Overview

URLindahjiwadanrupa.blogspot.de/search/label/Gombak
IP 172.217.21.161 (United States)
ASN#15169 GOOGLE
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-12-05 00:54:10 UTC
StatusLoading report..
IDS alerts0
Blocklist alert5
urlquery alerts No alerts detected
Tags None

Domain Summary (58)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
content-signature-2.cdn.mozilla.net (1) 1152 No data No data 34.160.144.191
www.exactseek.com (2) 0 2012-07-08 12:24:14 UTC 2022-12-01 22:37:18 UTC 70.35.204.181 Domain (exactseek.com) ranked at: 11561
s05.flagcounter.com (1) 271392 2017-01-30 08:58:40 UTC 2022-12-03 22:53:08 UTC 66.154.110.218
tzegilo.com (1) 0 2022-01-14 15:27:15 UTC 2022-12-04 17:37:34 UTC 104.21.84.149 Unknown ranking
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-12-04 17:12:39 UTC 34.117.237.239
apis.google.com (2) 105 2013-05-30 23:17:44 UTC 2020-05-14 13:59:47 UTC 172.217.21.174
i3.photobucket.com (2) 964836 2019-08-26 20:50:07 UTC 2022-12-01 22:37:18 UTC 143.204.55.79
magazine.sepakuhosting.net (1) 0 2012-11-20 18:15:42 UTC 2022-12-01 22:37:18 UTC 103.224.212.222 Unknown ranking
partner.googleadservices.com (1) 798 2012-10-03 01:04:21 UTC 2022-12-04 17:17:05 UTC 216.58.207.226
ocsp.sectigo.com (5) 487 2019-11-29 11:50:24 UTC 2021-09-17 20:05:40 UTC 172.64.155.188
freewebsubmission.com (1) 8305 2015-12-17 03:26:10 UTC 2022-12-02 12:55:19 UTC 74.208.47.213
googleping.com (1) 65205 2012-10-03 18:50:36 UTC 2022-12-04 14:49:40 UTC 104.219.251.211
globessl.ocsp.sectigo.com (1) 47382 No data No data 104.18.32.68
track.vcdc.com (1) 248669 2020-10-28 14:14:51 UTC 2022-12-04 22:13:32 UTC 167.233.8.197
www.freewebsubmission.com (1) 0 2015-12-17 09:05:46 UTC 2022-12-02 12:54:11 UTC 74.208.47.213 Domain (freewebsubmission.com) ranked at: 8305
www.apesal.com (2) 0 2012-10-04 03:50:24 UTC 2022-12-04 02:25:02 UTC 188.114.96.1 Unknown ranking
pagead2.googlesyndication.com (3) 101 2021-02-20 15:52:05 UTC 2022-12-04 18:15:34 UTC 172.217.21.162
resources.blogblog.com (1) 13274 2018-07-01 19:33:30 UTC 2020-04-09 16:15:03 UTC 216.58.207.233
1.bp.blogspot.com (2) 8403 2013-05-06 20:18:52 UTC 2020-05-14 01:22:22 UTC 142.250.74.161
lh3.googleusercontent.com (2) 66 2013-05-30 23:27:19 UTC 2020-05-01 19:11:58 UTC 142.250.74.97
checkpagerank.net (2) 407367 2017-01-30 11:24:51 UTC 2022-12-03 07:53:23 UTC 96.30.9.108
www.salam.my (1) 0 2013-05-29 18:48:54 UTC 2015-10-20 04:58:26 UTC 111.90.135.111 Unknown ranking
lazada.go2cloud.org (2) 0 2017-03-07 20:00:31 UTC 2022-12-01 22:37:18 UTC 18.202.12.61 Domain (go2cloud.org) ranked at: 11575
img-getpocket.cdn.mozilla.net (6) 1631 2018-06-21 23:36:00 UTC 2020-02-19 04:43:25 UTC 34.120.237.76
firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-12-04 17:12:40 UTC 34.102.187.140
2.bp.blogspot.com (6) 11071 2013-07-04 03:01:31 UTC 2020-04-28 02:17:39 UTC 142.250.74.65
push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2020-05-03 10:09:39 UTC 52.88.220.109
datatechonert.com (1) 46154 2021-12-24 16:44:17 UTC 2022-12-04 18:54:04 UTC 37.48.68.71
i155.photobucket.com (2) 492446 2019-06-21 20:30:17 UTC 2022-12-04 14:42:50 UTC 143.204.55.106
i155.photobucket.com (2) 492446 2019-06-21 20:30:17 UTC 2022-12-04 14:42:50 UTC 143.204.55.79
indahjiwadanrupa.blogspot.de (1) 0 2013-12-20 20:26:49 UTC 2015-07-13 10:48:02 UTC 142.250.74.33 Unknown ranking
ocsp.digicert.com (11) 86 2012-05-21 07:02:23 UTC 2020-05-02 20:58:10 UTC 93.184.220.29
www.guablog.com (2) 0 2012-09-28 05:37:25 UTC 2022-12-01 22:37:18 UTC 93.115.28.104 Unknown ranking
adservice.google.com (1) 76 2021-02-20 16:10:48 UTC 2022-12-04 18:06:48 UTC 142.250.74.130
salam.my (1) 0 2013-05-29 18:48:54 UTC 2022-12-01 22:37:37 UTC 111.90.135.111 Unknown ranking
ocsp.pki.goog (20) 175 2018-07-01 06:43:07 UTC 2020-05-02 20:58:16 UTC 142.250.74.131
www.blogblog.com (1) 28878 2012-05-22 07:35:04 UTC 2020-05-06 23:24:00 UTC 216.58.207.233
hosting.tinjau.net (1) 0 2014-07-14 10:32:23 UTC 2022-12-01 22:37:18 UTC 162.215.231.71 Unknown ranking
googleads.g.doubleclick.net (1) 42 2021-02-20 15:43:32 UTC 2022-12-04 18:17:46 UTC 142.250.74.162
logv33.xiti.com (2) 776887 2012-11-23 19:03:55 UTC 2022-12-04 12:20:03 UTC 143.204.46.236
indahjiwadanrupa.blogspot.com (3) 0 2013-10-26 06:08:05 UTC 2015-10-21 17:10:21 UTC 142.250.74.33 Unknown ranking
www.blogger.com (5) 8975 2012-05-22 07:35:03 UTC 2020-05-05 09:48:25 UTC 216.58.207.233
4.bp.blogspot.com (4) 11215 2013-05-06 20:18:52 UTC 2020-05-06 03:21:52 UTC 142.250.74.65
adservice.google.no (1) 96969 2018-06-19 23:38:38 UTC 2020-05-14 07:59:11 UTC 142.250.74.162
fonts.googleapis.com (1) 8877 2013-06-10 20:14:26 UTC 2022-12-04 17:40:10 UTC 142.250.74.106
my.rtmark.net (1) 9054 2017-08-22 14:11:49 UTC 2022-12-04 18:38:17 UTC 139.45.195.8
r3.o.lencr.org (8) 344 No data No data 23.36.77.32
www.widgeo.net (23) 774083 2015-01-20 22:41:32 UTC 2022-12-04 10:34:08 UTC 104.26.10.22
themes.googleusercontent.com (1) 9661 2012-05-29 23:36:21 UTC 2020-05-04 15:28:46 UTC 142.250.74.97
ajax.googleapis.com (2) 12905 2013-08-16 09:51:31 UTC 2022-12-04 18:16:38 UTC 172.217.21.170
img1.blogblog.com (1) 65460 2012-05-22 07:35:04 UTC 2020-03-06 09:00:01 UTC 216.58.207.233
onlinelinkscan.com (1) 0 2012-06-20 16:26:02 UTC 2022-12-01 22:37:37 UTC 172.67.217.203 Unknown ranking
3.bp.blogspot.com (1) 11048 2013-07-04 04:18:40 UTC 2020-05-14 03:02:58 UTC 142.250.74.65
lh6.googleusercontent.com (1) 458 2013-05-30 23:43:35 UTC 2020-05-01 19:11:57 UTC 142.250.74.97
tinjau.net (1) 0 2014-04-02 15:47:43 UTC 2022-12-01 22:37:37 UTC 162.215.231.71 Unknown ranking
babab.net (2) 0 2015-04-21 17:27:24 UTC 2022-12-04 12:48:01 UTC 188.114.97.1 Unknown ranking
inklinkor.com (1) 0 2022-04-01 11:44:00 UTC 2022-12-04 16:49:31 UTC 104.21.91.63 Unknown ranking
bedrapiona.com (1) 34930 2020-05-08 13:43:48 UTC 2022-12-04 16:49:34 UTC 139.45.197.234

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-12-05 2 indahjiwadanrupa.blogspot.de/search/label/Gombak Malware
2022-12-05 2 indahjiwadanrupa.blogspot.com/search/label/Gombak Malware
2022-12-05 2 indahjiwadanrupa.blogspot.com/js/cookienotice.js Malware
2022-12-05 2 magazine.sepakuhosting.net/FCUCOMMUNITY/fcuwidget.js Malware

mnemonic secure dns
 No alerts detected

Quad9 DNS
Scan Date Severity Indicator Comment
2022-12-04 2 datatechonert.com Sinkholed


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 172.217.21.161
Date UQ / IDS / BL URL IP
2023-01-29 11:27:19 +0000 0 - 0 - 2 garenaoffreefirenewrebaimcode.blogspot.al/ 172.217.21.161
2023-01-29 11:24:16 +0000 0 - 0 - 1 tablerodebatalla.blogspot.com/2015/08/i-v-adc (...) 172.217.21.161
2023-01-29 11:22:34 +0000 0 - 0 - 2 brinbux.blogspot.com.cy/ 172.217.21.161
2023-01-29 11:21:00 +0000 0 - 0 - 3 soundspacehack.blogspot.com.ng/ 172.217.21.161
2023-01-29 10:03:06 +0000 0 - 0 - 3 vbcxsdfgsdfgxcvbxcvbsdfg.blogspot.gr/ 172.217.21.161


Last 5 reports on ASN: GOOGLE
Date UQ / IDS / BL URL IP
2023-01-29 12:00:10 +0000 0 - 0 - 3 jeffdahlke.com/css/Reporting/po3x708837819192 (...) 35.208.147.239
2023-01-29 11:59:46 +0000 0 - 0 - 3 jeffdahlke.com/css/private_module/test_cloud/ (...) 35.208.147.239
2023-01-29 11:59:42 +0000 0 - 0 - 3 jeffdahlke.com/css/fqcfrfvwflt3/ 35.208.147.239
2023-01-29 11:59:00 +0000 0 - 0 - 3 jeffdahlke.com/css/DOC/kbc9dts719916846546445 (...) 35.208.147.239
2023-01-29 11:58:41 +0000 0 - 0 - 3 jeffdahlke.com/css/statement/sv8ah2oz31fj/ 35.208.147.239


Last 3 reports on domain: indahjiwadanrupa.blogspot.de
Date UQ / IDS / BL URL IP
2022-12-05 00:54:10 +0000 0 - 0 - 5 indahjiwadanrupa.blogspot.de/search/label/Gombak 172.217.21.161
2022-12-01 22:37:30 +0000 0 - 0 - 6 indahjiwadanrupa.blogspot.de/2013/08/selambag (...) 172.217.21.161
2022-11-24 22:49:38 +0000 0 - 0 - 5 indahjiwadanrupa.blogspot.de/search/label/Adidas 142.250.74.161


No other reports with similar screenshot

JavaScript

Executed Scripts (37)

Executed Evals (1)
#1 JavaScript::Eval (size: 31) - SHA256: 6e4c074bba968f3a2899edcbccf9e893ebdad7a5a533463e4d9630f28f3baed1
(a = 0) => {
    let b;
    const c = class {};
}

Executed Writes (2)
#1 JavaScript::Write (size: 325) - SHA256: 26413541fd65a5391d17af06be91c4d9fa23feb48efda6d369f05e825c9194af
< iframe src = "//www.widgeo.net/geocompteur/geocity_html.php?id=1478332&c=geocity_blue2&size=&nostats=&title=Segalanya%20disini%20bermula%3A%20Gombak&ref=indahjiwadanrupa.blogspot.com&fullurl=http%3A%2F%2Findahjiwadanrupa.blogspot.com%2Fsearch%2Flabel%2FGombak"
width = "164"
height = "314"
scrolling = "no"
frameborder = "0" > < /iframe>
#2 JavaScript::Write (size: 120) - SHA256: 0b0b7a5faa23468c077c4c25d00ff7afad3821ad3fa45ffef96813bc6d652988
< iframe src = "https://www.widgeo.net/hitparade.php?pagexiti=geocity_blue2"
width = "0"
height = "0"
frameborder = "0" > < /iframe>


