agfagto-festival-news.blogspot.ca/search/label/car%20tuned
172.217.21.161302 Moved Temporarily 204 B URL HTTP/1.1 agfagto-festival-news.blogspot.ca/search/label/car%20tuned
IP 172.217.21.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 9c30b4363662306ad20b9cfddf3ba1c0
7e294ed04c6631fab546c65880b5a7879cc1c780
43836503a10beb17ef3c9c7901224737f6acec2fa8bf423d1bdbb0ee5a90a51d
Analyzer Verdict Alert fortinet Malware
GET /search/label/car%20tuned HTTP/1.1
Host: agfagto-festival-news.blogspot.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Moved Temporarily
Location: http://agfagto-festival-news.blogspot.com/search/label/car%20tuned
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Sat, 10 Dec 2022 02:20:58 GMT
Expires: Sat, 10 Dec 2022 02:20:58 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 204
Server: GSE
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f2acd891dc6eb1f09f57a2b086791781
1e2088306501a61edcca1ade62c4d54f23b3b083
51148fed95cc00d60dc3640350f135b1b2763ff0e3cfbffc40f0948317894be9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "51148FED95CC00D60DC3640350F135B1B2763FF0E3CFBFFC40F0948317894BE9"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5798
Expires: Sat, 10 Dec 2022 03:57:37 GMT
Date: Sat, 10 Dec 2022 02:20:59 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash aea93551fa9deb76ae49a3b4019d64fe
e3b8862057ebe839959228e42246d7b1807fc90c
7e210f03b140418085e94ec20c1d27d6ecf7a404cbd323e16476ae5ae95d6dac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7E210F03B140418085E94EC20C1D27D6ECF7A404CBD323E16476AE5AE95D6DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2905
Expires: Sat, 10 Dec 2022 03:09:24 GMT
Date: Sat, 10 Dec 2022 02:20:59 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash b44c4b5daa307a355e7bab1c83c1ca82
dbd14cd873f1dd4502f277b3f51cb7bc8da0c080
fd4604461cfa002c8a261bb14eb8dda56817db231b9012b2eb38d6dbc2674df5
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Alert, Retry-After, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 10 Dec 2022 02:08:23 GMT
content-type: application/json
age: 756
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4ee537977be9c03702f8ffe0025bf1fe
21637881c4aa34c4add703f8bff4eff573159f45
4819229fd8f502a0c68c80bd7409e104c1b4d1a98ca8a6cd9deba629b1511aea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4819229FD8F502A0C68C80BD7409E104C1B4D1A98CA8A6CD9DEBA629B1511AEA"
Last-Modified: Thu, 08 Dec 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13407
Expires: Sat, 10 Dec 2022 06:04:26 GMT
Date: Sat, 10 Dec 2022 02:20:59 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: +zfHgmWpByUy7RAsfjP5QrgjQr7Z5DSm0HQbdn2yPBFfnbMPDCDZJSg2PFl2xRzpQXYxkdG0b1Q=
x-amz-request-id: FVAK169JMATQPE5Q
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 10 Dec 2022 01:48:36 GMT
age: 1943
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 10 Dec 2022 02:20:59 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
agfagto-festival-news.blogspot.com/search/label/car%20tuned
172.217.21.161200 OK 18 kB URL HTTP/1.1 agfagto-festival-news.blogspot.com/search/label/car%20tuned
IP 172.217.21.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (11202)
Hash 9515ac9d900d4aeec5a0ff4ad17f7485
cdbaea900c96cf9dcce60c71be1cb48e35600f7e
f79d67473897c89984cc69a15a74613d3efe25f62243ed5132023d2b0098b36b
Analyzer Verdict Alert fortinet Malware
GET /search/label/car%20tuned HTTP/1.1
Host: agfagto-festival-news.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Expires: Sat, 10 Dec 2022 02:20:59 GMT
Date: Sat, 10 Dec 2022 02:20:59 GMT
Cache-Control: private, max-age=0
