indahjiwadanrupa.blogspot.de/search/label/Gombak
302 Moved Temporarily 196 B URL HTTP/1.1 indahjiwadanrupa.blogspot.de/search/label/Gombak
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash fcbfe274d6b365ecc30c3450a5a4fabb
b35b4a0606baed3faf6f2698dc9aa72a76cb6d8e
ee40c78fc642d2422d2d440fff7e442380b21f999247b0bb42d0c386b23b824d
Analyzer Verdict Alert fortinet Malware
GET /search/label/Gombak HTTP/1.1
Host: indahjiwadanrupa.blogspot.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Moved Temporarily
Location: http://indahjiwadanrupa.blogspot.com/search/label/Gombak
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Mon, 05 Dec 2022 00:53:57 GMT
Expires: Mon, 05 Dec 2022 00:53:57 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 196
Server: GSE
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash cfec3d7283a9b66d2be426ce54d210f3
808c1feb1ba918951d1928c1f6bfc0c253262774
1bad6c06aa3e88dcbc125fc98a6cb753eb2b18d2c8dd61da21d12209aeeda3f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15133
Expires: Mon, 05 Dec 2022 05:06:10 GMT
Date: Mon, 05 Dec 2022 00:53:57 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 471 B IP
Hash fb2c0697c6d9a96a5411dd2952947458
79e57f831ec396bbdaa5bfe9472a05e6c9fb31f4
3fd7edcc349ab4402f62e54a142be6b4cecf0e7ee3f431d3168bdf0643ba4d92
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3717
Cache-Control: max-age=124757
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 00:53:57 GMT
Etag: "638c76f5-1d7"
Expires: Tue, 06 Dec 2022 11:33:14 GMT
Last-Modified: Sun, 04 Dec 2022 10:31:17 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 1ea206ac3c440825741687351f8c6e4e
2f38dafd8c43dcce2411a0590bc5c02cd6286735
7d7232c8c91bcd18161ba2c9d23e3bff159604e058bd5b3fc1c7fcbcd03a7ee3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6724
Expires: Mon, 05 Dec 2022 02:46:01 GMT
Date: Mon, 05 Dec 2022 00:53:57 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 05 Dec 2022 00:20:10 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2027
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: Tf2s3cYbGHM4y6zHPIb8SMlThTq6yL82/mrxUVKtU0JGoOCAV7P+/T806Cg8AC421B7Jqwv9OOY=
x-amz-request-id: BWM2593CGGHDWYGW
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 05 Dec 2022 00:47:46 GMT
age: 371
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 00:53:57 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 05 Dec 2022 00:08:58 GMT
cache-control: public,max-age=3600
age: 2700
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
indahjiwadanrupa.blogspot.com/search/label/Gombak
200 OK 25 kB URL HTTP/1.1 indahjiwadanrupa.blogspot.com/search/label/Gombak
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (3946)
Hash 6c659217f9147fb9e6670564909f188c
bc7d177cb9c155730720cc71576e3921755e4edc
5394c3f2ae2e54b9e11d2a4f4d9e92251ccfec44799e5aa80043cc73c16fb0a2
Analyzer Verdict Alert fortinet Malware
GET /search/label/Gombak HTTP/1.1
Host: indahjiwadanrupa.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Expires: Mon, 05 Dec 2022 00:53:58 GMT
Date: Mon, 05 Dec 2022 00:53:58 GMT
Cache-Control: private, max-age=0
Last-Modified: Tue, 22 Nov 2022 15:14:41 GMT
ETag: W/"ecbad70b21d766f29b6cf283af936d9cabbba864bb23876d2055a88b5952c74b"
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 24580
Server: GSE
ajax.googleapis.com/ajax/libs/jquery/1.5.2/jquery.min.js
200 OK 30 kB URL HTTP/1.1 ajax.googleapis.com/ajax/libs/jquery/1.5.2/jquery.min.js
IP
File type Unicode text, UTF-8 text, with very long lines (65168)
Hash ebaa24930d6b905fe00c9457484b78a9
f97496ee81148e264b3735464b8bfced1a8b2fad
b9bd9830d7eceae230cfaa5105e8a3ec432392f270cee156637dac8d0684d614
GET /ajax/libs/jquery/1.5.2/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="hosted-libraries-pushers"
Report-To: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Timing-Allow-Origin: *
Content-Length: 30082
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Thu, 01 Dec 2022 12:49:09 GMT
Expires: Fri, 01 Dec 2023 12:49:09 GMT
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
Content-Type: text/javascript; charset=UTF-8
Age: 302689
indahjiwadanrupa.blogspot.com/js/cookienotice.js
200 OK 2.0 kB URL HTTP/1.1 indahjiwadanrupa.blogspot.com/js/cookienotice.js
IP
Hash c4e1ed83d89245089b8a1203be20a377
f3940e1215b89300ef97d57a25993f25243b8688
afa801a129ff6fc98533118275db8a7d4a38fc91f8ab55ed4c19b864255e68d2
Analyzer Verdict Alert fortinet Malware
GET /js/cookienotice.js HTTP/1.1
Host: indahjiwadanrupa.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/search/label/Gombak
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: text/javascript
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 2026
Date: Mon, 05 Dec 2022 00:53:58 GMT
Expires: Mon, 12 Dec 2022 00:53:58 GMT
Cache-Control: public, max-age=604800
Last-Modified: Sun, 04 Dec 2022 21:56:58 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
www.apesal.com/widget/5949/0/2/1/140/bottom/transparent/006b9b/Tahoma|1.2em|0.04em|13px|100%25|1px|1px|c0c0c0|center|top|square|8,4,2,1,9,6,3
403 Forbidden 4.2 kB URL HTTP/1.1 www.apesal.com/widget/5949/0/2/1/140/bottom/transparent/006b9b/Tahoma|1.2em|0.04em|13px|100%25|1px|1px|c0c0c0|center|top|square|8,4,2,1,9,6,3
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1071)
Hash bb3bbc5f5c464fb361da729065b61677
980416af9aed7a144794864cac505f177f64ca59
3cf96c5e0b18d947d5774f6478cd5b1d9f426bd92dccd93627498968b7dc7978
GET /widget/5949/0/2/1/140/bottom/transparent/006b9b/Tahoma|1.2em|0.04em|13px|100%25|1px|1px|c0c0c0|center|top|square|8,4,2,1,9,6,3 HTTP/1.1
Host: www.apesal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
HTTP/1.1 403 Forbidden
Date: Mon, 05 Dec 2022 00:53:58 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Permissions-Policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pwZRVynKDLdwllCM5Cj2OBZZjRSme869O27YQ5fyK54yodAsuL3p%2F0KhYxroo65PJQcdpyOJ0qa9Wnn2nAniscZFrKDEdVFWJlqEgRiUKJFIE8r5uHN5GzOnKheXKuffpw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7748cecfdc9b0b49-OSL
Content-Encoding: gzip
ocsp.digicert.com/
200 OK 471 B IP
Hash 31b129c94a90b1e695b21395cb54e378
a3cae46b48d469cc61ab0581303bcd5f5b654db9
fac3f681be358a20f78958dff10c89b7a91365c5114c81246c1bc34c1362ba1e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3706
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 00:53:58 GMT
Last-Modified: Sun, 04 Dec 2022 23:52:12 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 29335a536fd47c44f11a984665f501f6
46dbfa43c5a94c6baec55a9e89cb1cb0cee7eb69
39d8bc234639a4fceeee88f10319692733e37388c06ae5567971f9dbb7c0aab5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 00:53:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash cd8c709d33861f92a8d0d016a198cd41
2b71fa86c94f5d50a8ce65d02b4c5b8d010eb2f2
a48025cdad584ab4cce456815b00f144c47df1f9a744dc962b4bdb33070a2827
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 00:53:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lazada.go2cloud.org/aff_ad?campaign_id=329&aff_id=87231&format=javascript&format=js&divid=lazada329b1woaz
404 Not Found 0 B URL HTTP/1.1 lazada.go2cloud.org/aff_ad?campaign_id=329&aff_id=87231&format=javascript&format=js&divid=lazada329b1woaz
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /aff_ad?campaign_id=329&aff_id=87231&format=javascript&format=js&divid=lazada329b1woaz HTTP/1.1
Host: lazada.go2cloud.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
HTTP/1.1 404 Not Found
Server: nginx
Date: Mon, 05 Dec 2022 00:53:58 GMT
Content-Length: 0
Connection: keep-alive
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 65f78026bd16cfba254886219e4e2bff
559176fd6b23488891485f1e698dd34bbaebed9a
69b113b4dcf6e56e853a2ef1e050b777c6ba34bc9c0a1ca1efe373df2b751b9b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 00:53:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.blogger.com/static/v1/widgets/2975350028-css_bundle_v2.css
200 OK 7.8 kB URL HTTP/2 www.blogger.com/static/v1/widgets/2975350028-css_bundle_v2.css
IP
File type ASCII text, with very long lines (35959)
Hash 5aa2d3297bdc86bc81322aedecbb5e79
1c0a3c007e41726e167e79b70ddea76198650884
feae1fac625d0f30b5f10fa00b62df1a5600cd2178062c427e55f289b29cc630
GET /static/v1/widgets/2975350028-css_bundle_v2.css HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 7776
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 21:47:53 GMT
expires: Wed, 29 Nov 2023 21:47:53 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 29 Nov 2022 20:52:41 GMT
content-type: text/css
age: 443165
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
resources.blogblog.com/img/icon18_edit_allbkg.gif
200 OK 162 B URL HTTP/2 resources.blogblog.com/img/icon18_edit_allbkg.gif
IP
File type GIF image data, version 89a, 18 x 18\012- data
Hash c991641178ff05adf0d004298b5eafa9
d8f6ce8ecd92b86d49849360f6b81ceb10b4c941
ca9848e6006cfec8f9ffa29433ade8152204bdb95579200831c6dc0f53dff70b
GET /img/icon18_edit_allbkg.gif HTTP/1.1
Host: resources.blogblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 162
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 14:19:01 GMT
expires: Tue, 06 Dec 2022 14:19:01 GMT
cache-control: public, max-age=604800
last-modified: Mon, 28 Nov 2022 19:53:31 GMT
content-type: image/gif
age: 470097
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
apis.google.com/js/platform.js
200 OK 21 kB URL HTTP/2 apis.google.com/js/platform.js
IP
File type ASCII text, with very long lines (1279)
Hash 7ac44ef24e267df17ff72f195b252806
62db12d9ce11a576ccd7fa3544d851c5fd42f3b7
aae7897e7b55999c1b3166309381d19ac488dced51e14071339d8b193a686a61
GET /js/platform.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 20984
date: Mon, 05 Dec 2022 00:53:58 GMT
expires: Mon, 05 Dec 2022 00:53:58 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "7446758f13887885"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
200 OK 52 kB URL HTTP/1.1 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
IP
File type ASCII text, with very long lines (4885)
Hash b25b55981e129a5408d897e6bb48d026
5c02c131f59e3270c4fe7214833c4319f6c62ac0
ed7cba699a874cfd59a406c4d52f7d2fca35f12865c05550fc381738ed94a7ed
GET /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
HTTP/1.1 200 OK
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
Date: Mon, 05 Dec 2022 00:53:58 GMT
Expires: Mon, 05 Dec 2022 00:53:58 GMT
Cache-Control: private, max-age=3600
Content-Type: text/javascript; charset=UTF-8
ETag: 5528344834869392447
Access-Control-Allow-Origin: *
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: cafe
Content-Length: 51578
X-XSS-Protection: 0
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 64eb3a8f7cc11324c6f4c77e1c11f7ee
8ad889db020018b726362929a9477872a6808f0a
481082e2478f937b15faec7128ab1a60bf1157b417bfa63022472f434ae240fd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 00:53:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.blogger.com/static/v1/widgets/2342155703-widgets.js
200 OK 57 kB URL HTTP/2 www.blogger.com/static/v1/widgets/2342155703-widgets.js
IP
File type ASCII text, with very long lines (2221)
Hash 1217c8e34acb09c7cea97bae4d386ea1
55ee17703d0a7710943e93913bacb49220d98b4b
c2f23437ab938096bf8b40de8b08c4f27bb880b7ef8588481ec5ccc08b58870b
GET /static/v1/widgets/2342155703-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 56726
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 05:43:29 GMT
expires: Wed, 29 Nov 2023 05:43:29 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 28 Nov 2022 14:50:39 GMT
content-type: text/javascript
age: 501029
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/js/google_top_exp.js
200 OK 67 B URL HTTP/1.1 pagead2.googlesyndication.com/pagead/js/google_top_exp.js
IP
Hash 9bbc3ca32ec951a484589ce0e6b4db73
753d6f6183b33b2dee5dde2208fca91c17f5bb13
b8f16a16d2a7ea39a9cc079fdbe3af7d31393d62a853668bdd549e0a0311cb3c
GET /pagead/js/google_top_exp.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
HTTP/1.1 200 OK
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: cafe
Content-Length: 67
X-XSS-Protection: 0
Date: Sun, 04 Dec 2022 16:22:21 GMT
Expires: Sun, 18 Dec 2022 16:22:21 GMT
Cache-Control: public, max-age=1209600
ETag: 13036835877489095579
Content-Type: text/javascript; charset=UTF-8
Age: 30697
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.geaHZXF2-fw.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/cb=gapi.loaded_0?le=scs
200 OK 58 kB URL HTTP/2 apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.geaHZXF2-fw.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/cb=gapi.loaded_0?le=scs
IP
File type ASCII text, with very long lines (580)
Hash 813b15c3004464f6bd39fd0773b04757
bd2218fe1e647f61132aad70d29cd91fd0416f26
446c6d83404c0fc4bc1ca6e1c0895f9400309185a534b3f4b6d500e668efeadf
GET /_/scs/abc-static/_/js/k=gapi.lb.en.geaHZXF2-fw.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/cb=gapi.loaded_0?le=scs HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 57794
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 19:47:40 GMT
expires: Wed, 29 Nov 2023 19:47:40 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 01 Nov 2022 15:24:55 GMT
content-type: text/javascript; charset=UTF-8
age: 450378
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.blogger.com/img/share_buttons_20_3.png
200 OK 5.1 kB URL HTTP/2 www.blogger.com/img/share_buttons_20_3.png
IP
File type PNG image data, 120 x 60, 8-bit/color RGBA, non-interlaced\012- data
Hash ad9999106d5f550920b586e8e1704e5a
93fd02c51166402a41f96509cd0ca3fb917877dd
3829a5b2ade7cfc416c80b8f3df71e49e68672875f025d525223978f5cee3fd3
GET /img/share_buttons_20_3.png HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/static/v1/widgets/2975350028-css_bundle_v2.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 5080
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 17:28:12 GMT
expires: Tue, 06 Dec 2022 17:28:12 GMT
cache-control: public, max-age=604800
last-modified: Tue, 29 Nov 2022 14:52:29 GMT
content-type: image/png
age: 458746
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.widgeo.net/geocompteur/geocity.php?c=geocity_blue2&id=1478332&adult=1&cat=sante
200 OK 2.0 kB URL HTTP/1.1 www.widgeo.net/geocompteur/geocity.php?c=geocity_blue2&id=1478332&adult=1&cat=sante
IP
File type ASCII text, with very long lines (2149)
Hash f7c32e2c664ff6371ccc9917bf3e7968