HTTP Transactions (154)


Request Response
                                        
                                            GET /search/label/Gombak HTTP/1.1 
Host: indahjiwadanrupa.blogspot.de
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         142.250.74.33
HTTP/1.1 302 Moved Temporarily
Content-Type: text/html; charset=UTF-8
                                        
Location: http://indahjiwadanrupa.blogspot.com/search/label/Gombak
Content-Encoding: gzip
Date: Mon, 05 Dec 2022 00:53:57 GMT
Expires: Mon, 05 Dec 2022 00:53:57 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 196
Server: GSE


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Size:   196
Md5:    fcbfe274d6b365ecc30c3450a5a4fabb
Sha1:   b35b4a0606baed3faf6f2698dc9aa72a76cb6d8e
Sha256: ee40c78fc642d2422d2d440fff7e442380b21f999247b0bb42d0c386b23b824d

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15133
Expires: Mon, 05 Dec 2022 05:06:10 GMT
Date: Mon, 05 Dec 2022 00:53:57 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3717
Cache-Control: max-age=124757
Date: Mon, 05 Dec 2022 00:53:57 GMT
Etag: "638c76f5-1d7"
Expires: Tue, 06 Dec 2022 11:33:14 GMT
Last-Modified: Sun, 04 Dec 2022 10:31:17 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6724
Expires: Mon, 05 Dec 2022 02:46:01 GMT
Date: Mon, 05 Dec 2022 00:53:57 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 05 Dec 2022 00:20:10 GMT
cache-control: public,max-age=3600
age: 2027
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    14cd9a0afb6ba9a763651d5112760d1e
Sha1:   75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
Sha256: 4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: Tf2s3cYbGHM4y6zHPIb8SMlThTq6yL82/mrxUVKtU0JGoOCAV7P+/T806Cg8AC421B7Jqwv9OOY=
x-amz-request-id: BWM2593CGGHDWYGW
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 05 Dec 2022 00:47:46 GMT
age: 371
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    9ebddc2b260d081ebbefee47c037cb28
Sha1:   492bad62a7ca6a74738921ef5ae6f0be5edebf39
Sha256: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Mon, 05 Dec 2022 00:53:57 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 05 Dec 2022 00:08:58 GMT
cache-control: public,max-age=3600
age: 2700
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            GET /search/label/Gombak HTTP/1.1 
Host: indahjiwadanrupa.blogspot.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         142.250.74.33
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Expires: Mon, 05 Dec 2022 00:53:58 GMT
Date: Mon, 05 Dec 2022 00:53:58 GMT
Cache-Control: private, max-age=0
Last-Modified: Tue, 22 Nov 2022 15:14:41 GMT
ETag: W/"ecbad70b21d766f29b6cf283af936d9cabbba864bb23876d2055a88b5952c74b"
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 24580
Server: GSE


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (3946)
Size:   24580
Md5:    6c659217f9147fb9e6670564909f188c
Sha1:   bc7d177cb9c155730720cc71576e3921755e4edc
Sha256: 5394c3f2ae2e54b9e11d2a4f4d9e92251ccfec44799e5aa80043cc73c16fb0a2

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /ajax/libs/jquery/1.5.2/jquery.min.js HTTP/1.1 
Host: ajax.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/

search
                                         172.217.21.170
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
                                        
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="hosted-libraries-pushers"
Report-To: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Timing-Allow-Origin: *
Content-Length: 30082
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Thu, 01 Dec 2022 12:49:09 GMT
Expires: Fri, 01 Dec 2023 12:49:09 GMT
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
Age: 302689


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (65168)
Size:   30082
Md5:    ebaa24930d6b905fe00c9457484b78a9
Sha1:   f97496ee81148e264b3735464b8bfced1a8b2fad
Sha256: b9bd9830d7eceae230cfaa5105e8a3ec432392f270cee156637dac8d0684d614
                                        
                                            GET /js/cookienotice.js HTTP/1.1 
Host: indahjiwadanrupa.blogspot.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/search/label/Gombak

search
                                         142.250.74.33
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 2026
Date: Mon, 05 Dec 2022 00:53:58 GMT
Expires: Mon, 12 Dec 2022 00:53:58 GMT
Cache-Control: public, max-age=604800
Last-Modified: Sun, 04 Dec 2022 21:56:58 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0


--- Additional Info ---
Magic:  ASCII text
Size:   2026
Md5:    c4e1ed83d89245089b8a1203be20a377
Sha1:   f3940e1215b89300ef97d57a25993f25243b8688
Sha256: afa801a129ff6fc98533118275db8a7d4a38fc91f8ab55ed4c19b864255e68d2

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /widget/5949/0/2/1/140/bottom/transparent/006b9b/Tahoma|1.2em|0.04em|13px|100%25|1px|1px|c0c0c0|center|top|square|8,4,2,1,9,6,3 HTTP/1.1 
Host: www.apesal.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/

search
                                         188.114.96.1
HTTP/1.1 403 Forbidden
Content-Type: text/html; charset=UTF-8
                                        
Date: Mon, 05 Dec 2022 00:53:58 GMT
Transfer-Encoding: chunked
Connection: close
Permissions-Policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pwZRVynKDLdwllCM5Cj2OBZZjRSme869O27YQ5fyK54yodAsuL3p%2F0KhYxroo65PJQcdpyOJ0qa9Wnn2nAniscZFrKDEdVFWJlqEgRiUKJFIE8r5uHN5GzOnKheXKuffpw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7748cecfdc9b0b49-OSL
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1071)
Size:   4224
Md5:    bb3bbc5f5c464fb361da729065b61677
Sha1:   980416af9aed7a144794864cac505f177f64ca59
Sha256: 3cf96c5e0b18d947d5774f6478cd5b1d9f426bd92dccd93627498968b7dc7978
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3706
Cache-Control: 'max-age=158059'
Date: Mon, 05 Dec 2022 00:53:58 GMT
Last-Modified: Sun, 04 Dec 2022 23:52:12 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 05 Dec 2022 00:53:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 05 Dec 2022 00:53:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /aff_ad?campaign_id=329&aff_id=87231&format=javascript&format=js&divid=lazada329b1woaz HTTP/1.1 
Host: lazada.go2cloud.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/

search
                                         18.202.12.61
HTTP/1.1 404 Not Found
                                        
Server: nginx
Date: Mon, 05 Dec 2022 00:53:58 GMT
Content-Length: 0
Connection: keep-alive

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 05 Dec 2022 00:53:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /static/v1/widgets/2975350028-css_bundle_v2.css HTTP/1.1 
Host: www.blogger.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         216.58.207.233
HTTP/2 200 OK
content-type: text/css
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 7776
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 21:47:53 GMT
expires: Wed, 29 Nov 2023 21:47:53 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 29 Nov 2022 20:52:41 GMT
age: 443165
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (35959)
Size:   7776
Md5:    5aa2d3297bdc86bc81322aedecbb5e79
Sha1:   1c0a3c007e41726e167e79b70ddea76198650884
Sha256: feae1fac625d0f30b5f10fa00b62df1a5600cd2178062c427e55f289b29cc630
                                        
                                            GET /img/icon18_edit_allbkg.gif HTTP/1.1 
Host: resources.blogblog.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         216.58.207.233
HTTP/2 200 OK
content-type: image/gif
                                        
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 162
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 14:19:01 GMT
expires: Tue, 06 Dec 2022 14:19:01 GMT
cache-control: public, max-age=604800
last-modified: Mon, 28 Nov 2022 19:53:31 GMT
age: 470097
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 18 x 18\012- data
Size:   162
Md5:    c991641178ff05adf0d004298b5eafa9
Sha1:   d8f6ce8ecd92b86d49849360f6b81ceb10b4c941
Sha256: ca9848e6006cfec8f9ffa29433ade8152204bdb95579200831c6dc0f53dff70b
                                        
                                            GET /js/platform.js HTTP/1.1 
Host: apis.google.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         172.217.21.174
HTTP/2 200 OK
content-type: text/javascript
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 20984
date: Mon, 05 Dec 2022 00:53:58 GMT
expires: Mon, 05 Dec 2022 00:53:58 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "7446758f13887885"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1279)
Size:   20984
Md5:    7ac44ef24e267df17ff72f195b252806
Sha1:   62db12d9ce11a576ccd7fa3544d851c5fd42f3b7
Sha256: aae7897e7b55999c1b3166309381d19ac488dced51e14071339d8b193a686a61
                                        
                                            GET /pagead/js/adsbygoogle.js HTTP/1.1 
Host: pagead2.googlesyndication.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/

search
                                         172.217.21.162
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
                                        
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
Date: Mon, 05 Dec 2022 00:53:58 GMT
Expires: Mon, 05 Dec 2022 00:53:58 GMT
Cache-Control: private, max-age=3600
ETag: 5528344834869392447
Access-Control-Allow-Origin: *
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: cafe
Content-Length: 51578
X-XSS-Protection: 0


--- Additional Info ---
Magic:  ASCII text, with very long lines (4885)
Size:   51578
Md5:    b25b55981e129a5408d897e6bb48d026
Sha1:   5c02c131f59e3270c4fe7214833c4319f6c62ac0
Sha256: ed7cba699a874cfd59a406c4d52f7d2fca35f12865c05550fc381738ed94a7ed
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 05 Dec 2022 00:53:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /static/v1/widgets/2342155703-widgets.js HTTP/1.1 
Host: www.blogger.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         216.58.207.233
HTTP/2 200 OK
content-type: text/javascript
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 56726
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 05:43:29 GMT
expires: Wed, 29 Nov 2023 05:43:29 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 28 Nov 2022 14:50:39 GMT
age: 501029
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2221)
Size:   56726
Md5:    1217c8e34acb09c7cea97bae4d386ea1
Sha1:   55ee17703d0a7710943e93913bacb49220d98b4b
Sha256: c2f23437ab938096bf8b40de8b08c4f27bb880b7ef8588481ec5ccc08b58870b
                                        
                                            GET /pagead/js/google_top_exp.js HTTP/1.1 
Host: pagead2.googlesyndication.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/

search
                                         172.217.21.162
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
                                        
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: cafe
Content-Length: 67
X-XSS-Protection: 0
Date: Sun, 04 Dec 2022 16:22:21 GMT
Expires: Sun, 18 Dec 2022 16:22:21 GMT
Cache-Control: public, max-age=1209600
ETag: 13036835877489095579
Age: 30697


--- Additional Info ---
Magic:  ASCII text
Size:   67
Md5:    9bbc3ca32ec951a484589ce0e6b4db73
Sha1:   753d6f6183b33b2dee5dde2208fca91c17f5bb13
Sha256: b8f16a16d2a7ea39a9cc079fdbe3af7d31393d62a853668bdd549e0a0311cb3c
                                        
                                            GET /_/scs/abc-static/_/js/k=gapi.lb.en.geaHZXF2-fw.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/cb=gapi.loaded_0?le=scs HTTP/1.1 
Host: apis.google.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         172.217.21.174
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 57794
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 19:47:40 GMT
expires: Wed, 29 Nov 2023 19:47:40 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 01 Nov 2022 15:24:55 GMT
age: 450378
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (580)
Size:   57794
Md5:    813b15c3004464f6bd39fd0773b04757
Sha1:   bd2218fe1e647f61132aad70d29cd91fd0416f26
Sha256: 446c6d83404c0fc4bc1ca6e1c0895f9400309185a534b3f4b6d500e668efeadf
                                        
                                            GET /img/share_buttons_20_3.png HTTP/1.1 
Host: www.blogger.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/static/v1/widgets/2975350028-css_bundle_v2.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         216.58.207.233
HTTP/2 200 OK
content-type: image/png
                                        
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 5080
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 17:28:12 GMT
expires: Tue, 06 Dec 2022 17:28:12 GMT
cache-control: public, max-age=604800
last-modified: Tue, 29 Nov 2022 14:52:29 GMT
age: 458746
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 120 x 60, 8-bit/color RGBA, non-interlaced\012- data
Size:   5080
Md5:    ad9999106d5f550920b586e8e1704e5a
Sha1:   93fd02c51166402a41f96509cd0ca3fb917877dd
Sha256: 3829a5b2ade7cfc416c80b8f3df71e49e68672875f025d525223978f5cee3fd3
                                        
