nov 2023 01:16:52 GMT
server: photobucket
x-amzn-trace-id: Root=1-637c2304-7fef4af7682431c835a5cf1b
x-request-id: Ai-QJIA8IlsPfcNS8tw59
x-cache: Hit from cloudfront
via: 1.1 814e8c24454087e83cd261a6cf477166.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: op4YmDq6h2UH6QMvd02DZcwrxeVu2UGIdX40-SgQC1wYVkX3elLEBg==
age: 268088
vary: Accept, Origin
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   866
Md5:    cc4c3239458044ac24fec670759abe98
Sha1:   1d82930aeb5ee83c27c9cf18e4032c5ccc79fa9e
Sha256: 7e7869c41d518540d17a4197002c2d327bb3b39714f2ae67ede24aeaabc2a6f9
                                        
                                            GET /v2/tags.js?placement=4b434a53d7981a49e81903f9d05b6efe&type=300x250&erdal=mercan&size=&appearance=&pname=&debug=&name=&code=&freq=&pb=&bref=http%3A%2F%2Fpak-janggut.blogspot.com%2F2013%2F03%2Fsiapa-sebenarnya-tasha-manshahar.html&href=undefined&rnd=0.6674645411412855&allowbackup=undefined&sability=undefined&cvfsy=undefined&mmtitw=undefined&bpos=undefined&bposscr=undefined&cdim=undefined&ddim=undefined&clngs=undefined&mdi=undefined&mhi=undefined HTTP/1.1 
Host: tags.h12-media.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/

search
                                         154.51.131.141
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=UTF-8
                                        
Location: https://tags.h12-media.com/v2/tags.js?placement=4b434a53d7981a49e81903f9d05b6efe&type=300x250&erdal=mercan&size=&appearance=&pname=&debug=&name=&code=&freq=&pb=&bref=http%3A%2F%2Fpak-janggut.blogspot.com%2F2013%2F03%2Fsiapa-sebenarnya-tasha-manshahar.html&href=undefined&rnd=0.6674645411412855&allowbackup=undefined&sability=undefined&cvfsy=undefined&mmtitw=undefined&bpos=undefined&bposscr=undefined&cdim=undefined&ddim=undefined&clngs=undefined&mdi=undefined&mhi=undefined
Server: Microsoft-IIS/10.0
Date: Fri, 25 Nov 2022 03:44:59 GMT
Content-Length: 693


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (650)
Size:   693
Md5:    6c32c4234b2c130bc60375ee8e5eb1b5
Sha1:   2de4ec1a908f357ad377156e8af6d7c05df8be5c
Sha256: f87caa8b09b3a00013b91c9e728019912489acd981a7fbed80d57f88d7011a29
                                        
                                            GET /images/banner03.gif HTTP/1.1 
Host: www.buatcoklat.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/

search
                                         45.79.19.196
HTTP/1.1 302 Found
content-type: text/html; charset=utf-8
                                        
server: openresty/1.13.6.1
date: Fri, 25 Nov 2022 03:44:59 GMT
content-length: 0
location: https://d39f23jfph0ylk.cloudfront.net/buatcoklat.com.gif
vary: Accept-Language
content-language: en
connection: close

                                        
                                            GET /v2/tags.js?placement=4b434a53d7981a49e81903f9d05b6efe&type=300x250&erdal=mercan&size=&appearance=&pname=&debug=&name=&code=&freq=&pb=&bref=http%3A%2F%2Fpak-janggut.blogspot.com%2F2013%2F03%2Fsiapa-sebenarnya-tasha-manshahar.html&href=undefined&rnd=0.6674645411412855&allowbackup=undefined&sability=undefined&cvfsy=undefined&mmtitw=undefined&bpos=undefined&bposscr=undefined&cdim=undefined&ddim=undefined&clngs=undefined&mdi=undefined&mhi=undefined HTTP/1.1 
Host: tags.h12-media.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://pak-janggut.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         154.51.131.141
HTTP/2 200 OK
content-type: application/x-javascript
                                        
cache-control: max-age=300,private
server: Microsoft-IIS/10.0
x-powered-by: ARR/3.0
date: Fri, 25 Nov 2022 03:44:59 GMT
content-length: 0
X-Firefox-Spdy: h2

                                        
                                            GET /-aC4piBxpKVA/UU_y9Zt8beI/AAAAAAABe8E/6SYns877FlA/s320/gambar+biodata+siapa+tasha+manshahar.JPG HTTP/1.1 
Host: 2.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/

search
                                         142.250.74.161
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Access-Control-Expose-Headers: Content-Length
ETag: "v17bc2"
Expires: Sat, 26 Nov 2022 03:45:00 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="gambar biodata siapa tasha manshahar.JPG"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Fri, 25 Nov 2022 03:45:00 GMT
Server: fife
Content-Length: 26133
X-XSS-Protection: 0


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 263x320, components 3\012- data
Size:   26133
Md5:    c3be07240cd2895bfb85622c1df000ea
Sha1:   225d4e1298c2259b45d07bdb09a9b282fdaa4dae
Sha256: d93d126fc8726100671fadcb021741c772f7adbc9724874e4c6d0e07e6060095
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4247
Cache-Control: max-age=141999
Date: Fri, 25 Nov 2022 03:45:00 GMT
Etag: "637fb154-117"
Expires: Sat, 26 Nov 2022 19:11:39 GMT
Last-Modified: Thu, 24 Nov 2022 18:00:52 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 279

                                        
                                            GET /albums/h260/toonybug/postimage.png HTTP/1.1 
Host: i66.photobucket.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/

search
                                         143.204.55.54
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
                                        
Server: CloudFront
Date: Fri, 25 Nov 2022 03:45:00 GMT
Content-Length: 167
Connection: keep-alive
Location: https://i66.photobucket.com/albums/h260/toonybug/postimage.png
X-Cache: Redirect from cloudfront
Via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: x4TKFPSozFnkP_rNO6iZ0DFM8FeqTzmnS9IxxWYPRHmbj5palEg54w==
Vary: Origin


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   167
Md5:    f5d40b7259645010f9a248858ad14178
Sha1:   b3051d17a6ec8c9e166bf09a62b48261ab86957b
Sha256: 7f5007068d2b56ea9735e2490d60cff2e72cae312024ac1f6c91158eba47d05d
                                        
                                            GET /albums/h260/toonybug/divider-9.png HTTP/1.1 
Host: i66.photobucket.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/

search
                                         143.204.55.54
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
                                        
Server: CloudFront
Date: Fri, 25 Nov 2022 03:45:00 GMT
Content-Length: 167
Connection: keep-alive
Location: https://i66.photobucket.com/albums/h260/toonybug/divider-9.png
X-Cache: Redirect from cloudfront
Via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: MI2C3i_7reJ2R7D0qeSr6T4zG4WEMcPq9LVBPGlbH2jlgg4SeNpmIQ==
Vary: Origin


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   167
Md5:    f5d40b7259645010f9a248858ad14178
Sha1:   b3051d17a6ec8c9e166bf09a62b48261ab86957b
Sha256: 7f5007068d2b56ea9735e2490d60cff2e72cae312024ac1f6c91158eba47d05d
                                        
                                            GET /-FKnrqMv8zQk/UU_0DbR3UwI/AAAAAAABe8M/94DbubkMI9g/w72-h72-p-k-no-nu/almy+nadia.jpg HTTP/1.1 
Host: 1.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/

search
                                         142.250.74.161
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Access-Control-Expose-Headers: Content-Length
ETag: "v17bc4"
Expires: Sat, 26 Nov 2022 03:45:00 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="almy nadia.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Fri, 25 Nov 2022 03:45:00 GMT
Server: fife
Content-Length: 4999
X-XSS-Protection: 0