0fcd41e0e3804df85c24da21a360ab63a3aaa6d7
26b569269368a09e9cb7e1f3948b059e83aeb9405becc0195ffa249a20176c88
GET /geocompteur/geocity.php?c=geocity_blue2&id=1478332&adult=1&cat=sante HTTP/1.1
Host: www.widgeo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 00:53:58 GMT
Content-Type: application/javascript
Content-Length: 2036
Connection: keep-alive
set-cookie: w_js_ads_code=ok; expires=Sun, 11-Dec-2022 00:53:57 GMT; Max-Age=518400; path=/; domain=widgeo.net
cache-control: public, max-age=604800
expires: Mon, 12 Dec 2022 00:53:57 GMT
content-encoding: gzip
vary: Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uZXz2Pj7QdERpIDWoK7zgbANG%2FG3oQx66bjltDybu2LkgDjNWPELwZm799ofV1nfbVnwUDYbDrFrRsRGRxY9dejXjM3%2FT3vt3W%2BBrVpFBbaGz%2FiLIDJisi9eTxuiP0CL"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7748cecf6d84b524-OSL
alt-svc: h2=":443"; ma=60
www.widgeo.net/img/logopm.png
200 OK 714 B URL HTTP/1.1 www.widgeo.net/img/logopm.png
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash 3832d6b8d8c47a5cefe6561297b514f6
f7ebe08ccccde9ab79407b9348ffa8fa6c048d8d
c5fda4bddbc21f1d990ef4b42a6350e739a1870c73c6ab240aa921651bfe5a08
GET /img/logopm.png HTTP/1.1
Host: www.widgeo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 00:53:58 GMT
Content-Type: image/webp
Content-Length: 714
Connection: keep-alive
Cf-Bgj: imgq:100,h2pri
Cf-Polished: origFmt=png, origSize=847
Content-Disposition: inline; filename="logopm.webp"
Vary: Accept
cache-control: public, max-age=2592000
expires: Sat, 31 Dec 2022 22:37:17 GMT
last-modified: Thu, 20 Jun 2019 15:14:49 GMT
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 267400
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nQvJsMWlT7amcRlnuaHzWuGLEAgIrd40JCGBr%2B6eHL7IZH6ID032z4edO6nn7sNmzZCEFeUO4cn4DWcmSWWM9mFDgDhfkecwAwi3ooa%2Bel%2Fatzj1JXQ39zCW%2B1OX96pp"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7748ced0eccf0b4d-OSL
alt-svc: h2=":443"; ma=60
www.blogblog.com/1kt/travel/bg_container.png
200 OK 250 kB URL HTTP/1.1 www.blogblog.com/1kt/travel/bg_container.png
IP
File type PNG image data, 860 x 460, 8-bit/color RGBA, interlaced\012- data
Size 250 kB (249501 bytes)
Hash 016de5d2fb137736ea0d36709f5031cb
67c199e0bc1ea199e91645dc31391d8ccd49c997
2c77b04f02316141ac67884a7708912b4d1e0313dd9e6a4e86f2f5cee551652b
GET /1kt/travel/bg_container.png HTTP/1.1
Host: www.blogblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 249501
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 29 Nov 2022 17:47:29 GMT
Expires: Tue, 06 Dec 2022 17:47:29 GMT
Cache-Control: public, max-age=604800
Last-Modified: Tue, 29 Nov 2022 16:53:51 GMT
Content-Type: image/png
Age: 457589
2.bp.blogspot.com/-Uk-Laf3EK3g/UnN97eas_BI/AAAAAAAALPM/kjma26FXkFs/w72-h72-p-k-no-nu/ramliyusuff_11012013_tminazirsufari_003_%28540x378%29_540_378_100.jpg
404 Not Found 1.7 kB URL HTTP/1.1 2.bp.blogspot.com/-Uk-Laf3EK3g/UnN97eas_BI/AAAAAAAALPM/kjma26FXkFs/w72-h72-p-k-no-nu/ramliyusuff_11012013_tminazirsufari_003_%28540x378%29_540_378_100.jpg
IP
File type PNG image data, 72 x 72, 8-bit colormap, non-interlaced\012- data
Hash 58a17151a9a7dc2d32cedfff483923a8
a16dc81e6f06a4b14410119c5d02360276fcdc75
f7b3785f331b99dfd1cde553845fb0bfc5b1b4d48f1628aff98c0cd561ac041b
GET /-Uk-Laf3EK3g/UnN97eas_BI/AAAAAAAALPM/kjma26FXkFs/w72-h72-p-k-no-nu/ramliyusuff_11012013_tminazirsufari_003_%28540x378%29_540_378_100.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
HTTP/1.1 404 Not Found
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Type: image/png
X-Content-Type-Options: nosniff
Date: Mon, 05 Dec 2022 00:53:58 GMT
Server: fife
Content-Length: 1742
X-XSS-Protection: 0
www.blogger.com/dyn-css/authorization.css?targetBlogID=5564844648999899487&zx=79e704a6-115e-44c0-92c8-edb6df20bec8
200 OK 21 B URL HTTP/2 www.blogger.com/dyn-css/authorization.css?targetBlogID=5564844648999899487&zx=79e704a6-115e-44c0-92c8-edb6df20bec8
IP
File type very short file (no magic)
Hash a62e4d501434033d5d177e67d3aafdd0
34f7300c9ed47334cf10826d57af785321e3138b
b0cabcbfed4b1830ab1956efbd2eec32289a968323cb854a47ef98360ed0f522
GET /dyn-css/authorization.css?targetBlogID=5564844648999899487&zx=79e704a6-115e-44c0-92c8-edb6df20bec8 HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 05 Dec 2022 00:53:58 GMT
last-modified: Mon, 05 Dec 2022 00:53:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-length: 21
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
1.bp.blogspot.com/-1p7XtSIkYBQ/UR4zIvSclVI/AAAAAAAAC1s/Jfsz7LFNF5Y/s1600/kedai_backlink.gif
200 OK 1.3 kB URL HTTP/1.1 1.bp.blogspot.com/-1p7XtSIkYBQ/UR4zIvSclVI/AAAAAAAAC1s/Jfsz7LFNF5Y/s1600/kedai_backlink.gif
IP
File type GIF image data, version 89a, 80 x 15\012- data
Hash d1ee1ccdf97f9a91080d32c8c8593cd6
41deb789d73a2151e534c7256c23ee829f445119
00f9b7d4e1ff1f577ae24bd150629fbb15fcc15b0f418e5c4bed0907bcc5dd4c
GET /-1p7XtSIkYBQ/UR4zIvSclVI/AAAAAAAAC1s/Jfsz7LFNF5Y/s1600/kedai_backlink.gif HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="kedai_backlink.gif"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 1265
X-XSS-Protection: 0
Date: Mon, 05 Dec 2022 00:53:58 GMT
Expires: Sun, 27 Nov 2022 14:34:53 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v110b"
Content-Type: image/gif
Age: 0
babab.net/banner.jpg
301 Moved Permanently 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /banner.jpg HTTP/1.1
Host: babab.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
HTTP/1.1 301 Moved Permanently
Date: Mon, 05 Dec 2022 00:53:58 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Mon, 05 Dec 2022 01:53:58 GMT
Location: https://babab.net/banner.jpg
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T2kBCgaCfTakWK%2FR1qItWnxGVodbONlSw2pNODQfR1ci729n64UkI85C8wW1okvppU%2B2PS4aVzsWfLEMiyEt4cYLm9PDEPtffpLYw947SCgFkaqU8A%2B8tk%2BTM0M%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7748ced13f6e1c0e-OSL
alt-svc: h2=":443"; ma=60
lh3.googleusercontent.com/blogger_img_proxy/ANbyha2wxEBi04hEDpxzDrMsXHF-rf90de0GirSUErSoH_4q4r9PD9RrrrIhhHn0w1OHCfDQ4D09AP58w5EXBGipbS_Jy7aJa_zdPqAd_yBeo6bmzJbj_ieUScBHRaZWGwjVguCbSi6EM_5IuviRYovgjug=w72-h72-p-k-no-nu
404 Not Found 1.8 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha2wxEBi04hEDpxzDrMsXHF-rf90de0GirSUErSoH_4q4r9PD9RrrrIhhHn0w1OHCfDQ4D09AP58w5EXBGipbS_Jy7aJa_zdPqAd_yBeo6bmzJbj_ieUScBHRaZWGwjVguCbSi6EM_5IuviRYovgjug=w72-h72-p-k-no-nu
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1136)
Hash b6f37f46e5ffce6d47bfcd964116cf99
1acd8b103dafb936e3250e70fd6c0d78ddae41de
5733985ff938172883db4c6bfe0848251b8b1ece37b9805cf99dec3936eb0ce4
GET /blogger_img_proxy/ANbyha2wxEBi04hEDpxzDrMsXHF-rf90de0GirSUErSoH_4q4r9PD9RrrrIhhHn0w1OHCfDQ4D09AP58w5EXBGipbS_Jy7aJa_zdPqAd_yBeo6bmzJbj_ieUScBHRaZWGwjVguCbSi6EM_5IuviRYovgjug=w72-h72-p-k-no-nu HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 05 Dec 2022 00:53:58 GMT
server: fife
content-length: 1752
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 2dabd839729e9b0fb2558253d850126b
64f617aa0afb52168ef3519a4cf9829ac61ee007
1a47e4d0efdac6fbec990e3e168bfdfe615ff8953158773e8b1940d4d91eee18
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 00:53:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lazada.go2cloud.org/aff_ad?campaign_id=329&aff_id=87231&format=javascript&format=js&divid=lazada329b1woaz
404 Not Found 0 B URL HTTP/1.1 lazada.go2cloud.org/aff_ad?campaign_id=329&aff_id=87231&format=javascript&format=js&divid=lazada329b1woaz
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /aff_ad?campaign_id=329&aff_id=87231&format=javascript&format=js&divid=lazada329b1woaz HTTP/1.1
Host: lazada.go2cloud.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
HTTP/1.1 404 Not Found
Server: nginx
Date: Mon, 05 Dec 2022 00:53:58 GMT
Content-Length: 0
Connection: keep-alive
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 4t88e0pe6fyGuD0Pzt6mrw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 3Ld+T/cX9BJTvnzprYiRFm7HO5k=
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2863746284329625&plah=indahjiwadanrupa.blogspot.com
200 OK 119 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2863746284329625&plah=indahjiwadanrupa.blogspot.com
IP
File type ASCII text, with very long lines (6148)
Size 119 kB (119174 bytes)
Hash bf83137a9d07bfdf14a1ccd4fc756f03
c425f634319da7dd968de290821cb3d077b8d43a
5acabe009ea0c2e4f5b2143ab7cd3a5782030a4888621e00330ed769c186c4df
GET /pagead/managed/js/adsense/m202211150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2863746284329625&plah=indahjiwadanrupa.blogspot.com HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 05 Dec 2022 00:53:58 GMT
expires: Mon, 05 Dec 2022 00:53:58 GMT
cache-control: private, max-age=3600, stale-while-revalidate=3600
content-type: text/javascript; charset=UTF-8
etag: 15408932193792040891
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 119174
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.exactseek.com/images/exactbutton1.gif
301 Moved Permanently 257 B URL HTTP/1.1 www.exactseek.com/images/exactbutton1.gif
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 48c98997d6fa28d700b855f077bce633
21b78f14da526ba1f9884d0e8ce3466d7be19e98
30a024c030c55b3d900f54cf963d1832bfd536f5aa7b3be9c72010804e7f7371
GET /images/exactbutton1.gif HTTP/1.1
Host: www.exactseek.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
HTTP/1.1 301 Moved Permanently
Date: Mon, 05 Dec 2022 00:53:58 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.33
Location: https://www.exactseek.com/images/exactbutton1.gif
Content-Length: 257
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
2.bp.blogspot.com/-pVdhHJQXaXY/VvDj297kTqI/AAAAAAAAA3M/dDzbYYI4vOYCL8j2zMZ35KQS55mpbchWg/s1600-r/download.jpg
200 OK 9.7 kB URL HTTP/1.1 2.bp.blogspot.com/-pVdhHJQXaXY/VvDj297kTqI/AAAAAAAAA3M/dDzbYYI4vOYCL8j2zMZ35KQS55mpbchWg/s1600-r/download.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Google], baseline, precision 8, 284x177, components 3\012- data
Hash a4f70db5d17a415d936729a57c35fc8c
71cd207a6cffcfabfac4244f792b36fbe4f1d03e
f95ee4f7906c6bae688b0dd2857f1fa35eecfff4fd28bfc48fa0cf2da9200404
GET /-pVdhHJQXaXY/VvDj297kTqI/AAAAAAAAA3M/dDzbYYI4vOYCL8j2zMZ35KQS55mpbchWg/s1600-r/download.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="download.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 9735
X-XSS-Protection: 0
Date: Mon, 05 Dec 2022 00:53:58 GMT
Expires: Sun, 04 Dec 2022 05:55:54 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v374"
Content-Type: image/jpeg
Age: 0
3.bp.blogspot.com/_XV4jcPrY-3k/TG9HyH_BtpI/AAAAAAAAAGc/RlxJ761WkVs/w72-h72-p-k-no-nu/DSC01119.JPG
200 OK 3.2 kB URL HTTP/1.1 3.bp.blogspot.com/_XV4jcPrY-3k/TG9HyH_BtpI/AAAAAAAAAGc/RlxJ761WkVs/w72-h72-p-k-no-nu/DSC01119.JPG
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 3d42f7f33e453573f41f6cc2c6eda1b8
eafc5470ca0afaef11e69fa85a11c2d4fedfec75
a7086bee3ff1c2dce04fd97ff379dd1804a877d2d34108745bd4e8b27d8f8824
GET /_XV4jcPrY-3k/TG9HyH_BtpI/AAAAAAAAAGc/RlxJ761WkVs/w72-h72-p-k-no-nu/DSC01119.JPG HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v366"
Expires: Tue, 06 Dec 2022 00:53:58 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="DSC01119.JPG"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Mon, 05 Dec 2022 00:53:58 GMT
Server: fife
Content-Length: 3179
X-XSS-Protection: 0
2.bp.blogspot.com/-tb7fKCdOlwQ/UhMm8u96sBI/AAAAAAAAAsM/-zos4SB4m9I/s1600/WELCOME-BACKGROUND.png
200 OK 161 kB URL HTTP/1.1 2.bp.blogspot.com/-tb7fKCdOlwQ/UhMm8u96sBI/AAAAAAAAAsM/-zos4SB4m9I/s1600/WELCOME-BACKGROUND.png
IP
File type PNG image data, 946 x 289, 8-bit/color RGBA, non-interlaced\012- data
Size 161 kB (160971 bytes)
Hash 0334769ec7546cd44c8d5df205a99bd4
20cc88def259ba1065d1f459f7d607e36c08f40a
de9caa4c132fe7d5716f2e6adb31cfef2cd66cd20b4b3af55dde3366cefd6bb8
GET /-tb7fKCdOlwQ/UhMm8u96sBI/AAAAAAAAAsM/-zos4SB4m9I/s1600/WELCOME-BACKGROUND.png HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v2c4"
Expires: Tue, 06 Dec 2022 00:53:58 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="WELCOME-BACKGROUND.png"
Content-Type: image/png
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Mon, 05 Dec 2022 00:53:58 GMT
Server: fife
Content-Length: 160971
X-XSS-Protection: 0
2.bp.blogspot.com/_XV4jcPrY-3k/TJAyZsI5HjI/AAAAAAAAASk/yf37nZP_8x4/w72-h72-p-k-no-nu/DSC01782.JPG
200 OK 4.0 kB URL HTTP/1.1 2.bp.blogspot.com/_XV4jcPrY-3k/TJAyZsI5HjI/AAAAAAAAASk/yf37nZP_8x4/w72-h72-p-k-no-nu/DSC01782.JPG
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 519483ab971efd4913cb2731c732e3c6
f23b4e7698deefe74bf5eb4416d4f95151242cc6
80cea1fb00e70b100b87963109749614a7513670855e97c20e306d85d2e6515a
GET /_XV4jcPrY-3k/TJAyZsI5HjI/AAAAAAAAASk/yf37nZP_8x4/w72-h72-p-k-no-nu/DSC01782.JPG HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v361"
Expires: Tue, 06 Dec 2022 00:53:58 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="DSC01782.JPG"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Mon, 05 Dec 2022 00:53:58 GMT
Server: fife
Content-Length: 4003
X-XSS-Protection: 0
i3.photobucket.com/albums/y73/tx2nw/bloggedmy/bloggedmylink.png
301 Moved Permanently 167 B URL HTTP/1.1 i3.photobucket.com/albums/y73/tx2nw/bloggedmy/bloggedmylink.png
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash f5d40b7259645010f9a248858ad14178
b3051d17a6ec8c9e166bf09a62b48261ab86957b
7f5007068d2b56ea9735e2490d60cff2e72cae312024ac1f6c91158eba47d05d
GET /albums/y73/tx2nw/bloggedmy/bloggedmylink.png HTTP/1.1
Host: i3.photobucket.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
HTTP/1.1 301 Moved Permanently
Server: CloudFront
Date: Mon, 05 Dec 2022 00:53:58 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Location: https://i3.photobucket.com/albums/y73/tx2nw/bloggedmy/bloggedmylink.png
X-Cache: Redirect from cloudfront
Via: 1.1 6cb1d4b545e7beb4ead790454f4807c6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: aVp_UKByicKGi7IWMscZSpQhym1I-ar_lgQEydZfSa-7g9BaJofDew==
Vary: Origin
i155.photobucket.com/albums/s282/theviejo/recurso_9_1.jpg
301 Moved Permanently 167 B URL HTTP/1.1 i155.photobucket.com/albums/s282/theviejo/recurso_9_1.jpg
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash f5d40b7259645010f9a248858ad14178
b3051d17a6ec8c9e166bf09a62b48261ab86957b
7f5007068d2b56ea9735e2490d60cff2e72cae312024ac1f6c91158eba47d05d
GET /albums/s282/theviejo/recurso_9_1.jpg HTTP/1.1