                                            GET /geocompteur/geocity.php?c=geocity_blue2&id=1478332&adult=1&cat=sante HTTP/1.1 
Host: www.widgeo.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/

search
                                         104.26.10.22
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Mon, 05 Dec 2022 00:53:58 GMT
Content-Length: 2036
Connection: keep-alive
set-cookie: w_js_ads_code=ok; expires=Sun, 11-Dec-2022 00:53:57 GMT; Max-Age=518400; path=/; domain=widgeo.net
cache-control: public, max-age=604800
expires: Mon, 12 Dec 2022 00:53:57 GMT
content-encoding: gzip
vary: Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uZXz2Pj7QdERpIDWoK7zgbANG%2FG3oQx66bjltDybu2LkgDjNWPELwZm799ofV1nfbVnwUDYbDrFrRsRGRxY9dejXjM3%2FT3vt3W%2BBrVpFBbaGz%2FiLIDJisi9eTxuiP0CL"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7748cecf6d84b524-OSL
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  ASCII text, with very long lines (2149)
Size:   2036
Md5:    f7c32e2c664ff6371ccc9917bf3e7968
Sha1:   0fcd41e0e3804df85c24da21a360ab63a3aaa6d7
Sha256: 26b569269368a09e9cb7e1f3948b059e83aeb9405becc0195ffa249a20176c88
                                        
                                            GET /img/logopm.png HTTP/1.1 
Host: www.widgeo.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/

search
                                         104.26.10.22
HTTP/1.1 200 OK
Content-Type: image/webp
                                        
Date: Mon, 05 Dec 2022 00:53:58 GMT
Content-Length: 714
Connection: keep-alive
Cf-Bgj: imgq:100,h2pri
Cf-Polished: origFmt=png, origSize=847
Content-Disposition: inline; filename="logopm.webp"
Vary: Accept
cache-control: public, max-age=2592000
expires: Sat, 31 Dec 2022 22:37:17 GMT
last-modified: Thu, 20 Jun 2019 15:14:49 GMT
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 267400
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nQvJsMWlT7amcRlnuaHzWuGLEAgIrd40JCGBr%2B6eHL7IZH6ID032z4edO6nn7sNmzZCEFeUO4cn4DWcmSWWM9mFDgDhfkecwAwi3ooa%2Bel%2Fatzj1JXQ39zCW%2B1OX96pp"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7748ced0eccf0b4d-OSL
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   714
Md5:    3832d6b8d8c47a5cefe6561297b514f6
Sha1:   f7ebe08ccccde9ab79407b9348ffa8fa6c048d8d
Sha256: c5fda4bddbc21f1d990ef4b42a6350e739a1870c73c6ab240aa921651bfe5a08
                                        
                                            GET /1kt/travel/bg_container.png HTTP/1.1 
Host: www.blogblog.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/

search
                                         216.58.207.233
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Accept-Ranges: bytes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 249501
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 29 Nov 2022 17:47:29 GMT
Expires: Tue, 06 Dec 2022 17:47:29 GMT
Cache-Control: public, max-age=604800
Last-Modified: Tue, 29 Nov 2022 16:53:51 GMT
Age: 457589


--- Additional Info ---
Magic:  PNG image data, 860 x 460, 8-bit/color RGBA, interlaced\012- data
Size:   249501
Md5:    016de5d2fb137736ea0d36709f5031cb
Sha1:   67c199e0bc1ea199e91645dc31391d8ccd49c997
Sha256: 2c77b04f02316141ac67884a7708912b4d1e0313dd9e6a4e86f2f5cee551652b
                                        
                                            GET /-Uk-Laf3EK3g/UnN97eas_BI/AAAAAAAALPM/kjma26FXkFs/w72-h72-p-k-no-nu/ramliyusuff_11012013_tminazirsufari_003_%28540x378%29_540_378_100.jpg HTTP/1.1 
Host: 2.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/

search
                                         142.250.74.65
HTTP/1.1 404 Not Found
Content-Type: image/png
                                        
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Mon, 05 Dec 2022 00:53:58 GMT
Server: fife
Content-Length: 1742
X-XSS-Protection: 0


--- Additional Info ---
Magic:  PNG image data, 72 x 72, 8-bit colormap, non-interlaced\012- data
Size:   1742
Md5:    58a17151a9a7dc2d32cedfff483923a8
Sha1:   a16dc81e6f06a4b14410119c5d02360276fcdc75
Sha256: f7b3785f331b99dfd1cde553845fb0bfc5b1b4d48f1628aff98c0cd561ac041b
                                        
                                            GET /dyn-css/authorization.css?targetBlogID=5564844648999899487&zx=79e704a6-115e-44c0-92c8-edb6df20bec8 HTTP/1.1 
Host: www.blogger.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         216.58.207.233
HTTP/2 200 OK
content-type: text/css; charset=UTF-8
                                        
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 05 Dec 2022 00:53:58 GMT
last-modified: Mon, 05 Dec 2022 00:53:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-length: 21
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  very short file (no magic)
Size:   21
Md5:    a62e4d501434033d5d177e67d3aafdd0
Sha1:   34f7300c9ed47334cf10826d57af785321e3138b
Sha256: b0cabcbfed4b1830ab1956efbd2eec32289a968323cb854a47ef98360ed0f522
                                        
                                            GET /-1p7XtSIkYBQ/UR4zIvSclVI/AAAAAAAAC1s/Jfsz7LFNF5Y/s1600/kedai_backlink.gif HTTP/1.1 
Host: 1.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/

search
                                         142.250.74.161
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="kedai_backlink.gif"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 1265
X-XSS-Protection: 0
Date: Mon, 05 Dec 2022 00:53:58 GMT
Expires: Sun, 27 Nov 2022 14:34:53 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v110b"
Age: 0


--- Additional Info ---
Magic:  GIF image data, version 89a, 80 x 15\012- data
Size:   1265
Md5:    d1ee1ccdf97f9a91080d32c8c8593cd6
Sha1:   41deb789d73a2151e534c7256c23ee829f445119
Sha256: 00f9b7d4e1ff1f577ae24bd150629fbb15fcc15b0f418e5c4bed0907bcc5dd4c
                                        
                                            GET /banner.jpg HTTP/1.1 
Host: babab.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/

search
                                         188.114.97.1
HTTP/1.1 301 Moved Permanently
                                        
Date: Mon, 05 Dec 2022 00:53:58 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Mon, 05 Dec 2022 01:53:58 GMT
Location: https://babab.net/banner.jpg
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T2kBCgaCfTakWK%2FR1qItWnxGVodbONlSw2pNODQfR1ci729n64UkI85C8wW1okvppU%2B2PS4aVzsWfLEMiyEt4cYLm9PDEPtffpLYw947SCgFkaqU8A%2B8tk%2BTM0M%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7748ced13f6e1c0e-OSL
alt-svc: h2=":443"; ma=60

                                        
                                            GET /blogger_img_proxy/ANbyha2wxEBi04hEDpxzDrMsXHF-rf90de0GirSUErSoH_4q4r9PD9RrrrIhhHn0w1OHCfDQ4D09AP58w5EXBGipbS_Jy7aJa_zdPqAd_yBeo6bmzJbj_ieUScBHRaZWGwjVguCbSi6EM_5IuviRYovgjug=w72-h72-p-k-no-nu HTTP/1.1 
Host: lh3.googleusercontent.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         142.250.74.97
HTTP/2 404 Not Found
content-type: text/html; charset=UTF-8
                                        
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Mon, 05 Dec 2022 00:53:58 GMT
server: fife
content-length: 1752
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1136)
Size:   1752
Md5:    b6f37f46e5ffce6d47bfcd964116cf99
Sha1:   1acd8b103dafb936e3250e70fd6c0d78ddae41de
Sha256: 5733985ff938172883db4c6bfe0848251b8b1ece37b9805cf99dec3936eb0ce4
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 05 Dec 2022 00:53:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /aff_ad?campaign_id=329&aff_id=87231&format=javascript&format=js&divid=lazada329b1woaz HTTP/1.1 
Host: lazada.go2cloud.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/

search
                                         18.202.12.61
HTTP/1.1 404 Not Found
                                        
Server: nginx
Date: Mon, 05 Dec 2022 00:53:58 GMT
Content-Length: 0
Connection: keep-alive

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 4t88e0pe6fyGuD0Pzt6mrw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         52.88.220.109
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 3Ld+T/cX9BJTvnzprYiRFm7HO5k=

                                        
                                            GET /pagead/managed/js/adsense/m202211150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2863746284329625&plah=indahjiwadanrupa.blogspot.com HTTP/1.1 
Host: pagead2.googlesyndication.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         172.217.21.162
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 05 Dec 2022 00:53:58 GMT
expires: Mon, 05 Dec 2022 00:53:58 GMT
cache-control: private, max-age=3600, stale-while-revalidate=3600
etag: 15408932193792040891
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 119174
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (6148)
Size:   119174
Md5:    bf83137a9d07bfdf14a1ccd4fc756f03
Sha1:   c425f634319da7dd968de290821cb3d077b8d43a
Sha256: 5acabe009ea0c2e4f5b2143ab7cd3a5782030a4888621e00330ed769c186c4df
                                        
                                            GET /images/exactbutton1.gif HTTP/1.1 
Host: www.exactseek.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/

search
                                         70.35.204.181
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=iso-8859-1
                                        
Date: Mon, 05 Dec 2022 00:53:58 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.33
Location: https://www.exactseek.com/images/exactbutton1.gif
Content-Length: 257
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   257
Md5:    48c98997d6fa28d700b855f077bce633
Sha1:   21b78f14da526ba1f9884d0e8ce3466d7be19e98
Sha256: 30a024c030c55b3d900f54cf963d1832bfd536f5aa7b3be9c72010804e7f7371
                                        
                                            GET /-pVdhHJQXaXY/VvDj297kTqI/AAAAAAAAA3M/dDzbYYI4vOYCL8j2zMZ35KQS55mpbchWg/s1600-r/download.jpg HTTP/1.1 
Host: 2.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/

search
                                         142.250.74.65
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="download.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 9735
X-XSS-Protection: 0
Date: Mon, 05 Dec 2022 00:53:58 GMT
Expires: Sun, 04 Dec 2022 05:55:54 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v374"
Age: 0


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Google], baseline, precision 8, 284x177, components 3\012- data
Size:   9735
Md5:    a4f70db5d17a415d936729a57c35fc8c
Sha1:   71cd207a6cffcfabfac4244f792b36fbe4f1d03e
Sha256: f95ee4f7906c6bae688b0dd2857f1fa35eecfff4fd28bfc48fa0cf2da9200404
                                        
                                            GET /_XV4jcPrY-3k/TG9HyH_BtpI/AAAAAAAAAGc/RlxJ761WkVs/w72-h72-p-k-no-nu/DSC01119.JPG HTTP/1.1 
Host: 3.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/

search
                                         142.250.74.65
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Access-Control-Expose-Headers: Content-Length
ETag: "v366"
Expires: Tue, 06 Dec 2022 00:53:58 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="DSC01119.JPG"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Mon, 05 Dec 2022 00:53:58 GMT
Server: fife
Content-Length: 3179
X-XSS-Protection: 0


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Size:   3179
Md5:    3d42f7f33e453573f41f6cc2c6eda1b8
Sha1:   eafc5470ca0afaef11e69fa85a11c2d4fedfec75
Sha256: a7086bee3ff1c2dce04fd97ff379dd1804a877d2d34108745bd4e8b27d8f8824
                                        
                                            GET /-tb7fKCdOlwQ/UhMm8u96sBI/AAAAAAAAAsM/-zos4SB4m9I/s1600/WELCOME-BACKGROUND.png HTTP/1.1 
Host: 2.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/

search
                                         142.250.74.65
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Access-Control-Expose-Headers: Content-Length
ETag: "v2c4"
Expires: Tue, 06 Dec 2022 00:53:58 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="WELCOME-BACKGROUND.png"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Mon, 05 Dec 2022 00:53:58 GMT
Server: fife
Content-Length: 160971
X-XSS-Protection: 0


--- Additional Info ---
Magic:  PNG image data, 946 x 289, 8-bit/color RGBA, non-interlaced\012- data
Size:   160971
Md5:    0334769ec7546cd44c8d5df205a99bd4
Sha1:   20cc88def259ba1065d1f459f7d607e36c08f40a
Sha256: de9caa4c132fe7d5716f2e6adb31cfef2cd66cd20b4b3af55dde3366cefd6bb8
                                        
                                            GET /_XV4jcPrY-3k/TJAyZsI5HjI/AAAAAAAAASk/yf37nZP_8x4/w72-h72-p-k-no-nu/DSC01782.JPG HTTP/1.1 
Host: 2.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/

search
                                         142.250.74.65
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Access-Control-Expose-Headers: Content-Length
ETag: "v361"
Expires: Tue, 06 Dec 2022 00:53:58 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="DSC01782.JPG"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Mon, 05 Dec 2022 00:53:58 GMT
Server: fife
Content-Length: 4003
X-XSS-Protection: 0