Last-Modified: Mon, 21 Nov 2022 08:50:20 GMT
ETag: W/"16036a9ce315b051e2f668295e54b5e22946fe1b8b334088311f4183d11c6040"
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 17886
Server: GSE
agfagto-festival-news.blogspot.com/js/cookienotice.js
172.217.21.161200 OK 2.0 kB URL HTTP/1.1 agfagto-festival-news.blogspot.com/js/cookienotice.js
IP 172.217.21.161:0
Hash c4e1ed83d89245089b8a1203be20a377
f3940e1215b89300ef97d57a25993f25243b8688
afa801a129ff6fc98533118275db8a7d4a38fc91f8ab55ed4c19b864255e68d2
Analyzer Verdict Alert fortinet Malware
GET /js/cookienotice.js HTTP/1.1
Host: agfagto-festival-news.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://agfagto-festival-news.blogspot.com/search/label/car%20tuned
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 2026
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Fri, 09 Dec 2022 00:11:04 GMT
Expires: Fri, 16 Dec 2022 00:11:04 GMT
Cache-Control: public, max-age=604800
Last-Modified: Thu, 08 Dec 2022 21:55:30 GMT
Content-Type: text/javascript
Age: 94195
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Last-Modified, ETag, Cache-Control, Alert, Content-Length, Pragma, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 10 Dec 2022 02:07:55 GMT
age: 784
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 6c076be28fb3f21069b94f764b8098e1
0fd150ec27b65389ec1c482bdc2f52be1e24829a
858b98ebc77a7ce3083a3c31b2256383bf80e6344d0d3001950e0262eacfca6d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 02:21:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 480618e4b5701f6e3fcefae4bf344df5
63a9226f1d2af6a8b41771586e4aa18bd864241e
94bcc09084c2414fbd78f331bf0b4fbc10c2764057a153cdad8bbe9f9c3911b5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 02:21:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 6c076be28fb3f21069b94f764b8098e1
0fd150ec27b65389ec1c482bdc2f52be1e24829a
858b98ebc77a7ce3083a3c31b2256383bf80e6344d0d3001950e0262eacfca6d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 02:21:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash e6be4d2155028ffff5d01ab6e7edf6da
07172071b5cf43c4cd7d7930b4ad8518ec1e32e9
4d8a5fa2362fd0910babd6d128d850d4460829468eb23d34ee5ee6eaa42d5a38
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5319
Cache-Control: max-age=116074
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 02:21:00 GMT
Etag: "6392faaf-1d7"
Expires: Sun, 11 Dec 2022 10:35:34 GMT
Last-Modified: Fri, 09 Dec 2022 09:06:55 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471
www.blogger.com/static/v1/widgets/55013136-widget_css_bundle.css
142.250.74.41200 OK 6.6 kB URL HTTP/2 www.blogger.com/static/v1/widgets/55013136-widget_css_bundle.css
IP 142.250.74.41:0
File type ASCII text, with very long lines (30596)
Hash 6f46e6f68353c7911fe34f31faa1518f
ea4dbfa2f87c18e9c51c59a32dfa9afb9c2c3472
0be7e26374fcff6f423b88e5f2a05d1cfdcb56abb4a78fa125e391989782ae0f
GET /static/v1/widgets/55013136-widget_css_bundle.css HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://agfagto-festival-news.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 6620
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Dec 2022 14:01:43 GMT
expires: Wed, 06 Dec 2023 14:01:43 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 05 Dec 2022 19:52:21 GMT
content-type: text/css
age: 303557
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
apis.google.com/js/platform.js
142.250.74.78200 OK 21 kB URL HTTP/2 apis.google.com/js/platform.js
IP 142.250.74.78:0
File type ASCII text, with very long lines (1279)
Hash 7ac44ef24e267df17ff72f195b252806
62db12d9ce11a576ccd7fa3544d851c5fd42f3b7