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, description=Almy Nadia - MAJLIS DOA SELAMAT DAN PELANCARAN FILEM 4 MADU, software=Google], baseline, precision 8, 72x72, components 3\012- data
Size:   4999
Md5:    7445bbcb870eac69690129e9bf030c22
Sha1:   b53014de49581764c89280efeee16ad29b413212
Sha256: 2ce37c11b36ba515d52ef84780be47eb64686800fd546fb637e5210006d31122
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4247
Cache-Control: max-age=141999
Date: Fri, 25 Nov 2022 03:45:00 GMT
Etag: "637fb154-117"
Expires: Sat, 26 Nov 2022 19:11:39 GMT
Last-Modified: Thu, 24 Nov 2022 18:00:52 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 279

                                        
                                            GET /widget.js HTTP/1.1 
Host: www.linkwithin.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/

search
                                         3.19.188.212
HTTP/1.1 404 Not Found
Content-Type: text/html
                                        
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 25 Nov 2022 03:45:00 GMT
Content-Length: 162
Connection: keep-alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   162
Md5:    1b7c22a214949975556626d7217e9a39
Sha1:   d01c97e2944166ed23e47e4a62ff471ab8fa031f
Sha256: 340c8464c2007ce3f80682e15dfafa4180b641d53c14201b929906b7b0284d87
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "FE9DDBC5C58CAB3D45C1F557244D72009E8BA777D57C308650FD828A785DB291"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9158
Expires: Fri, 25 Nov 2022 06:17:38 GMT
Date: Fri, 25 Nov 2022 03:45:00 GMT
Connection: keep-alive

                                        
                                            GET /albums/h260/toonybug/templatestag.png HTTP/1.1 
Host: i66.photobucket.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://pak-janggut.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         143.204.55.54
HTTP/2 200 OK
content-type: image/webp
                                        
content-length: 6098
date: Fri, 25 Nov 2022 03:45:00 GMT
cache-control: max-age=31536000, public
content-disposition: inline; filename="templatestag.webp"
expires: Sat, 25 Nov 2023 03:45:00 GMT
server: photobucket
x-amzn-trace-id: Root=1-63803a3c-4d64af16581118f75ca0a78c
x-request-id: Sa-e0pDIz97RVuhS1xZp4
x-cache: Miss from cloudfront
via: 1.1 814e8c24454087e83cd261a6cf477166.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: HP9kOEb0lAopqtp6zTXnVROrQClp3pkS1rh2-8UvmGB1lebUu80riw==
vary: Accept, Origin
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   6098
Md5:    034aa733dacc7922e2d827d110a6277b
Sha1:   2bc7f2d7a43f541078f389e430a513d42451165b
Sha256: aa1194a4bde2d3989823fb461bff38780122f52b25260bd8bbf4ae269627dd46
                                        
                                            GET /-69CvTZ1T7PI/UEphIeVC26I/AAAAAAAAcvk/X9m9pPiGWyg/w72-h72-p-k-no-nu/dn_02.1_thumb.jpg?imgmax=800 HTTP/1.1 
Host: lh6.ggpht.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/

search
                                         142.250.74.1
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Access-Control-Expose-Headers: Content-Length
ETag: "v72f9"
Expires: Sat, 26 Nov 2022 03:45:00 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="dn_02.1_thumb.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Fri, 25 Nov 2022 03:45:00 GMT
Server: fife
Content-Length: 3617
X-XSS-Protection: 0


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Size:   3617
Md5:    06e9edda8ca1c671beabb7027ad9dc11
Sha1:   26cd39c1b804251e9fe20a9b682830ade2952a13
Sha256: 7824e7f51c3e35861086ddc826439bde13c395785a39073812407e3f57ce932f
                                        
                                            GET /-ksZ_hd6RzpM/T-seqBXs_CI/AAAAAAAAELo/ynsGXBny11o/w72-h72-p-k-no-nu/images+(3).jpg HTTP/1.1 
Host: 2.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/

search
                                         142.250.74.161
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="images (3).jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 2885
X-XSS-Protection: 0
Date: Fri, 25 Nov 2022 03:45:00 GMT
Expires: Wed, 23 Nov 2022 01:16:52 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v10ba"
Age: 0


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Size:   2885
Md5:    2756c2da9346b93f28644e21480a7b60
Sha1:   3da79d73ec8ad37f2f76b4510dcf52f4d05e725a
Sha256: e97ba88ff3ded1de349637f3e3aa770d0ac35cd7dd9b7687970431e578a9a27f
                                        
                                            GET /-aPd-Q2up9is/UfnTeyMl75I/AAAAAAABzAU/bm2TTgPVFBI/w72-h72-p-k-no-nu/1013400_177175285783447_129086622_n1_thumb.jpg?imgmax=800 HTTP/1.1 
Host: lh6.ggpht.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/

search
                                         142.250.74.1
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="1013400_177175285783447_129086622_n1_thumb.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 3815
X-XSS-Protection: 0
Date: Fri, 25 Nov 2022 03:45:00 GMT
Expires: Thu, 24 Nov 2022 03:59:52 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v1cc06"
Age: 0


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Size:   3815
Md5:    669cd2e5aaba5c409c6119fa61f87503
Sha1:   33ca74c488dea7f88baa94e46b973159c0ce49e4
Sha256: de49189aabff54c452860dc1411c15d116768afba903cde1e2a83bef6cd0ead4
                                        
                                            GET /geocompteur/geocity_html.php?id=2052431&c=geocity_rose&size=&nostats=&title=Pak%20Janggut%20Tukang%20Cerita%3A%20Siapa%20Sebenarnya%20Tasha%20Manshahar%3F&ref=pak-janggut.blogspot.com&fullurl=http%3A%2F%2Fpak-janggut.blogspot.com%2F2013%2F03%2Fsiapa-sebenarnya-tasha-manshahar.html HTTP/1.1 
Host: www.widgeo.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
Upgrade-Insecure-Requests: 1