Host: i155.photobucket.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
HTTP/1.1 301 Moved Permanently
Server: CloudFront
Date: Mon, 05 Dec 2022 00:53:58 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Location: https://i155.photobucket.com/albums/s282/theviejo/recurso_9_1.jpg
X-Cache: Redirect from cloudfront
Via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 5Xrt1YaQpCGcianbS64m5HmZHIEiEsyTFWX9t4GBRuont6R6b_ivIw==
Vary: Origin
2.bp.blogspot.com/_XV4jcPrY-3k/TMe3AcOPhTI/AAAAAAAAAb0/gw-mZYPh2cU/s320/IMG_0247.JPG
200 OK 18 kB URL HTTP/1.1 2.bp.blogspot.com/_XV4jcPrY-3k/TMe3AcOPhTI/AAAAAAAAAb0/gw-mZYPh2cU/s320/IMG_0247.JPG
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 320x239, components 3\012- data
Hash e55fda38a505cd12894e169b32f9b5de
21a68aa916b396a53d62c0e8f6909b0b446bfe80
2feb695b8d673b048897bdad33eb4ac5c3f5ffe9fe3fbba4b0abbe9c076ecce3
GET /_XV4jcPrY-3k/TMe3AcOPhTI/AAAAAAAAAb0/gw-mZYPh2cU/s320/IMG_0247.JPG HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v35e"
Expires: Tue, 06 Dec 2022 00:53:58 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="IMG_0247.JPG"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Mon, 05 Dec 2022 00:53:58 GMT
Server: fife
Content-Length: 17946
X-XSS-Protection: 0
img1.blogblog.com/img/icon18_email.gif
200 OK 164 B URL HTTP/1.1 img1.blogblog.com/img/icon18_email.gif
IP
File type GIF image data, version 89a, 18 x 13\012- data
Hash 36b9f993db1b953f3b9b08040aaf9af4
18248661b307586dc291fd2dff4bb59cf7579475
1258cbe1e2900ec3df11a83a6bb6008d7a833f783a6df80b0d5d45a052ac1466
GET /img/icon18_email.gif HTTP/1.1
Host: img1.blogblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 164
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 29 Nov 2022 14:01:58 GMT
Expires: Tue, 06 Dec 2022 14:01:58 GMT
Cache-Control: public, max-age=604800
Last-Modified: Tue, 29 Nov 2022 01:54:20 GMT
Content-Type: image/gif
Age: 471120
lh6.googleusercontent.com/-y4o6Y3Trdgg/UdPcBx2DZ2I/AAAAAAAAMNU/06OrRc6fLi8/s128/pingje.org1.png
200 OK 2.2 kB URL HTTP/2 lh6.googleusercontent.com/-y4o6Y3Trdgg/UdPcBx2DZ2I/AAAAAAAAMNU/06OrRc6fLi8/s128/pingje.org1.png
IP
File type PNG image data, 80 x 17, 8-bit/color RGB, non-interlaced\012- data
Hash bb0651bbbfd9c2e79199ca92ec68d70c
33d6ae10e2e42ed379492e0c39c7404052ab1bdd
325dabd04cf57c8027e711e5c667284c7f11412e6c1543269757c5b50196c2b1
GET /-y4o6Y3Trdgg/UdPcBx2DZ2I/AAAAAAAAMNU/06OrRc6fLi8/s128/pingje.org1.png HTTP/1.1
Host: lh6.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v3aec"
expires: Tue, 06 Dec 2022 00:53:58 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="pingje.org1.png"
content-type: image/png
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Mon, 05 Dec 2022 00:53:58 GMT
server: fife
content-length: 2166
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
2.bp.blogspot.com/_XV4jcPrY-3k/TMe4SQdf_eI/AAAAAAAAAb8/6B_mBGpAkN8/s320/IMG_0250.JPG
200 OK 14 kB URL HTTP/1.1 2.bp.blogspot.com/_XV4jcPrY-3k/TMe4SQdf_eI/AAAAAAAAAb8/6B_mBGpAkN8/s320/IMG_0250.JPG
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 320x239, components 3\012- data
Hash 7418acc0ae7680f05a8555a923b1faf1
d5256703417c35392ff0c5ea9abe0d6841d8f486
740b593d6c8c2420cac8b1f2b7f910c467eea45bcf073d2c8d3bf5d8b66e22d3
GET /_XV4jcPrY-3k/TMe4SQdf_eI/AAAAAAAAAb8/6B_mBGpAkN8/s320/IMG_0250.JPG HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v35d"
Expires: Tue, 06 Dec 2022 00:53:58 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="IMG_0250.JPG"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Mon, 05 Dec 2022 00:53:58 GMT
Server: fife
Content-Length: 14355
X-XSS-Protection: 0
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 65f78026bd16cfba254886219e4e2bff
559176fd6b23488891485f1e698dd34bbaebed9a
69b113b4dcf6e56e853a2ef1e050b777c6ba34bc9c0a1ca1efe373df2b751b9b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 00:53:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
freewebsubmission.com/images/fwsbutton10.gif
301 Moved Permanently 264 B URL HTTP/1.1 freewebsubmission.com/images/fwsbutton10.gif
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 7221f96d857c7b9834679c5b1e9506a5
7db481e963cbeb932e52542a507c18064a3c52e8
a63b8e8095f8993b68e0996813cc5e9a672ae063b25adaffc106b97ec6215262
GET /images/fwsbutton10.gif HTTP/1.1
Host: freewebsubmission.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
HTTP/1.1 301 Moved Permanently
Date: Mon, 05 Dec 2022 00:53:58 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16
Location: https://www.freewebsubmission.com/images/fwsbutton10.gif
Content-Length: 264
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 65f78026bd16cfba254886219e4e2bff
559176fd6b23488891485f1e698dd34bbaebed9a
69b113b4dcf6e56e853a2ef1e050b777c6ba34bc9c0a1ca1efe373df2b751b9b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 00:53:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
4.bp.blogspot.com/-QVZ1KdN0XoY/Uaf5wVCU1wI/AAAAAAAABqE/dE4OY8pmBgI/w72-h72-p-k-no-nu/1.jpg
200 OK 1.8 kB URL HTTP/1.1 4.bp.blogspot.com/-QVZ1KdN0XoY/Uaf5wVCU1wI/AAAAAAAABqE/dE4OY8pmBgI/w72-h72-p-k-no-nu/1.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash d9ed42e49fc7117ef9148e059c33c3d0
d227b1a97f8e0a73320922de002c9d52d0bc0792
d5fb13a526c7c1bfb45ee4f177ddc33b71f0f7b461a722af45ffdc18aaf08d27
GET /-QVZ1KdN0XoY/Uaf5wVCU1wI/AAAAAAAABqE/dE4OY8pmBgI/w72-h72-p-k-no-nu/1.jpg HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v6a1"
Expires: Tue, 06 Dec 2022 00:53:58 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="1.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Mon, 05 Dec 2022 00:53:58 GMT
Server: fife
Content-Length: 1777
X-XSS-Protection: 0
themes.googleusercontent.com/image?id=0BwVBOzw_-hbMZDgyZmJiZTMtNWUxNC00NjA1LWJhZWMtODc3ZWQwMzZiYjcz
301 Moved Permanently 0 B URL HTTP/1.1 themes.googleusercontent.com/image?id=0BwVBOzw_-hbMZDgyZmJiZTMtNWUxNC00NjA1LWJhZWMtODc3ZWQwMzZiYjcz
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /image?id=0BwVBOzw_-hbMZDgyZmJiZTMtNWUxNC00NjA1LWJhZWMtODc3ZWQwMzZiYjcz HTTP/1.1
Host: themes.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
HTTP/1.1 301 Moved Permanently
Content-Type: application/binary
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Date: Mon, 05 Dec 2022 00:53:58 GMT
Location: https://themes.googleusercontent.com/image?id=0BwVBOzw_-hbMZDgyZmJiZTMtNWUxNC00NjA1LWJhZWMtODc3ZWQwMzZiYjcz
Server: ESF
Content-Length: 0
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 8ead0ac4ce19cef2471bae0458759d89
af02fd3fcd2e10cfa2458407c0c2e59a43e18517
507b93c64bab73e393cf8d8131415ef4d4b01e65e0f2ab73597715197845e75e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 00:53:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
4.bp.blogspot.com/-MKyYDdQoqzw/Un79YxmG_KI/AAAAAAAAP8s/-q5pbv1jrlw/w72-h72-p-k-no-nu/a.jpg
200 OK 3.2 kB URL HTTP/1.1 4.bp.blogspot.com/-MKyYDdQoqzw/Un79YxmG_KI/AAAAAAAAP8s/-q5pbv1jrlw/w72-h72-p-k-no-nu/a.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 0b48f23c4ecd71b36abac5e8a55a2c91
9491834eb4194daf80830d6f14541ce6fe3b6806
39f008537ec28d821a52f106849448623c1ea6424648ce0bc801d2f43b223fd3
GET /-MKyYDdQoqzw/Un79YxmG_KI/AAAAAAAAP8s/-q5pbv1jrlw/w72-h72-p-k-no-nu/a.jpg HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v3fce"
Expires: Tue, 06 Dec 2022 00:53:58 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="a.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Mon, 05 Dec 2022 00:53:58 GMT
Server: fife
Content-Length: 3226
X-XSS-Protection: 0
1.bp.blogspot.com/-yLjlAAADmbY/TbU1DBKZ4WI/AAAAAAAAAkI/s6aThM0moHc/w72-h72-p-k-no-nu/kamas.jpg
200 OK 2.4 kB URL HTTP/1.1 1.bp.blogspot.com/-yLjlAAADmbY/TbU1DBKZ4WI/AAAAAAAAAkI/s6aThM0moHc/w72-h72-p-k-no-nu/kamas.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 878056a4a5598f49e66c126eb4e492f3
53d9105ef859a54a868c98309f67ad64e4c43091
9ddafdc2ce783f420e97f41407f7f3b5eb328751e563cf311f2e2ae104edf712
GET /-yLjlAAADmbY/TbU1DBKZ4WI/AAAAAAAAAkI/s6aThM0moHc/w72-h72-p-k-no-nu/kamas.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="kamas.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 2372
X-XSS-Protection: 0
Date: Mon, 05 Dec 2022 00:53:58 GMT
Expires: Thu, 01 Dec 2022 00:09:56 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v35a"
Content-Type: image/jpeg
Age: 0
magazine.sepakuhosting.net/FCUCOMMUNITY/fcuwidget.js
404 Not Found 196 B URL HTTP/1.1 magazine.sepakuhosting.net/FCUCOMMUNITY/fcuwidget.js
IP
ASN #133618 Trellian Pty. Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 62962daa1b19bbcc2db10b7bfd531ea6
d64bae91091eda6a7532ebec06aa70893b79e1f8
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
Analyzer Verdict Alert fortinet Malware
GET /FCUCOMMUNITY/fcuwidget.js HTTP/1.1
Host: magazine.sepakuhosting.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
HTTP/1.1 404 Not Found
Date: Mon, 05 Dec 2022 00:53:58 GMT
Server: Apache/2.4.38 (Debian)
Content-Length: 196
Connection: close
Content-Type: text/html; charset=iso-8859-1
4.bp.blogspot.com/-bugwL2fNODQ/UoT-bz25vnI/AAAAAAAABjg/8cS7yW-p6_w/w72-h72-p-k-no-nu/cium.jpg
200 OK 4.0 kB URL HTTP/1.1 4.bp.blogspot.com/-bugwL2fNODQ/UoT-bz25vnI/AAAAAAAABjg/8cS7yW-p6_w/w72-h72-p-k-no-nu/cium.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 22b94b698a7b8c15dc27c6fdc891e8de
40c89ab1626d971fc168d3c9d931966eb6d4dcab
344d177cb9bbe859df6d0927396df711de8193753cbd44b31002c547513f6546
GET /-bugwL2fNODQ/UoT-bz25vnI/AAAAAAAABjg/8cS7yW-p6_w/w72-h72-p-k-no-nu/cium.jpg HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v639"
Expires: Tue, 06 Dec 2022 00:53:58 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="cium.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Mon, 05 Dec 2022 00:53:58 GMT
Server: fife
Content-Length: 3961
X-XSS-Protection: 0
hosting.tinjau.net/aff-banner/aff_hosting.gif
301 Moved Permanently 0 B URL HTTP/1.1 hosting.tinjau.net/aff-banner/aff_hosting.gif
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /aff-banner/aff_hosting.gif HTTP/1.1
Host: hosting.tinjau.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
HTTP/1.1 301 Moved Permanently
content-length: 0
location: https://hosting.tinjau.net/aff-banner/aff_hosting.gif
4.bp.blogspot.com/_XV4jcPrY-3k/TMeyhY4JtlI/AAAAAAAAAbk/ZoyjuZPjYYE/s320/IMG_0249.JPG
200 OK 21 kB URL HTTP/1.1 4.bp.blogspot.com/_XV4jcPrY-3k/TMeyhY4JtlI/AAAAAAAAAbk/ZoyjuZPjYYE/s320/IMG_0249.JPG
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 320x239, components 3\012- data
Hash 3b57de464883c3ef76504ad152ee2833
803bb575570e5d79dbd344499bc5e1eda6cb469c
268bc217161ef8071f02c314b8b5356598dc8035d3af1ba99c919590386f70e6
GET /_XV4jcPrY-3k/TMeyhY4JtlI/AAAAAAAAAbk/ZoyjuZPjYYE/s320/IMG_0249.JPG HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v35e"
Expires: Tue, 06 Dec 2022 00:53:58 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="IMG_0249.JPG"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Mon, 05 Dec 2022 00:53:58 GMT
Server: fife
Content-Length: 21177
X-XSS-Protection: 0
ocsp.digicert.com/
200 OK 278 B IP
Hash ffe291236e6ee19feea4669966118d42
ca4bf3a762f0cf005213bcced081a4527114f9a3
71f661233c98d11d58fc9d26313392cf2823faa688712c7cbd2fb09de6f67383
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4404
Cache-Control: max-age=152415
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 00:53:58 GMT
Etag: "638ce051-116"
Expires: Tue, 06 Dec 2022 19:14:13 GMT
Last-Modified: Sun, 04 Dec 2022 18:00:49 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 278
checkpagerank.net/pricon.php?key=3GMpBcMXs2rfo3Eh
301 Moved Permanently 265 B URL HTTP/1.1 checkpagerank.net/pricon.php?key=3GMpBcMXs2rfo3Eh
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 0073ca79e85d68cb2fab8e7e5c4a480d
f642f89381d48bdaad1ce223a8e703e016135a20
568581d906f2f2bb96004e47003bb48e46ff0d0f075b3bb3920f2fbe5e03b62b
GET /pricon.php?key=3GMpBcMXs2rfo3Eh HTTP/1.1
Host: checkpagerank.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
HTTP/1.1 301 Moved Permanently
Date: Mon, 05 Dec 2022 00:53:58 GMT
Server: Apache
Location: https://checkpagerank.net/pricon.php?key=3GMpBcMXs2rfo3Eh
Cache-Control: max-age=2592000
Expires: Wed, 04 Jan 2023 00:53:58 GMT
Content-Length: 265
Keep-Alive: timeout=2, max=200
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 64eb3a8f7cc11324c6f4c77e1c11f7ee
8ad889db020018b726362929a9477872a6808f0a
481082e2478f937b15faec7128ab1a60bf1157b417bfa63022472f434ae240fd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 00:53:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
200 OK 280 B IP
Hash ff9b2e75c9d209e4db06a26d182b31bd
f3718ad717aa3b445f46591623080d63d8b9a622
d3a28d91fdaa9b367cb7247264f82f0a16442fb7d15c3442e04b13ffb268c871
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=105185
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 00:53:59 GMT
Etag: "638c3908-118"
Expires: Tue, 06 Dec 2022 06:07:04 GMT
Last-Modified: Sun, 04 Dec 2022 06:07:04 GMT
Server: nginx
Content-Length: 280
onlinelinkscan.com/files/images/threat_free.gif
200 OK 259 B URL HTTP/1.1 onlinelinkscan.com/files/images/threat_free.gif
IP
File type GIF image data, version 87a, 73 x 15\012- data
Hash 082d6d408eed111f03feb4d9f0b03dd7
f5a6a105f52a02f0d3f5363877697ed64e2b232b
754f6a7442e7ddea1af649b273dc228b77c221ab9ca8b1857b6911451675bd91
GET /files/images/threat_free.gif HTTP/1.1
Host: onlinelinkscan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 00:53:59 GMT
Content-Type: image/gif
Content-Length: 259
Connection: keep-alive
Last-Modified: Wed, 29 May 2013 03:03:31 GMT
Cache-Control: max-age=31536000
Expires: Tue, 05 Dec 2023 00:53:58 GMT
Vary: User-Agent, Accept-Encoding
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qMPqDKw02NUeZDt2p76zGu3okRdpmR%2BTbVMqp7OJ3cW1emIqHfa8SeE7mpLPKuvGQgVRVdzNtWvxF2t2wQB1AOkAjtdy6r0HlyGomk7jlgxhiHI9cAH%2FO%2FV4I0wCyj1wsTvohEQ%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7748ced25edab4f7-OSL
alt-svc: h2=":443"; ma=60
googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html
200 OK 4.2 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2579)
Hash 2fb3574102373e2e076cfa2ff90cdf25
d06c985183def975546d6e47ab6369c11dcf7195
e61cbc207f7fc2f429deceff11e7a339a3d9a9574da6d035054eba02ee381345
GET /pagead/html/r20221110/r20190131/zrt_lookup.html HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 4242
x-xss-protection: 0