aae7897e7b55999c1b3166309381d19ac488dced51e14071339d8b193a686a61
GET /js/platform.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://agfagto-festival-news.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 20984
date: Sat, 10 Dec 2022 02:21:00 GMT
expires: Sat, 10 Dec 2022 02:21:00 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "7446758f13887885"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.blogger.com/static/v1/widgets/2092647672-widgets.js
142.250.74.41200 OK 56 kB URL HTTP/2 www.blogger.com/static/v1/widgets/2092647672-widgets.js
IP 142.250.74.41:0
File type ASCII text, with very long lines (2221)
Hash 689971018982703ab88ce528368b9190
be9697d57e5c19d36c52aacd8b04a6a159a2f3bd
cf8b513cfd596cffc3a7e456eccc198b8e409f5aaf624d5dbeecdd748dce0cef
GET /static/v1/widgets/2092647672-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://agfagto-festival-news.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 56341
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 08 Dec 2022 02:10:45 GMT
expires: Fri, 08 Dec 2023 02:10:45 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 08 Dec 2022 00:55:10 GMT
content-type: text/javascript
age: 173415
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.worksopguardian.co.uk/webimage/nrtg_07_07_11_spo_etypes_tracking_1_3549828!image/2317459056.jpg_gen/derivatives/landscape_595/2317459056.jpg
172.64.151.70301 Moved Permanently 0 B URL HTTP/1.1 www.worksopguardian.co.uk/webimage/nrtg_07_07_11_spo_etypes_tracking_1_3549828!image/2317459056.jpg_gen/derivatives/landscape_595/2317459056.jpg
IP 172.64.151.70:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /webimage/nrtg_07_07_11_spo_etypes_tracking_1_3549828!image/2317459056.jpg_gen/derivatives/landscape_595/2317459056.jpg HTTP/1.1
Host: www.worksopguardian.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://agfagto-festival-news.blogspot.com/
HTTP/1.1 301 Moved Permanently
Date: Sat, 10 Dec 2022 02:21:00 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sat, 10 Dec 2022 03:21:00 GMT
Location: https://www.worksopguardian.co.uk/webimage/nrtg_07_07_11_spo_etypes_tracking_1_3549828!image/2317459056.jpg_gen/derivatives/landscape_595/2317459056.jpg
Set-Cookie: __cf_bm=eW1NLqggyMsJTg8wRgXI5MHsuHv9xr6Sz_RqQQE4uYY-1670638860-0-AfIVAlir+D4cEqCABnCBo93voPwmDeJzc1uEqqPsxVnXXmvDw7psfdhS9C3Tf0OQ3Gzf5DzE2VkwglyqnYkiq0E=; path=/; expires=Sat, 10-Dec-22 02:51:00 GMT; domain=.www.worksopguardian.co.uk; HttpOnly; SameSite=None
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Server: cloudflare
CF-RAY: 7772812e7adcb521-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
www.allfordmustangs.com/forums/attachments/mustang-ii-talk/31967d1187919039-my-1977-mustang-ii-has-new-stripes-2007_0213stripes0001.jpg
104.16.173.102301 Moved Permanently 0 B URL HTTP/1.1 www.allfordmustangs.com/forums/attachments/mustang-ii-talk/31967d1187919039-my-1977-mustang-ii-has-new-stripes-2007_0213stripes0001.jpg
IP 104.16.173.102:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /forums/attachments/mustang-ii-talk/31967d1187919039-my-1977-mustang-ii-has-new-stripes-2007_0213stripes0001.jpg HTTP/1.1
Host: www.allfordmustangs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://agfagto-festival-news.blogspot.com/
HTTP/1.1 301 Moved Permanently
Date: Sat, 10 Dec 2022 02:21:00 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sat, 10 Dec 2022 03:21:00 GMT
Location: https://www.allfordmustangs.com/forums/attachments/mustang-ii-talk/31967d1187919039-my-1977-mustang-ii-has-new-stripes-2007_0213stripes0001.jpg
