r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash e935ea42be4feaed61a824b0b903913e
f966cfa80d65a805cb9d7c6a53b3340865d7c51a
eb0ce9ae50d156fe5924b2d77346735e4e93b5240cff301c9aa835bb0b385815
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EB0CE9AE50D156FE5924B2D77346735E4E93B5240CFF301C9AA835BB0B385815"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15365
Expires: Thu, 02 Feb 2023 08:14:37 GMT
Date: Thu, 02 Feb 2023 03:58:32 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash d4e95d0d8982bcd07804baf6fc88231c
5027abda0875bd2529dd4d6691784c74da71a9ee
373799b5749d2cb08b5721699a3e4c6b94b0d41604ac07d4ef7179e47dabc71f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "373799B5749D2CB08B5721699A3E4C6B94B0D41604AC07D4EF7179E47DABC71F"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3552
Expires: Thu, 02 Feb 2023 04:57:44 GMT
Date: Thu, 02 Feb 2023 03:58:32 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Retry-After, Content-Length, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 02 Feb 2023 03:36:03 GMT
content-type: application/json
age: 1349
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 9a76feabb767086ae0fa54e0ffbf763f
3655d78994a1e9838340669462728b67c8c12e54
bf215ab858c7785b7c01f7d3d437a918f056f00fe9b065820e1cdd09b7bba8f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BF215AB858C7785B7C01F7D3D437A918F056F00FE9B065820E1CDD09B7BBA8F9"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17721
Expires: Thu, 02 Feb 2023 08:53:53 GMT
Date: Thu, 02 Feb 2023 03:58:32 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: MnX5CGtIt/bVANSHEPTch075hOSFEXU/lnVufAv5YL35BpFPFxRcWEvbw9Gfzre1xpsCXB803mM=
x-amz-request-id: Y4Q3R4V05QGNA63V
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 02 Feb 2023 03:22:55 GMT
age: 2137
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 03:58:32 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Content-Type, ETag, Last-Modified, Alert, Retry-After, Content-Length, Cache-Control, Pragma, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 02 Feb 2023 03:41:43 GMT
age: 1009
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
fsgwrfgwegra.blogspot.com/2016/01/blog-post_23.html
142.250.74.1200 OK 9.2 kB URL HTTP/1.1 fsgwrfgwegra.blogspot.com/2016/01/blog-post_23.html
IP 142.250.74.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (5517)
Hash e224154dd157bbdb3458b315efff8448
d8ed31a81c74a8e3c571551fed43a713dca8fdaf
eb057d660052437cb441ffc6f0fd7722818848c353b4fe9f0707cc1721c6e9d8
Analyzer Verdict Alert fortinet Malware
GET /2016/01/blog-post_23.html HTTP/1.1
Host: fsgwrfgwegra.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Expires: Thu, 02 Feb 2023 03:58:32 GMT
Date: Thu, 02 Feb 2023 03:58:32 GMT
Cache-Control: private, max-age=0
Last-Modified: Sat, 11 Dec 2021 08:51:21 GMT
ETag: W/"6e2632ad1f8a781726dba9193a11697072a7b080562e728f73a3ea065c0f1e02"
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 9165
Server: GSE
fsgwrfgwegra.blogspot.com/js/cookienotice.js
142.250.74.1200 OK 2.0 kB URL HTTP/1.1 fsgwrfgwegra.blogspot.com/js/cookienotice.js
IP 142.250.74.1:0
Hash c4e1ed83d89245089b8a1203be20a377
f3940e1215b89300ef97d57a25993f25243b8688
afa801a129ff6fc98533118275db8a7d4a38fc91f8ab55ed4c19b864255e68d2
Analyzer Verdict Alert fortinet Malware
GET /js/cookienotice.js HTTP/1.1
Host: fsgwrfgwegra.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fsgwrfgwegra.blogspot.com/2016/01/blog-post_23.html
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: text/javascript
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 2026
Date: Thu, 02 Feb 2023 03:58:33 GMT
Expires: Thu, 09 Feb 2023 03:58:33 GMT
Cache-Control: public, max-age=604800
Last-Modified: Wed, 01 Feb 2023 22:51:59 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
ajax.googleapis.com/ajax/libs/jquery/1.5.2/jquery.min.js
142.250.74.138200 OK 30 kB URL HTTP/1.1 ajax.googleapis.com/ajax/libs/jquery/1.5.2/jquery.min.js
IP 142.250.74.138:0
File type Unicode text, UTF-8 text, with very long lines (65168)
Hash ebaa24930d6b905fe00c9457484b78a9
f97496ee81148e264b3735464b8bfced1a8b2fad
b9bd9830d7eceae230cfaa5105e8a3ec432392f270cee156637dac8d0684d614
GET /ajax/libs/jquery/1.5.2/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fsgwrfgwegra.blogspot.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="hosted-libraries-pushers"
Report-To: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Timing-Allow-Origin: *
Content-Length: 30082
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 01 Feb 2023 03:52:34 GMT
Expires: Thu, 01 Feb 2024 03:52:34 GMT
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Age: 86759
Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
Content-Type: text/javascript; charset=UTF-8
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 8913af0be619500295008bb91f506660
a7b8068ba9aa506205a295b24458c2616997a0d1
6a9838d00256431807ca382fc205064b07c08d5054f2895c2ae3cc4e9094179a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A9838D00256431807CA382FC205064B07C08D5054F2895C2AE3CC4E9094179A"
Last-Modified: Wed, 01 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4213
Expires: Thu, 02 Feb 2023 05:08:46 GMT
Date: Thu, 02 Feb 2023 03:58:33 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 3d29f78f39e32e907ddeeb9cddb2460e
79697c5da8c1a7f0a8c1e4e73c155695ea7a4fce
d5161650375a0a70a98fd4b3f2f2d2d8150133d6cb1722a1dc64973a0ad42934
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 03:58:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
resources.blogblog.com/img/icon18_edit_allbkg.gif
216.58.207.233200 OK 162 B URL HTTP/2 resources.blogblog.com/img/icon18_edit_allbkg.gif
IP 216.58.207.233:0
File type GIF image data, version 89a, 18 x 18\012- data
Hash c991641178ff05adf0d004298b5eafa9
d8f6ce8ecd92b86d49849360f6b81ceb10b4c941
ca9848e6006cfec8f9ffa29433ade8152204bdb95579200831c6dc0f53dff70b
GET /img/icon18_edit_allbkg.gif HTTP/1.1
Host: resources.blogblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fsgwrfgwegra.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 162
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 01 Feb 2023 20:56:35 GMT
expires: Wed, 08 Feb 2023 20:56:35 GMT
cache-control: public, max-age=604800
last-modified: Wed, 01 Feb 2023 17:54:33 GMT
content-type: image/gif
age: 25318
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 3d29f78f39e32e907ddeeb9cddb2460e
79697c5da8c1a7f0a8c1e4e73c155695ea7a4fce
d5161650375a0a70a98fd4b3f2f2d2d8150133d6cb1722a1dc64973a0ad42934
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 03:58:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 1263a80e4bed64529b9e8ca61ccea9b8
97356de87ac091a56de8bb5485ce99712408d62b
f174c72446dbd9a2d0f1b6f74f02bec21d15d8da763b976d7bb9e598e786a7ee
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 03:58:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 3d29f78f39e32e907ddeeb9cddb2460e
79697c5da8c1a7f0a8c1e4e73c155695ea7a4fce
d5161650375a0a70a98fd4b3f2f2d2d8150133d6cb1722a1dc64973a0ad42934
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 03:58:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.blogger.com/static/v1/widgets/2975350028-css_bundle_v2.css
216.58.207.233200 OK 7.8 kB URL HTTP/2 www.blogger.com/static/v1/widgets/2975350028-css_bundle_v2.css
IP 216.58.207.233:0
File type ASCII text, with very long lines (35959)
Hash 5aa2d3297bdc86bc81322aedecbb5e79
1c0a3c007e41726e167e79b70ddea76198650884
feae1fac625d0f30b5f10fa00b62df1a5600cd2178062c427e55f289b29cc630
GET /static/v1/widgets/2975350028-css_bundle_v2.css HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fsgwrfgwegra.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 7776
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 31 Jan 2023 09:41:18 GMT
expires: Wed, 31 Jan 2024 09:41:18 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 30 Jan 2023 14:52:06 GMT
content-type: text/css
age: 152235
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 3d29f78f39e32e907ddeeb9cddb2460e
79697c5da8c1a7f0a8c1e4e73c155695ea7a4fce
d5161650375a0a70a98fd4b3f2f2d2d8150133d6cb1722a1dc64973a0ad42934
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 03:58:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
apis.google.com/js/platform.js
142.250.74.46200 OK 21 kB URL HTTP/2 apis.google.com/js/platform.js
IP 142.250.74.46:0
File type ASCII text, with very long lines (1429)
Hash 2354fa28c58e16af89e7da6224aeca93
6bd3430a81730ed77c5d53f5406ddb40306ecabd
dc35ae752b7be035bd3a3bd4ae205e41afce5fa8f88e1bfe0e9524610df10f3b
GET /js/platform.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fsgwrfgwegra.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 20950
date: Thu, 02 Feb 2023 03:58:33 GMT
expires: Thu, 02 Feb 2023 03:58:33 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "03884666a30c671f"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.blogger.com/static/v1/widgets/1149436903-widgets.js
216.58.207.233200 OK 57 kB URL HTTP/2 www.blogger.com/static/v1/widgets/1149436903-widgets.js
IP 216.58.207.233:0
File type ASCII text, with very long lines (2221)
Hash b78721b4cce75b522d9ec0d1fae9e007
4ceaa4752e3e81867193004fe928875abc0af5ce
e85f67824ac9f31deedecf0b1d58878b6b3993bad9f2b48e8312928154012f06
GET /static/v1/widgets/1149436903-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fsgwrfgwegra.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 56564