search
                                         104.26.10.22
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Fri, 25 Nov 2022 03:45:00 GMT
Transfer-Encoding: chunked
Connection: keep-alive
p3p: CP="NOI ADM DEV COM NAV OUR STP"
set-cookie: monpays=NO; expires=Thu, 23-Feb-2023 03:44:58 GMT; Max-Age=7776000; path=/ pays=Norway; expires=Thu, 23-Feb-2023 03:44:58 GMT; Max-Age=7776000; path=/ ville=Oslo; expires=Thu, 23-Feb-2023 03:44:58 GMT; Max-Age=7776000; path=/ idcompteurcc_2052431=done; expires=Sat, 26-Nov-2022 03:44:58 GMT; Max-Age=86400; path=/ online_idcompteurcc_2052431=done; expires=Fri, 25-Nov-2022 03:47:58 GMT; Max-Age=180; path=/ originecc_2052431=United%2BStates%2523United%2BStates%2BCity%252313995%257CCanada%2523Canada%2BCity%25234534%257CCanada%2523Burnaby%25232311%257CUnited%2BStates%2523Boardman%25231720%257CUnited%2BStates%2523Chicago%2523844%257CUnited%2BStates%2523Fort%2BLauderdale%2523650%257CRussian%2BFederation%2523Moscow%2523628%257CNew%2BZealand%2523Auckland%2523528%257CMalaysia%2523Kuala%2BLumpur%2523246%257CKorea%252C%2BRepublic%2Bof%2523Jungnang%2523183%257CGermany%2523Frankfurt%2BAm%2BMain%2523181%257CUnited%2BStates%2523Wilmington%2523166%257CUnited%2BStates%2523Seattle%2523165%257CUnited%2BStates%2523Los%2BAngeles%2523156%257CMalaysia%2523Malaysia%2BCity%2523154%257CNetherlands%2523Netherlands%2BCity%2523150%257CCanada%2523Toronto%2523145%257CUnited%2BKingdom%2523London%2523142%257CUnited%2BStates%2523San%2BJose%2523138%257CRussian%2BFederation%2523Kazan%2523128%257CUnited%2BKingdom%2523United%2BKingdom%2BCity%2523127%257CUnited%2BStates%2523Raleigh%2523119%257CUnited%2BStates%2523Lenexa%2523114%257CIreland%2523Dublin%2523102%257CRussian%2BFederation%2523Saint%2BPetersburg%252397%257CUnited%2BKingdom%2523Bath%252396%257CKorea%252C%2BRepublic%2Bof%2523Korea%252C%2BRepublic%2Bof%2BCity%252381%257CSingapore%2523Singapore%252378%257CUnited%2BStates%2523Las%2BVegas%252371%257C; expires=Fri, 25-Nov-2022 03:47:58 GMT; Max-Age=180; path=/ online_2052431=3; expires=Fri, 25-Nov-2022 03:47:58 GMT; Max-Age=180; path=/ jour_2052431=14; expires=Fri, 25-Nov-2022 03:47:58 GMT; Max-Age=180; path=/ total_2052431=32158; expires=Fri, 25-Nov-2022 03:47:58 GMT; Max-Age=180; path=/ bonus_2052431=2036; expires=Sat, 26-Nov-2022 03:44:58 GMT; Max-Age=86400; path=/ bonus_j_2052431=1; expires=Fri, 25-Nov-2022 03:47:58 GMT; Max-Age=180; path=/
cache-control: public, max-age=180
expires: Fri, 25 Nov 2022 03:47:58 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a2YsLaH9G8K6CBF5roSaIPigQs02CDfVMNjXiloAyWQ%2F3m%2BosMt4OhL2kA5iNSjuYf12a25xy99UmZzTMK2ZKpBQXbblWkGciM5iaVhkI1LNupd%2BzfakjUIBavW7Mo2H"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 76f76396af66b503-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (366)
Size:   2146
Md5:    28d14c688ef2c74c97809f24b036ef06
Sha1:   8257dbe6d1fa1489718a7f6237a59a5a95a38f59
Sha256: 6f507fb6cb26bb483c2a0be683caae4f727b667490bc13d495ad608bf8e6530d
                                        
                                            GET /counter.js HTTP/1.1 
Host: cleverjump.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         217.23.10.44
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx/1.18.0
Date: Fri, 25 Nov 2022 03:45:00 GMT
Content-Length: 5571
Last-Modified: Wed, 20 Jan 2021 12:50:32 GMT
Connection: keep-alive
ETag: "60082718-15c3"
Expires: Sat, 26 Nov 2022 03:45:00 GMT
Cache-Control: max-age=86400
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   5571
Md5:    83126dc4af783a2179ab362a5bbec530
Sha1:   b1fe91477d92ab09066f28ddda5b31a4bf0f1689
Sha256: cb1ef4607e93916a5dd30beae4617069924cb5f10edb65d8f93468c3fbdc1dc4
                                        
                                            GET /-oWRu5vITrsI/UAqrN2SO1lI/AAAAAAAAIII/yjpQEpV6JXQ/w72-h72-p-k-no-nu/Terubuk_panggang_thumb.jpg?imgmax=800 HTTP/1.1 
Host: lh4.ggpht.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/

search
                                         142.250.74.161
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Access-Control-Expose-Headers: Content-Length
ETag: "v2082"
Expires: Sat, 26 Nov 2022 03:45:00 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="Terubuk_panggang_thumb.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Fri, 25 Nov 2022 03:45:00 GMT
Server: fife
Content-Length: 4438
X-XSS-Protection: 0


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Size:   4438
Md5:    e5da03200eb0aeb348f5aa8f3bdc9534
Sha1:   7782d977167e02dab1442bb9bcbb4fde45b4c91e
Sha256: 0fe473ced7b8b688f9ec47d08f828c7333e51e1d9050050610c63d921264651d
                                        
                                            GET /-WgXEMBXEJRQ/UOm__1oU6YI/AAAAAAABMSA/kqK7avYG5QU/w72-h72-p-k-no-nu/10+Artis+Hollywod+Terseksi+Dan+tercantik+2012+1+(1).jpg HTTP/1.1 
Host: 3.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/

search
                                         142.250.74.161
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Access-Control-Expose-Headers: Content-Length
ETag: "v13120"
Expires: Sat, 26 Nov 2022 03:45:00 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="10 Artis Hollywod Terseksi Dan tercantik 2012 1 (1).jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Fri, 25 Nov 2022 03:45:00 GMT
Server: fife
Content-Length: 3465
X-XSS-Protection: 0


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Size:   3465
Md5:    4e5417d00b66e7bec45ffc63117ab5ab
Sha1:   186e30ae23f1d7bc0ecc416c7e6b73ee03c3fae1
Sha256: 9ec18f8d01dbb5847c7fe4fd1ec7b923781122f3d21687a4205a6ecc81ad4e66
                                        
                                            GET /-eVlUkj_6Tbk/UVDU2N60GlI/AAAAAAABfEE/GCKFVi3I8RQ/w72-h72-p-k-no-nu/xlupadotcom116.jpg HTTP/1.1 
Host: 4.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/

search
                                         142.250.74.161
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Access-Control-Expose-Headers: Content-Length
ETag: "v17c42"
Expires: Sat, 26 Nov 2022 03:45:00 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="xlupadotcom116.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Fri, 25 Nov 2022 03:45:00 GMT
Server: fife
Content-Length: 3528
X-XSS-Protection: 0


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Size:   3528
Md5:    7268df84f64da1d4fdf6292155aba8ab
Sha1:   58f4088d8c7ed3a06e32bdae018e91b66f382675
Sha256: 77bc4e6b9dafa18c88abec5a07730a708c460234238f36bf9d6d22671cd2ed44
                                        
                                            GET /--vlu7teUNs0/Um3Cy7lLRHI/AAAAAAAB0oE/dJscXxVoaXw/w72-h72-p-k-no-nu/riri_thumb.jpg?imgmax=800 HTTP/1.1 
Host: lh4.ggpht.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/

search
                                         142.250.74.161
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Access-Control-Expose-Headers: Content-Length
ETag: "v1d718"
Expires: Sat, 26 Nov 2022 03:45:00 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="riri_thumb.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Fri, 25 Nov 2022 03:45:00 GMT
Server: fife
Content-Length: 3306
X-XSS-Protection: 0


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, software=Google], baseline, precision 8, 72x72, components 3\012- data
Size:   3306
Md5:    f76b86e0e3341faac9a8e122af17e2d4
Sha1:   c74f4789579f53032594af71567303cbdd8bed1a
Sha256: afe1c1ddef0e6745828102a24f25577748e9c896c223c764b0410202cd2d7ae1
                                        
                                            GET /box/?boxid=438668&boxtag=56x6cw&sec=form HTTP/1.1 
Host: www7.cbox.ws
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
Upgrade-Insecure-Requests: 1

search
                                         104.149.151.166
HTTP/1.1 204 No Content
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Fri, 25 Nov 2022 03:45:00 GMT
Connection: keep-alive
P3P: CP="NOI DSP COR NID CURa OUR NOR"
Expires: Sat, 25 Nov 2023 03:42:14 GMT
Cache-Control: public, max-age=31536000
X-Cache: HIT