Set-Cookie: __cf_bm=.D9OLiC.a.kMeLYWUYc2hlxrVbsIy4WO.1i.CeKni10-1670638860-0-ATccMJH4bJecnVbdId3qsPiquqljXxQNca2k40qOP+yxjzYkL2lwjgUkZcyvcyWcTaO/crkcGdnYcT7jVWYvKURSRzb8LquHo6mbaL3qavv1; path=/; expires=Sat, 10-Dec-22 02:51:00 GMT; domain=.www.allfordmustangs.com; HttpOnly; SameSite=None
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7772812e7b130b65-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
resources.blogblog.com/img/icon18_edit_allbkg.gif
142.250.74.41200 OK 162 B URL HTTP/2 resources.blogblog.com/img/icon18_edit_allbkg.gif
IP 142.250.74.41:0
File type GIF image data, version 89a, 18 x 18\012- data
Hash c991641178ff05adf0d004298b5eafa9
d8f6ce8ecd92b86d49849360f6b81ceb10b4c941
ca9848e6006cfec8f9ffa29433ade8152204bdb95579200831c6dc0f53dff70b
GET /img/icon18_edit_allbkg.gif HTTP/1.1
Host: resources.blogblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://agfagto-festival-news.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 162
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Dec 2022 14:19:02 GMT
expires: Tue, 13 Dec 2022 14:19:02 GMT
cache-control: public, max-age=604800
last-modified: Tue, 06 Dec 2022 07:54:23 GMT
content-type: image/gif
age: 302518
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
i181.photobucket.com/albums/x320/FearFactor_photos/S1031756.jpg
143.204.55.54301 Moved Permanently 167 B URL HTTP/1.1 i181.photobucket.com/albums/x320/FearFactor_photos/S1031756.jpg
IP 143.204.55.54:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash f5d40b7259645010f9a248858ad14178
b3051d17a6ec8c9e166bf09a62b48261ab86957b
7f5007068d2b56ea9735e2490d60cff2e72cae312024ac1f6c91158eba47d05d
GET /albums/x320/FearFactor_photos/S1031756.jpg HTTP/1.1
Host: i181.photobucket.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://agfagto-festival-news.blogspot.com/
HTTP/1.1 301 Moved Permanently
Server: CloudFront
Date: Sat, 10 Dec 2022 02:21:00 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Location: https://i181.photobucket.com/albums/x320/FearFactor_photos/S1031756.jpg
X-Cache: Redirect from cloudfront
Via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: z_KVUoDLxCPg4Q5WVdK0hkuvu417TdnyIBlPnFVtM60N6rZaeuO5XQ==
Vary: Origin
bigbuck98.files.wordpress.com/2011/05/texaco21.png%3Fw%3D640%26h%3D255
192.0.72.28301 Moved Permanently 162 B URL HTTP/1.1 bigbuck98.files.wordpress.com/2011/05/texaco21.png%3Fw%3D640%26h%3D255
IP 192.0.72.28:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /2011/05/texaco21.png%3Fw%3D640%26h%3D255 HTTP/1.1
Host: bigbuck98.files.wordpress.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://agfagto-festival-news.blogspot.com/
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 10 Dec 2022 02:21:00 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://bigbuck98.files.wordpress.com/2011/05/texaco21.png%3Fw%3D640%26h%3D255
www.caranddriver.com/var/ezflow_site/storage/images/reviews/comparisons/archive/1975_chevrolet_monza_2_2_vs._ford_mustang_ii-archived_comparison/gallery/1975_ford_mustang_ii_mach_i_and_chevrolet_monza_2_2b2_photo_21/3530652-1-eng-US/1975_ford_mustang_ii_mach_i_and_chevrolet_monza_2_2b2_1_cd_gallery.jpg
151.101.64.155301 Moved Permanently 0 B URL HTTP/1.1 www.caranddriver.com/var/ezflow_site/storage/images/reviews/comparisons/archive/1975_chevrolet_monza_2_2_vs._ford_mustang_ii-archived_comparison/gallery/1975_ford_mustang_ii_mach_i_and_chevrolet_monza_2_2b2_photo_21/3530652-1-eng-US/1975_ford_mustang_ii_mach_i_and_chevrolet_monza_2_2b2_1_cd_gallery.jpg