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 01 Feb 2023 02:15:05 GMT
expires: Thu, 01 Feb 2024 02:15:05 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 31 Jan 2023 23:23:14 GMT
content-type: text/javascript
age: 92608
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.blogblog.com/1kt/ethereal/birds-2toned-bg.png
216.58.207.233200 OK 486 B URL HTTP/1.1 www.blogblog.com/1kt/ethereal/birds-2toned-bg.png
IP 216.58.207.233:0
File type PNG image data, 1 x 1510, 8-bit/color RGB, non-interlaced\012- data
Hash 7b055918ab95f06b5238f1bef6e3cd4c
9c87a92b394f587d43d193c8c3d98fdb2532b3a6
06eb13218426e0e280cdd790ee55945334498186483cff716e090ed2b840a4e1
GET /1kt/ethereal/birds-2toned-bg.png HTTP/1.1
Host: www.blogblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fsgwrfgwegra.blogspot.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 486
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Thu, 02 Feb 2023 01:02:24 GMT
Expires: Thu, 09 Feb 2023 01:02:24 GMT
Cache-Control: public, max-age=604800
Last-Modified: Thu, 02 Feb 2023 00:52:29 GMT
Content-Type: image/png
Age: 10569
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash d06fd066caf4dfa1e21a722a5c468158
acb765577662906ae8e11242bed487ce1051db28
4b45760de269e60345d43ff2da6c5803722f7c052edd0a9f5258ce69b2ffa32f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 03:58:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.blogblog.com/1kt/ethereal/bird-2toned-blue-fade.png
216.58.207.233200 OK 135 B URL HTTP/1.1 www.blogblog.com/1kt/ethereal/bird-2toned-blue-fade.png
IP 216.58.207.233:0
File type PNG image data, 2 x 103, 8-bit/color RGBA, non-interlaced\012- data
Hash f298020995c692cb2ce9afd9a5d6257e
f4301ab5b943f5c49f3b8fee825f157a52fc1611
4f97c4d5d5252e3495e1c998a66396d69ff1dc40e77e857bddb5106abcea6251
GET /1kt/ethereal/bird-2toned-blue-fade.png HTTP/1.1
Host: www.blogblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fsgwrfgwegra.blogspot.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 135
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Thu, 02 Feb 2023 01:12:50 GMT
Expires: Thu, 09 Feb 2023 01:12:50 GMT
Cache-Control: public, max-age=604800
Last-Modified: Wed, 01 Feb 2023 21:53:25 GMT
Content-Type: image/png
Age: 9943
push.services.mozilla.com/
54.190.123.170101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.190.123.170:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: zHBn6u8pMrhB1RNOtv5tLQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 1tcAjnirRotSpsclyytU5H87v68=
themes.googleusercontent.com/image?id=0BwVBOzw_-hbMNjViMzQ0ZDEtMWU1NS00ZTBkLWFjY2EtZjM5YmU4OTA2MjBm
142.250.74.129301 Moved Permanently 0 B URL HTTP/1.1 themes.googleusercontent.com/image?id=0BwVBOzw_-hbMNjViMzQ0ZDEtMWU1NS00ZTBkLWFjY2EtZjM5YmU4OTA2MjBm
IP 142.250.74.129:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /image?id=0BwVBOzw_-hbMNjViMzQ0ZDEtMWU1NS00ZTBkLWFjY2EtZjM5YmU4OTA2MjBm HTTP/1.1
Host: themes.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fsgwrfgwegra.blogspot.com/
HTTP/1.1 301 Moved Permanently
Content-Type: application/binary
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Date: Thu, 02 Feb 2023 03:58:33 GMT
Location: https://themes.googleusercontent.com/image?id=0BwVBOzw_-hbMNjViMzQ0ZDEtMWU1NS00ZTBkLWFjY2EtZjM5YmU4OTA2MjBm
Server: ESF
Content-Length: 0
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 737fb1a7e54ea78dd56b4ac44a2c1de8
4fc7537db04c8cedc6a98ea38cfcaa6ba5c8a3a7
596cb4e532b0f523b844981b7e60fba87eb3a904b0a40dfdc3802a02650f790e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 03:58:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
themes.googleusercontent.com/image?id=0BwVBOzw_-hbMNjViMzQ0ZDEtMWU1NS00ZTBkLWFjY2EtZjM5YmU4OTA2MjBm
142.250.74.129200 OK 57 kB URL HTTP/2 themes.googleusercontent.com/image?id=0BwVBOzw_-hbMNjViMzQ0ZDEtMWU1NS00ZTBkLWFjY2EtZjM5YmU4OTA2MjBm
IP 142.250.74.129:0
File type PNG image data, 1515 x 971, 8-bit colormap, non-interlaced\012- data
Hash eabab87f6d659ddbdd8e01d8a0d516a6
ffbf3a51b58337649b3557fe676c25150a3f8e8d
b3d5b6340eedf9eac1658e4c122c704940d652fdf5f7194b22452676f8d1465f
GET /image?id=0BwVBOzw_-hbMNjViMzQ0ZDEtMWU1NS00ZTBkLWFjY2EtZjM5YmU4OTA2MjBm HTTP/1.1
Host: themes.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://fsgwrfgwegra.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v1"
expires: Fri, 03 Feb 2023 03:58:34 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
content-type: image/png
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Thu, 02 Feb 2023 03:58:34 GMT
server: fife
content-length: 57409
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 737fb1a7e54ea78dd56b4ac44a2c1de8
4fc7537db04c8cedc6a98ea38cfcaa6ba5c8a3a7
596cb4e532b0f523b844981b7e60fba87eb3a904b0a40dfdc3802a02650f790e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 03:58:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
emuay2.blogspot.com/2016/01/blog-post_50.html
142.250.74.1200 OK 14 kB URL HTTP/1.1 emuay2.blogspot.com/2016/01/blog-post_50.html
IP 142.250.74.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (7748)
Hash 3852048d840e7ae8f57b3f5ac6e19f7c
3905a8e65bc074394ab10285f1f04c1c8b2640f3
d0b5b98cc9a27e70f6e5a7a57eb7bebbd0c86d463e4bef5d6b8e1ad0678991da
GET /2016/01/blog-post_50.html HTTP/1.1
Host: emuay2.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fsgwrfgwegra.blogspot.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Expires: Thu, 02 Feb 2023 03:58:34 GMT
Date: Thu, 02 Feb 2023 03:58:34 GMT
Cache-Control: private, max-age=0
Last-Modified: Tue, 08 Nov 2022 23:11:21 GMT
ETag: W/"b334db25900c4a7331f3d071d7f912adb82ea4d511d1757a348993f729831325"
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 13691
Server: GSE
emuay2.blogspot.com/js/cookienotice.js
142.250.74.1200 OK 2.0 kB URL HTTP/1.1 emuay2.blogspot.com/js/cookienotice.js
IP 142.250.74.1:0
Hash c4e1ed83d89245089b8a1203be20a377
f3940e1215b89300ef97d57a25993f25243b8688
afa801a129ff6fc98533118275db8a7d4a38fc91f8ab55ed4c19b864255e68d2
GET /js/cookienotice.js HTTP/1.1
Host: emuay2.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://emuay2.blogspot.com/2016/01/blog-post_50.html
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 2026
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Sat, 28 Jan 2023 15:08:34 GMT
Expires: Sat, 04 Feb 2023 15:08:34 GMT
Cache-Control: public, max-age=604800
Last-Modified: Sat, 28 Jan 2023 13:49:43 GMT
Content-Type: text/javascript
Age: 391800
fonts.googleapis.com/css?family=Droid+Sans:400,700
142.250.74.74200 OK 304 B URL HTTP/1.1 fonts.googleapis.com/css?family=Droid+Sans:400,700
IP 142.250.74.74:0
Hash 37bd97ab5d600328cee799bbc856e70f
b81303809a55a104a709773e53737aedcaec1f44
37d6bf70e3ca3db4fc2d0ce9c7f364c91fdf3d8a5ff2bb17d5d7a94d3b63e64e
GET /css?family=Droid+Sans:400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://emuay2.blogspot.com/
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Thu, 02 Feb 2023 03:58:34 GMT
Date: Thu, 02 Feb 2023 03:58:34 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin-allow-popups
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 3d29f78f39e32e907ddeeb9cddb2460e
79697c5da8c1a7f0a8c1e4e73c155695ea7a4fce
d5161650375a0a70a98fd4b3f2f2d2d8150133d6cb1722a1dc64973a0ad42934
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 03:58:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 3d29f78f39e32e907ddeeb9cddb2460e
79697c5da8c1a7f0a8c1e4e73c155695ea7a4fce
d5161650375a0a70a98fd4b3f2f2d2d8150133d6cb1722a1dc64973a0ad42934
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 03:58:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.blogger.com/static/v1/widgets/55013136-widget_css_bundle.css
216.58.207.233200 OK 6.6 kB URL HTTP/2 www.blogger.com/static/v1/widgets/55013136-widget_css_bundle.css
IP 216.58.207.233:0
File type ASCII text, with very long lines (30596)
Hash 6f46e6f68353c7911fe34f31faa1518f
ea4dbfa2f87c18e9c51c59a32dfa9afb9c2c3472
0be7e26374fcff6f423b88e5f2a05d1cfdcb56abb4a78fa125e391989782ae0f
GET /static/v1/widgets/55013136-widget_css_bundle.css HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://emuay2.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 6620
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 Feb 2023 03:28:44 GMT
expires: Fri, 02 Feb 2024 03:28:44 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 01 Feb 2023 15:52:00 GMT
content-type: text/css
age: 1790
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.blogger.com/static/v1/widgets/1149436903-widgets.js
216.58.207.233200 OK 57 kB URL HTTP/2 www.blogger.com/static/v1/widgets/1149436903-widgets.js
IP 216.58.207.233:0
File type ASCII text, with very long lines (2221)
Hash b78721b4cce75b522d9ec0d1fae9e007
4ceaa4752e3e81867193004fe928875abc0af5ce
e85f67824ac9f31deedecf0b1d58878b6b3993bad9f2b48e8312928154012f06
GET /static/v1/widgets/1149436903-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://emuay2.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 56564
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 01 Feb 2023 02:15:05 GMT
expires: Thu, 01 Feb 2024 02:15:05 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 31 Jan 2023 23:23:14 GMT
content-type: text/javascript
age: 92609
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