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Size:   4003
Md5:    519483ab971efd4913cb2731c732e3c6
Sha1:   f23b4e7698deefe74bf5eb4416d4f95151242cc6
Sha256: 80cea1fb00e70b100b87963109749614a7513670855e97c20e306d85d2e6515a
                                        
                                            GET /albums/y73/tx2nw/bloggedmy/bloggedmylink.png HTTP/1.1 
Host: i3.photobucket.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/

search
                                         143.204.55.79
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
                                        
Server: CloudFront
Date: Mon, 05 Dec 2022 00:53:58 GMT
Content-Length: 167
Connection: keep-alive
Location: https://i3.photobucket.com/albums/y73/tx2nw/bloggedmy/bloggedmylink.png
X-Cache: Redirect from cloudfront
Via: 1.1 6cb1d4b545e7beb4ead790454f4807c6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: aVp_UKByicKGi7IWMscZSpQhym1I-ar_lgQEydZfSa-7g9BaJofDew==
Vary: Origin


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   167
Md5:    f5d40b7259645010f9a248858ad14178
Sha1:   b3051d17a6ec8c9e166bf09a62b48261ab86957b
Sha256: 7f5007068d2b56ea9735e2490d60cff2e72cae312024ac1f6c91158eba47d05d
                                        
                                            GET /albums/s282/theviejo/recurso_9_1.jpg HTTP/1.1 
Host: i155.photobucket.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/

search
                                         143.204.55.106
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
                                        
Server: CloudFront
Date: Mon, 05 Dec 2022 00:53:58 GMT
Content-Length: 167
Connection: keep-alive
Location: https://i155.photobucket.com/albums/s282/theviejo/recurso_9_1.jpg
X-Cache: Redirect from cloudfront
Via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 5Xrt1YaQpCGcianbS64m5HmZHIEiEsyTFWX9t4GBRuont6R6b_ivIw==
Vary: Origin


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   167
Md5:    f5d40b7259645010f9a248858ad14178
Sha1:   b3051d17a6ec8c9e166bf09a62b48261ab86957b
Sha256: 7f5007068d2b56ea9735e2490d60cff2e72cae312024ac1f6c91158eba47d05d
                                        
                                            GET /_XV4jcPrY-3k/TMe3AcOPhTI/AAAAAAAAAb0/gw-mZYPh2cU/s320/IMG_0247.JPG HTTP/1.1 
Host: 2.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/

search
                                         142.250.74.65
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Access-Control-Expose-Headers: Content-Length
ETag: "v35e"
Expires: Tue, 06 Dec 2022 00:53:58 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="IMG_0247.JPG"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Mon, 05 Dec 2022 00:53:58 GMT
Server: fife
Content-Length: 17946
X-XSS-Protection: 0


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 320x239, components 3\012- data
Size:   17946
Md5:    e55fda38a505cd12894e169b32f9b5de
Sha1:   21a68aa916b396a53d62c0e8f6909b0b446bfe80
Sha256: 2feb695b8d673b048897bdad33eb4ac5c3f5ffe9fe3fbba4b0abbe9c076ecce3
                                        
                                            GET /img/icon18_email.gif HTTP/1.1 
Host: img1.blogblog.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/

search
                                         216.58.207.233
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Accept-Ranges: bytes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 164
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 29 Nov 2022 14:01:58 GMT
Expires: Tue, 06 Dec 2022 14:01:58 GMT
Cache-Control: public, max-age=604800
Last-Modified: Tue, 29 Nov 2022 01:54:20 GMT
Age: 471120


--- Additional Info ---
Magic:  GIF image data, version 89a, 18 x 13\012- data
Size:   164
Md5:    36b9f993db1b953f3b9b08040aaf9af4
Sha1:   18248661b307586dc291fd2dff4bb59cf7579475
Sha256: 1258cbe1e2900ec3df11a83a6bb6008d7a833f783a6df80b0d5d45a052ac1466
                                        
                                            GET /-y4o6Y3Trdgg/UdPcBx2DZ2I/AAAAAAAAMNU/06OrRc6fLi8/s128/pingje.org1.png HTTP/1.1 
Host: lh6.googleusercontent.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         142.250.74.97
HTTP/2 200 OK
content-type: image/png
                                        
access-control-expose-headers: Content-Length
etag: "v3aec"
expires: Tue, 06 Dec 2022 00:53:58 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="pingje.org1.png"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Mon, 05 Dec 2022 00:53:58 GMT
server: fife
content-length: 2166
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 80 x 17, 8-bit/color RGB, non-interlaced\012- data
Size:   2166
Md5:    bb0651bbbfd9c2e79199ca92ec68d70c
Sha1:   33d6ae10e2e42ed379492e0c39c7404052ab1bdd
Sha256: 325dabd04cf57c8027e711e5c667284c7f11412e6c1543269757c5b50196c2b1
                                        
                                            GET /_XV4jcPrY-3k/TMe4SQdf_eI/AAAAAAAAAb8/6B_mBGpAkN8/s320/IMG_0250.JPG HTTP/1.1 
Host: 2.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/

search
                                         142.250.74.65
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Access-Control-Expose-Headers: Content-Length
ETag: "v35d"
Expires: Tue, 06 Dec 2022 00:53:58 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="IMG_0250.JPG"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Mon, 05 Dec 2022 00:53:58 GMT
Server: fife
Content-Length: 14355
X-XSS-Protection: 0


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 320x239, components 3\012- data
Size:   14355
Md5:    7418acc0ae7680f05a8555a923b1faf1
Sha1:   d5256703417c35392ff0c5ea9abe0d6841d8f486
Sha256: 740b593d6c8c2420cac8b1f2b7f910c467eea45bcf073d2c8d3bf5d8b66e22d3
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 05 Dec 2022 00:53:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /images/fwsbutton10.gif HTTP/1.1 
Host: freewebsubmission.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/

search
                                         74.208.47.213
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=iso-8859-1
                                        
Date: Mon, 05 Dec 2022 00:53:58 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16
Location: https://www.freewebsubmission.com/images/fwsbutton10.gif
Content-Length: 264
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   264
Md5:    7221f96d857c7b9834679c5b1e9506a5
Sha1:   7db481e963cbeb932e52542a507c18064a3c52e8
Sha256: a63b8e8095f8993b68e0996813cc5e9a672ae063b25adaffc106b97ec6215262
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 05 Dec 2022 00:53:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /-QVZ1KdN0XoY/Uaf5wVCU1wI/AAAAAAAABqE/dE4OY8pmBgI/w72-h72-p-k-no-nu/1.jpg HTTP/1.1 
Host: 4.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/

search
                                         142.250.74.65
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Access-Control-Expose-Headers: Content-Length
ETag: "v6a1"
Expires: Tue, 06 Dec 2022 00:53:58 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="1.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Mon, 05 Dec 2022 00:53:58 GMT
Server: fife
Content-Length: 1777
X-XSS-Protection: 0


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Size:   1777
Md5:    d9ed42e49fc7117ef9148e059c33c3d0
Sha1:   d227b1a97f8e0a73320922de002c9d52d0bc0792
Sha256: d5fb13a526c7c1bfb45ee4f177ddc33b71f0f7b461a722af45ffdc18aaf08d27
                                        
                                            GET /image?id=0BwVBOzw_-hbMZDgyZmJiZTMtNWUxNC00NjA1LWJhZWMtODc3ZWQwMzZiYjcz HTTP/1.1 
Host: themes.googleusercontent.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/

search
                                         142.250.74.97
HTTP/1.1 301 Moved Permanently
Content-Type: application/binary
                                        
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Date: Mon, 05 Dec 2022 00:53:58 GMT
Location: https://themes.googleusercontent.com/image?id=0BwVBOzw_-hbMZDgyZmJiZTMtNWUxNC00NjA1LWJhZWMtODc3ZWQwMzZiYjcz
Server: ESF
Content-Length: 0
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 05 Dec 2022 00:53:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /-MKyYDdQoqzw/Un79YxmG_KI/AAAAAAAAP8s/-q5pbv1jrlw/w72-h72-p-k-no-nu/a.jpg HTTP/1.1 
Host: 4.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/

search
                                         142.250.74.65
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Access-Control-Expose-Headers: Content-Length
ETag: "v3fce"
Expires: Tue, 06 Dec 2022 00:53:58 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="a.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Mon, 05 Dec 2022 00:53:58 GMT
Server: fife
Content-Length: 3226
X-XSS-Protection: 0


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, software=Google], baseline, precision 8, 72x72, components 3\012- data
Size:   3226
Md5:    0b48f23c4ecd71b36abac5e8a55a2c91
Sha1:   9491834eb4194daf80830d6f14541ce6fe3b6806
Sha256: 39f008537ec28d821a52f106849448623c1ea6424648ce0bc801d2f43b223fd3
                                        
                                            GET /-yLjlAAADmbY/TbU1DBKZ4WI/AAAAAAAAAkI/s6aThM0moHc/w72-h72-p-k-no-nu/kamas.jpg HTTP/1.1 
Host: 1.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/

search
                                         142.250.74.161
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="kamas.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 2372
X-XSS-Protection: 0
Date: Mon, 05 Dec 2022 00:53:58 GMT
Expires: Thu, 01 Dec 2022 00:09:56 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v35a"
Age: 0


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Size:   2372
Md5:    878056a4a5598f49e66c126eb4e492f3
Sha1:   53d9105ef859a54a868c98309f67ad64e4c43091
Sha256: 9ddafdc2ce783f420e97f41407f7f3b5eb328751e563cf311f2e2ae104edf712
                                        
                                            GET /FCUCOMMUNITY/fcuwidget.js HTTP/1.1 
Host: magazine.sepakuhosting.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/

search
                                         103.224.212.222
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=iso-8859-1
                                        
Date: Mon, 05 Dec 2022 00:53:58 GMT
Server: Apache/2.4.38 (Debian)
Content-Length: 196
Connection: close


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   196
Md5:    62962daa1b19bbcc2db10b7bfd531ea6
Sha1:   d64bae91091eda6a7532ebec06aa70893b79e1f8
Sha256: 80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /-bugwL2fNODQ/UoT-bz25vnI/AAAAAAAABjg/8cS7yW-p6_w/w72-h72-p-k-no-nu/cium.jpg HTTP/1.1 
Host: 4.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/

search
                                         142.250.74.65
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Access-Control-Expose-Headers: Content-Length
ETag: "v639"
Expires: Tue, 06 Dec 2022 00:53:58 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="cium.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Mon, 05 Dec 2022 00:53:58 GMT
Server: fife
Content-Length: 3961
X-XSS-Protection: 0


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, software=Google], baseline, precision 8, 72x72, components 3\012- data
Size:   3961
Md5:    22b94b698a7b8c15dc27c6fdc891e8de
Sha1:   40c89ab1626d971fc168d3c9d931966eb6d4dcab
Sha256: 344d177cb9bbe859df6d0927396df711de8193753cbd44b31002c547513f6546
                                        
                                            GET /aff-banner/aff_hosting.gif HTTP/1.1 
Host: hosting.tinjau.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/

search
                                         162.215.231.71
HTTP/1.1 301 Moved Permanently
                                        
content-length: 0
location: https://hosting.tinjau.net/aff-banner/aff_hosting.gif

                                        
                                            GET /_XV4jcPrY-3k/TMeyhY4JtlI/AAAAAAAAAbk/ZoyjuZPjYYE/s320/IMG_0249.JPG HTTP/1.1 
Host: 4.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/

search
                                         142.250.74.65
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Access-Control-Expose-Headers: Content-Length
ETag: "v35e"
Expires: Tue, 06 Dec 2022 00:53:58 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="IMG_0249.JPG"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Mon, 05 Dec 2022 00:53:58 GMT
Server: fife
Content-Length: 21177
X-XSS-Protection: 0


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 320x239, components 3\012- data
Size:   21177
Md5:    3b57de464883c3ef76504ad152ee2833
Sha1:   803bb575570e5d79dbd344499bc5e1eda6cb469c
Sha256: 268bc217161ef8071f02c314b8b5356598dc8035d3af1ba99c919590386f70e6
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4404
Cache-Control: max-age=152415
Date: Mon, 05 Dec 2022 00:53:58 GMT
Etag: "638ce051-116"
Expires: Tue, 06 Dec 2022 19:14:13 GMT
Last-Modified: Sun, 04 Dec 2022 18:00:49 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 278

                                        
                                            GET /pricon.php?key=3GMpBcMXs2rfo3Eh HTTP/1.1 
Host: checkpagerank.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/

search
                                         96.30.9.108
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=iso-8859-1
                                        