date: Sun, 04 Dec 2022 15:24:16 GMT
expires: Sun, 18 Dec 2022 15:24:16 GMT
cache-control: public, max-age=1209600
age: 34183
etag: 10353107486223812946
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/blogger_img_proxy/ANbyha1vLuGMog_ek8MY7OxdakHdIveswBIaCe-_BzmLimGzGNEtnJ2P7K05safi2PpoZWUNR-9ckFlGEAkcKUW7aT_aov5KTTbo7hkSFacjMns4KtvWfkSfJHYDc-A=w72-h72-p-k-no-nu
404 Not Found 1.7 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha1vLuGMog_ek8MY7OxdakHdIveswBIaCe-_BzmLimGzGNEtnJ2P7K05safi2PpoZWUNR-9ckFlGEAkcKUW7aT_aov5KTTbo7hkSFacjMns4KtvWfkSfJHYDc-A=w72-h72-p-k-no-nu
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1136)
Hash 463010c77acef669ae87d77e05564de7
8f087f58b372e08e23c28460efddf6667002f0a6
8e3008863970f8b531e7ee93475cbb217db4975ceed89b93decb473ed7be1e38
GET /blogger_img_proxy/ANbyha1vLuGMog_ek8MY7OxdakHdIveswBIaCe-_BzmLimGzGNEtnJ2P7K05safi2PpoZWUNR-9ckFlGEAkcKUW7aT_aov5KTTbo7hkSFacjMns4KtvWfkSfJHYDc-A=w72-h72-p-k-no-nu HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 05 Dec 2022 00:53:59 GMT
server: fife
content-length: 1724
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 2dabd839729e9b0fb2558253d850126b
64f617aa0afb52168ef3519a4cf9829ac61ee007
1a47e4d0efdac6fbec990e3e168bfdfe615ff8953158773e8b1940d4d91eee18
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 00:53:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
200 OK 279 B IP
Hash 85bce29c704a336a0f53954e73bf6ed1
7f45776d0b93b3bbe5bec1ae6e6e3d16f5d8a947
6177b2dabc0ec5b2f9a7a891973d36303a5649bf25c29a691e8ff95024042580
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=116347
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 00:53:59 GMT
Etag: "638c64a2-117"
Expires: Tue, 06 Dec 2022 09:13:06 GMT
Last-Modified: Sun, 04 Dec 2022 09:13:06 GMT
Server: nginx
Content-Length: 279
tinjau.net/banner.gif
301 Moved Permanently 0 B IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /banner.gif HTTP/1.1
Host: tinjau.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
HTTP/1.1 301 Moved Permanently
content-length: 0
location: https://tinjau.net/banner.gif
www.blogger.com/navbar.g?targetBlogID=5564844648999899487&blogName=Segalanya+disini+bermula&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://indahjiwadanrupa.blogspot.com/search&blogLocale=en&v=2&homepageUrl=http://indahjiwadanrupa.blogspot.com/&vt=-6544773174026890762&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.geaHZXF2-fw.O%2Fd%3D1%2Frs%3DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ%2Fm%3D__features__
200 OK 2.6 kB URL HTTP/2 www.blogger.com/navbar.g?targetBlogID=5564844648999899487&blogName=Segalanya+disini+bermula&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://indahjiwadanrupa.blogspot.com/search&blogLocale=en&v=2&homepageUrl=http://indahjiwadanrupa.blogspot.com/&vt=-6544773174026890762&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.geaHZXF2-fw.O%2Fd%3D1%2Frs%3DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ%2Fm%3D__features__
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (3170)
Hash 3101fc7d219ee753a3bf53a30b4b55a3
7b06b13c8fda488bec769978a6b443f1e281f3f3
dcab955433cf922fee30c03d866c81c48e2010f4e9b2865a95130dec935db487
GET /navbar.g?targetBlogID=5564844648999899487&blogName=Segalanya+disini+bermula&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://indahjiwadanrupa.blogspot.com/search&blogLocale=en&v=2&homepageUrl=http://indahjiwadanrupa.blogspot.com/&vt=-6544773174026890762&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.geaHZXF2-fw.O%2Fd%3D1%2Frs%3DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ%2Fm%3D__features__ HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 05 Dec 2022 00:53:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 2603
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 181b661534dc3f6bbe887293452f685b
bf4e024b51870992b7b41ee50e570bebf4705bfb
4d7472e9a604e69e65040a318534883d14275d6ef7e19c6eb42a8a25099d8eeb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 00:53:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
200 OK 279 B IP
Hash 85bce29c704a336a0f53954e73bf6ed1
7f45776d0b93b3bbe5bec1ae6e6e3d16f5d8a947
6177b2dabc0ec5b2f9a7a891973d36303a5649bf25c29a691e8ff95024042580
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4323
Cache-Control: max-age=120670
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 00:53:59 GMT
Etag: "638c64a2-117"
Expires: Tue, 06 Dec 2022 10:25:09 GMT
Last-Modified: Sun, 04 Dec 2022 09:13:06 GMT
Server: ECS (amb/6B97)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 663979bbd831a40bec8611cfac8d77af
aa43c96676a33100f244e6772e37adc2b6f89b76
60c21027da288e857f546b531dd226d81206bfa85a35985b0e1587a68dec4d5b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 00:53:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
partner.googleadservices.com/gampad/cookie.js?domain=indahjiwadanrupa.blogspot.com&callback=_gfp_s_&client=ca-pub-2863746284329625&gpid_exp=1
200 OK 252 B URL HTTP/2 partner.googleadservices.com/gampad/cookie.js?domain=indahjiwadanrupa.blogspot.com&callback=_gfp_s_&client=ca-pub-2863746284329625&gpid_exp=1
IP
File type ASCII text, with very long lines (391), with no line terminators
Hash b2bd4efc3600ac2484c8014ee7d23a85
ba9c6c56288f29520d84f1e57218fdb0127a2291
fa5ae2b0d24eefb0b37dca5ca362d6f296b8fbd99109b82ce11006e78af4c7c0
GET /gampad/cookie.js?domain=indahjiwadanrupa.blogspot.com&callback=_gfp_s_&client=ca-pub-2863746284329625&gpid_exp=1 HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Mon, 05 Dec 2022 00:53:59 GMT
server: cafe
cache-control: private
content-length: 252
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash f54a71942ab5d7fdc54672cf84aa76db
e03db706ad371c93ddd3cc4a3e4c329777bb5f4b
87453ee6a206085c9b82594123a30bf59f7354733d19f21e388dea70768198c9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 00:53:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
200 OK 278 B IP
Hash ffe291236e6ee19feea4669966118d42
ca4bf3a762f0cf005213bcced081a4527114f9a3
71f661233c98d11d58fc9d26313392cf2823faa688712c7cbd2fb09de6f67383
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3338
Cache-Control: max-age=151348
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 00:53:59 GMT
Etag: "638ce051-116"
Expires: Tue, 06 Dec 2022 18:56:27 GMT
Last-Modified: Sun, 04 Dec 2022 18:00:49 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 278
adservice.google.no/adsid/integrator.js?domain=indahjiwadanrupa.blogspot.com
200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=indahjiwadanrupa.blogspot.com
IP
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=indahjiwadanrupa.blogspot.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Mon, 05 Dec 2022 00:53:59 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.widgeo.net/geocompteur/geocity_html.php?id=1478332&c=geocity_blue2&size=&nostats=&title=Segalanya%20disini%20bermula%3A%20Gombak&ref=indahjiwadanrupa.blogspot.com&fullurl=http%3A%2F%2Findahjiwadanrupa.blogspot.com%2Fsearch%2Flabel%2FGombak
200 OK 2.1 kB URL HTTP/1.1 www.widgeo.net/geocompteur/geocity_html.php?id=1478332&c=geocity_blue2&size=&nostats=&title=Segalanya%20disini%20bermula%3A%20Gombak&ref=indahjiwadanrupa.blogspot.com&fullurl=http%3A%2F%2Findahjiwadanrupa.blogspot.com%2Fsearch%2Flabel%2FGombak
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (321)
Hash 9d5e444cc2c78e322374472f1c62bcd6
a003d5edde80980ad7ac4487ac531a36a1e8a6da
b0fec32ad0dc17619801bd70663e514b25297a1abac9529c1686af71d4725cd7
GET /geocompteur/geocity_html.php?id=1478332&c=geocity_blue2&size=&nostats=&title=Segalanya%20disini%20bermula%3A%20Gombak&ref=indahjiwadanrupa.blogspot.com&fullurl=http%3A%2F%2Findahjiwadanrupa.blogspot.com%2Fsearch%2Flabel%2FGombak HTTP/1.1
Host: www.widgeo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 00:53:59 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
p3p: CP="NOI ADM DEV COM NAV OUR STP"
set-cookie: monpays=NO; expires=Sun, 05-Mar-2023 00:53:58 GMT; Max-Age=7776000; path=/
pays=Norway; expires=Sun, 05-Mar-2023 00:53:58 GMT; Max-Age=7776000; path=/
ville=Oslo; expires=Sun, 05-Mar-2023 00:53:58 GMT; Max-Age=7776000; path=/
idcompteurcc_1478332=done; expires=Tue, 06-Dec-2022 00:53:58 GMT; Max-Age=86400; path=/
online_idcompteurcc_1478332=done; expires=Mon, 05-Dec-2022 00:56:58 GMT; Max-Age=180; path=/
originecc_1478332=United%2BStates%2523United%2BStates%2BCity%25234745%257CUnited%2BStates%2523Boardman%25231184%257CCanada%2523Canada%2BCity%25231154%257CCanada%2523Burnaby%2523252%257CUnited%2BStates%2523Fort%2BLauderdale%2523186%257CUnited%2BStates%2523Raleigh%252383%257CNew%2BZealand%2523Auckland%252374%257CRomania%2523Romania%2BCity%252352%257CAustralia%2523Australia%2BCity%252352%257CGermany%2523Germany%2BCity%252344%257CUnited%2BStates%2523Los%2BAngeles%252337%257CNetherlands%2523Amsterdam%252336%257CFinland%2523Finland%2BCity%252332%257CGermany%2523Nurnberg%252327%257CUnited%2BStates%2523Dallas%252327%257CNetherlands%2523Netherlands%2BCity%252324%257CBangladesh%2523Bangladesh%2BCity%252324%257CUnited%2BStates%2523Duluth%252320%257CUnited%2BStates%2523Santa%2BClara%252319%257CJordan%2523Jordan%2BCity%252318%257CUnited%2BStates%2523Mountain%2BView%252317%257CSlovakia%2523Slovakia%2BCity%252316%257CKorea%252C%2BRepublic%2Bof%2523Seongnam%252316%257CUnited%2BStates%2523Washington%252316%257CUnited%2BStates%2523Dallax%252316%257CRussian%2BFederation%2523Russian%2BFederation%2BCity%252315%257CUnited%2BStates%2523New%2BYork%252314%257CUnited%2BStates%2523Herndon%252314%257CUnited%2BStates%2523Chicago%252313%257C; expires=Mon, 05-Dec-2022 00:56:58 GMT; Max-Age=180; path=/
online_1478332=4; expires=Mon, 05-Dec-2022 00:56:58 GMT; Max-Age=180; path=/
jour_1478332=7; expires=Mon, 05-Dec-2022 00:56:58 GMT; Max-Age=180; path=/
total_1478332=8646; expires=Mon, 05-Dec-2022 00:56:58 GMT; Max-Age=180; path=/
bonus_1478332=25390; expires=Tue, 06-Dec-2022 00:53:58 GMT; Max-Age=86400; path=/
bonus_j_1478332=1; expires=Mon, 05-Dec-2022 00:56:58 GMT; Max-Age=180; path=/
cache-control: public, max-age=180
expires: Mon, 05 Dec 2022 00:56:58 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sJaEytuKpReqdh1iUYaqZQAPcCZC2xxEhcnvcWeHZxLoBIoLN68eyWJ43mw4PRLgAA9SfRk%2FBy7qycV32BCFhHF0%2BijzkdeUNAojqBAoaQEDIVbpZZZknZcQCk2fI21K"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7748ced3082bb524-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.guablog.com/widget/6735/0/3/2/140/bottom/transparent/006b9b/Tahoma|1.2em|0.04em|13px|100%25|1px|1px|c0c0c0|center|top|square|6,4,2,7,1,8,3
302 Found 11 B URL HTTP/1.1 www.guablog.com/widget/6735/0/3/2/140/bottom/transparent/006b9b/Tahoma|1.2em|0.04em|13px|100%25|1px|1px|c0c0c0|center|top|square|6,4,2,7,1,8,3
IP
ASN #16125 UAB Cherry Servers
File type ASCII text, with no line terminators
Hash 32682312d17c7cbf18e73594f5570319
60e22121bdd0bc71cdb2bae2a3aa577006b2eae9
e55fb1a1d731153e943b68844af12dcce8bfac917c98ffdea64c80da0607dd47
GET /widget/6735/0/3/2/140/bottom/transparent/006b9b/Tahoma|1.2em|0.04em|13px|100%25|1px|1px|c0c0c0|center|top|square|6,4,2,7,1,8,3 HTTP/1.1
Host: www.guablog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
HTTP/1.1 302 Found
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 11
date: Mon, 05 Dec 2022 00:53:58 GMT
location: https://track.vcdc.com/proceed.php?domain=guablog.com&hash=dd1f21d5d9a5fd1ca6234da33d8d70c1&u=eyJkb21haW4iOiJndWFibG9nLmNvbSIsImRvbWFpbl9pZCI6IjgyNzY3MDkiLCJmb2xkZXJfaWQiOm51bGwsIm1pZCI6IjE1MSIsImZpbHRlcl9pZCI6bnVsbCwiYWR2ZXJ0aXNlcl9pZCI6IjEyOCIsInRhcmdldCI6Imh0dHA6XC9cL3htbC12NC5jcmFmdHZpa2luZy0yLmNvXC9jbGljaz9pPThRQnkqLU1haVdjXzAiLCJpcF9hZGRyZXNzIjoiOTEuOTAuNDIuMTU0IiwidHlwZSI6ImphdmFfcmVkaXJlY3QiLCJiaWQiOiIwLjAwMDEyNyJ9
server: nginx
set-cookie: sid=4d271fcc-7437-11ed-a386-6f155d5c1dfe; path=/; domain=.guablog.com; expires=Sat, 23 Dec 2090 04:08:06 GMT; max-age=2147483647; HttpOnly
googleping.com/wp-content/uploads/2011/04/logo.png
200 OK 4.7 kB URL HTTP/1.1 googleping.com/wp-content/uploads/2011/04/logo.png
IP
File type PNG image data, 214 x 52, 8-bit/color RGBA, non-interlaced\012- data
Hash bcb4a47cb86d2a1911360d037df41533
140477c387e054d860e1c89945abad7d05403b91
0529dbd436a56c0dfed63a6d2907edbc3f06d98568de4eadaa19220b792f369a
GET /wp-content/uploads/2011/04/logo.png HTTP/1.1
Host: googleping.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 00:53:58 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2016 17:23:25 GMT
Accept-Ranges: bytes
Content-Length: 4749
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/png
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 4f983d2d0c97ff0944a7ef34ec4330ae
14c242b3a0189e9406bc612d8c2540d5e5984d5a
d4eead0b3f27149eaba02487857dede1c4387a26ed1278bb694e898efb07bfc7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D4EEAD0B3F27149EABA02487857DEDE1C4387A26ED1278BB694E898EFB07BFC7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5218
Expires: Mon, 05 Dec 2022 02:20:57 GMT
Date: Mon, 05 Dec 2022 00:53:59 GMT
Connection: keep-alive
inklinkor.com/tag.min.js
200 OK 26 kB IP
File type ASCII text, with very long lines (65536), with no line terminators
Hash fb52e9d88f258fd5c4bcd8d8d2e2e3b6
19bf2928f498cc14e2e3cf8a728524efe486da0f
36dc02f32b85a06da189b5813f7cbba93e30ea70ad614b4e04015e954f401d15
GET /tag.min.js HTTP/1.1
Host: inklinkor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 00:53:59 GMT
content-type: text/javascript; charset=utf-8
x-trace-id: 3edea6f68f5d6aa0f27e492e4bfa37a5
cache-control: max-age=86400
last-modified: Fri, 02 Dec 2022 10:20:03 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
expires: Mon, 05 Dec 2022 23:46:41 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 4036
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zuiPj6nA47tEcVL7AxF8iM9A2hwg1nXyN%2FyakIpLiNC6yaPJVAtJMaJZx%2FsdBDVvaYVYdb069Jk9qCIU%2BH0W7t5Aagca8%2Bn6mmpNW47FeSPLc79hkzyGBB6%2FSP9uwAq8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7748ced3b9630b51-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
adservice.google.com/adsid/integrator.js?domain=indahjiwadanrupa.blogspot.com
200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=indahjiwadanrupa.blogspot.com
IP
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=indahjiwadanrupa.blogspot.com HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Mon, 05 Dec 2022 00:53:59 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