go.onclasrv.com/apu.php?zoneid=608668
139.45.197.238302 Moved Temporarily 138 B URL HTTP/1.1 go.onclasrv.com/apu.php?zoneid=608668
IP 139.45.197.238:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash aff950cab4c0265e21d401db15f1026d
f03e18461817f7a6546c8bf8fa8d686d7e30aca0
753e0dd54f28c4f7009b9c0b18a68aed175416bd8b7d134858264586eaac56f0
GET /apu.php?zoneid=608668 HTTP/1.1
Host: go.onclasrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://emuay2.blogspot.com/
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Thu, 02 Feb 2023 03:58:34 GMT
Content-Type: text/html
Content-Length: 138
Connection: keep-alive
Location: http://cobalten.com/apu.php?zoneid=608668
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Timing-Allow-Origin: *
cobalten.com/apu.php?zoneid=608668
139.45.197.236403 Forbidden 7 B URL HTTP/1.1 cobalten.com/apu.php?zoneid=608668
IP 139.45.197.236:0
File type ASCII text, with no line terminators
Hash 758ff964ee78d0c90f3a14d8d4af8ab3
f248d30ac9849b0ead400537632beb02c9c703d1
00e3fbbf542561da72fdc5ea89cfd1405c17739dd49210252e611c3122018efe
GET /apu.php?zoneid=608668 HTTP/1.1
Host: cobalten.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://emuay2.blogspot.com/
Connection: keep-alive
HTTP/1.1 403 Forbidden
Server: nginx
Date: Thu, 02 Feb 2023 03:58:34 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 7
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Access-Control-Max-Age: 86400
Pragma: no-cache
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 11 Jan 1994 10:00:00 GMT
Timing-Allow-Origin: *
ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js
142.250.74.138200 OK 34 kB URL HTTP/1.1 ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js
IP 142.250.74.138:0
File type HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (32769)
Hash d989f35706c62ce4a5c561586c55566e
d32e7958e5765609bf08dcdefd0b2c2a8714ce34
375dfe942a03ee024b5cc827b3efda5550d13df7530281f50862ce3b33fcb716
GET /ajax/libs/jquery/1.7.2/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://emuay2.blogspot.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="hosted-libraries-pushers"
Report-To: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Timing-Allow-Origin: *
Content-Length: 33845
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 31 Jan 2023 11:42:35 GMT
Expires: Wed, 31 Jan 2024 11:42:35 GMT
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
Content-Type: text/javascript; charset=UTF-8
Age: 144959
go.onclasrv.com/apu.php?zoneid=608668
139.45.197.238302 Moved Temporarily 138 B URL HTTP/1.1 go.onclasrv.com/apu.php?zoneid=608668
IP 139.45.197.238:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash aff950cab4c0265e21d401db15f1026d
f03e18461817f7a6546c8bf8fa8d686d7e30aca0
753e0dd54f28c4f7009b9c0b18a68aed175416bd8b7d134858264586eaac56f0
GET /apu.php?zoneid=608668 HTTP/1.1
Host: go.onclasrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://emuay2.blogspot.com/
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Thu, 02 Feb 2023 03:58:34 GMT
Content-Type: text/html
Content-Length: 138
Connection: keep-alive
Location: http://cobalten.com/apu.php?zoneid=608668
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Timing-Allow-Origin: *
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 737fb1a7e54ea78dd56b4ac44a2c1de8
4fc7537db04c8cedc6a98ea38cfcaa6ba5c8a3a7
596cb4e532b0f523b844981b7e60fba87eb3a904b0a40dfdc3802a02650f790e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 03:58:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 737fb1a7e54ea78dd56b4ac44a2c1de8
4fc7537db04c8cedc6a98ea38cfcaa6ba5c8a3a7
596cb4e532b0f523b844981b7e60fba87eb3a904b0a40dfdc3802a02650f790e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 03:58:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lh4.googleusercontent.com/-nXN1liqCeps/UK97Jql20tI/AAAAAAAAEnA/ubU_BZVZZTg/s40/tail-top.gif
142.250.74.129200 OK 48 B URL HTTP/2 lh4.googleusercontent.com/-nXN1liqCeps/UK97Jql20tI/AAAAAAAAEnA/ubU_BZVZZTg/s40/tail-top.gif
IP 142.250.74.129:0
File type GIF image data, version 89a, 1 x 40\012- data
Hash 7ad256f6f14c9132974a4955891af036
587c20e9c7939c0b85df45ccbcef174f917b5d82
39165c082e5c3a4e67b5cc9dfcba8e0404e6c0452c30a77d8b4d24438872e962
GET /-nXN1liqCeps/UK97Jql20tI/AAAAAAAAEnA/ubU_BZVZZTg/s40/tail-top.gif HTTP/1.1
Host: lh4.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://emuay2.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="tail-top.gif"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 48
x-xss-protection: 0
date: Thu, 02 Feb 2023 01:57:54 GMT
expires: Fri, 27 Jan 2023 07:07:25 GMT
cache-control: public, max-age=86400, no-transform
age: 7240
etag: "v185f"
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cobalten.com/apu.php?zoneid=608668
139.45.197.236403 Forbidden 7 B URL HTTP/1.1 cobalten.com/apu.php?zoneid=608668
IP 139.45.197.236:0
File type ASCII text, with no line terminators
Hash 758ff964ee78d0c90f3a14d8d4af8ab3
f248d30ac9849b0ead400537632beb02c9c703d1
00e3fbbf542561da72fdc5ea89cfd1405c17739dd49210252e611c3122018efe
GET /apu.php?zoneid=608668 HTTP/1.1
Host: cobalten.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://emuay2.blogspot.com/
Connection: keep-alive
HTTP/1.1 403 Forbidden
Server: nginx
Date: Thu, 02 Feb 2023 03:58:34 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 7
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Access-Control-Max-Age: 86400
Pragma: no-cache
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 11 Jan 1994 10:00:00 GMT
Timing-Allow-Origin: *
lh4.googleusercontent.com/-x0UzaYSChzI/UK97BzPBDbI/AAAAAAAAEk0/t2ndYUMn5j4/s400/body-pattern.gif
142.250.74.129200 OK 188 kB URL HTTP/2 lh4.googleusercontent.com/-x0UzaYSChzI/UK97BzPBDbI/AAAAAAAAEk0/t2ndYUMn5j4/s400/body-pattern.gif
IP 142.250.74.129:0
File type GIF image data, version 89a, 400 x 400\012- data
Size 188 kB (187790 bytes)
Hash 96b23e406b1feb73a2a099407a8b3ece
9f46f0542f4ce6e5ebd46c6c3d589cf849d53450
44b9097cfdb39e86aea6796fd6f4851bba7a40f3bb34f7fdc1994db600b9c023
GET /-x0UzaYSChzI/UK97BzPBDbI/AAAAAAAAEk0/t2ndYUMn5j4/s400/body-pattern.gif HTTP/1.1
Host: lh4.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://emuay2.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="body-pattern.gif"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 187790
x-xss-protection: 0
date: Thu, 02 Feb 2023 03:58:34 GMT
expires: Wed, 01 Feb 2023 10:48:25 GMT
cache-control: public, max-age=86400, no-transform
etag: "v1a18"
content-type: image/gif
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/droidsans/v18/SlGWmQWMvZQIdix7AFxXmMh3eDs1Zw.woff2
216.58.207.227200 OK 22 kB URL HTTP/1.1 fonts.gstatic.com/s/droidsans/v18/SlGWmQWMvZQIdix7AFxXmMh3eDs1Zw.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 22376, version 1.0\012- data
Hash e6af16165f9bfda6aafd0088b8c01daa
c9c0ee8309619643e65ba1b22bfffcd1a7ca1e51
e803cd8c5031ac6b0d099a2d96ba1c3ee44782649a7f7c6f0d09b6410d93e216
GET /s/droidsans/v18/SlGWmQWMvZQIdix7AFxXmMh3eDs1Zw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://emuay2.blogspot.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 22376
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 01 Feb 2023 02:08:37 GMT
Expires: Thu, 01 Feb 2024 02:08:37 GMT
Cache-Control: public, max-age=31536000
Age: 92997
Last-Modified: Tue, 19 Apr 2022 18:25:01 GMT
Content-Type: font/woff2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8348
Expires: Thu, 02 Feb 2023 06:17:42 GMT
Date: Thu, 02 Feb 2023 03:58:34 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8348
Expires: Thu, 02 Feb 2023 06:17:42 GMT
Date: Thu, 02 Feb 2023 03:58:34 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8348
Expires: Thu, 02 Feb 2023 06:17:42 GMT
Date: Thu, 02 Feb 2023 03:58:34 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg
34.120.237.76200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3366ef4f8733cb9c89a5c88f63a0a441
7da46843b6d885f38a4759a08e6c899906ab7b97
7114397ee5c251cc5cb46f3433c2cc17ff68a08e0872e227671198e9b61eba0a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9600
x-amzn-requestid: 91987222-d376-4099-a4e9-5f877b5212be
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fLzO2FSDIAMFktg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ce325e-281a7e062ee3039d42ae8f83;Sampled=0
x-amzn-remapped-date: Mon, 23 Jan 2023 07:08:14 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: SEH32iK4aCkxhxQyu3fSlW8uVM1Oj5hwnl2U09k_THEOdAqdEeVMJw==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:03:43 GMT
age: 21291
etag: "7da46843b6d885f38a4759a08e6c899906ab7b97"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F868f7eb5-a922-48b3-b59c-21db2389409e.jpeg
34.120.237.76200 OK 9.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F868f7eb5-a922-48b3-b59c-21db2389409e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6790e3bf4d10b1ffba32a22dc588c640
cdae35517dfea800134393a1095f44462bc428a5
4f4132588ee7337fff24da64b89e43b277c4ef0a2646acfba37aea08fc0f4256
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F868f7eb5-a922-48b3-b59c-21db2389409e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9416
x-amzn-requestid: acc48967-4cc1-4bfd-bc33-7bcefd8e6547