Date: Mon, 05 Dec 2022 00:53:58 GMT
Server: Apache
Location: https://checkpagerank.net/pricon.php?key=3GMpBcMXs2rfo3Eh
Cache-Control: max-age=2592000
Expires: Wed, 04 Jan 2023 00:53:58 GMT
Content-Length: 265
Keep-Alive: timeout=2, max=200
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   265
Md5:    0073ca79e85d68cb2fab8e7e5c4a480d
Sha1:   f642f89381d48bdaad1ce223a8e703e016135a20
Sha256: 568581d906f2f2bb96004e47003bb48e46ff0d0f075b3bb3920f2fbe5e03b62b
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 05 Dec 2022 00:53:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: max-age=105185
Date: Mon, 05 Dec 2022 00:53:59 GMT
Etag: "638c3908-118"
Expires: Tue, 06 Dec 2022 06:07:04 GMT
Last-Modified: Sun, 04 Dec 2022 06:07:04 GMT
Server: nginx
Content-Length: 280

                                        
                                            GET /files/images/threat_free.gif HTTP/1.1 
Host: onlinelinkscan.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/

search
                                         172.67.217.203
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Mon, 05 Dec 2022 00:53:59 GMT
Content-Length: 259
Connection: keep-alive
Last-Modified: Wed, 29 May 2013 03:03:31 GMT
Cache-Control: max-age=31536000
Expires: Tue, 05 Dec 2023 00:53:58 GMT
Vary: User-Agent, Accept-Encoding
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qMPqDKw02NUeZDt2p76zGu3okRdpmR%2BTbVMqp7OJ3cW1emIqHfa8SeE7mpLPKuvGQgVRVdzNtWvxF2t2wQB1AOkAjtdy6r0HlyGomk7jlgxhiHI9cAH%2FO%2FV4I0wCyj1wsTvohEQ%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7748ced25edab4f7-OSL
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  GIF image data, version 87a, 73 x 15\012- data
Size:   259
Md5:    082d6d408eed111f03feb4d9f0b03dd7
Sha1:   f5a6a105f52a02f0d3f5363877697ed64e2b232b
Sha256: 754f6a7442e7ddea1af649b273dc228b77c221ab9ca8b1857b6911451675bd91
                                        
                                            GET /pagead/html/r20221110/r20190131/zrt_lookup.html HTTP/1.1 
Host: googleads.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         142.250.74.162
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 4242
x-xss-protection: 0
date: Sun, 04 Dec 2022 15:24:16 GMT
expires: Sun, 18 Dec 2022 15:24:16 GMT
cache-control: public, max-age=1209600
age: 34183
etag: 10353107486223812946
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2579)
Size:   4242
Md5:    2fb3574102373e2e076cfa2ff90cdf25
Sha1:   d06c985183def975546d6e47ab6369c11dcf7195
Sha256: e61cbc207f7fc2f429deceff11e7a339a3d9a9574da6d035054eba02ee381345
                                        
                                            GET /blogger_img_proxy/ANbyha1vLuGMog_ek8MY7OxdakHdIveswBIaCe-_BzmLimGzGNEtnJ2P7K05safi2PpoZWUNR-9ckFlGEAkcKUW7aT_aov5KTTbo7hkSFacjMns4KtvWfkSfJHYDc-A=w72-h72-p-k-no-nu HTTP/1.1 
Host: lh3.googleusercontent.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         142.250.74.97
HTTP/2 404 Not Found
content-type: text/html; charset=UTF-8
                                        
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Mon, 05 Dec 2022 00:53:59 GMT
server: fife
content-length: 1724
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1136)
Size:   1724
Md5:    463010c77acef669ae87d77e05564de7
Sha1:   8f087f58b372e08e23c28460efddf6667002f0a6
Sha256: 8e3008863970f8b531e7ee93475cbb217db4975ceed89b93decb473ed7be1e38
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 05 Dec 2022 00:53:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: max-age=116347
Date: Mon, 05 Dec 2022 00:53:59 GMT
Etag: "638c64a2-117"
Expires: Tue, 06 Dec 2022 09:13:06 GMT
Last-Modified: Sun, 04 Dec 2022 09:13:06 GMT
Server: nginx
Content-Length: 279

                                        
                                            GET /banner.gif HTTP/1.1 
Host: tinjau.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/

search
                                         162.215.231.71
HTTP/1.1 301 Moved Permanently
                                        
content-length: 0
location: https://tinjau.net/banner.gif

                                        
                                            GET /navbar.g?targetBlogID=5564844648999899487&blogName=Segalanya+disini+bermula&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://indahjiwadanrupa.blogspot.com/search&blogLocale=en&v=2&homepageUrl=http://indahjiwadanrupa.blogspot.com/&vt=-6544773174026890762&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.geaHZXF2-fw.O%2Fd%3D1%2Frs%3DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ%2Fm%3D__features__ HTTP/1.1 
Host: www.blogger.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         216.58.207.233
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 05 Dec 2022 00:53:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 2603
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (3170)
Size:   2603
Md5:    3101fc7d219ee753a3bf53a30b4b55a3
Sha1:   7b06b13c8fda488bec769978a6b443f1e281f3f3
Sha256: dcab955433cf922fee30c03d866c81c48e2010f4e9b2865a95130dec935db487
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 05 Dec 2022 00:53:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4323
Cache-Control: max-age=120670
Date: Mon, 05 Dec 2022 00:53:59 GMT
Etag: "638c64a2-117"
Expires: Tue, 06 Dec 2022 10:25:09 GMT
Last-Modified: Sun, 04 Dec 2022 09:13:06 GMT
Server: ECS (amb/6B97)
X-Cache: HIT
Content-Length: 279

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 05 Dec 2022 00:53:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /gampad/cookie.js?domain=indahjiwadanrupa.blogspot.com&callback=_gfp_s_&client=ca-pub-2863746284329625&gpid_exp=1 HTTP/1.1 
Host: partner.googleadservices.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         216.58.207.226
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Mon, 05 Dec 2022 00:53:59 GMT
server: cafe
cache-control: private
content-length: 252
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (391), with no line terminators
Size:   252
Md5:    b2bd4efc3600ac2484c8014ee7d23a85
Sha1:   ba9c6c56288f29520d84f1e57218fdb0127a2291
Sha256: fa5ae2b0d24eefb0b37dca5ca362d6f296b8fbd99109b82ce11006e78af4c7c0
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 05 Dec 2022 00:53:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3338
Cache-Control: max-age=151348
Date: Mon, 05 Dec 2022 00:53:59 GMT
Etag: "638ce051-116"
Expires: Tue, 06 Dec 2022 18:56:27 GMT
Last-Modified: Sun, 04 Dec 2022 18:00:49 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 278

                                        
                                            GET /adsid/integrator.js?domain=indahjiwadanrupa.blogspot.com HTTP/1.1 
Host: adservice.google.no
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.162
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Mon, 05 Dec 2022 00:53:59 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   100
Md5:    917951a58be8c6c6f3680159550ba3c2
Sha1:   21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
Sha256: cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
                                        
                                            GET /geocompteur/geocity_html.php?id=1478332&c=geocity_blue2&size=&nostats=&title=Segalanya%20disini%20bermula%3A%20Gombak&ref=indahjiwadanrupa.blogspot.com&fullurl=http%3A%2F%2Findahjiwadanrupa.blogspot.com%2Fsearch%2Flabel%2FGombak HTTP/1.1 
Host: www.widgeo.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
Upgrade-Insecure-Requests: 1

search
                                         104.26.10.22
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Mon, 05 Dec 2022 00:53:59 GMT
Transfer-Encoding: chunked
Connection: keep-alive
p3p: CP="NOI ADM DEV COM NAV OUR STP"
set-cookie: monpays=NO; expires=Sun, 05-Mar-2023 00:53:58 GMT; Max-Age=7776000; path=/ pays=Norway; expires=Sun, 05-Mar-2023 00:53:58 GMT; Max-Age=7776000; path=/ ville=Oslo; expires=Sun, 05-Mar-2023 00:53:58 GMT; Max-Age=7776000; path=/ idcompteurcc_1478332=done; expires=Tue, 06-Dec-2022 00:53:58 GMT; Max-Age=86400; path=/ online_idcompteurcc_1478332=done; expires=Mon, 05-Dec-2022 00:56:58 GMT; Max-Age=180; path=/ originecc_1478332=United%2BStates%2523United%2BStates%2BCity%25234745%257CUnited%2BStates%2523Boardman%25231184%257CCanada%2523Canada%2BCity%25231154%257CCanada%2523Burnaby%2523252%257CUnited%2BStates%2523Fort%2BLauderdale%2523186%257CUnited%2BStates%2523Raleigh%252383%257CNew%2BZealand%2523Auckland%252374%257CRomania%2523Romania%2BCity%252352%257CAustralia%2523Australia%2BCity%252352%257CGermany%2523Germany%2BCity%252344%257CUnited%2BStates%2523Los%2BAngeles%252337%257CNetherlands%2523Amsterdam%252336%257CFinland%2523Finland%2BCity%252332%257CGermany%2523Nurnberg%252327%257CUnited%2BStates%2523Dallas%252327%257CNetherlands%2523Netherlands%2BCity%252324%257CBangladesh%2523Bangladesh%2BCity%252324%257CUnited%2BStates%2523Duluth%252320%257CUnited%2BStates%2523Santa%2BClara%252319%257CJordan%2523Jordan%2BCity%252318%257CUnited%2BStates%2523Mountain%2BView%252317%257CSlovakia%2523Slovakia%2BCity%252316%257CKorea%252C%2BRepublic%2Bof%2523Seongnam%252316%257CUnited%2BStates%2523Washington%252316%257CUnited%2BStates%2523Dallax%252316%257CRussian%2BFederation%2523Russian%2BFederation%2BCity%252315%257CUnited%2BStates%2523New%2BYork%252314%257CUnited%2BStates%2523Herndon%252314%257CUnited%2BStates%2523Chicago%252313%257C; expires=Mon, 05-Dec-2022 00:56:58 GMT; Max-Age=180; path=/ online_1478332=4; expires=Mon, 05-Dec-2022 00:56:58 GMT; Max-Age=180; path=/ jour_1478332=7; expires=Mon, 05-Dec-2022 00:56:58 GMT; Max-Age=180; path=/ total_1478332=8646; expires=Mon, 05-Dec-2022 00:56:58 GMT; Max-Age=180; path=/ bonus_1478332=25390; expires=Tue, 06-Dec-2022 00:53:58 GMT; Max-Age=86400; path=/ bonus_j_1478332=1; expires=Mon, 05-Dec-2022 00:56:58 GMT; Max-Age=180; path=/
cache-control: public, max-age=180
expires: Mon, 05 Dec 2022 00:56:58 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sJaEytuKpReqdh1iUYaqZQAPcCZC2xxEhcnvcWeHZxLoBIoLN68eyWJ43mw4PRLgAA9SfRk%2FBy7qycV32BCFhHF0%2BijzkdeUNAojqBAoaQEDIVbpZZZknZcQCk2fI21K"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7748ced3082bb524-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (321)
Size:   2067
Md5:    9d5e444cc2c78e322374472f1c62bcd6
Sha1:   a003d5edde80980ad7ac4487ac531a36a1e8a6da
Sha256: b0fec32ad0dc17619801bd70663e514b25297a1abac9529c1686af71d4725cd7
                                        
                                            GET /widget/6735/0/3/2/140/bottom/transparent/006b9b/Tahoma|1.2em|0.04em|13px|100%25|1px|1px|c0c0c0|center|top|square|6,4,2,7,1,8,3 HTTP/1.1 
Host: www.guablog.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/

search
                                         93.115.28.104
HTTP/1.1 302 Found
                                        
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 11
date: Mon, 05 Dec 2022 00:53:58 GMT
location: https://track.vcdc.com/proceed.php?domain=guablog.com&hash=dd1f21d5d9a5fd1ca6234da33d8d70c1&u=eyJkb21haW4iOiJndWFibG9nLmNvbSIsImRvbWFpbl9pZCI6IjgyNzY3MDkiLCJmb2xkZXJfaWQiOm51bGwsIm1pZCI6IjE1MSIsImZpbHRlcl9pZCI6bnVsbCwiYWR2ZXJ0aXNlcl9pZCI6IjEyOCIsInRhcmdldCI6Imh0dHA6XC9cL3htbC12NC5jcmFmdHZpa2luZy0yLmNvXC9jbGljaz9pPThRQnkqLU1haVdjXzAiLCJpcF9hZGRyZXNzIjoiOTEuOTAuNDIuMTU0IiwidHlwZSI6ImphdmFfcmVkaXJlY3QiLCJiaWQiOiIwLjAwMDEyNyJ9
server: nginx
set-cookie: sid=4d271fcc-7437-11ed-a386-6f155d5c1dfe; path=/; domain=.guablog.com; expires=Sat, 23 Dec 2090 04:08:06 GMT; max-age=2147483647; HttpOnly