                                        
                                            GET /-TY5qR2KsKBM/Uz7RqU65fwI/AAAAAAAB1UM/K4kU4nVMAFI/w72-h72-p-k-no-nu/ne_03.2_thumb.jpg?imgmax=800 HTTP/1.1 
Host: lh5.ggpht.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/

search
                                         142.250.74.161
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Access-Control-Expose-Headers: Content-Length
ETag: "v1d544"
Expires: Sat, 26 Nov 2022 03:45:00 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="ne_03.2_thumb.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Fri, 25 Nov 2022 03:45:00 GMT
Server: fife
Content-Length: 3834
X-XSS-Protection: 0


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, software=Google], baseline, precision 8, 72x72, components 3\012- data
Size:   3834
Md5:    d26ed3b792fa31d0c4834ddb9ea91b73
Sha1:   5b01dd674b687ddb9beb222b41c6c54263b15e23
Sha256: 4e2c13e0026723ac8936d083412802039ed947b0f36076fa1b92f4c2299b33ac
                                        
                                            GET /box/?boxid=438668&boxtag=56x6cw&sec=main HTTP/1.1 
Host: www7.cbox.ws
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
Upgrade-Insecure-Requests: 1

search
                                         104.149.151.166
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Fri, 25 Nov 2022 03:45:00 GMT
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="NOI DSP COR NID CURa OUR NOR"
Expires: Wed, 17 Nov 2004 05:00:00 GMT
Last-Modified: Thu, 25 Nov 2021 03:45:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
X-Cache: MISS
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   653
Md5:    d0d05a23cb23fe35908361694e15b565
Sha1:   d14818ca4dc04d998081b92c3975ff6e9f6dcdea
Sha256: 1fe598dd28104053751c17c7371ef1e42ec25c08b513993cbc93a4f6b4b9c716
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 4lpj9RcUn1DSbbRGzT+hpw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         34.214.236.46
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: RtE9D9dYwZylM3HxZTpyHG3as8A=

                                        
                                            GET /albums/h260/toonybug/postimage.png HTTP/1.1 
Host: i66.photobucket.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://pak-janggut.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         143.204.55.54
HTTP/2 200 OK
content-type: image/webp
                                        
content-length: 1964
date: Fri, 25 Nov 2022 03:45:00 GMT
cache-control: max-age=31536000, public
content-disposition: inline; filename="postimage.webp"
expires: Sat, 25 Nov 2023 03:45:00 GMT
server: photobucket
x-amzn-trace-id: Root=1-63803a3c-0ab004d96ded7fa643f423b7
x-request-id: -ogpNZdhzVf3ZxCqnaKGp
x-cache: Miss from cloudfront
via: 1.1 814e8c24454087e83cd261a6cf477166.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 4ERW32bzOl3u2QDP-tVwW-JpBhxVJ2i97qVOZGJici_Mmgg8sem7Ow==
vary: Accept, Origin
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   1964
Md5:    7c97b842c78875c6ec36e6f15281a0d7
Sha1:   6c74bf1c6f860006eeaf58b4c5d73aeed3a52ce7
Sha256: a561536555277e841424fa2139b09af34ad672769e8a51ad8f9e316f519d4dc5
                                        
                                            GET /-tie7urc44Hs/UwnqPwM8vMI/AAAAAAAB1N8/NZ46Azx3nG8/w72-h72-p-k-no-nu/pmlkpagetmur1_thumb%25255B1%25255D.jpg?imgmax=800 HTTP/1.1 
Host: lh5.ggpht.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/

search
                                         142.250.74.161
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Access-Control-Expose-Headers: Content-Length
ETag: "v1d4e0"
Expires: Sat, 26 Nov 2022 03:45:00 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="pmlkpagetmur1_thumb[1].jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Fri, 25 Nov 2022 03:45:00 GMT
Server: fife
Content-Length: 3681
X-XSS-Protection: 0


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, software=Google], baseline, precision 8, 72x72, components 3\012- data
Size:   3681
Md5:    68a282e9e18933f7c2327430d2730979
Sha1:   5bad204702f9c3c6cf2e0bed20f09c611aa5511d
Sha256: 0ca5716b4f9fa177e51792a0884b3bf004bb021a2cc564453d3cc2f80214c32a
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: max-age=106073
Date: Fri, 25 Nov 2022 03:45:00 GMT
Etag: "637f3595-118"
Expires: Sat, 26 Nov 2022 09:12:53 GMT
Last-Modified: Thu, 24 Nov 2022 09:12:53 GMT
Server: nginx
Content-Length: 280

                                        
                                            GET /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js HTTP/1.1 
Host: www.widgeo.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.widgeo.net/geocompteur/geocity_html.php?id=2052431&c=geocity_rose&size=&nostats=&title=Pak%20Janggut%20Tukang%20Cerita%3A%20Siapa%20Sebenarnya%20Tasha%20Manshahar%3F&ref=pak-janggut.blogspot.com&fullurl=http%3A%2F%2Fpak-janggut.blogspot.com%2F2013%2F03%2Fsiapa-sebenarnya-tasha-manshahar.html

search
                                         104.26.10.22
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Fri, 25 Nov 2022 03:45:00 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 22 Nov 2022 13:35:09 GMT
ETag: W/"637cd00d-302c"
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bG1TPP5imxUUrSzkbTP3lvMArE7JScEOazWweaS2mQ05ce0ekbRuSqYoCzyy1diCahW6Imm1o0AlUIAPvPgMVdTS42RI16Xo6RvTug%2B0VRxMEMYIjjVxvp2riYK0uJ9G"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f76398e8d2b503-OSL
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Expires: Sun, 27 Nov 2022 03:45:00 GMT
Cache-Control: max-age=172800, public
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (12331)
Size:   3886
Md5:    54c87b7a9007d256c837e382cab4170d
Sha1:   6c8f44204021f68596af9ae5a742c3ad1b76a6ec
Sha256: 3a09f98b09786cd8fbe71cc17d07660e767fc1c8d2ea467f912bc328766a54a1
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 0
Cache-Control: max-age=106073
Date: Fri, 25 Nov 2022 03:45:00 GMT
Etag: "637f3595-118"
Expires: Sat, 26 Nov 2022 09:12:53 GMT
Last-Modified: Thu, 24 Nov 2022 09:12:53 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 280

                                        
                                            GET /geocompteur/shadow/flag_new%20zealand.png HTTP/1.1 
Host: www.widgeo.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.widgeo.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.26.10.22
HTTP/2 200 OK
content-type: image/webp
                                        
date: Fri, 25 Nov 2022 03:45:00 GMT
content-length: 940
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=1173
content-disposition: inline; filename="flag_new%20zealand.webp"
vary: Accept
cache-control: public, max-age=2592000
expires: Fri, 23 Dec 2022 03:15:52 GMT
last-modified: Thu, 20 Jun 2019 15:14:42 GMT
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 174547
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NtjlkjxauFDVoXF82cOaFOkbV10LjFJnVTBL%2BUh2v7u5TvT0DO07rmQ5sGihO1jo5tP3%2FQHUx4BiwJHkvjPZTHJ86RYA3MGewUsPaiaCrSs8EKz29rKv163WWIJ%2B2z0%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76f76398fa3cb506-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   940
Md5:    8719b63ac81155fd64422298ef8a8b25
Sha1:   c034b5869772ddf1675ebdbeb3c0d3c540738c24
Sha256: b313f56a36c855a1a34a02b96910ee4307e553a28a6e52bc64e2ab1bc2cfdae5
                                        