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frdKVGjqIAMFa2w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadbdb-1d1cd4de0a30760e792d32e5;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:38:35 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: byLFLKpRZa_blxNi2wh_ft4Ule-zNiZtSih_Quv-9BgKS87Y-wJlTA==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:00:40 GMT
age: 21474
etag: "cdae35517dfea800134393a1095f44462bc428a5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79ec7db4-9aef-4e9e-a8d9-431c9085df2a.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79ec7db4-9aef-4e9e-a8d9-431c9085df2a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b0ca0ccee69fbee57aac373f94120bb4
5d6309502ffd0c33f6199d46f0d14d0a22e3c752
bed9d4689ff57fa636ee08dab3eef3cdf6c4e0a7103e5185151afe8ddfb755f2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79ec7db4-9aef-4e9e-a8d9-431c9085df2a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11552
x-amzn-requestid: 611f63cb-f058-493b-ac86-7e268b866fd0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frdTvG9VIAMFgPg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadc17-78de7563537b111924100346;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:39:35 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: lHLm3IkJRn59US_8SXKXQnNDUiCLIWnQ7QN-DWB3jkot9Ub3b6FUgA==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 21:59:35 GMT
age: 21539
etag: "5d6309502ffd0c33f6199d46f0d14d0a22e3c752"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5b1e36ab-6847-48e2-8227-fc589124cb93.jpeg
34.120.237.76200 OK 7.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5b1e36ab-6847-48e2-8227-fc589124cb93.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6f4dbd75e0cdc28265ccbe825c5c5b6c
78187b014be0ee8bf7543fb873915db8a9c8dbc4
bf49642b990d73f58ca5f9ee979271ba2ab80bae94c8f333fa5737b16016d1c8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5b1e36ab-6847-48e2-8227-fc589124cb93.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7036
x-amzn-requestid: 9d54dd82-add1-4d7d-97b7-53c92eecb724
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fmJxCHAqoAMF3qA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d8bcd3-109d34d11a9834886e3080ee;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 07:01:39 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: U45NW79hI4Vtd7fV7kXnxqlxRQzC-u9PVlNK4D1pBkAa8CBYuUf9ig==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 07:09:17 GMT
age: 74957
etag: "78187b014be0ee8bf7543fb873915db8a9c8dbc4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe18f9e12-0986-423b-911d-6271bb996db4.jpeg
34.120.237.76200 OK 5.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe18f9e12-0986-423b-911d-6271bb996db4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7c823f1d6bf1c50d58eb263b85e6e37c
a7b74d11494fb3254df907e5cc1eead070d84617
b2706961eb756383e0988dfdb501dc424aea59697aedd1e4a6c294c314a31935
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe18f9e12-0986-423b-911d-6271bb996db4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5356
x-amzn-requestid: fef22c83-35a4-4990-9008-af5853f838d1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frc5BEB6oAMFczg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadb6c-68d3017555c069bc3107d150;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:36:44 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: i697kJpdT4ZPeMLWIftWf16pWCic0-v4tL4GDKfVfTZLo-E4-3FwDQ==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:21:38 GMT
age: 20216
etag: "a7b74d11494fb3254df907e5cc1eead070d84617"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F04301881-7728-4218-a61a-642cd5ffae53.jpeg
34.120.237.76200 OK 5.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F04301881-7728-4218-a61a-642cd5ffae53.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0224e848c34cb32cf932ed99dfd8468a
31c1abac8979bca5a998a6649ca3e6f59c0fb2f5
f93d5a69758e57d4d2b0d307ce98ad5ea8d86b825108873e8ea5bc36567dc5c0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F04301881-7728-4218-a61a-642cd5ffae53.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5061
x-amzn-requestid: e8e96b85-5b24-48b4-bea3-6c1b93c55ca1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frdKVGf3oAMFj1w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadbdb-558cb5ec6f31497d284518be;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:38:35 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: AeFT9dVmzOw8800DKN7VouWS3HGHRYp64On9sF62J-aOK_OGtvAa7w==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 981753271eb5b6d11bc29d52f173a5da.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:12:52 GMT
age: 20742
etag: "31c1abac8979bca5a998a6649ca3e6f59c0fb2f5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.bnhtml.com/invoke.js
192.243.61.227200 OK 5.2 kB IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with very long lines (11157), with no line terminators
Hash 06cec38f92e4c13c7125371c321a9acf
b2cbac1429c3ef53bb66f95888e1a99fc64ebe45
4af4b84547f8613135939861f8e78525556a8a4e495d9ad50f740ca34e4769bb
GET /invoke.js HTTP/1.1
Host: www.bnhtml.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://emuay2.blogspot.com/
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 02 Feb 2023 03:58:35 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: fc74bc115a4747419d75c64bb26d28b7
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
simplewebanalysis.com/stats
35.156.167.37200 OK 40 B URL HTTP/1.1 simplewebanalysis.com/stats
IP 35.156.167.37:0
File type ASCII text, with no line terminators
Hash 01794615639b854c6db9277a6c5c2099
2ae05e41e4d62aaf24fb23c5a80d3bc7e492645b
a88060d5c291088c875c4805c0eb9fa326bc4917a36673dca353ac941111f6bb
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://emuay2.blogspot.com
Connection: keep-alive
Referer: http://emuay2.blogspot.com/
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 03:58:35 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 40
Connection: keep-alive
Server: fasthttp
Access-Control-Allow-Origin: http://emuay2.blogspot.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=174d93e2-dfe9-4bc9-8a78-46ee0942d807:3:1; expires=Sun, 30 Jan 2033 03:58:35 GMT; secure; SameSite=None
www.patjaa.com/wp-content/uploads/2016/01/45-39-387x500.jpg
52.71.57.184404 Not Found 5.2 kB URL HTTP/1.0 www.patjaa.com/wp-content/uploads/2016/01/45-39-387x500.jpg
IP 52.71.57.184:0
Hash 25c696bb398d969fa05a486ecf7b9421
208a8dedfef6e3ee09b06a1fb873c115bd441c53
4db3f7bbc39992a70dc659fac5d5e3c08c815b577aef0ead9f8c06576b817f70
GET /wp-content/uploads/2016/01/45-39-387x500.jpg HTTP/1.1
Host: www.patjaa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://emuay2.blogspot.com/
HTTP/1.0 404 Not Found
cache-control: no-cache
content-type: text/html
x-reason: MediaRequest
simplewebanalysis.com/stats
35.156.167.37200 OK 40 B URL HTTP/1.1 simplewebanalysis.com/stats
IP 35.156.167.37:0
File type ASCII text, with no line terminators
Hash 0bee954c2c3af1ab498c15ddac04f00f
286dbcc69572c78d33e139ebcc35b3f18915d9f9
d25707d958925bf8bcb8ea985736b90bf8b87d52af69a20ad87e2c35ae99b085
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://emuay2.blogspot.com
Connection: keep-alive
Referer: http://emuay2.blogspot.com/
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 03:58:35 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 40
Connection: keep-alive
Server: fasthttp
Access-Control-Allow-Origin: http://emuay2.blogspot.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=420283c7-d7d0-438d-bb5b-2c0f1efa9c0c:3:1; expires=Sun, 30 Jan 2033 03:58:35 GMT; secure; SameSite=None
www.patjaa.com/wp-content/uploads/2016/01/gkdfttyrew-500x250.jpg
52.71.57.184404 Not Found 278 B URL HTTP/1.0 www.patjaa.com/wp-content/uploads/2016/01/gkdfttyrew-500x250.jpg
IP 52.71.57.184:0
Hash ffa74ac8c4056e908802ea532683dd0e
1dc52f14957b60f97010b532367c3ad96c63c5c0
505be3b1adc82e4145dbc87999a35f2e37c1675e5e18656f57338d6e6106945e
GET /wp-content/uploads/2016/01/gkdfttyrew-500x250.jpg HTTP/1.1
Host: www.patjaa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://emuay2.blogspot.com/
HTTP/1.0 404 Not Found
cache-control: no-cache
content-type: text/html
x-reason: MediaRequest
c1.popads.net/pop.js
185.76.9.14200 OK 9.9 kB IP 185.76.9.14:0
ASN #60068 Datacamp Limited
File type HTML document, ASCII text, with very long lines (1568), with CRLF line terminators
Hash d2f092c2525456135a6412df048cb9e1
73d6962cb750fd9cc5a06ac6db82718c90bd6296
4ff692ff710346275b517e846bdaf0df85bc82f25484ecc6954b5462e98caf9e
GET /pop.js HTTP/1.1
Host: c1.popads.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://emuay2.blogspot.com/
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 03:58:35 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: quic="185.76.9.13:443"; ma=2592000; v="44,43,39"
Last-Modified: Sun, 03 Jul 2022 20:49:14 GMT
ETag: W/"62c200ca-7b48"
Access-Control-Allow-Origin: *
X-Accel-Expires: @1675544508
Server: CDN77-Turbo
X-77-NZT: AblMCQ3MjQr/Lz8MAA
X-77-NZT-Ray: c0a4cc28b3498bf8eb34db6310bc5f1f
X-Cache: HIT
X-Age: 802607
X-77-POP: stockholmSE
X-77-Cache: HIT
Content-Encoding: gzip
emuay2.blogspot.com/favicon.ico
142.250.74.1200 OK 412 B URL HTTP/1.1 emuay2.blogspot.com/favicon.ico
IP 142.250.74.1:0
File type MS Windows icon resource - 2 icons, 32x32, 8 bits/pixel, 16x16, 8 bits/pixel\012- data
Hash 501c61a70f5c41181aa050d9110909ca
5b985d5671a7caf686fdfb1df13488c4407f6c9f