i3.photobucket.com/albums/y73/tx2nw/bloggedmy/bloggedmylink.png
200 OK 834 B URL HTTP/2 i3.photobucket.com/albums/y73/tx2nw/bloggedmy/bloggedmylink.png
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash 576ebd4971b153fdc7099dc1258ceb33
a7c63a407b3cfe17c110fa62e36807dcf86114e5
3f56a5eb35a3b530c6d648f70be1bfaf8152fc95d18f1a87a712a19883678eac
GET /albums/y73/tx2nw/bloggedmy/bloggedmylink.png HTTP/1.1
Host: i3.photobucket.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://indahjiwadanrupa.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/webp
content-length: 834
date: Mon, 05 Dec 2022 00:53:59 GMT
cache-control: max-age=31536000, public
content-disposition: inline; filename="bloggedmylink.webp"
expires: Tue, 05 Dec 2023 00:53:59 GMT
server: photobucket
x-amzn-trace-id: Root=1-638d4127-73995fa15a1dc98e579e9247
x-request-id: PP6-fj69WYxrkdVLrmU7p
x-cache: Miss from cloudfront
via: 1.1 814e8c24454087e83cd261a6cf477166.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: k5B9IfaYTHFeZz8hBYmRGZmvUnDcrDa15X1QoNjLwxhXYZAuthF1eA==
vary: Accept, Origin
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash a2365b2356f35547e7a8a0eeac1a5e71
f070192cf1ad964c90dd00bdf6b04fa598618d61
50415514239bdc4345cb6f75e5aba42fe0f093aaf21de22276aaeceab84c0450
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 00:53:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
200 OK 279 B IP
Hash 85bce29c704a336a0f53954e73bf6ed1
7f45776d0b93b3bbe5bec1ae6e6e3d16f5d8a947
6177b2dabc0ec5b2f9a7a891973d36303a5649bf25c29a691e8ff95024042580
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 00:53:59 GMT
Etag: "638c64a2-117"
Server: ECS (amb/6BC5)
Content-Length: 279
ocsp.sectigo.com/
200 OK 472 B IP
Hash 3c49d6c72f507bb91f28b1bb5db3eea8
76d6a9570398d587866ffc34fb20784beec06d80
d5f46371913210eecd626754ee7cdb8465ed17225985f8beb6a7a1db25811592
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 00:53:59 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 03 Dec 2022 06:31:16 GMT
Expires: Sat, 10 Dec 2022 06:31:15 GMT
Etag: "76d6a9570398d587866ffc34fb20784beec06d80"
Cache-Control: max-age=451635,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7748ced53de71bfe-OSL
www.widgeo.net/geocompteur/shadow/flag_united%20states.png
200 OK 1.0 kB URL HTTP/2 www.widgeo.net/geocompteur/shadow/flag_united%20states.png
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash 03d9bb2b449e6e964d86aec6d71b6856
e9b1da7fa7d59eaa78b2e2ad681c1e126fb55aa8
6baa676f5ca2682fd2d7945ca2d3b06759d8a1bdd4974e4c3e00b80643410399
GET /geocompteur/shadow/flag_united%20states.png HTTP/1.1
Host: www.widgeo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.widgeo.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 00:53:59 GMT
content-type: image/webp
content-length: 1008
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=1214
content-disposition: inline; filename="flag_united%20states.webp"
vary: Accept
cache-control: public, max-age=2592000
expires: Thu, 15 Dec 2022 19:39:07 GMT
last-modified: Thu, 20 Jun 2019 15:14:42 GMT
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 1660491
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CMR8zhmy4QZpDmvBd2WB1sWfat20cnoa%2F1%2FG1sqpPOhOBQEv3wr4X28brsRfY0wNxx%2B4KwUGREYgmNGz5M9Sh%2BjDss51m3LsAydUCdMuWM%2F4vOHY3%2BgPLxzm2lAlRHCZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7748ced59ebb0b3d-OSL
X-Firefox-Spdy: h2
www.widgeo.net/geocompteur/shadow/flag_romania.png
200 OK 644 B URL HTTP/2 www.widgeo.net/geocompteur/shadow/flag_romania.png
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash a2ef37e3cfe2119759469a219565c145
7d174bb96c9eb762a56b531e8c15a160773fe008
8f45100a446929b8ad38c886a1cc6d033a066a008f8268b6fa1ec8d3f4d74166
GET /geocompteur/shadow/flag_romania.png HTTP/1.1
Host: www.widgeo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.widgeo.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 00:53:59 GMT
content-type: image/webp
content-length: 644
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=842
content-disposition: inline; filename="flag_romania.webp"
vary: Accept
cache-control: public, max-age=2592000
expires: Sat, 31 Dec 2022 20:19:37 GMT
last-modified: Thu, 20 Jun 2019 15:14:42 GMT
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 275661
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PmOK2g%2FKOQRnGwFmur97Ink9D0eGXWmUxPF47kjrnEUdmPiWhEdzcPtu018PW95cXYoWZfwFB08fEVI3BlEHK0xJFBeKoQOBVMV3hTm8eznU0AjiHO8kkYBeQiwKuFFW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7748ced59ec20b3d-OSL
X-Firefox-Spdy: h2
www.widgeo.net/geocompteur/shadow/flag_canada.png
200 OK 886 B URL HTTP/2 www.widgeo.net/geocompteur/shadow/flag_canada.png
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash 9dfda6415875b226812181f7ea64fcc8
6cdf4ed8b0a4d6a748510ab74d772183a55bdf38
b5e378613935ec7dabd4e11e095b4141b16462909085a185e3a093c8900e6a55
GET /geocompteur/shadow/flag_canada.png HTTP/1.1
Host: www.widgeo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.widgeo.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 00:53:59 GMT
content-type: image/webp
content-length: 886
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=1148
content-disposition: inline; filename="flag_canada.webp"
vary: Accept
cache-control: public, max-age=2592000
expires: Sun, 01 Jan 2023 04:21:33 GMT
last-modified: Thu, 20 Jun 2019 15:14:42 GMT
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 246745
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1cJ5qv3MwuJQkzuWVOWP3BNnPjSzGrgj%2F2z8rexui0kHk6BSHEJotwBAtsFDjmSvUS8o1ymgvGWWf%2FVh8tgsm1NgtZAVYAJjU22YSgXA1x2Dup6jR8Tvo0WteSackJeN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7748ced59ebf0b3d-OSL
X-Firefox-Spdy: h2
www.widgeo.net/geocompteur/shadow/flag_new%20zealand.png
200 OK 940 B URL HTTP/2 www.widgeo.net/geocompteur/shadow/flag_new%20zealand.png
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash 8719b63ac81155fd64422298ef8a8b25
c034b5869772ddf1675ebdbeb3c0d3c540738c24
b313f56a36c855a1a34a02b96910ee4307e553a28a6e52bc64e2ab1bc2cfdae5
GET /geocompteur/shadow/flag_new%20zealand.png HTTP/1.1
Host: www.widgeo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.widgeo.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 00:53:59 GMT
content-type: image/webp
content-length: 940
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=1173
content-disposition: inline; filename="flag_new%20zealand.webp"
vary: Accept
cache-control: public, max-age=2592000
expires: Tue, 03 Jan 2023 02:11:33 GMT
last-modified: Thu, 20 Jun 2019 15:14:42 GMT
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 81744
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cmbz8cTNMchi3p9JhdYSWKja6m2Im7apkhEmsu%2FZbQJtBBchhT15HYGl7R9n372tSnxWzYdq5vTl9PPyphLKXJGY7OCSNJp0q5KxELufOwVzcfdz55ZyCIpvj2B7rlyx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7748ced59ec10b3d-OSL
X-Firefox-Spdy: h2
www.widgeo.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
200 OK 3.9 kB URL HTTP/1.1 www.widgeo.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
IP
File type ASCII text, with very long lines (12331)
Hash 54c87b7a9007d256c837e382cab4170d
6c8f44204021f68596af9ae5a742c3ad1b76a6ec
3a09f98b09786cd8fbe71cc17d07660e767fc1c8d2ea467f912bc328766a54a1
GET /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js HTTP/1.1
Host: www.widgeo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.widgeo.net/geocompteur/geocity_html.php?id=1478332&c=geocity_blue2&size=&nostats=&title=Segalanya%20disini%20bermula%3A%20Gombak&ref=indahjiwadanrupa.blogspot.com&fullurl=http%3A%2F%2Findahjiwadanrupa.blogspot.com%2Fsearch%2Flabel%2FGombak
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 00:53:59 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 30 Nov 2022 18:31:41 GMT
ETag: W/"6387a18d-302c"
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HlH3GDzQY5CZ1YvPbx9xFcKNE9LqxY0LIXA1TXaam3p0nVocjzBDpeYL9kyzl2DYyJzYZJADLAnVfM3dNtDWx5vTF5dL7sizZ4DnSf7XfTXiLQ0R%2BMjBxf86%2BIjHxv7M"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7748ced5a991b524-OSL
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Expires: Wed, 07 Dec 2022 00:53:59 GMT
Cache-Control: max-age=172800, public
Content-Encoding: gzip
www.widgeo.net/geocompteur/shadow/flag_australia.png
200 OK 1.0 kB URL HTTP/2 www.widgeo.net/geocompteur/shadow/flag_australia.png
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash 395fda4bf932944885ae2bad6bc94cbd
56579ba3f9e670a64a59fee1079028bf5bbc33ca
6869308fc918c3d6b972eacc5900d2e17ab9740e282d5b3f214f66fbd5b1d43e
GET /geocompteur/shadow/flag_australia.png HTTP/1.1
Host: www.widgeo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.widgeo.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 00:53:59 GMT
content-type: image/webp
content-length: 1022
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=1234
content-disposition: inline; filename="flag_australia.webp"
vary: Accept
cache-control: public, max-age=2592000
expires: Wed, 28 Dec 2022 07:08:28 GMT
last-modified: Thu, 20 Jun 2019 15:14:42 GMT
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 582330
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3xS3G3VH1zLV3YUOsF2DqChs5%2F69BnIyEOuSMoh4aFWEdZGDQ2yZmbtp24v7S3FmNUJcqkdj6%2Buoo9dFzF12V60OCuEJo1%2Biasjdzr8BxPZKjCVfvj1Y8s3BGRtInfeM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7748ced5aec70b3d-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 663979bbd831a40bec8611cfac8d77af
aa43c96676a33100f244e6772e37adc2b6f89b76
60c21027da288e857f546b531dd226d81206bfa85a35985b0e1587a68dec4d5b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 00:53:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.widgeo.net/geocompteur/shadow/flag_germany.png
200 OK 686 B URL HTTP/2 www.widgeo.net/geocompteur/shadow/flag_germany.png
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash 1c667705cee250254b246ed54d521b22
ebb8e80e0820a7e73926c5d2ff02c5f74c9925b1
1b4f1b8a79090e222e116c0bb9a7333a8b88f41dd2172122f67e8c0f1a6c2e21
GET /geocompteur/shadow/flag_germany.png HTTP/1.1
Host: www.widgeo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.widgeo.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 00:53:59 GMT
content-type: image/webp
content-length: 686
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=873
content-disposition: inline; filename="flag_germany.webp"
vary: Accept
cache-control: public, max-age=2592000
expires: Mon, 26 Dec 2022 19:58:36 GMT
last-modified: Thu, 20 Jun 2019 15:14:42 GMT
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 708922
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=umM%2FRF4CW8T88Fu2WHcrp8t%2F8%2BCHAHpOK9LclpQqpUVX8vmqA9fpoRAWwNGixp7yElS8kmd9ZueFXaRpsl7NTzD8T%2BKlKXhB2lsYKKzuUBw8JaTE760xcw2ze0o0NO46"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7748ced5aec90b3d-OSL
X-Firefox-Spdy: h2
www.widgeo.net/geocompteur/shadow/flag_netherlands.png
200 OK 710 B URL HTTP/2 www.widgeo.net/geocompteur/shadow/flag_netherlands.png
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash 4d48534384964664d122ef558ebf1acd
8cbccb6b66f6161c329f9945b58e79e09640cc90
286ee399704cd53efeabbca51dfc8459fb9633265ae4e9e046610f7d61d087bb
GET /geocompteur/shadow/flag_netherlands.png HTTP/1.1
Host: www.widgeo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.widgeo.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 00:53:59 GMT
content-type: image/webp
content-length: 710
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=892
content-disposition: inline; filename="flag_netherlands.webp"
vary: Accept
cache-control: public, max-age=2592000
expires: Sat, 10 Dec 2022 23:05:41 GMT
last-modified: Thu, 20 Jun 2019 15:14:42 GMT
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 2080098
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BvyMTDbMb81p4ACXAqD%2B1GflEGGUS3gNxxcNPIv2wCYdnGTfie0r54Xe61%2BcpLNophVvcLCWiLdUohR50cKobbxy%2FSKgCaXpg4crI%2BWkfASOrQrIZNCoEQ2B4Ohn77MK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7748ced5aeca0b3d-OSL
X-Firefox-Spdy: h2
www.widgeo.net/geocompteur/shadow/flag_finland.png
200 OK 724 B URL HTTP/2 www.widgeo.net/geocompteur/shadow/flag_finland.png
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash 4bb42c0a72d24163a22f5b03c19014ca
333c2b0e19045c6162ea18f96cde896e9568c965
57f34fcc77132fcdfc669956854f38ebc6089241f1d5f52d7218d06365c9e750
GET /geocompteur/shadow/flag_finland.png HTTP/1.1
Host: www.widgeo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.widgeo.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 00:53:59 GMT
content-type: image/webp
content-length: 724
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=899
content-disposition: inline; filename="flag_finland.webp"
vary: Accept
cache-control: public, max-age=2592000
expires: Wed, 28 Dec 2022 07:47:02 GMT
last-modified: Thu, 20 Jun 2019 15:14:42 GMT
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 580016
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BdlE9DOU%2FgChpnuKu5a%2FgMT33geV2OS%2B%2BKMWremzgSqrbdfsNCglGHer0J8JACByiD6NYh4Db%2Bk%2FgqRRQocwdakNE%2F8Nn7Wv1tE6xYesWI6LWaC6y49XfbfB8PWIUghO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7748ced5aecb0b3d-OSL
X-Firefox-Spdy: h2
www.widgeo.net/geocompteur/shadow/flag_bangladesh.png
200 OK 824 B URL HTTP/2 www.widgeo.net/geocompteur/shadow/flag_bangladesh.png
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash fda033492cc9954e333f12982d8b3a73
643379f831ee7bb9447262e326f759024bc3c196
93b2111e0009e79e40b18ac53ec7e49d3703956ddf9696f62140f098c219ace6
GET /geocompteur/shadow/flag_bangladesh.png HTTP/1.1
Host: www.widgeo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.widgeo.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 00:53:59 GMT
content-type: image/webp
content-length: 824
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=1024
content-disposition: inline; filename="flag_bangladesh.webp"
vary: Accept
cache-control: public, max-age=2592000
expires: Sat, 17 Dec 2022 10:26:20 GMT
last-modified: Thu, 20 Jun 2019 15:14:42 GMT
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 1520859
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gtV%2FQAfNvajhEh3NGPyAjYslH4vJxZFYCV340V3jyXuIgzd52nwdA5MqQIP%2B8Nn%2F7Ey4oE2L1a4AP51o7DidEtdp6uRNrihd4TbVHbubDF0AwlpaRtVCl55kSv4hRDdQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7748ced5aecd0b3d-OSL