                                            GET /geocompteur/shadow/flag_russian%20federation.png HTTP/1.1 
Host: www.widgeo.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.widgeo.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.26.10.22
HTTP/2 200 OK
content-type: image/webp
                                        
date: Fri, 25 Nov 2022 03:45:00 GMT
content-length: 680
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=857
content-disposition: inline; filename="flag_russian%20federation.webp"
vary: Accept
cache-control: public, max-age=2592000
expires: Mon, 28 Nov 2022 00:43:35 GMT
last-modified: Thu, 20 Jun 2019 15:14:42 GMT
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 2343684
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IeH2gUHvjQJxeEAoNOkmIYk9AQA096RYdlFBf%2BG3G%2F8MlRYYi%2BmmCRlqF0GtPU%2BtYeFS1wwi2ox64LLYRm%2FhA1APx0VH5U9jVmvjiknpGU1RTR609i4bsJCSs2AYD9RS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76f76398fa3bb506-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   680
Md5:    852881aef6d6a8bca3123c3201f64c74
Sha1:   0e5ef2c61383bb79c8a6ea068d9a688631d844fa
Sha256: 41c20a2d0dc8fe26ec1e5c7e71b5d82fc09e7ce0bd30db7abb516474f5c186a1
                                        
                                            GET /BidVertiser.dbm?pid=361547&bid=1169949&RD=3278650831377&DIF=1&bd_ref_v=pak-janggut.blogspot.com&tref=1&win_name=null&docref=&jsrand=3278650831377&js1loc=-&loctitle=%20Pak%20Janggut%20Tukang%20Cerita%3A%20Siapa HTTP/1.1 
Host: bdv.bidvertiser.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
Upgrade-Insecure-Requests: 1

search
                                         54.241.51.109
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Date: Friday, 25-Nov-2022 03:45:00 GMT
Cache-Control: no-store
Last-Modified: Thursday, 25-Nov-2021 03:45:00 GMT
Set-Cookie: bdv_c11p=244; domain=.bidvertiser.com; path=/; expires=Sat, 26-Nov-2022 03:45:00 GMT bdv_c11p=1_1_1; domain=.bidvertiser.com; path=/; expires=Sat, 26-Nov-2022 03:45:00 GMT
P3P: policyref="http://www.bidvertiser.com/bdv/bidvertiser/p3p.xml", CP="NOI DEV PSA PSD IVA OTP OUR OTR IND OTC"
Content-Len: 5305
CONNECTION: Close


--- Additional Info ---
Magic:  data
Size:   6295
Md5:    95bb7c7bf0333fdfdae472903938b1fd
Sha1:   6b7da20deb035379d7d3845018ebce87bc1fce12
Sha256: 777f435bd2ac5b4cc3e1f8da02c4845fc9dd950fa31bb6ee4c0e25e511711eeb
                                        
                                            GET /geocompteur/shadow/flag_united%20kingdom.png HTTP/1.1 
Host: www.widgeo.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.widgeo.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.26.10.22
HTTP/2 200 OK
content-type: image/webp
                                        
date: Fri, 25 Nov 2022 03:45:00 GMT
content-length: 1220
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=1459
content-disposition: inline; filename="flag_united%20kingdom.webp"
vary: Accept
cache-control: public, max-age=2592000
expires: Sun, 27 Nov 2022 07:52:38 GMT
last-modified: Thu, 20 Jun 2019 15:14:42 GMT
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 2404342
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ly9DkRcbRmvGM%2Bi9lD7QccwLMBlTbP4DvoRA0%2FwkJpFyu3gfht6TKarrNWOv2KHgR6R1RrOkA0JRuv5z35%2F8QpQmA0%2FuitCJrdjUTuNBca9ePMH5aNnwEK6pNEIEz4IJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76f76398fa41b506-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   1220
Md5:    0fca0f8c1f72968c8849d783accae326
Sha1:   6d6f3b4500a3f1fccc3474d59c716b2f60a59ea4
Sha256: c1319ad29f9822f08a6740f0b89e91127cfb11a449f99528f0a7928156032c9e
                                        
                                            GET /geocompteur/shadow/flag_netherlands.png HTTP/1.1 
Host: www.widgeo.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.widgeo.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.26.10.22
HTTP/2 200 OK
content-type: image/webp
                                        
date: Fri, 25 Nov 2022 03:45:00 GMT
content-length: 710
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=892
content-disposition: inline; filename="flag_netherlands.webp"
vary: Accept
cache-control: public, max-age=2592000
expires: Sat, 10 Dec 2022 23:05:41 GMT
last-modified: Thu, 20 Jun 2019 15:14:42 GMT
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 1226359
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GvoNKrakBP1RxF%2BOBV1U03afkbiIIInCx7%2F5iPhMiexiGyIf1WL94ayzAoyyXFQaNwVWqRwlywK14A8Dowa3cHkYHoFiBI3XFCkgsENOAtz5jKjt8hxjIX319JmSrGJd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76f76398fa40b506-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   710
Md5:    4d48534384964664d122ef558ebf1acd
Sha1:   8cbccb6b66f6161c329f9945b58e79e09640cc90
Sha256: 286ee399704cd53efeabbca51dfc8459fb9633265ae4e9e046610f7d61d087bb
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: max-age=106073
Date: Fri, 25 Nov 2022 03:45:00 GMT
Etag: "637f3595-118"
Expires: Sat, 26 Nov 2022 09:12:53 GMT
Last-Modified: Thu, 24 Nov 2022 09:12:53 GMT
Server: nginx
Content-Length: 280

                                        
                                            GET /geocompteur/shadow/flag_canada.png HTTP/1.1 
Host: www.widgeo.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.widgeo.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.26.10.22
HTTP/2 200 OK
content-type: image/webp
                                        
date: Fri, 25 Nov 2022 03:45:00 GMT
content-length: 886
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=1148
content-disposition: inline; filename="flag_canada.webp"
vary: Accept
cache-control: public, max-age=2592000
expires: Sat, 24 Dec 2022 07:00:43 GMT
last-modified: Thu, 20 Jun 2019 15:14:42 GMT
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 74655
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9wPL%2FxB6cllEE5aeYmr2eM5gESOAiEqZzeuwLFDkeZhaLo%2BvXSkPreEbU%2FmEpIVCJrT%2F2QqEBqNYUfcLYWSp73x9CVIGRYmk7UxR4v2kr3QqwlsfKyHjxEIU%2BqIv80pk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76f76398fa46b506-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   886
Md5:    9dfda6415875b226812181f7ea64fcc8
Sha1:   6cdf4ed8b0a4d6a748510ab74d772183a55bdf38
Sha256: b5e378613935ec7dabd4e11e095b4141b16462909085a185e3a093c8900e6a55
                                        
                                            GET /geocompteur/shadow/flag_korea,%20republic%20of.png HTTP/1.1 
Host: www.widgeo.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.widgeo.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.26.10.22
HTTP/2 200 OK
content-type: image/webp
                                        
date: Fri, 25 Nov 2022 03:45:00 GMT
content-length: 814
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=1163
content-disposition: inline; filename="flag_korea,%20republic%20of.webp"
vary: Accept
cache-control: public, max-age=2592000
expires: Sat, 17 Dec 2022 10:21:59 GMT
last-modified: Thu, 20 Jun 2019 15:14:42 GMT
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 667380
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Na9uKIf6TrSbEz7LwiQnwtWTXCtABVZ3NHwKiNbCVMg3U0xZgmw1BxMQ7YSAmZQrwLpIp42lUk3k1dHf3pg6ePeSPlz6I8b9w14n5Zm%2FBiWgQSI%2B0GlyyBcR8U7IWuOh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76f76398fa3eb506-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   814
Md5:    ec4b0c854ec18061c7bafbe9ac9d1c3b
Sha1:   77c850ef6479e29a631dba64d06ccc1eefb1adc6
Sha256: 48f6236fb62cb417c5d00552052f378bfd1a82ca9f21f341c69390fd346fd439
                                        