c4aaf001607ee331f6871b4dbbf45942b1e197726714fd106e46d70cc10ee97e
GET /favicon.ico HTTP/1.1
Host: emuay2.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://emuay2.blogspot.com/2016/01/blog-post_50.html
HTTP/1.1 200 OK
Content-Type: image/x-icon; charset=UTF-8
Expires: Thu, 02 Feb 2023 03:58:35 GMT
Date: Thu, 02 Feb 2023 03:58:35 GMT
Cache-Control: private, max-age=86400
Last-Modified: Tue, 08 Nov 2022 23:11:21 GMT
ETag: W/"b334db25900c4a7331f3d071d7f912adb82ea4d511d1757a348993f729831325"
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 412
Server: GSE
www.urldelivery.com/watch.1405681901552.js?key=e66a9db2e77b87b247e29b380bf50a06&kw=%5B%22%E0%B9%81%E0%B8%8A%E0%B8%A3%E0%B9%8C%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%E0%B9%80%E0%B8%A5%E0%B9%88%E0%B8%B2%E0%B9%80%E0%B8%A3%E0%B8%B7%E0%B9%88%E0%B8%AD%E0%B8%87%22%2C%22%E0%B8%82%E0%B9%89%E0%B8%AD%E0%B8%84%E0%B8%A7%E0%B8%B2%E0%B8%A1%E0%B8%AD%E0%B8%B2%E0%B8%A5%E0%B8%B1%E0%B8%A2%E0%B8%88%E0%B8%B2%E0%B8%81%22%2C%22%E2%80%9D%22%2C%22%E0%B8%A3%E0%B8%B4%E0%B8%A7%22%2C%22%E0%B8%88%E0%B8%B4%E0%B8%95%E0%B8%AA%E0%B8%B1%E0%B8%A1%E0%B8%9C%E0%B8%B1%E0%B8%AA%E2%80%9D%22%2C%22%E0%B8%96%E0%B8%B6%E0%B8%87%22%2C%22%E0%B8%9B%E0%B8%AD%22%2C%22%E0%B8%97%E0%B8%A4%E0%B8%A9%E0%B8%8F%E0%B8%B5%22%2C%22%E0%B8%9E%E0%B8%A3%E0%B9%89%E0%B8%AD%E0%B8%A1%E0%B9%80%E0%B8%AD%E0%B9%88%E0%B8%A2%E0%B8%96%E0%B8%B6%E0%B8%87%22%2C%22%E2%80%9C%E0%B9%82%E0%B8%9A%E0%B8%A7%E0%B9%8C-%E0%B8%99%E0%B9%89%E0%B8%AD%E0%B8%87%E0%B8%A1%E0%B8%B0%E0%B8%A5%E0%B8%B4%E2%80%9D%22%5D&refer=http%3A%2F%2Femuay2.blogspot.com%2F2016%2F01%2Fblog-post_50.html&tz=0&dev=r&res=4.29&uuid=420283c7-d7d0-438d-bb5b-2c0f1efa9c0c%3A3%3A1
192.243.59.20307 Temporary Redirect 0 B URL HTTP/1.1 www.urldelivery.com/watch.1405681901552.js?key=e66a9db2e77b87b247e29b380bf50a06&kw=%5B%22%E0%B9%81%E0%B8%8A%E0%B8%A3%E0%B9%8C%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%E0%B9%80%E0%B8%A5%E0%B9%88%E0%B8%B2%E0%B9%80%E0%B8%A3%E0%B8%B7%E0%B9%88%E0%B8%AD%E0%B8%87%22%2C%22%E0%B8%82%E0%B9%89%E0%B8%AD%E0%B8%84%E0%B8%A7%E0%B8%B2%E0%B8%A1%E0%B8%AD%E0%B8%B2%E0%B8%A5%E0%B8%B1%E0%B8%A2%E0%B8%88%E0%B8%B2%E0%B8%81%22%2C%22%E2%80%9D%22%2C%22%E0%B8%A3%E0%B8%B4%E0%B8%A7%22%2C%22%E0%B8%88%E0%B8%B4%E0%B8%95%E0%B8%AA%E0%B8%B1%E0%B8%A1%E0%B8%9C%E0%B8%B1%E0%B8%AA%E2%80%9D%22%2C%22%E0%B8%96%E0%B8%B6%E0%B8%87%22%2C%22%E0%B8%9B%E0%B8%AD%22%2C%22%E0%B8%97%E0%B8%A4%E0%B8%A9%E0%B8%8F%E0%B8%B5%22%2C%22%E0%B8%9E%E0%B8%A3%E0%B9%89%E0%B8%AD%E0%B8%A1%E0%B9%80%E0%B8%AD%E0%B9%88%E0%B8%A2%E0%B8%96%E0%B8%B6%E0%B8%87%22%2C%22%E2%80%9C%E0%B9%82%E0%B8%9A%E0%B8%A7%E0%B9%8C-%E0%B8%99%E0%B9%89%E0%B8%AD%E0%B8%87%E0%B8%A1%E0%B8%B0%E0%B8%A5%E0%B8%B4%E2%80%9D%22%5D&refer=http%3A%2F%2Femuay2.blogspot.com%2F2016%2F01%2Fblog-post_50.html&tz=0&dev=r&res=4.29&uuid=420283c7-d7d0-438d-bb5b-2c0f1efa9c0c%3A3%3A1
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /watch.1405681901552.js?key=e66a9db2e77b87b247e29b380bf50a06&kw=%5B%22%E0%B9%81%E0%B8%8A%E0%B8%A3%E0%B9%8C%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%E0%B9%80%E0%B8%A5%E0%B9%88%E0%B8%B2%E0%B9%80%E0%B8%A3%E0%B8%B7%E0%B9%88%E0%B8%AD%E0%B8%87%22%2C%22%E0%B8%82%E0%B9%89%E0%B8%AD%E0%B8%84%E0%B8%A7%E0%B8%B2%E0%B8%A1%E0%B8%AD%E0%B8%B2%E0%B8%A5%E0%B8%B1%E0%B8%A2%E0%B8%88%E0%B8%B2%E0%B8%81%22%2C%22%E2%80%9D%22%2C%22%E0%B8%A3%E0%B8%B4%E0%B8%A7%22%2C%22%E0%B8%88%E0%B8%B4%E0%B8%95%E0%B8%AA%E0%B8%B1%E0%B8%A1%E0%B8%9C%E0%B8%B1%E0%B8%AA%E2%80%9D%22%2C%22%E0%B8%96%E0%B8%B6%E0%B8%87%22%2C%22%E0%B8%9B%E0%B8%AD%22%2C%22%E0%B8%97%E0%B8%A4%E0%B8%A9%E0%B8%8F%E0%B8%B5%22%2C%22%E0%B8%9E%E0%B8%A3%E0%B9%89%E0%B8%AD%E0%B8%A1%E0%B9%80%E0%B8%AD%E0%B9%88%E0%B8%A2%E0%B8%96%E0%B8%B6%E0%B8%87%22%2C%22%E2%80%9C%E0%B9%82%E0%B8%9A%E0%B8%A7%E0%B9%8C-%E0%B8%99%E0%B9%89%E0%B8%AD%E0%B8%87%E0%B8%A1%E0%B8%B0%E0%B8%A5%E0%B8%B4%E2%80%9D%22%5D&refer=http%3A%2F%2Femuay2.blogspot.com%2F2016%2F01%2Fblog-post_50.html&tz=0&dev=r&res=4.29&uuid=420283c7-d7d0-438d-bb5b-2c0f1efa9c0c%3A3%3A1 HTTP/1.1
Host: www.urldelivery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://emuay2.blogspot.com
Connection: keep-alive
Referer: http://emuay2.blogspot.com/
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.17.9
Date: Thu, 02 Feb 2023 03:58:35 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://emuay2.blogspot.com
Access-Control-Allow-Origin: http://emuay2.blogspot.com
Access-Control-Allow-Credentials: true
Location: http://www.urldelivery.com/watch.1405681901552.js?key=e66a9db2e77b87b247e29b380bf50a06&kw=%5B%22%E0%B9%81%E0%B8%8A%E0%B8%A3%E0%B9%8C%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%E0%B9%80%E0%B8%A5%E0%B9%88%E0%B8%B2%E0%B9%80%E0%B8%A3%E0%B8%B7%E0%B9%88%E0%B8%AD%E0%B8%87%22%2C%22%E0%B8%82%E0%B9%89%E0%B8%AD%E0%B8%84%E0%B8%A7%E0%B8%B2%E0%B8%A1%E0%B8%AD%E0%B8%B2%E0%B8%A5%E0%B8%B1%E0%B8%A2%E0%B8%88%E0%B8%B2%E0%B8%81%22%2C%22%E2%80%9D%22%2C%22%E0%B8%A3%E0%B8%B4%E0%B8%A7%22%2C%22%E0%B8%88%E0%B8%B4%E0%B8%95%E0%B8%AA%E0%B8%B1%E0%B8%A1%E0%B8%9C%E0%B8%B1%E0%B8%AA%E2%80%9D%22%2C%22%E0%B8%96%E0%B8%B6%E0%B8%87%22%2C%22%E0%B8%9B%E0%B8%AD%22%2C%22%E0%B8%97%E0%B8%A4%E0%B8%A9%E0%B8%8F%E0%B8%B5%22%2C%22%E0%B8%9E%E0%B8%A3%E0%B9%89%E0%B8%AD%E0%B8%A1%E0%B9%80%E0%B8%AD%E0%B9%88%E0%B8%A2%E0%B8%96%E0%B8%B6%E0%B8%87%22%2C%22%E2%80%9C%E0%B9%82%E0%B8%9A%E0%B8%A7%E0%B9%8C-%E0%B8%99%E0%B9%89%E0%B8%AD%E0%B8%87%E0%B8%A1%E0%B8%B0%E0%B8%A5%E0%B8%B4%E2%80%9D%22%5D&refer=http%3A%2F%2Femuay2.blogspot.com%2F2016%2F01%2Fblog-post_50.html&tz=0&dev=r&res=4.29&uuid=420283c7-d7d0-438d-bb5b-2c0f1efa9c0c%3A3%3A1&shu=878b299448abfd88182046b7ca7287c7bb87bac6be94805ab8a03c9dee1fdf458145ee9ca3c3098e1fca952259b1bee37b472c92be5f2db390cf64629092e6013dccd85523a6c0db1d362afcd399e09b61ff38e9&pst=1675310375&rmtc=t
Set-Cookie: u_pl=34993; expires=Fri, 03 Feb 2023 03:58:35 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjozNDk5MywiayI6ImU2NmE5ZGIyZTc3Yjg3YjI0N2UyOWIzODBiZjUwYTA2Iiwic2lkIjoiIiwiaXNpZCI6MywiYXNpZCI6MSwiemlkIjoxNTA4OCwicGlkIjo4MjM2LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjMsImFpZCI6NSwicHQiOjQsInBrIjoidXkzYjl5c2IiLCJjcGtzIjp7ICIyOCI6ImQ4NTQ2YmFkYWM1ZjNmYmY4YjY0MjBiNzFkNjlhM2U1IiwiNDYiOiI2ZGI0NjZjOGZhNjc3YzUxNjUxNWFkMGEyNjQ1YTIzZiJ9LCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOmZhbHNlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHA6Ly9lbXVheTIuYmxvZ3Nwb3QuY29tLzIwMTYvMDEvYmxvZy1wb3N0XzUwLmh0bWwifX0.njol3X01HvatLCtM79ZtVBgMyXL8SPtV5kB_fVNZGPs; expires=Thu, 02 Feb 2023 03:59:35 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 75e86ddbe86a6ad7eeea10e7cc119f2a
Strict-Transport-Security: max-age=0; includeSubdomains
www.urldelivery.com/watch.521244554277.js?key=e66a9db2e77b87b247e29b380bf50a06&kw=%5B%22%E0%B9%81%E0%B8%8A%E0%B8%A3%E0%B9%8C%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%E0%B9%80%E0%B8%A5%E0%B9%88%E0%B8%B2%E0%B9%80%E0%B8%A3%E0%B8%B7%E0%B9%88%E0%B8%AD%E0%B8%87%22%2C%22%E0%B8%82%E0%B9%89%E0%B8%AD%E0%B8%84%E0%B8%A7%E0%B8%B2%E0%B8%A1%E0%B8%AD%E0%B8%B2%E0%B8%A5%E0%B8%B1%E0%B8%A2%E0%B8%88%E0%B8%B2%E0%B8%81%22%2C%22%E2%80%9D%22%2C%22%E0%B8%A3%E0%B8%B4%E0%B8%A7%22%2C%22%E0%B8%88%E0%B8%B4%E0%B8%95%E0%B8%AA%E0%B8%B1%E0%B8%A1%E0%B8%9C%E0%B8%B1%E0%B8%AA%E2%80%9D%22%2C%22%E0%B8%96%E0%B8%B6%E0%B8%87%22%2C%22%E0%B8%9B%E0%B8%AD%22%2C%22%E0%B8%97%E0%B8%A4%E0%B8%A9%E0%B8%8F%E0%B8%B5%22%2C%22%E0%B8%9E%E0%B8%A3%E0%B9%89%E0%B8%AD%E0%B8%A1%E0%B9%80%E0%B8%AD%E0%B9%88%E0%B8%A2%E0%B8%96%E0%B8%B6%E0%B8%87%22%2C%22%E2%80%9C%E0%B9%82%E0%B8%9A%E0%B8%A7%E0%B9%8C-%E0%B8%99%E0%B9%89%E0%B8%AD%E0%B8%87%E0%B8%A1%E0%B8%B0%E0%B8%A5%E0%B8%B4%E2%80%9D%22%5D&refer=http%3A%2F%2Femuay2.blogspot.com%2F2016%2F01%2Fblog-post_50.html&tz=0&dev=r&res=4.29&uuid=174d93e2-dfe9-4bc9-8a78-46ee0942d807%3A3%3A1
192.243.59.20307 Temporary Redirect 0 B URL HTTP/1.1 www.urldelivery.com/watch.521244554277.js?key=e66a9db2e77b87b247e29b380bf50a06&kw=%5B%22%E0%B9%81%E0%B8%8A%E0%B8%A3%E0%B9%8C%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%E0%B9%80%E0%B8%A5%E0%B9%88%E0%B8%B2%E0%B9%80%E0%B8%A3%E0%B8%B7%E0%B9%88%E0%B8%AD%E0%B8%87%22%2C%22%E0%B8%82%E0%B9%89%E0%B8%AD%E0%B8%84%E0%B8%A7%E0%B8%B2%E0%B8%A1%E0%B8%AD%E0%B8%B2%E0%B8%A5%E0%B8%B1%E0%B8%A2%E0%B8%88%E0%B8%B2%E0%B8%81%22%2C%22%E2%80%9D%22%2C%22%E0%B8%A3%E0%B8%B4%E0%B8%A7%22%2C%22%E0%B8%88%E0%B8%B4%E0%B8%95%E0%B8%AA%E0%B8%B1%E0%B8%A1%E0%B8%9C%E0%B8%B1%E0%B8%AA%E2%80%9D%22%2C%22%E0%B8%96%E0%B8%B6%E0%B8%87%22%2C%22%E0%B8%9B%E0%B8%AD%22%2C%22%E0%B8%97%E0%B8%A4%E0%B8%A9%E0%B8%8F%E0%B8%B5%22%2C%22%E0%B8%9E%E0%B8%A3%E0%B9%89%E0%B8%AD%E0%B8%A1%E0%B9%80%E0%B8%AD%E0%B9%88%E0%B8%A2%E0%B8%96%E0%B8%B6%E0%B8%87%22%2C%22%E2%80%9C%E0%B9%82%E0%B8%9A%E0%B8%A7%E0%B9%8C-%E0%B8%99%E0%B9%89%E0%B8%AD%E0%B8%87%E0%B8%A1%E0%B8%B0%E0%B8%A5%E0%B8%B4%E2%80%9D%22%5D&refer=http%3A%2F%2Femuay2.blogspot.com%2F2016%2F01%2Fblog-post_50.html&tz=0&dev=r&res=4.29&uuid=174d93e2-dfe9-4bc9-8a78-46ee0942d807%3A3%3A1
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /watch.521244554277.js?key=e66a9db2e77b87b247e29b380bf50a06&kw=%5B%22%E0%B9%81%E0%B8%8A%E0%B8%A3%E0%B9%8C%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%E0%B9%80%E0%B8%A5%E0%B9%88%E0%B8%B2%E0%B9%80%E0%B8%A3%E0%B8%B7%E0%B9%88%E0%B8%AD%E0%B8%87%22%2C%22%E0%B8%82%E0%B9%89%E0%B8%AD%E0%B8%84%E0%B8%A7%E0%B8%B2%E0%B8%A1%E0%B8%AD%E0%B8%B2%E0%B8%A5%E0%B8%B1%E0%B8%A2%E0%B8%88%E0%B8%B2%E0%B8%81%22%2C%22%E2%80%9D%22%2C%22%E0%B8%A3%E0%B8%B4%E0%B8%A7%22%2C%22%E0%B8%88%E0%B8%B4%E0%B8%95%E0%B8%AA%E0%B8%B1%E0%B8%A1%E0%B8%9C%E0%B8%B1%E0%B8%AA%E2%80%9D%22%2C%22%E0%B8%96%E0%B8%B6%E0%B8%87%22%2C%22%E0%B8%9B%E0%B8%AD%22%2C%22%E0%B8%97%E0%B8%A4%E0%B8%A9%E0%B8%8F%E0%B8%B5%22%2C%22%E0%B8%9E%E0%B8%A3%E0%B9%89%E0%B8%AD%E0%B8%A1%E0%B9%80%E0%B8%AD%E0%B9%88%E0%B8%A2%E0%B8%96%E0%B8%B6%E0%B8%87%22%2C%22%E2%80%9C%E0%B9%82%E0%B8%9A%E0%B8%A7%E0%B9%8C-%E0%B8%99%E0%B9%89%E0%B8%AD%E0%B8%87%E0%B8%A1%E0%B8%B0%E0%B8%A5%E0%B8%B4%E2%80%9D%22%5D&refer=http%3A%2F%2Femuay2.blogspot.com%2F2016%2F01%2Fblog-post_50.html&tz=0&dev=r&res=4.29&uuid=174d93e2-dfe9-4bc9-8a78-46ee0942d807%3A3%3A1 HTTP/1.1