IP 151.101.64.155:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /var/ezflow_site/storage/images/reviews/comparisons/archive/1975_chevrolet_monza_2_2_vs._ford_mustang_ii-archived_comparison/gallery/1975_ford_mustang_ii_mach_i_and_chevrolet_monza_2_2b2_photo_21/3530652-1-eng-US/1975_ford_mustang_ii_mach_i_and_chevrolet_monza_2_2b2_1_cd_gallery.jpg HTTP/1.1
Host: www.caranddriver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://agfagto-festival-news.blogspot.com/
HTTP/1.1 301 Moved Permanently
Connection: close
Content-Length: 0
Retry-After: 0
Location: https://www.caranddriver.com/var/ezflow_site/storage/images/reviews/comparisons/archive/1975_chevrolet_monza_2_2_vs._ford_mustang_ii-archived_comparison/gallery/1975_ford_mustang_ii_mach_i_and_chevrolet_monza_2_2b2_photo_21/3530652-1-eng-US/1975_ford_mustang_ii_mach_i_and_chevrolet_monza_2_2b2_1_cd_gallery.jpg
Accept-Ranges: bytes
Date: Sat, 10 Dec 2022 02:21:00 GMT
X-Cache: HIT
set-cookie: geo_continent_code=EU; path=/
geo_country_code=NO; path=/
geo_postal_code=0168; path=/
location_data={"country_code":"NO","postal_code":"0168"}; path=/;
X-Robots-Tag: all
Strict-Transport-Security: max-age=31557600
x-country: NO
Link: <https://googletagservices.com>; rel=preconnect, <https://api.backfires.caranddriver.com>; rel=preconnect, <https://securepubads.g.doubleclick.net>; rel=preconnect, <https://cdn.optimizely.com>; rel=preconnect, <https://adservice.google.com>; rel=preconnect, <https://connect.facebook.net>; rel=preconnect, <https://logx.optimizely.com>; rel=preconnect, <https://www.facebook.com>; rel=preconnect, <https://h.nexac.com>; rel=preconnect, <https://gtrk.s3.amazonaws.com>; rel=preconnect, <https://graph.facebook.com>; rel=preconnect, <https://hips.hearstapps.com>; rel=preconnect, <https://nexus.ensighten.com>; rel=preconnect, <https://www.google-analytics.com>; rel=preconnect, <https://www.googletagmanager.com>; rel=preconnect, <https://stats.g.doubleclick.net>; rel=preconnect, <https://www.google.com>; rel=preconnect, <https://tpc.googlesyndication.com>; rel=preconnect, <https://fonts.googleapis.com>; rel=preconnect, <https://img.vast.com>; rel=preconnect, <https://z.moatads.com>; rel=preconnect
Cache-Control: max-age=0, must-revalidate, private
autotraderca.files.wordpress.com/2009/10/1975-ford-mustang-ii.jpg
192.0.72.20301 Moved Permanently 162 B URL HTTP/1.1 autotraderca.files.wordpress.com/2009/10/1975-ford-mustang-ii.jpg
IP 192.0.72.20:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /2009/10/1975-ford-mustang-ii.jpg HTTP/1.1
Host: autotraderca.files.wordpress.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://agfagto-festival-news.blogspot.com/
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 10 Dec 2022 02:21:00 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://autotraderca.files.wordpress.com/2009/10/1975-ford-mustang-ii.jpg
www.wallpaper.com/galleryimages/17050224/gallery/testuser5_jan2008_01_mc1_g_fba46i_xba46i.jpg
151.101.66.114301 Moved Permanently 0 B URL HTTP/1.1 www.wallpaper.com/galleryimages/17050224/gallery/testuser5_jan2008_01_mc1_g_fba46i_xba46i.jpg
IP 151.101.66.114:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /galleryimages/17050224/gallery/testuser5_jan2008_01_mc1_g_fba46i_xba46i.jpg HTTP/1.1
Host: www.wallpaper.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://agfagto-festival-news.blogspot.com/
HTTP/1.1 301 Moved Permanently
Connection: close
Content-Length: 0
Server: Varnish
Retry-After: 0
Location: https://www.wallpaper.com/galleryimages/17050224/gallery/testuser5_jan2008_01_mc1_g_fba46i_xba46i.jpg
Accept-Ranges: bytes
Date: Sat, 10 Dec 2022 02:21:00 GMT
Via: 1.1 varnish
X-Served-By: cache-bma1661-BMA
X-Cache-Hits: 0
X-Timer: S1670638861.602701,VS0,VE1
Strict-Transport-Security: max-age=300