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   11
Md5:    32682312d17c7cbf18e73594f5570319
Sha1:   60e22121bdd0bc71cdb2bae2a3aa577006b2eae9
Sha256: e55fb1a1d731153e943b68844af12dcce8bfac917c98ffdea64c80da0607dd47
                                        
                                            GET /wp-content/uploads/2011/04/logo.png HTTP/1.1 
Host: googleping.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/

search
                                         104.219.251.211
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Mon, 05 Dec 2022 00:53:58 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2016 17:23:25 GMT
Accept-Ranges: bytes
Content-Length: 4749
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image data, 214 x 52, 8-bit/color RGBA, non-interlaced\012- data
Size:   4749
Md5:    bcb4a47cb86d2a1911360d037df41533
Sha1:   140477c387e054d860e1c89945abad7d05403b91
Sha256: 0529dbd436a56c0dfed63a6d2907edbc3f06d98568de4eadaa19220b792f369a
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "D4EEAD0B3F27149EABA02487857DEDE1C4387A26ED1278BB694E898EFB07BFC7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5218
Expires: Mon, 05 Dec 2022 02:20:57 GMT
Date: Mon, 05 Dec 2022 00:53:59 GMT
Connection: keep-alive

                                        
                                            GET /tag.min.js HTTP/1.1 
Host: inklinkor.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         104.21.91.63
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
                                        
date: Mon, 05 Dec 2022 00:53:59 GMT
x-trace-id: 3edea6f68f5d6aa0f27e492e4bfa37a5
cache-control: max-age=86400
last-modified: Fri, 02 Dec 2022 10:20:03 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
expires: Mon, 05 Dec 2022 23:46:41 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 4036
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zuiPj6nA47tEcVL7AxF8iM9A2hwg1nXyN%2FyakIpLiNC6yaPJVAtJMaJZx%2FsdBDVvaYVYdb069Jk9qCIU%2BH0W7t5Aagca8%2Bn6mmpNW47FeSPLc79hkzyGBB6%2FSP9uwAq8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7748ced3b9630b51-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   25939
Md5:    fb52e9d88f258fd5c4bcd8d8d2e2e3b6
Sha1:   19bf2928f498cc14e2e3cf8a728524efe486da0f
Sha256: 36dc02f32b85a06da189b5813f7cbba93e30ea70ad614b4e04015e954f401d15
                                        
                                            GET /adsid/integrator.js?domain=indahjiwadanrupa.blogspot.com HTTP/1.1 
Host: adservice.google.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.130
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Mon, 05 Dec 2022 00:53:59 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   100
Md5:    917951a58be8c6c6f3680159550ba3c2
Sha1:   21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
Sha256: cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
                                        
                                            GET /albums/y73/tx2nw/bloggedmy/bloggedmylink.png HTTP/1.1 
Host: i3.photobucket.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://indahjiwadanrupa.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         143.204.55.79
HTTP/2 200 OK
content-type: image/webp
                                        
content-length: 834
date: Mon, 05 Dec 2022 00:53:59 GMT
cache-control: max-age=31536000, public
content-disposition: inline; filename="bloggedmylink.webp"
expires: Tue, 05 Dec 2023 00:53:59 GMT
server: photobucket
x-amzn-trace-id: Root=1-638d4127-73995fa15a1dc98e579e9247
x-request-id: PP6-fj69WYxrkdVLrmU7p
x-cache: Miss from cloudfront
via: 1.1 814e8c24454087e83cd261a6cf477166.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: k5B9IfaYTHFeZz8hBYmRGZmvUnDcrDa15X1QoNjLwxhXYZAuthF1eA==
vary: Accept, Origin
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   834
Md5:    576ebd4971b153fdc7099dc1258ceb33
Sha1:   a7c63a407b3cfe17c110fa62e36807dcf86114e5
Sha256: 3f56a5eb35a3b530c6d648f70be1bfaf8152fc95d18f1a87a712a19883678eac
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 05 Dec 2022 00:53:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Cache-Control: 'max-age=158059'
Date: Mon, 05 Dec 2022 00:53:59 GMT
Etag: "638c64a2-117"
Server: ECS (amb/6BC5)
Content-Length: 279

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 05 Dec 2022 00:53:59 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 03 Dec 2022 06:31:16 GMT
Expires: Sat, 10 Dec 2022 06:31:15 GMT
Etag: "76d6a9570398d587866ffc34fb20784beec06d80"
Cache-Control: max-age=451635,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7748ced53de71bfe-OSL

                                        
                                            GET /geocompteur/shadow/flag_united%20states.png HTTP/1.1 
Host: www.widgeo.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.widgeo.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.26.10.22
HTTP/2 200 OK
content-type: image/webp
                                        
date: Mon, 05 Dec 2022 00:53:59 GMT
content-length: 1008
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=1214
content-disposition: inline; filename="flag_united%20states.webp"
vary: Accept
cache-control: public, max-age=2592000
expires: Thu, 15 Dec 2022 19:39:07 GMT
last-modified: Thu, 20 Jun 2019 15:14:42 GMT
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 1660491
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CMR8zhmy4QZpDmvBd2WB1sWfat20cnoa%2F1%2FG1sqpPOhOBQEv3wr4X28brsRfY0wNxx%2B4KwUGREYgmNGz5M9Sh%2BjDss51m3LsAydUCdMuWM%2F4vOHY3%2BgPLxzm2lAlRHCZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7748ced59ebb0b3d-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   1008
Md5:    03d9bb2b449e6e964d86aec6d71b6856
Sha1:   e9b1da7fa7d59eaa78b2e2ad681c1e126fb55aa8
Sha256: 6baa676f5ca2682fd2d7945ca2d3b06759d8a1bdd4974e4c3e00b80643410399
                                        
                                            GET /geocompteur/shadow/flag_romania.png HTTP/1.1 
Host: www.widgeo.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.widgeo.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.26.10.22
HTTP/2 200 OK
content-type: image/webp
                                        
date: Mon, 05 Dec 2022 00:53:59 GMT
content-length: 644
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=842
content-disposition: inline; filename="flag_romania.webp"
vary: Accept
cache-control: public, max-age=2592000
expires: Sat, 31 Dec 2022 20:19:37 GMT
last-modified: Thu, 20 Jun 2019 15:14:42 GMT
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 275661
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PmOK2g%2FKOQRnGwFmur97Ink9D0eGXWmUxPF47kjrnEUdmPiWhEdzcPtu018PW95cXYoWZfwFB08fEVI3BlEHK0xJFBeKoQOBVMV3hTm8eznU0AjiHO8kkYBeQiwKuFFW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7748ced59ec20b3d-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   644
Md5:    a2ef37e3cfe2119759469a219565c145
Sha1:   7d174bb96c9eb762a56b531e8c15a160773fe008
Sha256: 8f45100a446929b8ad38c886a1cc6d033a066a008f8268b6fa1ec8d3f4d74166
                                        
                                            GET /geocompteur/shadow/flag_canada.png HTTP/1.1 
Host: www.widgeo.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.widgeo.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.26.10.22
HTTP/2 200 OK
content-type: image/webp
                                        
date: Mon, 05 Dec 2022 00:53:59 GMT
content-length: 886
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=1148
content-disposition: inline; filename="flag_canada.webp"
vary: Accept
cache-control: public, max-age=2592000
expires: Sun, 01 Jan 2023 04:21:33 GMT
last-modified: Thu, 20 Jun 2019 15:14:42 GMT
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 246745
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1cJ5qv3MwuJQkzuWVOWP3BNnPjSzGrgj%2F2z8rexui0kHk6BSHEJotwBAtsFDjmSvUS8o1ymgvGWWf%2FVh8tgsm1NgtZAVYAJjU22YSgXA1x2Dup6jR8Tvo0WteSackJeN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7748ced59ebf0b3d-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   886
Md5:    9dfda6415875b226812181f7ea64fcc8
Sha1:   6cdf4ed8b0a4d6a748510ab74d772183a55bdf38
Sha256: b5e378613935ec7dabd4e11e095b4141b16462909085a185e3a093c8900e6a55
                                        
                                            GET /geocompteur/shadow/flag_new%20zealand.png HTTP/1.1 
Host: www.widgeo.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.widgeo.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.26.10.22
HTTP/2 200 OK
content-type: image/webp
                                        
date: Mon, 05 Dec 2022 00:53:59 GMT
content-length: 940
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=1173
content-disposition: inline; filename="flag_new%20zealand.webp"
vary: Accept
cache-control: public, max-age=2592000
expires: Tue, 03 Jan 2023 02:11:33 GMT
last-modified: Thu, 20 Jun 2019 15:14:42 GMT
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 81744
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cmbz8cTNMchi3p9JhdYSWKja6m2Im7apkhEmsu%2FZbQJtBBchhT15HYGl7R9n372tSnxWzYdq5vTl9PPyphLKXJGY7OCSNJp0q5KxELufOwVzcfdz55ZyCIpvj2B7rlyx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7748ced59ec10b3d-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   940
Md5:    8719b63ac81155fd64422298ef8a8b25
Sha1:   c034b5869772ddf1675ebdbeb3c0d3c540738c24
Sha256: b313f56a36c855a1a34a02b96910ee4307e553a28a6e52bc64e2ab1bc2cfdae5
                                        
                                            GET /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js HTTP/1.1 
Host: www.widgeo.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.widgeo.net/geocompteur/geocity_html.php?id=1478332&c=geocity_blue2&size=&nostats=&title=Segalanya%20disini%20bermula%3A%20Gombak&ref=indahjiwadanrupa.blogspot.com&fullurl=http%3A%2F%2Findahjiwadanrupa.blogspot.com%2Fsearch%2Flabel%2FGombak

search
                                         104.26.10.22
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Mon, 05 Dec 2022 00:53:59 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 30 Nov 2022 18:31:41 GMT
ETag: W/"6387a18d-302c"
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HlH3GDzQY5CZ1YvPbx9xFcKNE9LqxY0LIXA1TXaam3p0nVocjzBDpeYL9kyzl2DYyJzYZJADLAnVfM3dNtDWx5vTF5dL7sizZ4DnSf7XfTXiLQ0R%2BMjBxf86%2BIjHxv7M"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7748ced5a991b524-OSL
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Expires: Wed, 07 Dec 2022 00:53:59 GMT
Cache-Control: max-age=172800, public
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (12331)
Size:   3886
Md5:    54c87b7a9007d256c837e382cab4170d
Sha1:   6c8f44204021f68596af9ae5a742c3ad1b76a6ec
Sha256: 3a09f98b09786cd8fbe71cc17d07660e767fc1c8d2ea467f912bc328766a54a1
                                        
                                            GET /geocompteur/shadow/flag_australia.png HTTP/1.1 
Host: www.widgeo.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.widgeo.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.26.10.22
HTTP/2 200 OK
content-type: image/webp
                                        
date: Mon, 05 Dec 2022 00:53:59 GMT
content-length: 1022
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=1234
content-disposition: inline; filename="flag_australia.webp"
vary: Accept
cache-control: public, max-age=2592000
expires: Wed, 28 Dec 2022 07:08:28 GMT
last-modified: Thu, 20 Jun 2019 15:14:42 GMT
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 582330
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3xS3G3VH1zLV3YUOsF2DqChs5%2F69BnIyEOuSMoh4aFWEdZGDQ2yZmbtp24v7S3FmNUJcqkdj6%2Buoo9dFzF12V60OCuEJo1%2Biasjdzr8BxPZKjCVfvj1Y8s3BGRtInfeM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7748ced5aec70b3d-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   1022
Md5:    395fda4bf932944885ae2bad6bc94cbd
Sha1:   56579ba3f9e670a64a59fee1079028bf5bbc33ca
Sha256: 6869308fc918c3d6b972eacc5900d2e17ab9740e282d5b3f214f66fbd5b1d43e
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 05 Dec 2022 00:53:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /geocompteur/shadow/flag_germany.png HTTP/1.1 
Host: www.widgeo.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.widgeo.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.26.10.22
HTTP/2 200 OK
content-type: image/webp
                                        
date: Mon, 05 Dec 2022 00:53:59 GMT
content-length: 686
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=873
content-disposition: inline; filename="flag_germany.webp"
vary: Accept
cache-control: public, max-age=2592000
expires: Mon, 26 Dec 2022 19:58:36 GMT
last-modified: Thu, 20 Jun 2019 15:14:42 GMT
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 708922
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=umM%2FRF4CW8T88Fu2WHcrp8t%2F8%2BCHAHpOK9LclpQqpUVX8vmqA9fpoRAWwNGixp7yElS8kmd9ZueFXaRpsl7NTzD8T%2BKlKXhB2lsYKKzuUBw8JaTE760xcw2ze0o0NO46"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7748ced5aec90b3d-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   686
Md5:    1c667705cee250254b246ed54d521b22
Sha1:   ebb8e80e0820a7e73926c5d2ff02c5f74c9925b1
Sha256: 1b4f1b8a79090e222e116c0bb9a7333a8b88f41dd2172122f67e8c0f1a6c2e21
                                        