Host: www.urldelivery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://emuay2.blogspot.com
Connection: keep-alive
Referer: http://emuay2.blogspot.com/
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.17.9
Date: Thu, 02 Feb 2023 03:58:35 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://emuay2.blogspot.com
Access-Control-Allow-Origin: http://emuay2.blogspot.com
Access-Control-Allow-Credentials: true
Location: http://www.urldelivery.com/watch.521244554277.js?key=e66a9db2e77b87b247e29b380bf50a06&kw=%5B%22%E0%B9%81%E0%B8%8A%E0%B8%A3%E0%B9%8C%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%E0%B9%80%E0%B8%A5%E0%B9%88%E0%B8%B2%E0%B9%80%E0%B8%A3%E0%B8%B7%E0%B9%88%E0%B8%AD%E0%B8%87%22%2C%22%E0%B8%82%E0%B9%89%E0%B8%AD%E0%B8%84%E0%B8%A7%E0%B8%B2%E0%B8%A1%E0%B8%AD%E0%B8%B2%E0%B8%A5%E0%B8%B1%E0%B8%A2%E0%B8%88%E0%B8%B2%E0%B8%81%22%2C%22%E2%80%9D%22%2C%22%E0%B8%A3%E0%B8%B4%E0%B8%A7%22%2C%22%E0%B8%88%E0%B8%B4%E0%B8%95%E0%B8%AA%E0%B8%B1%E0%B8%A1%E0%B8%9C%E0%B8%B1%E0%B8%AA%E2%80%9D%22%2C%22%E0%B8%96%E0%B8%B6%E0%B8%87%22%2C%22%E0%B8%9B%E0%B8%AD%22%2C%22%E0%B8%97%E0%B8%A4%E0%B8%A9%E0%B8%8F%E0%B8%B5%22%2C%22%E0%B8%9E%E0%B8%A3%E0%B9%89%E0%B8%AD%E0%B8%A1%E0%B9%80%E0%B8%AD%E0%B9%88%E0%B8%A2%E0%B8%96%E0%B8%B6%E0%B8%87%22%2C%22%E2%80%9C%E0%B9%82%E0%B8%9A%E0%B8%A7%E0%B9%8C-%E0%B8%99%E0%B9%89%E0%B8%AD%E0%B8%87%E0%B8%A1%E0%B8%B0%E0%B8%A5%E0%B8%B4%E2%80%9D%22%5D&refer=http%3A%2F%2Femuay2.blogspot.com%2F2016%2F01%2Fblog-post_50.html&tz=0&dev=r&res=4.29&uuid=174d93e2-dfe9-4bc9-8a78-46ee0942d807%3A3%3A1&shu=8f3e14b82ccce5b7a950e5a0340a2ded7a9cfe44110d01de2995e3f2a1410070d8db02d92b5857ff029e506284bd439c4975e5ae43566fdaa3376ab8379b8762b8d807fd76e49d4a5ab4b1c67a0bea102ac427385a367fd2fd33f0722ea454&pst=1675310375&rmtc=t
Set-Cookie: u_pl=34993; expires=Fri, 03 Feb 2023 03:58:35 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjozNDk5MywiayI6ImU2NmE5ZGIyZTc3Yjg3YjI0N2UyOWIzODBiZjUwYTA2Iiwic2lkIjoiIiwiaXNpZCI6MywiYXNpZCI6MSwiemlkIjoxNTA4OCwicGlkIjo4MjM2LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjMsImFpZCI6NSwicHQiOjQsInBrIjoidXkzYjl5c2IiLCJjcGtzIjp7ICIyOCI6ImQ4NTQ2YmFkYWM1ZjNmYmY4YjY0MjBiNzFkNjlhM2U1IiwiNDYiOiI2ZGI0NjZjOGZhNjc3YzUxNjUxNWFkMGEyNjQ1YTIzZiJ9LCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOmZhbHNlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHA6Ly9lbXVheTIuYmxvZ3Nwb3QuY29tLzIwMTYvMDEvYmxvZy1wb3N0XzUwLmh0bWwifX0.njol3X01HvatLCtM79ZtVBgMyXL8SPtV5kB_fVNZGPs; expires=Thu, 02 Feb 2023 03:59:35 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 9c9938dd81db322035eae5f0c75157e1
Strict-Transport-Security: max-age=0; includeSubdomains
www.urldelivery.com/watch.1405681901552.js?key=e66a9db2e77b87b247e29b380bf50a06&kw=%5B%22%E0%B9%81%E0%B8%8A%E0%B8%A3%E0%B9%8C%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%E0%B9%80%E0%B8%A5%E0%B9%88%E0%B8%B2%E0%B9%80%E0%B8%A3%E0%B8%B7%E0%B9%88%E0%B8%AD%E0%B8%87%22%2C%22%E0%B8%82%E0%B9%89%E0%B8%AD%E0%B8%84%E0%B8%A7%E0%B8%B2%E0%B8%A1%E0%B8%AD%E0%B8%B2%E0%B8%A5%E0%B8%B1%E0%B8%A2%E0%B8%88%E0%B8%B2%E0%B8%81%22%2C%22%E2%80%9D%22%2C%22%E0%B8%A3%E0%B8%B4%E0%B8%A7%22%2C%22%E0%B8%88%E0%B8%B4%E0%B8%95%E0%B8%AA%E0%B8%B1%E0%B8%A1%E0%B8%9C%E0%B8%B1%E0%B8%AA%E2%80%9D%22%2C%22%E0%B8%96%E0%B8%B6%E0%B8%87%22%2C%22%E0%B8%9B%E0%B8%AD%22%2C%22%E0%B8%97%E0%B8%A4%E0%B8%A9%E0%B8%8F%E0%B8%B5%22%2C%22%E0%B8%9E%E0%B8%A3%E0%B9%89%E0%B8%AD%E0%B8%A1%E0%B9%80%E0%B8%AD%E0%B9%88%E0%B8%A2%E0%B8%96%E0%B8%B6%E0%B8%87%22%2C%22%E2%80%9C%E0%B9%82%E0%B8%9A%E0%B8%A7%E0%B9%8C-%E0%B8%99%E0%B9%89%E0%B8%AD%E0%B8%87%E0%B8%A1%E0%B8%B0%E0%B8%A5%E0%B8%B4%E2%80%9D%22%5D&refer=http%3A%2F%2Femuay2.blogspot.com%2F2016%2F01%2Fblog-post_50.html&tz=0&dev=r&res=4.29&uuid=420283c7-d7d0-438d-bb5b-2c0f1efa9c0c%3A3%3A1&shu=878b299448abfd88182046b7ca7287c7bb87bac6be94805ab8a03c9dee1fdf458145ee9ca3c3098e1fca952259b1bee37b472c92be5f2db390cf64629092e6013dccd85523a6c0db1d362afcd399e09b61ff38e9&pst=1675310375&rmtc=t
192.243.59.20200 OK 2.1 kB URL HTTP/1.1 www.urldelivery.com/watch.1405681901552.js?key=e66a9db2e77b87b247e29b380bf50a06&kw=%5B%22%E0%B9%81%E0%B8%8A%E0%B8%A3%E0%B9%8C%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%E0%B9%80%E0%B8%A5%E0%B9%88%E0%B8%B2%E0%B9%80%E0%B8%A3%E0%B8%B7%E0%B9%88%E0%B8%AD%E0%B8%87%22%2C%22%E0%B8%82%E0%B9%89%E0%B8%AD%E0%B8%84%E0%B8%A7%E0%B8%B2%E0%B8%A1%E0%B8%AD%E0%B8%B2%E0%B8%A5%E0%B8%B1%E0%B8%A2%E0%B8%88%E0%B8%B2%E0%B8%81%22%2C%22%E2%80%9D%22%2C%22%E0%B8%A3%E0%B8%B4%E0%B8%A7%22%2C%22%E0%B8%88%E0%B8%B4%E0%B8%95%E0%B8%AA%E0%B8%B1%E0%B8%A1%E0%B8%9C%E0%B8%B1%E0%B8%AA%E2%80%9D%22%2C%22%E0%B8%96%E0%B8%B6%E0%B8%87%22%2C%22%E0%B8%9B%E0%B8%AD%22%2C%22%E0%B8%97%E0%B8%A4%E0%B8%A9%E0%B8%8F%E0%B8%B5%22%2C%22%E0%B8%9E%E0%B8%A3%E0%B9%89%E0%B8%AD%E0%B8%A1%E0%B9%80%E0%B8%AD%E0%B9%88%E0%B8%A2%E0%B8%96%E0%B8%B6%E0%B8%87%22%2C%22%E2%80%9C%E0%B9%82%E0%B8%9A%E0%B8%A7%E0%B9%8C-%E0%B8%99%E0%B9%89%E0%B8%AD%E0%B8%87%E0%B8%A1%E0%B8%B0%E0%B8%A5%E0%B8%B4%E2%80%9D%22%5D&refer=http%3A%2F%2Femuay2.blogspot.com%2F2016%2F01%2Fblog-post_50.html&tz=0&dev=r&res=4.29&uuid=420283c7-d7d0-438d-bb5b-2c0f1efa9c0c%3A3%3A1&shu=878b299448abfd88182046b7ca7287c7bb87bac6be94805ab8a03c9dee1fdf458145ee9ca3c3098e1fca952259b1bee37b472c92be5f2db390cf64629092e6013dccd85523a6c0db1d362afcd399e09b61ff38e9&pst=1675310375&rmtc=t
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document, ASCII text, with very long lines (2581)
Hash d58938b6d60a70da2225e946b85ce473
7b7313cbefb95809864cbd29e264916678754f58
4762c5185da3bcd0049fbfb998cf203b7f061dffd027003f94bd582622cb9a19
GET /watch.1405681901552.js?key=e66a9db2e77b87b247e29b380bf50a06&kw=%5B%22%E0%B9%81%E0%B8%8A%E0%B8%A3%E0%B9%8C%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%E0%B9%80%E0%B8%A5%E0%B9%88%E0%B8%B2%E0%B9%80%E0%B8%A3%E0%B8%B7%E0%B9%88%E0%B8%AD%E0%B8%87%22%2C%22%E0%B8%82%E0%B9%89%E0%B8%AD%E0%B8%84%E0%B8%A7%E0%B8%B2%E0%B8%A1%E0%B8%AD%E0%B8%B2%E0%B8%A5%E0%B8%B1%E0%B8%A2%E0%B8%88%E0%B8%B2%E0%B8%81%22%2C%22%E2%80%9D%22%2C%22%E0%B8%A3%E0%B8%B4%E0%B8%A7%22%2C%22%E0%B8%88%E0%B8%B4%E0%B8%95%E0%B8%AA%E0%B8%B1%E0%B8%A1%E0%B8%9C%E0%B8%B1%E0%B8%AA%E2%80%9D%22%2C%22%E0%B8%96%E0%B8%B6%E0%B8%87%22%2C%22%E0%B8%9B%E0%B8%AD%22%2C%22%E0%B8%97%E0%B8%A4%E0%B8%A9%E0%B8%8F%E0%B8%B5%22%2C%22%E0%B8%9E%E0%B8%A3%E0%B9%89%E0%B8%AD%E0%B8%A1%E0%B9%80%E0%B8%AD%E0%B9%88%E0%B8%A2%E0%B8%96%E0%B8%B6%E0%B8%87%22%2C%22%E2%80%9C%E0%B9%82%E0%B8%9A%E0%B8%A7%E0%B9%8C-%E0%B8%99%E0%B9%89%E0%B8%AD%E0%B8%87%E0%B8%A1%E0%B8%B0%E0%B8%A5%E0%B8%B4%E2%80%9D%22%5D&refer=http%3A%2F%2Femuay2.blogspot.com%2F2016%2F01%2Fblog-post_50.html&tz=0&dev=r&res=4.29&uuid=420283c7-d7d0-438d-bb5b-2c0f1efa9c0c%3A3%3A1&shu=878b299448abfd88182046b7ca7287c7bb87bac6be94805ab8a03c9dee1fdf458145ee9ca3c3098e1fca952259b1bee37b472c92be5f2db390cf64629092e6013dccd85523a6c0db1d362afcd399e09b61ff38e9&pst=1675310375&rmtc=t HTTP/1.1
Host: www.urldelivery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://emuay2.blogspot.com
Referer: http://emuay2.blogspot.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Thu, 02 Feb 2023 03:58:36 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://emuay2.blogspot.com
Access-Control-Allow-Origin: http://emuay2.blogspot.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=34993; expires=Fri, 03 Feb 2023 03:58:36 GMT; secure; SameSite=None
uid_id2=420283c7-d7d0-438d-bb5b-2c0f1efa9c0c:3:1; expires=Thu, 09 Feb 2023 03:58:36 GMT; secure; SameSite=None
iprcea216d238c5f8ed9e85596b21fc0f1c3=3569806; expires=Thu, 02 Feb 2023 07:58:36 GMT; secure; SameSite=None
pdhtkv=true; expires=Fri, 03 Feb 2023 03:58:36 GMT; secure; SameSite=None
uncs=1; expires=Fri, 03 Feb 2023 03:58:36 GMT; secure; SameSite=None
pdhtkv5=true; expires=Fri, 03 Feb 2023 03:58:36 GMT; secure; SameSite=None
uncs5=1; expires=Fri, 03 Feb 2023 03:58:36 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: caca1bca79c0bb93c9d50667a8e70645
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
www.urldelivery.com/watch.521244554277.js?key=e66a9db2e77b87b247e29b380bf50a06&kw=%5B%22%E0%B9%81%E0%B8%8A%E0%B8%A3%E0%B9%8C%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%E0%B9%80%E0%B8%A5%E0%B9%88%E0%B8%B2%E0%B9%80%E0%B8%A3%E0%B8%B7%E0%B9%88%E0%B8%AD%E0%B8%87%22%2C%22%E0%B8%82%E0%B9%89%E0%B8%AD%E0%B8%84%E0%B8%A7%E0%B8%B2%E0%B8%A1%E0%B8%AD%E0%B8%B2%E0%B8%A5%E0%B8%B1%E0%B8%A2%E0%B8%88%E0%B8%B2%E0%B8%81%22%2C%22%E2%80%9D%22%2C%22%E0%B8%A3%E0%B8%B4%E0%B8%A7%22%2C%22%E0%B8%88%E0%B8%B4%E0%B8%95%E0%B8%AA%E0%B8%B1%E0%B8%A1%E0%B8%9C%E0%B8%B1%E0%B8%AA%E2%80%9D%22%2C%22%E0%B8%96%E0%B8%B6%E0%B8%87%22%2C%22%E0%B8%9B%E0%B8%AD%22%2C%22%E0%B8%97%E0%B8%A4%E0%B8%A9%E0%B8%8F%E0%B8%B5%22%2C%22%E0%B8%9E%E0%B8%A3%E0%B9%89%E0%B8%AD%E0%B8%A1%E0%B9%80%E0%B8%AD%E0%B9%88%E0%B8%A2%E0%B8%96%E0%B8%B6%E0%B8%87%22%2C%22%E2%80%9C%E0%B9%82%E0%B8%9A%E0%B8%A7%E0%B9%8C-%E0%B8%99%E0%B9%89%E0%B8%AD%E0%B8%87%E0%B8%A1%E0%B8%B0%E0%B8%A5%E0%B8%B4%E2%80%9D%22%5D&refer=http%3A%2F%2Femuay2.blogspot.com%2F2016%2F01%2Fblog-post_50.html&tz=0&dev=r&res=4.29&uuid=174d93e2-dfe9-4bc9-8a78-46ee0942d807%3A3%3A1&shu=8f3e14b82ccce5b7a950e5a0340a2ded7a9cfe44110d01de2995e3f2a1410070d8db02d92b5857ff029e506284bd439c4975e5ae43566fdaa3376ab8379b8762b8d807fd76e49d4a5ab4b1c67a0bea102ac427385a367fd2fd33f0722ea454&pst=1675310375&rmtc=t