Set-Cookie: FTR_Country_Code=(null); path=/; domain=www.wallpaper.com
FTR_Cache_Status=HIT-SYNTH; path=/; domain=www.wallpaper.com
x-cache: HIT-SYNTH
momentsbymoser.zenfolio.com/img/v20/p502276849-3.jpg
199.181.197.10301 Moved Permanently 0 B URL HTTP/1.1 momentsbymoser.zenfolio.com/img/v20/p502276849-3.jpg
IP 199.181.197.10:0
ASN #209242 Cloudflare London, LLC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /img/v20/p502276849-3.jpg HTTP/1.1
Host: momentsbymoser.zenfolio.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://agfagto-festival-news.blogspot.com/
HTTP/1.1 301 Moved Permanently
Date: Sat, 10 Dec 2022 02:21:00 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sat, 10 Dec 2022 03:21:00 GMT
Location: https://momentsbymoser.zenfolio.com/img/v20/p502276849-3.jpg
Set-Cookie: __cf_bm=9WpN8mJbhVfzq55eD3dYrejkz04gn1XjHpIiBaMi8uw-1670638860-0-AenL+zMHZNuiw6JYM7OkDWyKdW2qd9l9TXVQB6UZB1UuCcdSK+93bCk6HKiFinJ5vxGeYpxIJoAMMPeZfMa91sY=; path=/; expires=Sat, 10-Dec-22 02:51:00 GMT; domain=.zenfolio.com; HttpOnly; SameSite=None
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Server: cloudflare
CF-RAY: 7772812ea929b505-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
images.doctissimo.fr/1/famille/fiat-sathonay-octobre/photo/hd/0453967045/2942493750/fiat-sathonay-octobre-ancienne-jaguar-big.jpg
143.204.55.89301 Moved Permanently 167 B URL HTTP/1.1 images.doctissimo.fr/1/famille/fiat-sathonay-octobre/photo/hd/0453967045/2942493750/fiat-sathonay-octobre-ancienne-jaguar-big.jpg
IP 143.204.55.89:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash f5d40b7259645010f9a248858ad14178
b3051d17a6ec8c9e166bf09a62b48261ab86957b
7f5007068d2b56ea9735e2490d60cff2e72cae312024ac1f6c91158eba47d05d
GET /1/famille/fiat-sathonay-octobre/photo/hd/0453967045/2942493750/fiat-sathonay-octobre-ancienne-jaguar-big.jpg HTTP/1.1
Host: images.doctissimo.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://agfagto-festival-news.blogspot.com/
HTTP/1.1 301 Moved Permanently
Server: CloudFront
Date: Sat, 10 Dec 2022 02:21:00 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Location: https://images.doctissimo.fr/1/famille/fiat-sathonay-octobre/photo/hd/0453967045/2942493750/fiat-sathonay-octobre-ancienne-jaguar-big.jpg
X-Cache: Redirect from cloudfront
Via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 4KtzKh_DjzIGfDc0Z5JWdwRmczMKvy401sgRF62r1L46LFO0xr04-A==
www.ssrfanatic.com/forum/attachments/f35/104303d1301050986-car-tuned-111.jpg
104.16.173.102301 Moved Permanently 0 B URL HTTP/1.1 www.ssrfanatic.com/forum/attachments/f35/104303d1301050986-car-tuned-111.jpg
IP 104.16.173.102:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /forum/attachments/f35/104303d1301050986-car-tuned-111.jpg HTTP/1.1
Host: www.ssrfanatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://agfagto-festival-news.blogspot.com/
HTTP/1.1 301 Moved Permanently
Date: Sat, 10 Dec 2022 02:21:00 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sat, 10 Dec 2022 03:21:00 GMT
Location: https://www.ssrfanatic.com/forum/attachments/f35/104303d1301050986-car-tuned-111.jpg
Set-Cookie: __cf_bm=0dRSbASk6RjclHmM9EreLvnqm.oIz8_fDrYMjt2sO5Q-1670638860-0-Ab04/6dxooduoqKuwIKFrpDtMDbg0+H7/hciCH7VdkLuIe/feWf8gJCY0/77jhpiV3wJP1/IT/6Hx2RkYPQBrI4DZYR21J3Ep+1XypSJM649; path=/; expires=Sat, 10-Dec-22 02:51:00 GMT; domain=.www.ssrfanatic.com; HttpOnly; SameSite=None
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7772812ead9eb518-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
www.modifiedcars.com/pix/cars_high/29461_130475.jpg