                                            GET /geocompteur/shadow/flag_netherlands.png HTTP/1.1 
Host: www.widgeo.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.widgeo.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.26.10.22
HTTP/2 200 OK
content-type: image/webp
                                        
date: Mon, 05 Dec 2022 00:53:59 GMT
content-length: 710
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=892
content-disposition: inline; filename="flag_netherlands.webp"
vary: Accept
cache-control: public, max-age=2592000
expires: Sat, 10 Dec 2022 23:05:41 GMT
last-modified: Thu, 20 Jun 2019 15:14:42 GMT
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 2080098
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BvyMTDbMb81p4ACXAqD%2B1GflEGGUS3gNxxcNPIv2wCYdnGTfie0r54Xe61%2BcpLNophVvcLCWiLdUohR50cKobbxy%2FSKgCaXpg4crI%2BWkfASOrQrIZNCoEQ2B4Ohn77MK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7748ced5aeca0b3d-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   710
Md5:    4d48534384964664d122ef558ebf1acd
Sha1:   8cbccb6b66f6161c329f9945b58e79e09640cc90
Sha256: 286ee399704cd53efeabbca51dfc8459fb9633265ae4e9e046610f7d61d087bb
                                        
                                            GET /geocompteur/shadow/flag_finland.png HTTP/1.1 
Host: www.widgeo.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.widgeo.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.26.10.22
HTTP/2 200 OK
content-type: image/webp
                                        
date: Mon, 05 Dec 2022 00:53:59 GMT
content-length: 724
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=899
content-disposition: inline; filename="flag_finland.webp"
vary: Accept
cache-control: public, max-age=2592000
expires: Wed, 28 Dec 2022 07:47:02 GMT
last-modified: Thu, 20 Jun 2019 15:14:42 GMT
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 580016
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BdlE9DOU%2FgChpnuKu5a%2FgMT33geV2OS%2B%2BKMWremzgSqrbdfsNCglGHer0J8JACByiD6NYh4Db%2Bk%2FgqRRQocwdakNE%2F8Nn7Wv1tE6xYesWI6LWaC6y49XfbfB8PWIUghO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7748ced5aecb0b3d-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   724
Md5:    4bb42c0a72d24163a22f5b03c19014ca
Sha1:   333c2b0e19045c6162ea18f96cde896e9568c965
Sha256: 57f34fcc77132fcdfc669956854f38ebc6089241f1d5f52d7218d06365c9e750
                                        
                                            GET /geocompteur/shadow/flag_bangladesh.png HTTP/1.1 
Host: www.widgeo.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.widgeo.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.26.10.22
HTTP/2 200 OK
content-type: image/webp
                                        
date: Mon, 05 Dec 2022 00:53:59 GMT
content-length: 824
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=1024
content-disposition: inline; filename="flag_bangladesh.webp"
vary: Accept
cache-control: public, max-age=2592000
expires: Sat, 17 Dec 2022 10:26:20 GMT
last-modified: Thu, 20 Jun 2019 15:14:42 GMT
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 1520859
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gtV%2FQAfNvajhEh3NGPyAjYslH4vJxZFYCV340V3jyXuIgzd52nwdA5MqQIP%2B8Nn%2F7Ey4oE2L1a4AP51o7DidEtdp6uRNrihd4TbVHbubDF0AwlpaRtVCl55kSv4hRDdQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7748ced5aecd0b3d-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   824
Md5:    fda033492cc9954e333f12982d8b3a73
Sha1:   643379f831ee7bb9447262e326f759024bc3c196
Sha256: 93b2111e0009e79e40b18ac53ec7e49d3703956ddf9696f62140f098c219ace6
                                        
                                            GET /geocompteur/shadow/flag_jordan.png HTTP/1.1 
Host: www.widgeo.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.widgeo.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.26.10.22
HTTP/2 200 OK
content-type: image/webp
                                        
date: Mon, 05 Dec 2022 00:53:59 GMT
content-length: 856
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=1070
content-disposition: inline; filename="flag_jordan.webp"
vary: Accept
cache-control: public, max-age=2592000
expires: Tue, 27 Dec 2022 13:01:51 GMT
last-modified: Thu, 20 Jun 2019 15:14:42 GMT
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 647528
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W3ErBKsU6e3jY3Wa3h8GrYewTT8hqFjDTcYfS%2FIqIqRbYs14fmv48SjgxKlHPkvPt4YrWxqsu3ijIQ6F5AVEDmkJF9LndiqqgjRYlTPeeHAkTrPapTrfhXwq1MllmNAS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7748ced5bed30b3d-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   856
Md5:    fab06f4814c4b3c0729efab034801d24
Sha1:   092532af1b8ef1d565e35fc7c0d220a9e04b6d40
Sha256: d7827becd9dc8fe3a38a9fa6e24b3e05fdf9c0a47d391b47c578fbc12b3f8ca5
                                        
                                            GET /albums/s282/theviejo/recurso_9_1.jpg HTTP/1.1 
Host: i155.photobucket.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://indahjiwadanrupa.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         143.204.55.79
HTTP/2 200 OK
content-type: image/webp
                                        
content-length: 918
date: Mon, 05 Dec 2022 00:53:59 GMT
cache-control: max-age=31536000, public
content-disposition: inline; filename="recurso_9_1.webp"
expires: Tue, 05 Dec 2023 00:53:59 GMT
server: photobucket
x-amzn-trace-id: Root=1-638d4127-22cd72d60fcf5dee3db895b1
x-request-id: BtDer0G96pZ-ZnajcUm_5
x-cache: Miss from cloudfront
via: 1.1 814e8c24454087e83cd261a6cf477166.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: oXdotz9IgPb61fEVqQ-pWkqSu4Bm5zrV0C5Bwb5C4cSH1duNEnySGg==
vary: Accept, Origin
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   918
Md5:    e16b7abd904475580b7337e9ad7c1186
Sha1:   0b64b294e6e44f0d6ee746f86beb996b371501da
Sha256: 16a6cb27477f691f335eecd30e8ad33db3265e8326d82a7bea55f8a5e65922ff
                                        
                                            GET /geocompteur/shadow/flag_slovakia.png HTTP/1.1 
Host: www.widgeo.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.widgeo.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.26.10.22
HTTP/2 200 OK
content-type: image/webp
                                        
date: Mon, 05 Dec 2022 00:53:59 GMT
content-length: 894
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=1065
content-disposition: inline; filename="flag_slovakia.webp"
vary: Accept
cache-control: public, max-age=2592000
expires: Sun, 01 Jan 2023 17:59:04 GMT
last-modified: Thu, 20 Jun 2019 15:14:42 GMT
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 197694
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4aHbcPwRFWtympFwBy%2BGDhy%2Brs5atnJOsMwXBGvpXxd4oWSth7ki0UDi3F7zVgw7w%2FX%2B%2B0RMS02mwlJ21Y%2BAmvzzFQOUi1ScyJFx0bQ1bGuGYQts7tZizZGwk5mYMmkE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7748ced5ced80b3d-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   894
Md5:    129ccceec06ef21121373b3f01b1223e
Sha1:   2a65a61156488db26b939a6b3eb59b58558e8e73
Sha256: be2278e310c722ee37932e45c66689ca942bf194939612796ddf468224534126
                                        
                                            GET /geocompteur/shadow/flag_korea,%20republic%20of.png HTTP/1.1 
Host: www.widgeo.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.widgeo.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.26.10.22
HTTP/2 200 OK
content-type: image/webp
                                        
date: Mon, 05 Dec 2022 00:53:59 GMT
content-length: 814
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=1163
content-disposition: inline; filename="flag_korea,%20republic%20of.webp"
vary: Accept
cache-control: public, max-age=2592000
expires: Sat, 17 Dec 2022 10:21:59 GMT
last-modified: Thu, 20 Jun 2019 15:14:42 GMT
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 1521119
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q1CURiGi%2F%2FeyWwdX53afdTNOBslZhB0lOOVmdipX3Czmn%2BokdeUHjPsJZVfYh1LRu8lzp5nkytg4Ht30kuH1MWQRRDS0EYAepUguOdJpRdbR7aTF7atG1RclafHAjOR6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7748ced5eee80b3d-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   814
Md5:    ec4b0c854ec18061c7bafbe9ac9d1c3b
Sha1:   77c850ef6479e29a631dba64d06ccc1eefb1adc6
Sha256: 48f6236fb62cb417c5d00552052f378bfd1a82ca9f21f341c69390fd346fd439
                                        
                                            GET /count2/zVdh/bg_FFFFFF/txt_000000/border_CCCCCC/columns_2/maxflags_250/viewers_0/labels_0/pageviews_1/flags_1/percent_0/ HTTP/1.1 
Host: s05.flagcounter.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/

search
                                         66.154.110.218
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Mon, 05 Dec 2022 00:53:59 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips
Pragma: no-cache
Cache-control: no-cache
Connection: close
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  PNG image data, 162 x 1376, 8-bit/color RGB, non-interlaced\012- data
Size:   79020
Md5:    823ae7d5813826e3f3680f284219ad86
Sha1:   d3417c66b5efc6cae4a74a1318271dcd0cacc289
Sha256: 5b868b5a7429a472631644a77fcb404e8db5e8fcba7fd379d6471c7ab92c2682
                                        
                                            GET /geocompteur/shadow/flag_russian%20federation.png HTTP/1.1 
Host: www.widgeo.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.widgeo.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.26.10.22
HTTP/2 200 OK
content-type: image/webp
                                        
date: Mon, 05 Dec 2022 00:53:59 GMT
content-length: 680
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=857
content-disposition: inline; filename="flag_russian%20federation.webp"
vary: Accept
cache-control: public, max-age=2592000
expires: Wed, 28 Dec 2022 03:12:56 GMT
last-modified: Thu, 20 Jun 2019 15:14:42 GMT
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 596462
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8dXphB%2FQWDlz81G000%2Fs4OcoWMVAu%2BmytABknYcbCVEjJFwCNWcVs5jV17%2BNuiaa86fBb6cvEQkcH0ieTZp0aAeSA7ak%2BpZkzX6pf0j78VLVliWzeIp4PuEab19xg5om"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7748ced5feef0b3d-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   680
Md5:    852881aef6d6a8bca3123c3201f64c74
Sha1:   0e5ef2c61383bb79c8a6ea068d9a688631d844fa
Sha256: 41c20a2d0dc8fe26ec1e5c7e71b5d82fc09e7ce0bd30db7abb516474f5c186a1
                                        
                                            GET /tcm_t_u.js HTTP/1.1 
Host: www.widgeo.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         104.26.10.22
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Mon, 05 Dec 2022 00:53:59 GMT
content-length: 0
cf-bgj: minify
cf-polished: origSize=4360
cache-control: public, max-age=604800
expires: Fri, 09 Dec 2022 03:46:03 GMT
last-modified: Sat, 01 Oct 2022 00:32:25 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 248875
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s7YPDDRAwZwLiwu9YpBDy2HN83Vlat9xFpDKrRyJ5QMWirp0rgKl1ENnfg7sPpoiOpJhrPZCnXF6UDRKy4OWbzT4Xaz7yXV0dj9i5AjHzYsdb7osACR%2Bc5ZKZV2p0Jox"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7748ced60efa0b3d-OSL
X-Firefox-Spdy: h2

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 05 Dec 2022 00:53:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /geocompteur/img/tmp/earth_blue2.png HTTP/1.1 
Host: www.widgeo.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.widgeo.net/geocompteur/css/city_css.php?c=geocity_blue2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.26.10.22
HTTP/2 200 OK
content-type: image/webp
                                        
date: Mon, 05 Dec 2022 00:53:59 GMT
content-length: 2596
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=3258
content-disposition: inline; filename="earth_blue2.webp"
vary: Accept
cache-control: public, max-age=2592000
expires: Sat, 24 Dec 2022 22:15:30 GMT
last-modified: Thu, 20 Jun 2019 15:14:42 GMT
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 873508
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ljrwo60SuTB%2BdxhHjJhzfMjxf%2Ff%2FZqi5WFMMBiU1L1FHCk7eQEj16UBoRbVEmJHOkqDPaGpBXWZ9Wnst5n%2B4ZtmEbrSMY1JbLpFVlYQbFx9b93DnNHMe3yzbxPnwD5rA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7748ced68f290b3d-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   2596
Md5:    35ef26dc64d2a2d57e62bef7f3c6f8c3
Sha1:   d8bd4c88f74912e188cb4e2ccc5ed53ecd36591c
Sha256: 2ab4d3f5ec0ee2c160aab1838975a7c7cd89e6adee9d7af72fc5f2f9d898317a
                                        