192.243.59.20200 OK 2.1 kB URL HTTP/1.1 www.urldelivery.com/watch.521244554277.js?key=e66a9db2e77b87b247e29b380bf50a06&kw=%5B%22%E0%B9%81%E0%B8%8A%E0%B8%A3%E0%B9%8C%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%E0%B9%80%E0%B8%A5%E0%B9%88%E0%B8%B2%E0%B9%80%E0%B8%A3%E0%B8%B7%E0%B9%88%E0%B8%AD%E0%B8%87%22%2C%22%E0%B8%82%E0%B9%89%E0%B8%AD%E0%B8%84%E0%B8%A7%E0%B8%B2%E0%B8%A1%E0%B8%AD%E0%B8%B2%E0%B8%A5%E0%B8%B1%E0%B8%A2%E0%B8%88%E0%B8%B2%E0%B8%81%22%2C%22%E2%80%9D%22%2C%22%E0%B8%A3%E0%B8%B4%E0%B8%A7%22%2C%22%E0%B8%88%E0%B8%B4%E0%B8%95%E0%B8%AA%E0%B8%B1%E0%B8%A1%E0%B8%9C%E0%B8%B1%E0%B8%AA%E2%80%9D%22%2C%22%E0%B8%96%E0%B8%B6%E0%B8%87%22%2C%22%E0%B8%9B%E0%B8%AD%22%2C%22%E0%B8%97%E0%B8%A4%E0%B8%A9%E0%B8%8F%E0%B8%B5%22%2C%22%E0%B8%9E%E0%B8%A3%E0%B9%89%E0%B8%AD%E0%B8%A1%E0%B9%80%E0%B8%AD%E0%B9%88%E0%B8%A2%E0%B8%96%E0%B8%B6%E0%B8%87%22%2C%22%E2%80%9C%E0%B9%82%E0%B8%9A%E0%B8%A7%E0%B9%8C-%E0%B8%99%E0%B9%89%E0%B8%AD%E0%B8%87%E0%B8%A1%E0%B8%B0%E0%B8%A5%E0%B8%B4%E2%80%9D%22%5D&refer=http%3A%2F%2Femuay2.blogspot.com%2F2016%2F01%2Fblog-post_50.html&tz=0&dev=r&res=4.29&uuid=174d93e2-dfe9-4bc9-8a78-46ee0942d807%3A3%3A1&shu=8f3e14b82ccce5b7a950e5a0340a2ded7a9cfe44110d01de2995e3f2a1410070d8db02d92b5857ff029e506284bd439c4975e5ae43566fdaa3376ab8379b8762b8d807fd76e49d4a5ab4b1c67a0bea102ac427385a367fd2fd33f0722ea454&pst=1675310375&rmtc=t
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document, ASCII text, with very long lines (2613)
Hash 6248b8c8186ed8a5276814d8893fb557
5610dda5f8b4f086e7d88924e3c72ceeb52f26db
5422a4dc018bf4f3e30a41aef27211a5399f53750d10a3934e00a080ac537840
GET /watch.521244554277.js?key=e66a9db2e77b87b247e29b380bf50a06&kw=%5B%22%E0%B9%81%E0%B8%8A%E0%B8%A3%E0%B9%8C%E0%B8%82%E0%B9%88%E0%B8%B2%E0%B8%A7%E0%B9%80%E0%B8%A5%E0%B9%88%E0%B8%B2%E0%B9%80%E0%B8%A3%E0%B8%B7%E0%B9%88%E0%B8%AD%E0%B8%87%22%2C%22%E0%B8%82%E0%B9%89%E0%B8%AD%E0%B8%84%E0%B8%A7%E0%B8%B2%E0%B8%A1%E0%B8%AD%E0%B8%B2%E0%B8%A5%E0%B8%B1%E0%B8%A2%E0%B8%88%E0%B8%B2%E0%B8%81%22%2C%22%E2%80%9D%22%2C%22%E0%B8%A3%E0%B8%B4%E0%B8%A7%22%2C%22%E0%B8%88%E0%B8%B4%E0%B8%95%E0%B8%AA%E0%B8%B1%E0%B8%A1%E0%B8%9C%E0%B8%B1%E0%B8%AA%E2%80%9D%22%2C%22%E0%B8%96%E0%B8%B6%E0%B8%87%22%2C%22%E0%B8%9B%E0%B8%AD%22%2C%22%E0%B8%97%E0%B8%A4%E0%B8%A9%E0%B8%8F%E0%B8%B5%22%2C%22%E0%B8%9E%E0%B8%A3%E0%B9%89%E0%B8%AD%E0%B8%A1%E0%B9%80%E0%B8%AD%E0%B9%88%E0%B8%A2%E0%B8%96%E0%B8%B6%E0%B8%87%22%2C%22%E2%80%9C%E0%B9%82%E0%B8%9A%E0%B8%A7%E0%B9%8C-%E0%B8%99%E0%B9%89%E0%B8%AD%E0%B8%87%E0%B8%A1%E0%B8%B0%E0%B8%A5%E0%B8%B4%E2%80%9D%22%5D&refer=http%3A%2F%2Femuay2.blogspot.com%2F2016%2F01%2Fblog-post_50.html&tz=0&dev=r&res=4.29&uuid=174d93e2-dfe9-4bc9-8a78-46ee0942d807%3A3%3A1&shu=8f3e14b82ccce5b7a950e5a0340a2ded7a9cfe44110d01de2995e3f2a1410070d8db02d92b5857ff029e506284bd439c4975e5ae43566fdaa3376ab8379b8762b8d807fd76e49d4a5ab4b1c67a0bea102ac427385a367fd2fd33f0722ea454&pst=1675310375&rmtc=t HTTP/1.1
Host: www.urldelivery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://emuay2.blogspot.com
Referer: http://emuay2.blogspot.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Thu, 02 Feb 2023 03:58:36 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://emuay2.blogspot.com
Access-Control-Allow-Origin: http://emuay2.blogspot.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=34993; expires=Fri, 03 Feb 2023 03:58:36 GMT; secure; SameSite=None
uid_id2=174d93e2-dfe9-4bc9-8a78-46ee0942d807:3:1; expires=Thu, 09 Feb 2023 03:58:36 GMT; secure; SameSite=None
iprcea216d238c5f8ed9e85596b21fc0f1c3=3569806; expires=Thu, 02 Feb 2023 07:58:36 GMT; secure; SameSite=None
pdhtkv=true; expires=Fri, 03 Feb 2023 03:58:36 GMT; secure; SameSite=None
uncs=1; expires=Fri, 03 Feb 2023 03:58:36 GMT; secure; SameSite=None
pdhtkv5=true; expires=Fri, 03 Feb 2023 03:58:36 GMT; secure; SameSite=None
uncs5=1; expires=Fri, 03 Feb 2023 03:58:36 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 3c7f2bf725febea9c847f2736165c7fb
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 4b32d45a75459dc3d6106bdaa187bad2
ac8c14aab07ccf9e2361b6e97dd99533a7cf663c
78d2731715d2c9787631e6e6d3d073b6e96af3e5373a25080d298b8214591bbf
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 03:58:36 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 02 Feb 2023 00:04:31 GMT
Expires: Thu, 09 Feb 2023 00:04:30 GMT
Etag: "ac8c14aab07ccf9e2361b6e97dd99533a7cf663c"
Cache-Control: max-age=590153,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 79300260bd4cb524-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 4b32d45a75459dc3d6106bdaa187bad2
ac8c14aab07ccf9e2361b6e97dd99533a7cf663c
78d2731715d2c9787631e6e6d3d073b6e96af3e5373a25080d298b8214591bbf
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 03:58:36 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 02 Feb 2023 00:04:31 GMT
Expires: Thu, 09 Feb 2023 00:04:30 GMT
Etag: "ac8c14aab07ccf9e2361b6e97dd99533a7cf663c"
Cache-Control: max-age=590153,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 793002646ea7b524-OSL
c.adsco.re/
104.17.166.186200 OK 30 kB IP 104.17.166.186:0
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (689)
Hash 815ef37110ac6b63648f05ba53184bee
bebecd11757b35c25edcbb317a4c54c5c8d23697
36bf07548480e148703dd77a427ddd38209b3a2c5f805ca04e563d5d3bef1a1f
GET / HTTP/1.1
Host: c.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://emuay2.blogspot.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 03:58:36 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: public, max-age=2678400
Accept-CH: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
Permissions-Policy: ch-ua=(self "https://adsco.re"),ch-ua-mobile=(self "https://adsco.re"),ch-ua-full-version=(self "https://adsco.re"),ch-ua-platform=(self "https://adsco.re"),ch-ua-platform-version=(self "https://adsco.re"),ch-ua-arch=(self "https://adsco.re"),ch-ua-model=(self "https://adsco.re"),ch-device-memory=(self "https://adsco.re"),ch-downlink=(self "https://adsco.re"),ch-ect=(self "https://adsco.re"),ch-rtt=(self "https://adsco.re"),ch-width=(self "https://adsco.re"),ch-viewport-width=(self "https://adsco.re"),ch-dpr=(self "https://adsco.re")
Link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=preconnect
Expires: Sun, 05 Mar 2023 03:58:36 GMT
ETag: W/"xkCBFtC0Wl/JiS60JFipuQ=="
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 2700278
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 793002651f99b512-OSL
alt-svc: h2=":443"; ma=60
6.adsco.re/
104.17.167.186200 OK 0 B IP 104.17.167.186:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: 6.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://emuay2.blogspot.com
Connection: keep-alive
Referer: http://emuay2.blogspot.com/
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 03:58:36 GMT
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: http://emuay2.blogspot.com
Cache-Control: private, max-age=10
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Max-Age: 2592000
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 793002652e03fab4-OSL
alt-svc: h2=":443"; ma=60
c.adsco.re/
104.17.166.186200 OK 27 kB IP 104.17.166.186:0
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (689)
Hash f8383455bbfe3f8856071e9f8565e89f
e77e08e69964446a0925d69e77375725a21a38ab
844c0c07b4a5d90b55fe01685124e391edb3a4165f7d3eb7b97668e9ea6eb985
GET / HTTP/1.1
Host: c.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://emuay2.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 03:58:36 GMT
content-type: text/html
cache-control: public, max-age=2678400
accept-ch: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
permissions-policy: ch-ua=(self "https://adsco.re"),ch-ua-mobile=(self "https://adsco.re"),ch-ua-full-version=(self "https://adsco.re"),ch-ua-platform=(self "https://adsco.re"),ch-ua-platform-version=(self "https://adsco.re"),ch-ua-arch=(self "https://adsco.re"),ch-ua-model=(self "https://adsco.re"),ch-device-memory=(self "https://adsco.re"),ch-downlink=(self "https://adsco.re"),ch-ect=(self "https://adsco.re"),ch-rtt=(self "https://adsco.re"),ch-width=(self "https://adsco.re"),ch-viewport-width=(self "https://adsco.re"),ch-dpr=(self "https://adsco.re")
link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=preconnect
expires: Sun, 05 Mar 2023 03:58:36 GMT
etag: W/"xkCBFtC0Wl/JiS60JFipuQ=="
cf-cache-status: HIT
age: 2700277
vary: Accept-Encoding
server: cloudflare
cf-ray: 793002643cb9b4ed-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash d1ede23ab1ddbc0d7fa930fd3810e49e
879f79b820606c514ae97d5a3c2be12533440a51
7ec120a673fc6ae1a147829269069666ef47b0258b832030906da7dc97ab2a14
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7EC120A673FC6AE1A147829269069666EF47B0258B832030906DA7DC97AB2A14"
Last-Modified: Tue, 31 Jan 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17263
Expires: Thu, 02 Feb 2023 08:46:19 GMT
Date: Thu, 02 Feb 2023 03:58:36 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash aec27ec1247d85a87a888c1552758121
1e3d8e4384433c7d5416452dce0197297460996c