X-Firefox-Spdy: h2
www.widgeo.net/geocompteur/shadow/flag_jordan.png
200 OK 856 B URL HTTP/2 www.widgeo.net/geocompteur/shadow/flag_jordan.png
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash fab06f4814c4b3c0729efab034801d24
092532af1b8ef1d565e35fc7c0d220a9e04b6d40
d7827becd9dc8fe3a38a9fa6e24b3e05fdf9c0a47d391b47c578fbc12b3f8ca5
GET /geocompteur/shadow/flag_jordan.png HTTP/1.1
Host: www.widgeo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.widgeo.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 00:53:59 GMT
content-type: image/webp
content-length: 856
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=1070
content-disposition: inline; filename="flag_jordan.webp"
vary: Accept
cache-control: public, max-age=2592000
expires: Tue, 27 Dec 2022 13:01:51 GMT
last-modified: Thu, 20 Jun 2019 15:14:42 GMT
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 647528
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W3ErBKsU6e3jY3Wa3h8GrYewTT8hqFjDTcYfS%2FIqIqRbYs14fmv48SjgxKlHPkvPt4YrWxqsu3ijIQ6F5AVEDmkJF9LndiqqgjRYlTPeeHAkTrPapTrfhXwq1MllmNAS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7748ced5bed30b3d-OSL
X-Firefox-Spdy: h2
i155.photobucket.com/albums/s282/theviejo/recurso_9_1.jpg
200 OK 918 B URL HTTP/2 i155.photobucket.com/albums/s282/theviejo/recurso_9_1.jpg
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash e16b7abd904475580b7337e9ad7c1186
0b64b294e6e44f0d6ee746f86beb996b371501da
16a6cb27477f691f335eecd30e8ad33db3265e8326d82a7bea55f8a5e65922ff
GET /albums/s282/theviejo/recurso_9_1.jpg HTTP/1.1
Host: i155.photobucket.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://indahjiwadanrupa.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/webp
content-length: 918
date: Mon, 05 Dec 2022 00:53:59 GMT
cache-control: max-age=31536000, public
content-disposition: inline; filename="recurso_9_1.webp"
expires: Tue, 05 Dec 2023 00:53:59 GMT
server: photobucket
x-amzn-trace-id: Root=1-638d4127-22cd72d60fcf5dee3db895b1
x-request-id: BtDer0G96pZ-ZnajcUm_5
x-cache: Miss from cloudfront
via: 1.1 814e8c24454087e83cd261a6cf477166.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: oXdotz9IgPb61fEVqQ-pWkqSu4Bm5zrV0C5Bwb5C4cSH1duNEnySGg==
vary: Accept, Origin
X-Firefox-Spdy: h2
www.widgeo.net/geocompteur/shadow/flag_slovakia.png
200 OK 894 B URL HTTP/2 www.widgeo.net/geocompteur/shadow/flag_slovakia.png
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash 129ccceec06ef21121373b3f01b1223e
2a65a61156488db26b939a6b3eb59b58558e8e73
be2278e310c722ee37932e45c66689ca942bf194939612796ddf468224534126
GET /geocompteur/shadow/flag_slovakia.png HTTP/1.1
Host: www.widgeo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.widgeo.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 00:53:59 GMT
content-type: image/webp
content-length: 894
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=1065
content-disposition: inline; filename="flag_slovakia.webp"
vary: Accept
cache-control: public, max-age=2592000
expires: Sun, 01 Jan 2023 17:59:04 GMT
last-modified: Thu, 20 Jun 2019 15:14:42 GMT
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 197694
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4aHbcPwRFWtympFwBy%2BGDhy%2Brs5atnJOsMwXBGvpXxd4oWSth7ki0UDi3F7zVgw7w%2FX%2B%2B0RMS02mwlJ21Y%2BAmvzzFQOUi1ScyJFx0bQ1bGuGYQts7tZizZGwk5mYMmkE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7748ced5ced80b3d-OSL
X-Firefox-Spdy: h2
www.widgeo.net/geocompteur/shadow/flag_korea,%20republic%20of.png
200 OK 814 B URL HTTP/2 www.widgeo.net/geocompteur/shadow/flag_korea,%20republic%20of.png
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash ec4b0c854ec18061c7bafbe9ac9d1c3b
77c850ef6479e29a631dba64d06ccc1eefb1adc6
48f6236fb62cb417c5d00552052f378bfd1a82ca9f21f341c69390fd346fd439
GET /geocompteur/shadow/flag_korea,%20republic%20of.png HTTP/1.1
Host: www.widgeo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.widgeo.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 00:53:59 GMT
content-type: image/webp
content-length: 814
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=1163
content-disposition: inline; filename="flag_korea,%20republic%20of.webp"
vary: Accept
cache-control: public, max-age=2592000
expires: Sat, 17 Dec 2022 10:21:59 GMT
last-modified: Thu, 20 Jun 2019 15:14:42 GMT
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 1521119
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q1CURiGi%2F%2FeyWwdX53afdTNOBslZhB0lOOVmdipX3Czmn%2BokdeUHjPsJZVfYh1LRu8lzp5nkytg4Ht30kuH1MWQRRDS0EYAepUguOdJpRdbR7aTF7atG1RclafHAjOR6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7748ced5eee80b3d-OSL
X-Firefox-Spdy: h2
s05.flagcounter.com/count2/zVdh/bg_FFFFFF/txt_000000/border_CCCCCC/columns_2/maxflags_250/viewers_0/labels_0/pageviews_1/flags_1/percent_0/
200 OK 79 kB URL HTTP/1.1 s05.flagcounter.com/count2/zVdh/bg_FFFFFF/txt_000000/border_CCCCCC/columns_2/maxflags_250/viewers_0/labels_0/pageviews_1/flags_1/percent_0/
IP
ASN #8100 ASN-QUADRANET-GLOBAL
File type PNG image data, 162 x 1376, 8-bit/color RGB, non-interlaced\012- data
Hash 823ae7d5813826e3f3680f284219ad86
d3417c66b5efc6cae4a74a1318271dcd0cacc289
5b868b5a7429a472631644a77fcb404e8db5e8fcba7fd379d6471c7ab92c2682
GET /count2/zVdh/bg_FFFFFF/txt_000000/border_CCCCCC/columns_2/maxflags_250/viewers_0/labels_0/pageviews_1/flags_1/percent_0/ HTTP/1.1
Host: s05.flagcounter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 00:53:59 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips
Pragma: no-cache
Cache-control: no-cache
Connection: close
Transfer-Encoding: chunked
Content-Type: image/png
www.widgeo.net/geocompteur/shadow/flag_russian%20federation.png
200 OK 680 B URL HTTP/2 www.widgeo.net/geocompteur/shadow/flag_russian%20federation.png
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash 852881aef6d6a8bca3123c3201f64c74
0e5ef2c61383bb79c8a6ea068d9a688631d844fa
41c20a2d0dc8fe26ec1e5c7e71b5d82fc09e7ce0bd30db7abb516474f5c186a1
GET /geocompteur/shadow/flag_russian%20federation.png HTTP/1.1
Host: www.widgeo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.widgeo.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 00:53:59 GMT
content-type: image/webp
content-length: 680
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=857
content-disposition: inline; filename="flag_russian%20federation.webp"
vary: Accept
cache-control: public, max-age=2592000
expires: Wed, 28 Dec 2022 03:12:56 GMT
last-modified: Thu, 20 Jun 2019 15:14:42 GMT
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 596462
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8dXphB%2FQWDlz81G000%2Fs4OcoWMVAu%2BmytABknYcbCVEjJFwCNWcVs5jV17%2BNuiaa86fBb6cvEQkcH0ieTZp0aAeSA7ak%2BpZkzX6pf0j78VLVliWzeIp4PuEab19xg5om"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7748ced5feef0b3d-OSL
X-Firefox-Spdy: h2
www.widgeo.net/tcm_t_u.js
200 OK 0 B URL HTTP/2 www.widgeo.net/tcm_t_u.js
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tcm_t_u.js HTTP/1.1
Host: www.widgeo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 00:53:59 GMT
content-type: application/javascript
content-length: 0
cf-bgj: minify
cf-polished: origSize=4360
cache-control: public, max-age=604800
expires: Fri, 09 Dec 2022 03:46:03 GMT
last-modified: Sat, 01 Oct 2022 00:32:25 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 248875
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s7YPDDRAwZwLiwu9YpBDy2HN83Vlat9xFpDKrRyJ5QMWirp0rgKl1ENnfg7sPpoiOpJhrPZCnXF6UDRKy4OWbzT4Xaz7yXV0dj9i5AjHzYsdb7osACR%2Bc5ZKZV2p0Jox"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7748ced60efa0b3d-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 122124f83967c12700f5a6f5546b0f1f
d7acd2db61ad811c388a44b7bd407fa5f4aea8ee
b6b9e0b6c241b4eeb5161b1c297dec2aa6188032017074ee7f8e5533fab87a4d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 00:53:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.widgeo.net/geocompteur/img/tmp/earth_blue2.png
200 OK 2.6 kB URL HTTP/2 www.widgeo.net/geocompteur/img/tmp/earth_blue2.png
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash 35ef26dc64d2a2d57e62bef7f3c6f8c3
d8bd4c88f74912e188cb4e2ccc5ed53ecd36591c
2ab4d3f5ec0ee2c160aab1838975a7c7cd89e6adee9d7af72fc5f2f9d898317a
GET /geocompteur/img/tmp/earth_blue2.png HTTP/1.1
Host: www.widgeo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.widgeo.net/geocompteur/css/city_css.php?c=geocity_blue2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 00:53:59 GMT
content-type: image/webp
content-length: 2596
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=3258
content-disposition: inline; filename="earth_blue2.webp"
vary: Accept
cache-control: public, max-age=2592000
expires: Sat, 24 Dec 2022 22:15:30 GMT
last-modified: Thu, 20 Jun 2019 15:14:42 GMT
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 873508
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ljrwo60SuTB%2BdxhHjJhzfMjxf%2Ff%2FZqi5WFMMBiU1L1FHCk7eQEj16UBoRbVEmJHOkqDPaGpBXWZ9Wnst5n%2B4ZtmEbrSMY1JbLpFVlYQbFx9b93DnNHMe3yzbxPnwD5rA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7748ced68f290b3d-OSL
X-Firefox-Spdy: h2
bedrapiona.com/5/3294720/?oo=1&js_build=iclick-v1.458.0
200 OK 16 kB URL HTTP/2 bedrapiona.com/5/3294720/?oo=1&js_build=iclick-v1.458.0
IP
Hash 06a0fb0a478feb7570335d0cf7d265dc
eaa3e9959419993c5e845b3dc9433baaba99654a
4561033f6a76d323a3361faccb40a4e6f04e5ba7fe829cad8af44c0779d2d789
GET /5/3294720/?oo=1&js_build=iclick-v1.458.0 HTTP/1.1
Host: bedrapiona.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://indahjiwadanrupa.blogspot.com
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 00:53:59 GMT
content-type: application/json
x-trace-id: 2bb543e746925b50d7aa18a0c7e540f6
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: http://indahjiwadanrupa.blogspot.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=beb140c3065b486e845c2a60ba7af5d8; expires=Tue, 05 Dec 2023 00:53:59 GMT; path=/; secure; SameSite=None
oaidts=1670201639; expires=Tue, 05 Dec 2023 00:53:59 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
globessl.ocsp.sectigo.com/
200 OK 471 B URL HTTP/1.1 globessl.ocsp.sectigo.com/
IP
Hash bc0518e9979daad7d0b91206807a5f1d
fe9cb9249d1603111c21c8c9e4965fea0c39e470
26332329803c4cea48479d9e1a9876e63afc4ea6d33f92025ef6d6ad44ccbfef
POST / HTTP/1.1
Host: globessl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 00:53:59 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 02 Dec 2022 08:13:38 GMT
Expires: Fri, 09 Dec 2022 08:13:37 GMT
Etag: "fe9cb9249d1603111c21c8c9e4965fea0c39e470"
Cache-Control: max-age=371377,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7748ced65f100b49-OSL
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 122124f83967c12700f5a6f5546b0f1f
d7acd2db61ad811c388a44b7bd407fa5f4aea8ee
b6b9e0b6c241b4eeb5161b1c297dec2aa6188032017074ee7f8e5533fab87a4d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 00:53:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
checkpagerank.net/pricon.php?key=3GMpBcMXs2rfo3Eh
200 OK 1.3 kB URL HTTP/2 checkpagerank.net/pricon.php?key=3GMpBcMXs2rfo3Eh
IP
File type GIF image data, version 89a, 180 x 60\012- data
Hash 785039293e19a0f0a0db1231b9704b67
8c2f91b1a33a4f266f23f06b7dfa8ab4a431a400
118d4625d63c95ff6bdbf63452619f02b738a2055c5ee4ba986d114ad0d007ab
GET /pricon.php?key=3GMpBcMXs2rfo3Eh HTTP/1.1
Host: checkpagerank.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://indahjiwadanrupa.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=2592000
expires: Wed, 04 Jan 2023 00:53:59 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 1278
content-type: image/gif
date: Mon, 05 Dec 2022 00:53:59 GMT
server: Apache
X-Firefox-Spdy: h2
www.exactseek.com/images/exactbutton1.gif
200 OK 3.5 kB URL HTTP/1.1 www.exactseek.com/images/exactbutton1.gif
IP
File type GIF image data, version 89a, 88 x 31\012- data
Hash fcca6f86d560ed5a0707708d4c82fec1
531a5a8c0e53c3d2021007b88c045d8c6618a07e
80caea32c373db145d7cc840e333eacd1459c30f815027d185030b45ca7182fb
GET /images/exactbutton1.gif HTTP/1.1
Host: www.exactseek.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://indahjiwadanrupa.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 00:53:59 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.33
Last-Modified: Mon, 16 Apr 2012 18:53:03 GMT
ETag: "dcd-4bdd054f481c0"
Accept-Ranges: bytes
Content-Length: 3533
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/gif
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 79c225db327a78b782f5a9512b07eaf0
398a1be3a70264d959146d6670d2ca54cdf4e91a
8539ea44d81775448ae8c6179d54d8a397c559b112291fa78abcf6ac6c480815
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 00:53:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sectigo.com/
200 OK 472 B IP
Hash ee9cf86f34d2e5fb6981a7a97305294d
91c4248b6a416df26939272bc86f075a51a12a1f
c68c2d07cddf4c16a54657e76ce86becb7a59a6038aee0a90c6e28553dcff6a9
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 00:53:59 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 04 Dec 2022 21:44:15 GMT
Expires: Sun, 11 Dec 2022 21:44:14 GMT
Etag: "91c4248b6a416df26939272bc86f075a51a12a1f"
Cache-Control: max-age=592814,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7748ced5be041bfe-OSL
fonts.googleapis.com/css?family=Open+Sans:400,700
200 OK 46 kB URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans:400,700
IP
Hash 20447aa3fadc7b304b012367f697dce7
0c90812229b178eb08a0c26866b943ec05b63d82
b22f02336cdffa464ca873c9558211d9d6f2d875a4c75adfa6aa9287c91181d2
GET /css?family=Open+Sans:400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.widgeo.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 05 Dec 2022 00:53:59 GMT
date: Mon, 05 Dec 2022 00:53:59 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
track.vcdc.com/proceed.php?domain=guablog.com&hash=dd1f21d5d9a5fd1ca6234da33d8d70c1&u=eyJkb21haW4iOiJndWFibG9nLmNvbSIsImRvbWFpbl9pZCI6IjgyNzY3MDkiLCJmb2xkZXJfaWQiOm51bGwsIm1pZCI6IjE1MSIsImZpbHRlcl9pZCI6bnVsbCwiYWR2ZXJ0aXNlcl9pZCI6IjEyOCIsInRhcmdldCI6Imh0dHA6XC9cL3htbC12NC5jcmFmdHZpa2luZy0yLmNvXC9jbGljaz9pPThRQnkqLU1haVdjXzAiLCJpcF9hZGRyZXNzIjoiOTEuOTAuNDIuMTU0IiwidHlwZSI6ImphdmFfcmVkaXJlY3QiLCJiaWQiOiIwLjAwMDEyNyJ9