                                            GET /5/3294720/?oo=1&js_build=iclick-v1.458.0 HTTP/1.1 
Host: bedrapiona.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://indahjiwadanrupa.blogspot.com
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         139.45.197.234
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Mon, 05 Dec 2022 00:53:59 GMT
x-trace-id: 2bb543e746925b50d7aa18a0c7e540f6
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: http://indahjiwadanrupa.blogspot.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=beb140c3065b486e845c2a60ba7af5d8; expires=Tue, 05 Dec 2023 00:53:59 GMT; path=/; secure; SameSite=None oaidts=1670201639; expires=Tue, 05 Dec 2023 00:53:59 GMT; path=/; secure; SameSite=None syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   16101
Md5:    06a0fb0a478feb7570335d0cf7d265dc
Sha1:   eaa3e9959419993c5e845b3dc9433baaba99654a
Sha256: 4561033f6a76d323a3361faccb40a4e6f04e5ba7fe829cad8af44c0779d2d789
                                        
                                            POST / HTTP/1.1 
Host: globessl.ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 05 Dec 2022 00:53:59 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 02 Dec 2022 08:13:38 GMT
Expires: Fri, 09 Dec 2022 08:13:37 GMT
Etag: "fe9cb9249d1603111c21c8c9e4965fea0c39e470"
Cache-Control: max-age=371377,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7748ced65f100b49-OSL

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 05 Dec 2022 00:53:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /pricon.php?key=3GMpBcMXs2rfo3Eh HTTP/1.1 
Host: checkpagerank.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://indahjiwadanrupa.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         96.30.9.108
HTTP/2 200 OK
content-type: image/gif
                                        
cache-control: max-age=2592000
expires: Wed, 04 Jan 2023 00:53:59 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 1278
date: Mon, 05 Dec 2022 00:53:59 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 180 x 60\012- data
Size:   1278
Md5:    785039293e19a0f0a0db1231b9704b67
Sha1:   8c2f91b1a33a4f266f23f06b7dfa8ab4a431a400
Sha256: 118d4625d63c95ff6bdbf63452619f02b738a2055c5ee4ba986d114ad0d007ab
                                        
                                            GET /images/exactbutton1.gif HTTP/1.1 
Host: www.exactseek.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://indahjiwadanrupa.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         70.35.204.181
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Mon, 05 Dec 2022 00:53:59 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.33
Last-Modified: Mon, 16 Apr 2012 18:53:03 GMT
ETag: "dcd-4bdd054f481c0"
Accept-Ranges: bytes
Content-Length: 3533
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  GIF image data, version 89a, 88 x 31\012- data
Size:   3533
Md5:    fcca6f86d560ed5a0707708d4c82fec1
Sha1:   531a5a8c0e53c3d2021007b88c045d8c6618a07e
Sha256: 80caea32c373db145d7cc840e333eacd1459c30f815027d185030b45ca7182fb
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 05 Dec 2022 00:53:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 05 Dec 2022 00:53:59 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 04 Dec 2022 21:44:15 GMT
Expires: Sun, 11 Dec 2022 21:44:14 GMT
Etag: "91c4248b6a416df26939272bc86f075a51a12a1f"
Cache-Control: max-age=592814,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7748ced5be041bfe-OSL

                                        
                                            GET /css?family=Open+Sans:400,700 HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.widgeo.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.106
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 05 Dec 2022 00:53:59 GMT
date: Mon, 05 Dec 2022 00:53:59 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   45495
Md5:    20447aa3fadc7b304b012367f697dce7
Sha1:   0c90812229b178eb08a0c26866b943ec05b63d82
Sha256: b22f02336cdffa464ca873c9558211d9d6f2d875a4c75adfa6aa9287c91181d2
                                        
                                            GET /proceed.php?domain=guablog.com&hash=dd1f21d5d9a5fd1ca6234da33d8d70c1&u=eyJkb21haW4iOiJndWFibG9nLmNvbSIsImRvbWFpbl9pZCI6IjgyNzY3MDkiLCJmb2xkZXJfaWQiOm51bGwsIm1pZCI6IjE1MSIsImZpbHRlcl9pZCI6bnVsbCwiYWR2ZXJ0aXNlcl9pZCI6IjEyOCIsInRhcmdldCI6Imh0dHA6XC9cL3htbC12NC5jcmFmdHZpa2luZy0yLmNvXC9jbGljaz9pPThRQnkqLU1haVdjXzAiLCJpcF9hZGRyZXNzIjoiOTEuOTAuNDIuMTU0IiwidHlwZSI6ImphdmFfcmVkaXJlY3QiLCJiaWQiOiIwLjAwMDEyNyJ9 HTTP/1.1 
Host: track.vcdc.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://indahjiwadanrupa.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         167.233.8.197
HTTP/2 200 OK
content-type: text/html; charset=utf8
                                        
server: nginx
date: Mon, 05 Dec 2022 00:53:59 GMT
content-length: 527
cache-control: no-cache, must-revalidate
content-encoding: none
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (527), with no line terminators
Size:   527
Md5:    d6fa22651cd2e7efbfcef6d84346fa8b
Sha1:   62dbd729e3565ac90dd0413c13e62823b16582de
Sha256: 590024478edc7ec84abceb8d36d75f272fd2953e642baf7b4669a9e39d1c4334
                                        
                                            GET /ajax/libs/jquery/1.4.2/jquery.min.js HTTP/1.1 
Host: ajax.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.widgeo.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         172.217.21.170
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 24715
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 03 Dec 2022 12:33:41 GMT
expires: Sun, 03 Dec 2023 12:33:41 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 130818
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (820)
Size:   24715
Md5:    cc24419c482370498f3c227ac73d666b
Sha1:   37fc103ace873f47102e0ca88eb4735bc6806750
Sha256: 152fa070788f0cf29dc062f03860897c39c7ffa13e6eee2dc3e5dc131ecbc7aa
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 05 Dec 2022 00:53:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5580
Cache-Control: max-age=118676
Date: Mon, 05 Dec 2022 00:53:59 GMT
Etag: "638c57ef-116"
Expires: Tue, 06 Dec 2022 09:51:55 GMT
Last-Modified: Sun, 04 Dec 2022 08:18:55 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 278

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: max-age=105185
Date: Mon, 05 Dec 2022 00:53:59 GMT
Etag: "638c3908-118"
Expires: Tue, 06 Dec 2022 06:07:04 GMT
Last-Modified: Sun, 04 Dec 2022 06:07:04 GMT
Server: nginx
Content-Length: 280

                                        
                                            GET /geocompteur/css/city_css.php?c=geocity_blue2 HTTP/1.1 
Host: www.widgeo.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.widgeo.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.26.10.22
HTTP/2 200 OK
content-type: text/css;charset=UTF-8
                                        
date: Mon, 05 Dec 2022 00:53:59 GMT
cache-control: public, max-age=604800
expires: Mon, 12 Dec 2022 00:53:58 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nr1DyG8g6y%2Fiuzi7j6brFylii2KRbmm%2B6UlIRV2jd1r9TR85jf0LbhNiPBlNptUKk8zYjVpxe5zrTApILxt3%2BMOZztR%2FDKjHdAgT%2BnVGck1EE%2BW990EKoMR2lb0NzaXi"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7748ced58eb50b3d-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   2173
Md5:    2fba10696a16ff1d252a1bff37d5be0e
Sha1:   03abeb7d915bcc16a7c28d0df3efb71c1a087cf3
Sha256: c59fc777d407c90a6e2b3199c9e21b509d0da3755f7d0d26985f9c2dcaaa42ca
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 05 Dec 2022 00:53:59 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 01 Dec 2022 22:30:51 GMT
Expires: Thu, 08 Dec 2022 22:30:50 GMT
Etag: "981ae1e40da6163043c5de563e6e97a7062d9ea3"
Cache-Control: max-age=336410,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7748ced61d4c0b61-OSL

                                        
                                            GET /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js HTTP/1.1 
Host: www.widgeo.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.widgeo.net/hitparade.php?pagexiti=geocity_blue2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.26.10.22
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Mon, 05 Dec 2022 00:53:59 GMT
last-modified: Wed, 30 Nov 2022 18:31:41 GMT
etag: W/"6387a18d-302c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LFIOAdy43nQTAwrRKIovozWGtSrTVh13lyq1PNPzaSD2zrOmjYaPIFI1%2FsN7piZ8V43Q4hxG4Mls3J30SuGryPmB5baNUk7K2zke8jshtrW2yE8Kx2vznMe%2BEYMwTNJx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7748ced66f1e0b3d-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Wed, 07 Dec 2022 00:53:59 GMT
cache-control: max-age=172800, public
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   80673
Md5:    2aa881ce5eef7c682fd4b9c4b0deba23
Sha1:   d652732a6caf3c6229e02d90c4120246c2e531f7
Sha256: 1d72b45df09dc4860993e4ecd70eac3dcf17f682a52a2ef04e7a7efaedc4bf9d
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5329
Cache-Control: max-age=118425
Date: Mon, 05 Dec 2022 00:53:59 GMT
Etag: "638c57ef-116"
Expires: Tue, 06 Dec 2022 09:47:44 GMT
Last-Modified: Sun, 04 Dec 2022 08:18:55 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 278

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 05 Dec 2022 00:53:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /images/fwsbutton10.gif HTTP/1.1 
Host: www.freewebsubmission.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://indahjiwadanrupa.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         74.208.47.213
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Mon, 05 Dec 2022 00:53:59 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16
Last-Modified: Tue, 21 Apr 2020 21:52:19 GMT
ETag: "8b5-5a3d40794a733"
Accept-Ranges: bytes
Content-Length: 2229
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  GIF image data, version 89a, 88 x 31\012- data
Size:   2229
Md5:    6016bc8360a0f80b057623864a01c8b6
Sha1:   8136988f2c9a449b037363fc5bddce38963e4a88
Sha256: 198588f87288e60355833b7bba5b39721295f176889164613076722106359629
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "5E444685FC55211330424827C83A0B4A885FF07F4C97FA667EEAD72CDC3C3EAF"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3197
Expires: Mon, 05 Dec 2022 01:47:16 GMT
Date: Mon, 05 Dec 2022 00:53:59 GMT
Connection: keep-alive

                                        
                                            GET /hit.xiti?s=281802&p=geocity_blue2&hl=0x53x56&r=1280x1024x24x24&ref=http://indahjiwadanrupa.blogspot.com/ HTTP/1.1 
Host: logv33.xiti.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.widgeo.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         143.204.46.236
HTTP/2 302 Found
content-type: text/html; charset=utf-8
                                        
content-length: 155
date: Mon, 05 Dec 2022 00:53:59 GMT
cache-control: no-store
location: /hit.xiti?s=281802&p=geocity_blue2&hl=0x53x56&r=1280x1024x24x24&ref=http://indahjiwadanrupa.blogspot.com/&Rdt=On
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
set-cookie: idrxvr=BC5AF6C9-13A5-49D5-94B5-D0D2B904D7B6; Path=/; Domain=xiti.com; Expires=Fri, 05 Jan 2024 00:53:59 GMT; HttpOnly atidx=BC5AF6C9-13A5-49D5-94B5-D0D2B904D7B6; Path=/; Domain=xiti.com; Expires=Fri, 05 Jan 2024 00:53:59 GMT; HttpOnly; Secure atid=BC5AF6C9-13A5-49D5-94B5-D0D2B904D7B6; Path=/; Domain=xiti.com; Expires=Fri, 05 Jan 2024 00:53:59 GMT; HttpOnly; Secure; SameSite=None
strict-transport-security: max-age=15768000
x-cache: Miss from cloudfront
via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: hcOfEm3CgrDoOh3mm7kt_HINB0QLzSaxw5PHt3O7tCqsV2uozRT9Gw==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document, ASCII text
Size:   155
Md5:    a3d77a4bc07f0c5ea97547a6f6ee99d6
Sha1:   45159095fcb244e6611cc1bcdcc87f58ef6f341f
Sha256: 30367760a433f640915d7105483f3b65fe9390bb759ff8819073327b784b4a4c
                                        
                                            GET /gid.js?userId=beb140c3065b486e845c2a60ba7af5d8 HTTP/1.1 
Host: my.rtmark.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0