                                            GET /geocompteur/shadow/flag_singapore.png HTTP/1.1 
Host: www.widgeo.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.widgeo.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.26.10.22
HTTP/2 200 OK
content-type: image/webp
                                        
date: Fri, 25 Nov 2022 03:45:00 GMT
content-length: 768
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=939
content-disposition: inline; filename="flag_singapore.webp"
vary: Accept
cache-control: public, max-age=2592000
expires: Sun, 04 Dec 2022 21:13:02 GMT
last-modified: Thu, 20 Jun 2019 15:14:42 GMT
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 1751517
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JTvXhsP8XfiAWw3z9DiX%2FmDgCjGvjK%2BkIrACCQAAivuY3tOOh9pwvmz1dWuaRsNpb%2FN6vvCuWy0bVDQPgqyx8JpkmBLBRBLhLKk9luMhUqAugikvBxydCeXozwYK8LQa"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76f76398fa45b506-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   768
Md5:    931d98f74f8bbb82364a40f7c3c5ea3b
Sha1:   f844a679d51126b38659a25e9c71c748da392714
Sha256: 04f122230781518f0b5807695a1c731e33bea9ba0264d612c799485074204627
                                        
                                            GET /geocompteur/shadow/flag_germany.png HTTP/1.1 
Host: www.widgeo.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.widgeo.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.26.10.22
HTTP/2 200 OK
content-type: image/webp
                                        
date: Fri, 25 Nov 2022 03:45:00 GMT
content-length: 686
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=873
content-disposition: inline; filename="flag_germany.webp"
vary: Accept
cache-control: public, max-age=2592000
expires: Sat, 26 Nov 2022 19:27:53 GMT
last-modified: Thu, 20 Jun 2019 15:14:42 GMT
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 2449027
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O2tqFJWxuBgFTNn5dZd%2Bop31v1Drn9PX8J4Bjd4kfO3tu5q7Vng20F0B%2FCsUtTzSnjHqWOtB5LHq%2FzZ1BXbmxnTSLTgUbD64VzeVLeBFmlVFRKQatqLorK%2FwwlxVbIFX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76f76398fa3fb506-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   686
Md5:    1c667705cee250254b246ed54d521b22
Sha1:   ebb8e80e0820a7e73926c5d2ff02c5f74c9925b1
Sha256: 1b4f1b8a79090e222e116c0bb9a7333a8b88f41dd2172122f67e8c0f1a6c2e21
                                        
                                            GET /geocompteur/shadow/flag_ireland.png HTTP/1.1 
Host: www.widgeo.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.widgeo.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.26.10.22
HTTP/2 200 OK
content-type: image/webp
                                        
date: Fri, 25 Nov 2022 03:45:00 GMT
content-length: 712
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=937
content-disposition: inline; filename="flag_ireland.webp"
vary: Accept
cache-control: public, max-age=2592000
expires: Fri, 23 Dec 2022 12:40:14 GMT
last-modified: Thu, 20 Jun 2019 15:14:42 GMT
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 140685
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0OjBcp0H683%2Fav9IF3PuM6qcldF7mqS0wsdBC8CZsOMaxGq0zn2Y11dQje8a0a9q52kcyQo5tFz26pSJ%2Fi13AuDyJJ3k2YAxAYaAs5oKazWN53m35qRUyaZNMw64Wu2v"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76f76398fa43b506-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   712
Md5:    8e55f246106bcd5ae49ef1a026ec80d3
Sha1:   a5afe18fe64456cbb16e31287f4106228267f584
Sha256: eaf4b1563a65fb7bd06ace795835a00a4f491a48506996bd65c161d35002351e
                                        
                                            GET /geocompteur/shadow/flag_united%20states.png HTTP/1.1 
Host: www.widgeo.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.widgeo.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.26.10.22
HTTP/2 200 OK
content-type: image/webp
                                        
date: Fri, 25 Nov 2022 03:45:00 GMT
content-length: 1008
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=1214
content-disposition: inline; filename="flag_united%20states.webp"
vary: Accept
cache-control: public, max-age=2592000
expires: Thu, 15 Dec 2022 19:39:07 GMT
last-modified: Thu, 20 Jun 2019 15:14:42 GMT
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 806752
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NCpQgQhIkeVKF6twSBL7l8h719mor3asRs%2BkuMeWfI4J%2BW95ETi%2FahLbO5StejZZxz1dsQ%2BVUs134iaT1s4JIToqWpNAREonEDr5IBb6xCCesaPqzfv0vcur6Vv4U53c"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76f76398fa44b506-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   1008
Md5:    03d9bb2b449e6e964d86aec6d71b6856
Sha1:   e9b1da7fa7d59eaa78b2e2ad681c1e126fb55aa8
Sha256: 6baa676f5ca2682fd2d7945ca2d3b06759d8a1bdd4974e4c3e00b80643410399
                                        
                                            GET /hit?z0;s1280*1024*24;fRzRhAJ0YIgDBn2kJX7NwdP03EnbkSG;cshb2;r;uhttp%3A%2F%2Fpak-janggut.blogspot.com%2F2013%2F03%2Fsiapa-sebenarnya-tasha-manshahar.html;hPak%20Janggut%20Tukang%20Cerita%3A%20Siapa%20Sebenarnya%20Tasha%20Manshahar%3F;0.16462144719185323 HTTP/1.1 
Host: cleverjump.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         217.23.10.44
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx/1.18.0
Date: Fri, 25 Nov 2022 03:45:00 GMT
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.2.34
P3P: CP=CleverJump
Set-Cookie: _cjuh=r7BthF9p3jApSS6cFSGTre30n5Ufz9; expires=Sat, 25-Nov-2023 03:45:00 GMT; Max-Age=31536000; path=/hit; httponly; SameSite=None; Secure

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: max-age=106073
Date: Fri, 25 Nov 2022 03:45:00 GMT
Etag: "637f3595-118"
Expires: Sat, 26 Nov 2022 09:12:53 GMT
Last-Modified: Thu, 24 Nov 2022 09:12:53 GMT
Server: nginx
Content-Length: 280

                                        
                                            GET /albums/h260/toonybug/divider-9.png HTTP/1.1 
Host: i66.photobucket.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://pak-janggut.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         143.204.55.54
HTTP/2 200 OK
content-type: image/webp
                                        
content-length: 23600
date: Fri, 25 Nov 2022 03:45:00 GMT
cache-control: max-age=31536000, public
content-disposition: inline; filename="divider-9.webp"
expires: Sat, 25 Nov 2023 03:45:00 GMT
server: photobucket
x-amzn-trace-id: Root=1-63803a3c-3702e4ea743e5a8519bf1176
x-request-id: ViM0jw_Rq3QQf9CMPoHZl
x-cache: Miss from cloudfront
via: 1.1 814e8c24454087e83cd261a6cf477166.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ZcW9xPRnNnAl9iKQswAb1E6GwEXaxn6_21V_e0WnxYV8ivRzWgfM4Q==
vary: Accept, Origin
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   23600
Md5:    1e9929d28305d0d1ee747a5cc2720950
Sha1:   7e30aa627a668c6fb4255263eea518d48a39f847
Sha256: 3ec6ad44f4ed89b90afc1db1d8f36e87558691e4741d00ddd804dbb22e7bf145
                                        