200 OK 527 B URL HTTP/2 track.vcdc.com/proceed.php?domain=guablog.com&hash=dd1f21d5d9a5fd1ca6234da33d8d70c1&u=eyJkb21haW4iOiJndWFibG9nLmNvbSIsImRvbWFpbl9pZCI6IjgyNzY3MDkiLCJmb2xkZXJfaWQiOm51bGwsIm1pZCI6IjE1MSIsImZpbHRlcl9pZCI6bnVsbCwiYWR2ZXJ0aXNlcl9pZCI6IjEyOCIsInRhcmdldCI6Imh0dHA6XC9cL3htbC12NC5jcmFmdHZpa2luZy0yLmNvXC9jbGljaz9pPThRQnkqLU1haVdjXzAiLCJpcF9hZGRyZXNzIjoiOTEuOTAuNDIuMTU0IiwidHlwZSI6ImphdmFfcmVkaXJlY3QiLCJiaWQiOiIwLjAwMDEyNyJ9
IP
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (527), with no line terminators
Hash d6fa22651cd2e7efbfcef6d84346fa8b
62dbd729e3565ac90dd0413c13e62823b16582de
590024478edc7ec84abceb8d36d75f272fd2953e642baf7b4669a9e39d1c4334
GET /proceed.php?domain=guablog.com&hash=dd1f21d5d9a5fd1ca6234da33d8d70c1&u=eyJkb21haW4iOiJndWFibG9nLmNvbSIsImRvbWFpbl9pZCI6IjgyNzY3MDkiLCJmb2xkZXJfaWQiOm51bGwsIm1pZCI6IjE1MSIsImZpbHRlcl9pZCI6bnVsbCwiYWR2ZXJ0aXNlcl9pZCI6IjEyOCIsInRhcmdldCI6Imh0dHA6XC9cL3htbC12NC5jcmFmdHZpa2luZy0yLmNvXC9jbGljaz9pPThRQnkqLU1haVdjXzAiLCJpcF9hZGRyZXNzIjoiOTEuOTAuNDIuMTU0IiwidHlwZSI6ImphdmFfcmVkaXJlY3QiLCJiaWQiOiIwLjAwMDEyNyJ9 HTTP/1.1
Host: track.vcdc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://indahjiwadanrupa.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 00:53:59 GMT
content-type: text/html; charset=utf8
content-length: 527
cache-control: no-cache, must-revalidate
content-encoding: none
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js
200 OK 25 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js
IP
File type ASCII text, with very long lines (820)
Hash cc24419c482370498f3c227ac73d666b
37fc103ace873f47102e0ca88eb4735bc6806750
152fa070788f0cf29dc062f03860897c39c7ffa13e6eee2dc3e5dc131ecbc7aa
GET /ajax/libs/jquery/1.4.2/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.widgeo.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 24715
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 03 Dec 2022 12:33:41 GMT
expires: Sun, 03 Dec 2023 12:33:41 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 130818
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 3c4319f54a5675ee9acda96c58f97ac6
210ea86db1836d430b321d59b4bd1b016c914f22
cb20ad3ec895ed3a2ae9b1a90dda6b7cc174d8851f3a15ba054a435746cbdc65
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 00:53:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
200 OK 278 B IP
Hash 3b37e9e4dc5c39c8fb6aba1ddd4ddc4e
2a3653d905b34824efded08cbb4c400f80d73526
c2855a99d6c1522d57a8224193527da72bf97c139541d1e010a51762fb1ab73e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5580
Cache-Control: max-age=118676
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 00:53:59 GMT
Etag: "638c57ef-116"
Expires: Tue, 06 Dec 2022 09:51:55 GMT
Last-Modified: Sun, 04 Dec 2022 08:18:55 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
200 OK 280 B IP
Hash ff9b2e75c9d209e4db06a26d182b31bd
f3718ad717aa3b445f46591623080d63d8b9a622
d3a28d91fdaa9b367cb7247264f82f0a16442fb7d15c3442e04b13ffb268c871
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=105185
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 00:53:59 GMT
Etag: "638c3908-118"
Expires: Tue, 06 Dec 2022 06:07:04 GMT
Last-Modified: Sun, 04 Dec 2022 06:07:04 GMT
Server: nginx
Content-Length: 280
www.widgeo.net/geocompteur/css/city_css.php?c=geocity_blue2
200 OK 2.2 kB URL HTTP/2 www.widgeo.net/geocompteur/css/city_css.php?c=geocity_blue2
IP
Hash 2fba10696a16ff1d252a1bff37d5be0e
03abeb7d915bcc16a7c28d0df3efb71c1a087cf3
c59fc777d407c90a6e2b3199c9e21b509d0da3755f7d0d26985f9c2dcaaa42ca
GET /geocompteur/css/city_css.php?c=geocity_blue2 HTTP/1.1
Host: www.widgeo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.widgeo.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 00:53:59 GMT
content-type: text/css;charset=UTF-8
cache-control: public, max-age=604800
expires: Mon, 12 Dec 2022 00:53:58 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nr1DyG8g6y%2Fiuzi7j6brFylii2KRbmm%2B6UlIRV2jd1r9TR85jf0LbhNiPBlNptUKk8zYjVpxe5zrTApILxt3%2BMOZztR%2FDKjHdAgT%2BnVGck1EE%2BW990EKoMR2lb0NzaXi"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7748ced58eb50b3d-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 471 B IP
Hash e6db9ad2f1ad48126c8dfc3dd883b1b8
981ae1e40da6163043c5de563e6e97a7062d9ea3
bacdc8d0f610e0cf1b71a735fc64bf1468114abacb1e3877b735ba8ba3741d06
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 00:53:59 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 01 Dec 2022 22:30:51 GMT
Expires: Thu, 08 Dec 2022 22:30:50 GMT
Etag: "981ae1e40da6163043c5de563e6e97a7062d9ea3"
Cache-Control: max-age=336410,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7748ced61d4c0b61-OSL
www.widgeo.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
200 OK 81 kB URL HTTP/2 www.widgeo.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
IP
Hash 2aa881ce5eef7c682fd4b9c4b0deba23
d652732a6caf3c6229e02d90c4120246c2e531f7
1d72b45df09dc4860993e4ecd70eac3dcf17f682a52a2ef04e7a7efaedc4bf9d
GET /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js HTTP/1.1
Host: www.widgeo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.widgeo.net/hitparade.php?pagexiti=geocity_blue2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 00:53:59 GMT
content-type: application/javascript
last-modified: Wed, 30 Nov 2022 18:31:41 GMT
etag: W/"6387a18d-302c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LFIOAdy43nQTAwrRKIovozWGtSrTVh13lyq1PNPzaSD2zrOmjYaPIFI1%2FsN7piZ8V43Q4hxG4Mls3J30SuGryPmB5baNUk7K2zke8jshtrW2yE8Kx2vznMe%2BEYMwTNJx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7748ced66f1e0b3d-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Wed, 07 Dec 2022 00:53:59 GMT
cache-control: max-age=172800, public
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 278 B IP
Hash 3b37e9e4dc5c39c8fb6aba1ddd4ddc4e
2a3653d905b34824efded08cbb4c400f80d73526
c2855a99d6c1522d57a8224193527da72bf97c139541d1e010a51762fb1ab73e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5329
Cache-Control: max-age=118425
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 00:53:59 GMT
Etag: "638c57ef-116"
Expires: Tue, 06 Dec 2022 09:47:44 GMT
Last-Modified: Sun, 04 Dec 2022 08:18:55 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 278
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 5f16a534222e5749ef240d413826c2f6
11683d84d420dd6f919425094edb8961278f7fed
691ebf7feb1f7d6ae7e5e7efd678626c62042dda520506f262c7d9a67a48e3ed
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 00:53:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.freewebsubmission.com/images/fwsbutton10.gif
200 OK 2.2 kB URL HTTP/1.1 www.freewebsubmission.com/images/fwsbutton10.gif
IP
File type GIF image data, version 89a, 88 x 31\012- data
Hash 6016bc8360a0f80b057623864a01c8b6
8136988f2c9a449b037363fc5bddce38963e4a88
198588f87288e60355833b7bba5b39721295f176889164613076722106359629
GET /images/fwsbutton10.gif HTTP/1.1
Host: www.freewebsubmission.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://indahjiwadanrupa.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 00:53:59 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16
Last-Modified: Tue, 21 Apr 2020 21:52:19 GMT
ETag: "8b5-5a3d40794a733"
Accept-Ranges: bytes
Content-Length: 2229
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/gif
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash d5f25c4c99bce7de9166e989e0e94df3
977a8feb8420b10fc4b27440203b08ecae7516f8
5e444685fc55211330424827c83a0b4a885ff07f4c97fa667eead72cdc3c3eaf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5E444685FC55211330424827C83A0B4A885FF07F4C97FA667EEAD72CDC3C3EAF"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3197
Expires: Mon, 05 Dec 2022 01:47:16 GMT
Date: Mon, 05 Dec 2022 00:53:59 GMT
Connection: keep-alive
logv33.xiti.com/hit.xiti?s=281802&p=geocity_blue2&hl=0x53x56&r=1280x1024x24x24&ref=http://indahjiwadanrupa.blogspot.com/
302 Found 155 B URL HTTP/2 logv33.xiti.com/hit.xiti?s=281802&p=geocity_blue2&hl=0x53x56&r=1280x1024x24x24&ref=http://indahjiwadanrupa.blogspot.com/
IP
File type HTML document, ASCII text
Hash a3d77a4bc07f0c5ea97547a6f6ee99d6
45159095fcb244e6611cc1bcdcc87f58ef6f341f
30367760a433f640915d7105483f3b65fe9390bb759ff8819073327b784b4a4c
GET /hit.xiti?s=281802&p=geocity_blue2&hl=0x53x56&r=1280x1024x24x24&ref=http://indahjiwadanrupa.blogspot.com/ HTTP/1.1
Host: logv33.xiti.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.widgeo.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=utf-8
content-length: 155
date: Mon, 05 Dec 2022 00:53:59 GMT
cache-control: no-store
location: /hit.xiti?s=281802&p=geocity_blue2&hl=0x53x56&r=1280x1024x24x24&ref=http://indahjiwadanrupa.blogspot.com/&Rdt=On
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
set-cookie: idrxvr=BC5AF6C9-13A5-49D5-94B5-D0D2B904D7B6; Path=/; Domain=xiti.com; Expires=Fri, 05 Jan 2024 00:53:59 GMT; HttpOnly
atidx=BC5AF6C9-13A5-49D5-94B5-D0D2B904D7B6; Path=/; Domain=xiti.com; Expires=Fri, 05 Jan 2024 00:53:59 GMT; HttpOnly; Secure
atid=BC5AF6C9-13A5-49D5-94B5-D0D2B904D7B6; Path=/; Domain=xiti.com; Expires=Fri, 05 Jan 2024 00:53:59 GMT; HttpOnly; Secure; SameSite=None
strict-transport-security: max-age=15768000
x-cache: Miss from cloudfront
via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: hcOfEm3CgrDoOh3mm7kt_HINB0QLzSaxw5PHt3O7tCqsV2uozRT9Gw==
X-Firefox-Spdy: h2
my.rtmark.net/gid.js?userId=beb140c3065b486e845c2a60ba7af5d8
200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?userId=beb140c3065b486e845c2a60ba7af5d8
IP
File type JSON data\012- , ASCII text
Hash bec631ab229b401b9cb8939f0471f1b3
61afaa1c180d461fc5d9295bde5903596146f028
3efb29348382ccca35664611a5a15fbffa6cfe2c894b290ef5ccca4770e08921
GET /gid.js?userId=beb140c3065b486e845c2a60ba7af5d8 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://indahjiwadanrupa.blogspot.com
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 00:53:59 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: http://indahjiwadanrupa.blogspot.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=beb140c3065b486e845c2a60ba7af5d8; expires=Tue, 05 Dec 2023 00:53:59 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
logv33.xiti.com/hit.xiti?s=281802&p=geocity_blue2&hl=0x53x56&r=1280x1024x24x24&ref=http://indahjiwadanrupa.blogspot.com/&Rdt=On
200 OK 373 B URL HTTP/2 logv33.xiti.com/hit.xiti?s=281802&p=geocity_blue2&hl=0x53x56&r=1280x1024x24x24&ref=http://indahjiwadanrupa.blogspot.com/&Rdt=On
IP
File type GIF image data, version 89a, 39 x 25\012- data
Hash 29cb2a1e585dff1f4282449fdbbab2d7
075d147195f9dba1862a6f3990d219d7c4389225
86fd3be02ab9497ebb14a884fb226386cd0db257b234b005f0000326ae8c9081
GET /hit.xiti?s=281802&p=geocity_blue2&hl=0x53x56&r=1280x1024x24x24&ref=http://indahjiwadanrupa.blogspot.com/&Rdt=On HTTP/1.1
Host: logv33.xiti.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.widgeo.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/gif
content-length: 373
date: Mon, 05 Dec 2022 00:53:59 GMT
cache-control: no-store
strict-transport-security: max-age=15768000
x-cache: Miss from cloudfront
via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: iKYUKAUenIx_SgXsi_GOm7VVdJI1XG3Oj-4uEx2CICnRIRQY6xvnkQ==
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 471 B IP
Hash e6db9ad2f1ad48126c8dfc3dd883b1b8
981ae1e40da6163043c5de563e6e97a7062d9ea3
bacdc8d0f610e0cf1b71a735fc64bf1468114abacb1e3877b735ba8ba3741d06
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 00:53:59 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 01 Dec 2022 22:30:51 GMT
Expires: Thu, 08 Dec 2022 22:30:50 GMT
Etag: "981ae1e40da6163043c5de563e6e97a7062d9ea3"
Cache-Control: max-age=336410,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7748ced6edde0b55-OSL
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8849
Expires: Mon, 05 Dec 2022 03:21:29 GMT
Date: Mon, 05 Dec 2022 00:54:00 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8849
Expires: Mon, 05 Dec 2022 03:21:29 GMT
Date: Mon, 05 Dec 2022 00:54:00 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8849
Expires: Mon, 05 Dec 2022 03:21:29 GMT
Date: Mon, 05 Dec 2022 00:54:00 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8849
Expires: Mon, 05 Dec 2022 03:21:29 GMT
Date: Mon, 05 Dec 2022 00:54:00 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7663e5fc-37de-4be8-9be7-49805622f85d.jpeg
200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7663e5fc-37de-4be8-9be7-49805622f85d.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 99d1ff8fa2e095dcf2bda3d1e1af1221
f914f04a0e1fb45a221d31d2105bfc73015b03e6
90325d4299a44dbd213857ada6f6880db8c33ad61685cfcb60c4a2455a84cf87
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7663e5fc-37de-4be8-9be7-49805622f85d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10183
x-amzn-requestid: 0cdea572-aab4-4d52-948b-976170a787a4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_uLHQZoAMF4hA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d1327-7948052f39c4f6071b4a0e0d;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:37:43 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: WDqUFMBT59kulx4WLxNh5XTsHzr4_u524juvZJnGMYBH-mUaJclnTg==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:49:03 GMT
age: 11097
etag: "f914f04a0e1fb45a221d31d2105bfc73015b03e6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe9e8d044-2cda-4dba-9da8-c0a296845bca.jpeg
200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe9e8d044-2cda-4dba-9da8-c0a296845bca.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b8e6f84dff61fedd8ff9baa9bb648883
f8d5cc7b315879b66a11b403463da1330617d2fa
025c66a4a0e7927353e1733d7f8cfb6ec3c9c0228d34267cbff11f09cf112127
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe9e8d044-2cda-4dba-9da8-c0a296845bca.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12348
x-amzn-requestid: 72f681ef-9ae7-4fc5-8539-230e1d4277a1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cjKa_HpTIAMFrcg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638abddf-43ef45165fd982997e5018c8;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 03:09:19 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tGsNaADKr1KoJT7rxDSFf8dxM1_IXsaF67Eqe8DIO9PAJy8HtqQKng==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 03:21:42 GMT
age: 77538
etag: "f8d5cc7b315879b66a11b403463da1330617d2fa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60dcc231-abb7-48f1-8ec5-e25b31bd100b.jpeg