3c2088553eda2c57169b6df6394f78770ec952d9247df207c3415ca6863eab9d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3C2088553EDA2C57169B6DF6394F78770EC952D9247DF207C3415CA6863EAB9D"
Last-Modified: Tue, 31 Jan 2023 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17989
Expires: Thu, 02 Feb 2023 08:58:25 GMT
Date: Thu, 02 Feb 2023 03:58:36 GMT
Connection: keep-alive
wvyzdcrenklm.l4.adsco.re/
185.200.118.90200 OK 0 B URL HTTP/1.1 wvyzdcrenklm.l4.adsco.re/
IP 185.200.118.90:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: wvyzdcrenklm.l4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: http://emuay2.blogspot.com
Connection: keep-alive
Referer: http://emuay2.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 03:58:36 GMT
Content-Type: text/html
Content-Length: 0
Last-Modified: Tue, 31 Jul 2018 22:16:15 GMT
Connection: close
ETag: "5b60dfaf-0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Accept-Ranges: bytes
cdn.cloudimagesb.com/cti/7d/00/a0/7d00a008556ebc4e68d1de531274e928/1658920033.png
45.133.44.9200 OK 144 kB URL HTTP/2 cdn.cloudimagesb.com/cti/7d/00/a0/7d00a008556ebc4e68d1de531274e928/1658920033.png
IP 45.133.44.9:0
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 300 x 250, 8-bit/color RGBA, non-interlaced\012- data
Size 144 kB (144379 bytes)
Hash 33c304429dc1a4408a96e6a74ffa2feb
c45fa8e65528d1bb2b46bf8a28af9eeaa1903d04
dbed482e5948ead5587d30a22306a5b611305f704de940bd22c76daf90e0a314
GET /cti/7d/00/a0/7d00a008556ebc4e68d1de531274e928/1658920033.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 03:58:36 GMT
content-type: image/png
content-length: 144379
server: nginx/1.17.6
last-modified: Wed, 27 Jul 2022 11:07:21 GMT
etag: "62e11c69-233fb"
expires: Sat, 04 Feb 2023 03:58:36 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
c.adsco.re/
104.17.166.186304 Not Modified 0 B IP 104.17.166.186:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: c.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://c.adsco.re/
If-None-Match: W/"xkCBFtC0Wl/JiS60JFipuQ=="
HTTP/1.1 304 Not Modified
Date: Thu, 02 Feb 2023 03:58:36 GMT
Connection: keep-alive
Cache-Control: public, max-age=2678400
Accept-CH: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
Permissions-Policy: ch-ua=(self "https://adsco.re"),ch-ua-mobile=(self "https://adsco.re"),ch-ua-full-version=(self "https://adsco.re"),ch-ua-platform=(self "https://adsco.re"),ch-ua-platform-version=(self "https://adsco.re"),ch-ua-arch=(self "https://adsco.re"),ch-ua-model=(self "https://adsco.re"),ch-device-memory=(self "https://adsco.re"),ch-downlink=(self "https://adsco.re"),ch-ect=(self "https://adsco.re"),ch-rtt=(self "https://adsco.re"),ch-width=(self "https://adsco.re"),ch-viewport-width=(self "https://adsco.re"),ch-dpr=(self "https://adsco.re")
Link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=preconnect
Expires: Sun, 05 Mar 2023 03:58:36 GMT
ETag: W/"xkCBFtC0Wl/JiS60JFipuQ=="
CF-Cache-Status: HIT
Age: 2700278
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 793002667fffb512-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash b294347f11ec7e0c92d1fc8ada7737d6
263cf4f64b3edc057f899fc4591b28e1860dd512
9bc2bd76a641f73db1bd83a6da643d451fe314d620f4416f06558d065f6f36f7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9BC2BD76A641F73DB1BD83A6DA643D451FE314D620F4416F06558D065F6F36F7"
Last-Modified: Tue, 31 Jan 2023 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3379
Expires: Thu, 02 Feb 2023 04:54:55 GMT
Date: Thu, 02 Feb 2023 03:58:36 GMT
Connection: keep-alive
wvyzdcrenklm.n4.adsco.re/
38.132.109.186200 OK 0 B URL HTTP/1.1 wvyzdcrenklm.n4.adsco.re/
IP 38.132.109.186:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: wvyzdcrenklm.n4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: http://emuay2.blogspot.com
Connection: keep-alive
Referer: http://emuay2.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 03:58:36 GMT
Content-Type: text/html
Content-Length: 0
Last-Modified: Mon, 30 Jul 2018 15:32:42 GMT
Connection: close
ETag: "5b5f2f9a-0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Accept-Ranges: bytes
adsco.re/p
162.252.214.5200 OK 410 B IP 162.252.214.5:0
File type ASCII text, with very long lines (487), with no line terminators
Hash 218b3cf34b3cebd45d1b4c9afb237b1b
5482b31c4d2c996e8f2b4fdf82664d4537c74765
c83bb1ed9c437d9ac1a923291d06853e22c1e5eba8a5ef06ca0dbd919130aed4
POST /p HTTP/1.1
Host: adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Length: 2397
Origin: http://emuay2.blogspot.com
Connection: keep-alive
Referer: http://emuay2.blogspot.com/
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 03:58:36 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
AS-P-1: OK lon123
AS-P-2: OK
AS-P-3: OK
Access-Control-Max-Age: 2592000
Cache-Control: no-transform
Access-Control-Allow-Origin: http://emuay2.blogspot.com
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 5b740ddf4480b2c80d7d67cc7334fc69
604fabefb8366b2c64f286c5fd80d35534384cf0
dd1d9106a0841ba9432a0998c68638311563f11793cbca939ebe8f2f163366e4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DD1D9106A0841BA9432A0998C68638311563F11793CBCA939EBE8F2F163366E4"
Last-Modified: Tue, 31 Jan 2023 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6185
Expires: Thu, 02 Feb 2023 05:41:42 GMT
Date: Thu, 02 Feb 2023 03:58:37 GMT
Connection: keep-alive
serve.popads.net/c?_=BQFiAAAAAAAACZUAAkzkEQnm_kbw5_SjEBh_yZF2SMdtS8_WNRem0kosIq9G8dJEyBtKS5E8Uks3rocpfl7zG73m5q0fC7L7-9Nu3ltMH6rLvfSusNf7DIqRjh9mT3WUMJC0wXXODfPVRxuyflOCx1ZBSIKAszEef16p8Gx-DBb3aix2mErDbopBAppEyHJ5U1cHkV9bAoWGiQK48LH6KjxCD6eVulJUkOAA9jS7YY2lw-7X0CCuh20XD6yb6EF73L1-yqLBNsO5eKHlnlEyADHQY6uq6bEgIfuJYxMzNSE1uBcyU-jrea9Ko_qhHkf8hKR1RvzQSTcbnIi4T2B47NvuP7voEV6zR5ok_4rDxp45118INQgMeUF68vGQpRpAvSahzERpD4gkRoT5PVAxzI04f7Ql2_z806G1O5_6O2MHzfcqvAn_ET2xplIkISLN7KYSg7HNdvuKX6vmq4s98Mi4Gpm3SXLhC7z2yns&v=4&siteId=644761&minBid=&popundersPerIP=0,0&blockedCountries=&documentRef=http%3A%2F%2Ffsgwrfgwegra.blogspot.com%2F&s=1280,1024,1,1280,1024,0
216.21.13.11200 OK 44 B URL HTTP/1.1 serve.popads.net/c?_=BQFiAAAAAAAACZUAAkzkEQnm_kbw5_SjEBh_yZF2SMdtS8_WNRem0kosIq9G8dJEyBtKS5E8Uks3rocpfl7zG73m5q0fC7L7-9Nu3ltMH6rLvfSusNf7DIqRjh9mT3WUMJC0wXXODfPVRxuyflOCx1ZBSIKAszEef16p8Gx-DBb3aix2mErDbopBAppEyHJ5U1cHkV9bAoWGiQK48LH6KjxCD6eVulJUkOAA9jS7YY2lw-7X0CCuh20XD6yb6EF73L1-yqLBNsO5eKHlnlEyADHQY6uq6bEgIfuJYxMzNSE1uBcyU-jrea9Ko_qhHkf8hKR1RvzQSTcbnIi4T2B47NvuP7voEV6zR5ok_4rDxp45118INQgMeUF68vGQpRpAvSahzERpD4gkRoT5PVAxzI04f7Ql2_z806G1O5_6O2MHzfcqvAn_ET2xplIkISLN7KYSg7HNdvuKX6vmq4s98Mi4Gpm3SXLhC7z2yns&v=4&siteId=644761&minBid=&popundersPerIP=0,0&blockedCountries=&documentRef=http%3A%2F%2Ffsgwrfgwegra.blogspot.com%2F&s=1280,1024,1,1280,1024,0
IP 216.21.13.11:0
File type ASCII text, with no line terminators
Hash d5f0a25e4d3522d56d48ce7bc3e518fb
86794caff58f7fee6e684c2ba7195f970a8d6f4c
9d781128a8ece413b003d5612b8398bf9340ef7f5b751d12bd125ba523d3ceb5
GET /c?_=BQFiAAAAAAAACZUAAkzkEQnm_kbw5_SjEBh_yZF2SMdtS8_WNRem0kosIq9G8dJEyBtKS5E8Uks3rocpfl7zG73m5q0fC7L7-9Nu3ltMH6rLvfSusNf7DIqRjh9mT3WUMJC0wXXODfPVRxuyflOCx1ZBSIKAszEef16p8Gx-DBb3aix2mErDbopBAppEyHJ5U1cHkV9bAoWGiQK48LH6KjxCD6eVulJUkOAA9jS7YY2lw-7X0CCuh20XD6yb6EF73L1-yqLBNsO5eKHlnlEyADHQY6uq6bEgIfuJYxMzNSE1uBcyU-jrea9Ko_qhHkf8hKR1RvzQSTcbnIi4T2B47NvuP7voEV6zR5ok_4rDxp45118INQgMeUF68vGQpRpAvSahzERpD4gkRoT5PVAxzI04f7Ql2_z806G1O5_6O2MHzfcqvAn_ET2xplIkISLN7KYSg7HNdvuKX6vmq4s98Mi4Gpm3SXLhC7z2yns&v=4&siteId=644761&minBid=&popundersPerIP=0,0&blockedCountries=&documentRef=http%3A%2F%2Ffsgwrfgwegra.blogspot.com%2F&s=1280,1024,1,1280,1024,0 HTTP/1.1
Host: serve.popads.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://emuay2.blogspot.com/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
access-control-allow-origin: *
asf: 9
popads-ec: ASB
content-type: text/javascript;charset=UTF-8
content-length: 44
date: Thu, 02 Feb 2023 03:58:37 GMT
wvyzdcrenklm.s4.adsco.re/
185.200.116.90200 OK 0 B URL HTTP/1.1 wvyzdcrenklm.s4.adsco.re/
IP 185.200.116.90:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: wvyzdcrenklm.s4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: http://emuay2.blogspot.com
Connection: keep-alive
Referer: http://emuay2.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 03:58:37 GMT
Content-Type: text/html
Content-Length: 0
Last-Modified: Mon, 30 Jul 2018 15:38:01 GMT
Connection: close
ETag: "5b5f30d9-0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Accept-Ranges: bytes
www.patjaa.com/wp-content/uploads/2016/01/gkdfttyrew-500x250.jpg
52.71.57.184404 Not Found 0 B URL HTTP/1.0 www.patjaa.com/wp-content/uploads/2016/01/gkdfttyrew-500x250.jpg
IP 52.71.57.184:0
GET /wp-content/uploads/2016/01/gkdfttyrew-500x250.jpg HTTP/1.1
Host: www.patjaa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://emuay2.blogspot.com/
HTTP/1.0 404 Not Found
cache-control: no-cache
content-type: text/html
x-reason: MediaRequest
www.patjaa.com/wp-content/uploads/2016/01/45-39-387x500.jpg
52.71.57.184404 Not Found 0 B URL HTTP/1.0 www.patjaa.com/wp-content/uploads/2016/01/45-39-387x500.jpg
IP 52.71.57.184:0
GET /wp-content/uploads/2016/01/45-39-387x500.jpg HTTP/1.1
Host: www.patjaa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://emuay2.blogspot.com/
HTTP/1.0 404 Not Found
cache-control: no-cache
content-type: text/html
x-reason: MediaRequest