                                            GET /tcm_t_u.js HTTP/1.1 
Host: www.widgeo.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         104.26.10.22
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Fri, 25 Nov 2022 03:45:00 GMT
content-length: 0
cf-bgj: minify
cf-polished: origSize=4360
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 02:34:50 GMT
last-modified: Sat, 01 Oct 2022 00:32:25 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 4209
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7U0KMbkwvn2QkKDvBMB7rLODh5au2o6EEG6e20mTG11FEAG5RtK3Mzu156kD9Vm%2FADOOAKDvS44cSrKFVLgFCzT2t6W5CmdTP2Pyi04cbgmVVs%2BNbcrDBydJILnggjzM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76f763999a67b506-OSL
X-Firefox-Spdy: h2

                                        
                                            GET /BidVertiser.dbm?pid=361547%26bid=1169953 HTTP/1.1 
Host: bdv.bidvertiser.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/

search
                                         54.241.51.109
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Pragma: no-cache
Cache-Control: no-store
Expires: -1
Connection: close
Content-Length: 9014


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   9014
Md5:    0d489677aaa27440619b64706f2cafe9
Sha1:   b87bf2207059e1db5a939e804c7e586e7b8ad125
Sha256: 0dab6095a7e07c26dc21102cfb0e3e81eda68ed0681d34b23719bd31bc188539
                                        
                                            GET /images/banner/banner180.gif HTTP/1.1 
Host: www.kekcoklat.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/

search
                                         192.185.225.6
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Fri, 25 Nov 2022 03:45:00 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Tue, 08 May 2012 04:36:55 GMT
Accept-Ranges: bytes
Content-Length: 57811
Keep-Alive: timeout=5, max=75


--- Additional Info ---
Magic:  GIF image data, version 89a, 180 x 60\012- data
Size:   57811
Md5:    a741428fab4e3f6215f41f8a41200be3
Sha1:   2f2110a1ea3f1fe6be661d72e61b51c7fdbb2a87
Sha256: 68fc167c81c53c0f80769227b3db5ce7cbddef69e0c00fc3512714edf03faf91
                                        
                                            GET /BidVertiser.dbm?pid=361547&bid=1167641&RD=5719595215452&DIF=1&bd_ref_v=pak-janggut.blogspot.com&tref=1&win_name=null&docref=&jsrand=5719595215452&js1loc=-&loctitle=%20Pak%20Janggut%20Tukang%20Cerita%3A%20Siapa HTTP/1.1 
Host: bdv.bidvertiser.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
Upgrade-Insecure-Requests: 1

search
                                         54.241.51.109
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Date: Friday, 25-Nov-2022 03:45:00 GMT
Cache-Control: no-store
Last-Modified: Thursday, 25-Nov-2021 03:45:00 GMT
Set-Cookie: bdv_c11p=244; domain=.bidvertiser.com; path=/; expires=Sat, 26-Nov-2022 03:45:00 GMT bdv_c11p=1_1_1; domain=.bidvertiser.com; path=/; expires=Sat, 26-Nov-2022 03:45:00 GMT
P3P: policyref="http://www.bidvertiser.com/bdv/bidvertiser/p3p.xml", CP="NOI DEV PSA PSD IVA OTP OUR OTR IND OTC"
Content-Len: 5305
CONNECTION: Close


--- Additional Info ---
Magic:  data
Size:   26299
Md5:    dac80ae7970470c21f46f06614f13675
Sha1:   6131c5951a52f73e726452e25e750bb32c5c41d9
Sha256: 493ab25ac08e51b0b1702ea2773f5df933d0bf97b899e6c69eb978e0edea481a
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 25 Nov 2022 03:45:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 25 Nov 2022 03:45:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu HTTP/1.1 
Host: www.google.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.164
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
expires: Fri, 25 Nov 2022 03:45:00 GMT
date: Fri, 25 Nov 2022 03:45:00 GMT
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 665
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1034), with no line terminators
Size:   665
Md5:    34e37af4d526255a20a2056cd5f4addf
Sha1:   bcac186d6a49539e69a3f67aa08d0188966f5623
Sha256: 51a2c479b272414cb9d7e1ec62edffbad01217068b73d516d33cb8f26a4fc634
                                        
                                            GET /hit/get-uid.php HTTP/1.1 
Host: cleverjump.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://pak-janggut.blogspot.com
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
Cookie: _cjuh=r7BthF9p3jApSS6cFSGTre30n5Ufz9
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         217.23.10.44
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx/1.18.0
Date: Fri, 25 Nov 2022 03:45:00 GMT
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.2.34
Access-Control-Allow-Origin: http://pak-janggut.blogspot.com
Access-Control-Allow-Credentials: true


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   30
Md5:    e5052e1a91cc47a316f57daf8adc042b
Sha1:   4af14f1a3e59020f75f16491f3c72e7445631c5b
Sha256: f6a6ca8b4abcf26c15d5f01a67f197de02a569c2d883db9968fb9b91f188966f

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            OPTIONS /log?format=json&hasfast=true&authuser=0 HTTP/1.1 
Host: play.google.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Referer: https://www.blogger.com/
Origin: https://www.blogger.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.110
HTTP/2 200 OK
content-type: text/plain; charset=UTF-8
                                        
access-control-allow-origin: https://www.blogger.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
date: Fri, 25 Nov 2022 03:45:00 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: CONSENT=PENDING+650; expires=Sun, 24-Nov-2024 03:45:00 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 25 Nov 2022 03:45:00 GMT
cache-control: private
X-Firefox-Spdy: h2

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 25 Nov 2022 03:45:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 25 Nov 2022 03:45:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js HTTP/1.1 
Host: www.widgeo.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.widgeo.net/hitparade.php?pagexiti=geocity_rose
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.26.10.22
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Fri, 25 Nov 2022 03:45:00 GMT
last-modified: Tue, 22 Nov 2022 13:35:09 GMT
etag: W/"637cd00d-302c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hct%2Ff1bMjh1D%2B8mdLtU6pxn6IBQR0Ox7EyCZd6J01YWNaZmcVqZKCoMNnhI%2B3JS7VIhSqErHDazztSXTE%2FlvuhPvFkyGHGFnbaY2D6thbRtrtEI73yb6nKqYKJEmO9l1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f7639b4b09b506-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Sun, 27 Nov 2022 03:45:00 GMT
cache-control: max-age=172800, public
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (12331)
Size:   4017
Md5:    90667e6832a33b1f07ffcdccf8f06d2f
Sha1:   5a79f00328c43d5ffddc42c08a4f026232c4fc1b
Sha256: d709a1a53d68b9a576b314e5e8ea9fb57a8b309aa2bfaf00295bb5eaa967073c
                                        
                                            GET /gtag/js?id=G-RP7FMTL79Y HTTP/1.1 
Host: www.googletagmanager.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.widgeo.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.168
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 25 Nov 2022 03:45:00 GMT
expires: Fri, 25 Nov 2022 03:45:00 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 75990
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (19102)
Size:   75990
Md5:    755214f930ca0a829d94f4d5efd824c3
Sha1:   9930a0ce92a577600809a6112dce20444eda1702
Sha256: 6ba2065604ad2974d1e50b741039655a7bf43f571708664bf326cb101f9bf7b4
                                        