200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60dcc231-abb7-48f1-8ec5-e25b31bd100b.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 24c69d7ef356b352956d6dcbc9f5df1d
2cc31dc1c5d2d2a8b3a378dce8a1240a79acfec9
94d068620c34652cb2d24ca8b3cf962febe9606e6d3a33d937fc9d99f176edef
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60dcc231-abb7-48f1-8ec5-e25b31bd100b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10396
x-amzn-requestid: b879fd2e-b6cf-4373-b780-2d97481c45f8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cioNbH5KoAMFUsA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638a8722-6add7f8e225878473b20c015;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 23:15:46 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ir97GJKaFoW6BNXCcmMqp0JSUd5JhCACyUvLh5G-0BWCDVJsqs7XhQ==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 12:09:06 GMT
age: 45894
etag: "2cc31dc1c5d2d2a8b3a378dce8a1240a79acfec9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0b3b9022-ae31-4c4b-b4aa-3d82606d5c7c.jpeg
200 OK 5.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0b3b9022-ae31-4c4b-b4aa-3d82606d5c7c.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f0402b0c3474a5bd3b1ba804528b64a8
2d47af0fb664d9fec52549bb3bdba1dfd8911bb2
7f87af77663b8bf22211e135554ada8865cdcf6499e9fcf0f3442b10ca3984e1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0b3b9022-ae31-4c4b-b4aa-3d82606d5c7c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5276
x-amzn-requestid: d337310e-59be-4268-bfd0-8cc4f2c91a11
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_soE98IAMF0aA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d131d-230591591f8fd0984c222549;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:37:33 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 4Id8aWDt9bVlBXcsMK9LEAoqggewzLb9h4eZfuvYMGON2NnwyiP3Pg==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:48:29 GMT
etag: "2d47af0fb664d9fec52549bb3bdba1dfd8911bb2"
content-type: image/jpeg
age: 11131
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15537f94-1f24-4010-9d46-d70fec20ced3.jpeg
200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15537f94-1f24-4010-9d46-d70fec20ced3.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1be5ade2f8eb160f9974766374c9dd01
8d3d92355304ccfcd50ae96f55b2754220f05187
5087642c70cd92613c2a490b532fc7651c4b25f8712a59b4f7a178cc44cdf90f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15537f94-1f24-4010-9d46-d70fec20ced3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6827
x-amzn-requestid: 68443283-d7bf-4a40-8b2a-32c81e160d35
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cjKUkE6foAMFb3w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638abdb6-570021b92c46c99d1ad363bd;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 03:08:38 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: S96VFv064j3TfGQEG2cAJxe7UdaSey-JJUGERVgpm8mtdTmPk7FE6g==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 03:21:44 GMT
age: 77536
etag: "8d3d92355304ccfcd50ae96f55b2754220f05187"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b8e1482-c241-410e-81b0-55ea5ac84c98.jpeg
200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b8e1482-c241-410e-81b0-55ea5ac84c98.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 50eeb012f0903f0848c8afcd6b26a7ec
ff7740d3c12ce7ab23291272221c0d9503f9c139
f4aeac45941c34d8e0794d20a4bb2658b020fed85c5059f247844f2755bc9d72
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b8e1482-c241-410e-81b0-55ea5ac84c98.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7631
x-amzn-requestid: 9fc3a621-dcd9-4332-b085-6cda0cb25ac9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cjKUYF2toAMFVkQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638abdb5-36f6c7d67940ed18394328c8;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 03:08:37 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: azPc-KWHbEA3DMhyphQq3zERUrF14hxrEHwxDZZfcFlu5-IpyKwtgw==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 03:17:41 GMT
age: 77779
etag: "ff7740d3c12ce7ab23291272221c0d9503f9c139"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 471 B IP
Hash 2a3e9c9270d5d1402700343b567d8e21
4348655937347ff19881acafd04b1277e017f19c
905ee9517e8597ac86e76b99b970f77a4fbb2500de30ef6efea97a4bbcea51d4
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 00:54:00 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 02 Dec 2022 13:33:18 GMT
Expires: Fri, 09 Dec 2022 13:33:17 GMT
Etag: "4348655937347ff19881acafd04b1277e017f19c"
Cache-Control: max-age=390556,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7748ced93f5b1bfe-OSL
datatechonert.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
200 OK 12 B URL HTTP/1.1 datatechonert.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
IP
ASN #60781 LeaseWeb Netherlands B.V.
File type JSON data\012- , ASCII text, with no line terminators
Hash adb4650bfc9d2a73d4dd69583b0ceb14
1ce399d6e936232aaf2192cd7903a279c5015f22
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed
Analyzer Verdict Alert quad9 Sinkholed
POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f HTTP/1.1
Host: datatechonert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 919
Origin: http://indahjiwadanrupa.blogspot.com
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Mon, 05 Dec 2022 00:54:00 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: http://indahjiwadanrupa.blogspot.com
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
www.salam.my/widget/269/0/1/3/140/bottom/transparent/006b9b/Tahoma|1.2em|0.04em|13px|100%25|1px|1px|c0c0c0|center|top|square|15,13,12,2,8,1
301 Moved Permanently 0 B URL HTTP/1.1 www.salam.my/widget/269/0/1/3/140/bottom/transparent/006b9b/Tahoma|1.2em|0.04em|13px|100%25|1px|1px|c0c0c0|center|top|square|15,13,12,2,8,1
IP
ASN #45839 Shinjiru Technology Sdn Bhd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /widget/269/0/1/3/140/bottom/transparent/006b9b/Tahoma|1.2em|0.04em|13px|100%25|1px|1px|c0c0c0|center|top|square|15,13,12,2,8,1 HTTP/1.1
Host: www.salam.my
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.2.34
set-cookie: wpzerospam_ip_checked=91.90.42.154; path=/
wpzerospam_has_access=1; path=/
wpzerospam_access_checked=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
wpzerospam_cached=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
wpzerospam_blacklist_api=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
wpzerospam_attempts=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-type: text/html; charset=UTF-8
x-redirect-by: WordPress
location: http://salam.my/widget/269/0/1/3/140/bottom/transparent/006b9b/Tahoma1.2em0.04em13px100%251px1pxc0c0c0centertopsquare15,13,12,2,8,1
content-length: 0
date: Mon, 05 Dec 2022 00:54:00 GMT
server: LiteSpeed
salam.my/widget/269/0/1/3/140/bottom/transparent/006b9b/Tahoma1.2em0.04em13px100%251px1pxc0c0c0centertopsquare15,13,12,2,8,1
404 Not Found 7.2 kB URL HTTP/1.1 salam.my/widget/269/0/1/3/140/bottom/transparent/006b9b/Tahoma1.2em0.04em13px100%251px1pxc0c0c0centertopsquare15,13,12,2,8,1
IP
ASN #45839 Shinjiru Technology Sdn Bhd
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1820), with CRLF, LF line terminators
Hash de43d337bef26503f68f6c9bac5edcc4
8df03d03b51ad2355ed9d4f85cf40d07c617acba
e70ff0d250c636757e5fb7eba0514045ab4f3dbe93a868e211e8ea74deba80a3
GET /widget/269/0/1/3/140/bottom/transparent/006b9b/Tahoma1.2em0.04em13px100%251px1pxc0c0c0centertopsquare15,13,12,2,8,1 HTTP/1.1
Host: salam.my
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://indahjiwadanrupa.blogspot.com/
Connection: keep-alive
HTTP/1.1 404 Not Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.2.34
set-cookie: wpzerospam_ip_checked=91.90.42.154; path=/
wpzerospam_has_access=1; path=/
wpzerospam_access_checked=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
wpzerospam_cached=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
wpzerospam_blacklist_api=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
wpzerospam_attempts=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-type: text/html; charset=UTF-8
link: <http://salam.my/wp-json/>; rel="https://api.w.org/"
transfer-encoding: chunked
content-encoding: gzip
vary: Accept-Encoding
date: Mon, 05 Dec 2022 00:54:01 GMT
server: LiteSpeed
www.guablog.com/widget/6735/0/3/2/140/bottom/transparent/006b9b/Tahoma|1.2em|0.04em|13px|100%25|1px|1px|c0c0c0|center|top|square|6,4,2,7,1,8,3
200 OK 476 B URL HTTP/1.1 www.guablog.com/widget/6735/0/3/2/140/bottom/transparent/006b9b/Tahoma|1.2em|0.04em|13px|100%25|1px|1px|c0c0c0|center|top|square|6,4,2,7,1,8,3
IP
ASN #16125 UAB Cherry Servers
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (476), with no line terminators
Hash 8d87aa7901d0720d2c3353c8c4b884cb
a1167e9a5b0737e56fbad86dafefba13d8402266
3efde1b1fdfb6db5d4ecd4896747cc9d03ada802b06676d7178baa06a4883d79
GET /widget/6735/0/3/2/140/bottom/transparent/006b9b/Tahoma|1.2em|0.04em|13px|100%25|1px|1px|c0c0c0|center|top|square|6,4,2,7,1,8,3 HTTP/1.1
Host: www.guablog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
HTTP/1.1 200 OK
accept-ch: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 476
content-type: text/html; charset=utf-8
date: Mon, 05 Dec 2022 00:54:01 GMT
server: nginx
set-cookie: sid=4fc377da-7437-11ed-8be1-6f15d4c51724; path=/; domain=.guablog.com; expires=Sat, 23 Dec 2090 04:08:09 GMT; max-age=2147483647; HttpOnly
www.apesal.com/widget/5949/0/2/1/140/bottom/transparent/006b9b/Tahoma|1.2em|0.04em|13px|100%25|1px|1px|c0c0c0|center|top|square|8,4,2,1,9,6,3
403 Forbidden 4.2 kB URL HTTP/1.1 www.apesal.com/widget/5949/0/2/1/140/bottom/transparent/006b9b/Tahoma|1.2em|0.04em|13px|100%25|1px|1px|c0c0c0|center|top|square|8,4,2,1,9,6,3
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1071)
Hash 74710a33c449699e9502d470f0a4cf25
79c7d4b44addcb44ae594c2a9bed50df08360124
1f79b3e839141f2139271c72f6ba22cad9c4a89d0d4ca4dec1c9e65dbe75824e
GET /widget/5949/0/2/1/140/bottom/transparent/006b9b/Tahoma|1.2em|0.04em|13px|100%25|1px|1px|c0c0c0|center|top|square|8,4,2,1,9,6,3 HTTP/1.1
Host: www.apesal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
HTTP/1.1 403 Forbidden
Date: Mon, 05 Dec 2022 00:54:02 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Permissions-Policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Frame-Options: SAMEORIGIN
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y2%2FfTCyr873t5q1jcVsXk7oU764TwPqOJqDb4fGCdConCf44ur43izZgRIwrb4b5gv9qj6bhIdWkE6sUD05euTqT%2BJZf%2BsN11NR359WrmXYnVQbgWa75%2Bd7scar%2B21SUaw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7748ceec0e9bfab8-OSL
Content-Encoding: gzip
indahjiwadanrupa.blogspot.com/favicon.ico
200 OK 412 B URL HTTP/1.1 indahjiwadanrupa.blogspot.com/favicon.ico
IP
File type MS Windows icon resource - 2 icons, 32x32, 8 bits/pixel, 16x16, 8 bits/pixel\012- data
Hash 501c61a70f5c41181aa050d9110909ca
5b985d5671a7caf686fdfb1df13488c4407f6c9f
c4aaf001607ee331f6871b4dbbf45942b1e197726714fd106e46d70cc10ee97e
GET /favicon.ico HTTP/1.1
Host: indahjiwadanrupa.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/search/label/Gombak
Cookie: ck_TCM_pop=1
HTTP/1.1 200 OK
Content-Type: image/x-icon; charset=UTF-8
Expires: Mon, 05 Dec 2022 00:54:05 GMT
Date: Mon, 05 Dec 2022 00:54:05 GMT
Cache-Control: private, max-age=86400
Last-Modified: Tue, 22 Nov 2022 15:14:41 GMT
ETag: W/"ecbad70b21d766f29b6cf283af936d9cabbba864bb23876d2055a88b5952c74b"
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 412
Server: GSE
www.widgeo.net/tcm.js
200 OK 0 B IP
GET /tcm.js HTTP/1.1
Host: www.widgeo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 00:53:59 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=3693
cache-control: public, max-age=604800
expires: Sat, 10 Dec 2022 06:52:48 GMT
last-modified: Wed, 12 Oct 2022 00:08:47 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 151269
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rhoaFbg%2BB7oVGK5MbMJVAC56pxQfrGQOoPMmZAoVK7HR1c4MtrgnELe9l9ylYYQk4rRtPntPLiaMvx2T8yPDMTj2gzHeYK9Q85HD5eJ9xJ8qVi0UdsOZQhLTkfAAgLe1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7748ced46e550b3d-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.widgeo.net/hitparade.php?pagexiti=geocity_blue2
200 OK 0 B URL HTTP/2 www.widgeo.net/hitparade.php?pagexiti=geocity_blue2
IP
GET /hitparade.php?pagexiti=geocity_blue2 HTTP/1.1
Host: www.widgeo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 00:53:59 GMT
content-type: text/html; charset=UTF-8
cache-control: public, max-age=180
expires: Mon, 05 Dec 2022 00:56:58 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DWgAYk%2FRYeCpbarb5u2ks1PLxV9kxUHijOyoXpAng6W7WEu0BnAE8rgWMaF3t6C8W%2FToNOUdt7fhrw0iFiKYZUwT2ptDRPzMiHL3rzzw2yTmtuFEsQzVC9bRFwP%2BPlYH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7748ced4ae6f0b3d-OSL
content-encoding: br
X-Firefox-Spdy: h2
babab.net/banner.jpg
200 OK 0 B IP
GET /banner.jpg HTTP/1.1
Host: babab.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://indahjiwadanrupa.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 00:53:59 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/5.3.3
set-cookie: PHPSESSID=kn00dkp1j49hi18hmit5rsiqt5; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WFBm9NpUUkF2hIKPFTOWXki5tEjqeHkit4FApPjWoUj1syj73ycvnkcEIgF%2Fr4EJ8JjIVU%2BR2fWZkKGPBhl0lr%2FATHXx36ayEabQMcVKWYG%2F6IfTbZ%2BLR15Iyic%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7748ced4083efab4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
tzegilo.com/stattag.js
200 OK 0 B IP
GET /stattag.js HTTP/1.1
Host: tzegilo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://indahjiwadanrupa.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 00:53:59 GMT
content-type: application/javascript
last-modified: Wed, 23 Nov 2022 15:07:42 GMT
etag: W/"637e373e-32a6"
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 2138
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aACOflXvzfaSeHCsgpYck4xRFpXY9VXY%2BBfIiWobUyhVKBQaiC2qeUhTcZ2g1RdYHvU1QMWm3pLRVfLq2PWMdH3zOisEYdUcbzOeuFqViQ77qGRfUM1JICmlV3McTA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7748ced76d13b50c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
172.217.21.161
188.114.96.1
167.233.8.197
111.90.135.111
104.18.32.68
139.45.195.8
18.202.12.61
93.115.28.104
23.36.77.32
37.48.68.71
103.224.212.222