                                            GET /recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js HTTP/1.1 
Host: www.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
Origin: https://www.blogger.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.163
HTTP/2 200 OK
content-type: text/javascript
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 162976
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Nov 2022 09:43:42 GMT
expires: Fri, 24 Nov 2023 09:43:42 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 14 Nov 2022 03:01:59 GMT
age: 64878
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (730)
Size:   162976
Md5:    79d18cf4265108d7cecca1bf4ada6109
Sha1:   e51d0285a545381d4c39e9e0292a650ffeeecbb9
Sha256: 59ce7253f371df0833c3f72d4748ef812002b90a49413c56d0ca7c40bb5a0ab6
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 25 Nov 2022 03:45:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 25 Nov 2022 03:45:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /ccimages/banner180.gif HTTP/1.1 
Host: www.shamsuriyadi.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/

search
                                         113.23.169.115
HTTP/1.1 200 OK
content-type: image/gif
                                        
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=31536000
expires: Sat, 25 Nov 2023 03:44:58 GMT
last-modified: Mon, 05 Mar 2012 05:04:54 GMT
etag: "fee3-4f544976-0;;;"
accept-ranges: bytes
content-length: 65251
date: Fri, 25 Nov 2022 03:44:58 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade


--- Additional Info ---
Magic:  GIF image data, version 89a, 180 x 60\012- data
Size:   65251
Md5:    e1c391f5ab9c77da204bd9f541a68295
Sha1:   542f2c2871453154990ab8fab80862d2d9fac376
Sha256: f73d96f6cfea71b678c762ccba4f9d5ec7acdd8cd55fce78434f7368a853a6ac
                                        
                                            GET /hit.xiti?s=281802&p=geocity_rose&hl=3x45x0&r=1280x1024x24x24&ref=http://pak-janggut.blogspot.com/ HTTP/1.1 
Host: logv33.xiti.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.widgeo.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         143.204.46.236
HTTP/2 302 Found
content-type: text/html; charset=utf-8
                                        
content-length: 148
date: Fri, 25 Nov 2022 03:45:00 GMT
cache-control: no-store
location: /hit.xiti?s=281802&p=geocity_rose&hl=3x45x0&r=1280x1024x24x24&ref=http://pak-janggut.blogspot.com/&Rdt=On
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
set-cookie: idrxvr=4AAA91B5-CD73-4251-A6E4-EF9455993F84; Path=/; Domain=xiti.com; Expires=Mon, 25 Dec 2023 03:45:00 GMT; HttpOnly atidx=4AAA91B5-CD73-4251-A6E4-EF9455993F84; Path=/; Domain=xiti.com; Expires=Mon, 25 Dec 2023 03:45:00 GMT; HttpOnly; Secure atid=4AAA91B5-CD73-4251-A6E4-EF9455993F84; Path=/; Domain=xiti.com; Expires=Mon, 25 Dec 2023 03:45:00 GMT; HttpOnly; Secure; SameSite=None
strict-transport-security: max-age=15768000
x-cache: Miss from cloudfront
via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: NuWP6iilQcUh0vCu77McTS5PHgjomzlmbaa935UTkKl-NBTPXb0z1Q==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document, ASCII text
Size:   148
Md5:    dbe7b83ef90333319be1786e7bc9d107
Sha1:   ce5d62ed8f7ad95dabfcfe3d2c28c5557926aaa8
Sha256: 8e2dea9e73ab500daebaef5935c473e6355911c5d7024393a2ec965a3ff45cc5
                                        
                                            GET /albums/h260/toonybug/background2-20.jpg HTTP/1.1 
Host: i66.photobucket.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://pak-janggut.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         143.204.55.54
HTTP/2 200 OK
content-type: image/webp
                                        
content-length: 226614
date: Fri, 25 Nov 2022 03:45:00 GMT
cache-control: max-age=31536000, public
content-disposition: inline; filename="background2-20.webp"
expires: Sat, 25 Nov 2023 03:45:00 GMT
server: photobucket
x-amzn-trace-id: Root=1-63803a3c-00c7226f7d8f27e43fa0b097
x-request-id: RA3vKkIJ72xRAM-6cXB2Q
x-cache: Miss from cloudfront
via: 1.1 814e8c24454087e83cd261a6cf477166.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: nOZoKhDTceRpeJ5dTf8njvrzJkAkC9XfS6PkHE4Z8fbNnfEWzJFNbQ==
vary: Accept, Origin
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   226614
Md5:    ef7477fb8ee9a569a09ee99354e024bc
Sha1:   1a7406d2f52fe0a9ead58edd224c0994a9c82fe5
Sha256: 6c1d19b7a44d5762cb0d83a48844d4d109b1a64f31278a9673e6a69fce21fa44
                                        
                                            GET /hit.xiti?s=281802&p=geocity_rose&hl=3x45x0&r=1280x1024x24x24&ref=http://pak-janggut.blogspot.com/&Rdt=On HTTP/1.1 
Host: logv33.xiti.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.widgeo.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         143.204.46.236
HTTP/2 200 OK
content-type: image/gif
                                        
content-length: 373
date: Fri, 25 Nov 2022 03:45:00 GMT
cache-control: no-store
strict-transport-security: max-age=15768000
x-cache: Miss from cloudfront
via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: J8WANk_qIamVtQpqU3hHuiuTnrPp21rr5f22HZWtvsWxkzQk7CKJ7Q==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 39 x 25\012- data
Size:   373
Md5:    29cb2a1e585dff1f4282449fdbbab2d7
Sha1:   075d147195f9dba1862a6f3990d219d7c4389225
Sha256: 86fd3be02ab9497ebb14a884fb226386cd0db257b234b005f0000326ae8c9081
                                        
                                            GET /BidVertiser.dbm?pid=361547&bid=1169954&RD=17625795075553&DIF=1&bd_ref_v=pak-janggut.blogspot.com&tref=1&win_name=null&docref=&jsrand=17625795075553&js1loc=-&loctitle=%20Pak%20Janggut%20Tukang%20Cerita%3A%20Siapa HTTP/1.1 
Host: bdv.bidvertiser.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pak-janggut.blogspot.com/
Upgrade-Insecure-Requests: 1

search
                                         54.241.51.109
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Date: Friday, 25-Nov-2022 03:45:00 GMT
Cache-Control: no-store
Last-Modified: Thursday, 25-Nov-2021 03:45:00 GMT
Set-Cookie: bdv_c11p=244; domain=.bidvertiser.com; path=/; expires=Sat, 26-Nov-2022 03:45:00 GMT bdv_c11p=1_1_1; domain=.bidvertiser.com; path=/; expires=Sat, 26-Nov-2022 03:45:00 GMT
P3P: policyref="http://www.bidvertiser.com/bdv/bidvertiser/p3p.xml", CP="NOI DEV PSA PSD IVA OTP OUR OTR IND OTC"
Content-Len: 4161
CONNECTION: Close


--- Additional Info ---
Magic:  data
Size:   19505
Md5:    c82ca31025c503768f197d43506facf6
Sha1:   65a1fc82a965cd1a12ee006c75a55869a421d914
Sha256: 90e95e7f953b9eb44abc0c2b74ae2340a8b4ffebaca591c90f270affb16332d1
                                        
                                            GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Nov 2022 21:46:16 GMT
expires: Fri, 24 Nov 2023 21:46:16 GMT
cache-control: public, max-age=31536000
age: 21525
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Size:   15552
Md5:    285467176f7fe6bb6a9c6873b3dad2cc
Sha1:   ea04e4ff5142ddd69307c183def721a160e0a64e
Sha256: 5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org