64.190.63.111403 Forbidden 110 B URL HTTP/1.1 www.modifiedcars.com/pix/cars_high/29461_130475.jpg
IP 64.190.63.111:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash a91ee3cb35185cccc15e68e9c76c5441
59ae4770e2c926731d216c4aae03130d66fef18f
da14c9f38411534fa596d36202c22c26f146b9d814a1d4e52e7fad08c9a2dbce
GET /pix/cars_high/29461_130475.jpg HTTP/1.1
Host: www.modifiedcars.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://agfagto-festival-news.blogspot.com/
HTTP/1.1 403 Forbidden
date: Sat, 10 Dec 2022 02:21:00 GMT
content-type: text/html
transfer-encoding: chunked
vary: Accept-Encoding
server: NginX
content-encoding: gzip
www.forum-peugeot.com/Forum/mesimages/24497/Dsc01022.jpg
37.187.249.157301 Moved Permanently 272 B URL HTTP/1.1 www.forum-peugeot.com/Forum/mesimages/24497/Dsc01022.jpg
IP 37.187.249.157:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a71763c488c892b595bd6fe9b3298d4d
9117a78b7cc73f3d0185150ef487c57932ec6aa8
d33af824fa0bd57cbd5ebceae8a7026b65e439d6042af56f26b1f404f6431fd2
GET /Forum/mesimages/24497/Dsc01022.jpg HTTP/1.1
Host: www.forum-peugeot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://agfagto-festival-news.blogspot.com/
HTTP/1.1 301 Moved Permanently
Date: Sat, 10 Dec 2022 02:21:00 GMT
Server: Apache
Location: https://www.forum-peugeot.com/Forum/mesimages/24497/Dsc01022.jpg
Content-Length: 272
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
www.mbcar.ru/pictures/100_407-1.jpg
142.132.220.55301 Moved Permanently 178 B URL HTTP/1.1 www.mbcar.ru/pictures/100_407-1.jpg
IP 142.132.220.55:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
GET /pictures/100_407-1.jpg HTTP/1.1
Host: www.mbcar.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://agfagto-festival-news.blogspot.com/
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 10 Dec 2022 02:21:00 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: https://www.mbcar.ru/pictures/100_407-1.jpg
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.geaHZXF2-fw.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/cb=gapi.loaded_0?le=scs
142.250.74.78200 OK 58 kB URL HTTP/2 apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.geaHZXF2-fw.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/cb=gapi.loaded_0?le=scs
IP 142.250.74.78:0
File type ASCII text, with very long lines (580)
Hash 813b15c3004464f6bd39fd0773b04757
bd2218fe1e647f61132aad70d29cd91fd0416f26
446c6d83404c0fc4bc1ca6e1c0895f9400309185a534b3f4b6d500e668efeadf
GET /_/scs/abc-static/_/js/k=gapi.lb.en.geaHZXF2-fw.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/cb=gapi.loaded_0?le=scs HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://agfagto-festival-news.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 57794
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 09 Dec 2022 13:33:14 GMT
expires: Sat, 09 Dec 2023 13:33:14 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 01 Nov 2022 15:24:55 GMT
content-type: text/javascript; charset=UTF-8
age: 46066
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/js/google_top_exp.js
142.250.74.66200 OK 67 B URL HTTP/1.1 pagead2.googlesyndication.com/pagead/js/google_top_exp.js
IP 142.250.74.66:0
Hash 9bbc3ca32ec951a484589ce0e6b4db73
753d6f6183b33b2dee5dde2208fca91c17f5bb13
b8f16a16d2a7ea39a9cc079fdbe3af7d31393d62a853668bdd549e0a0311cb3c
GET /pagead/js/google_top_exp.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://agfagto-festival-news.blogspot.com/
HTTP/1.1 200 OK
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: cafe
Content-Length: 67
X-XSS-Protection: 0
Date: Fri, 09 Dec 2022 07:02:46 GMT
Expires: Fri, 23 Dec 2022 07:02:46 GMT
Cache-Control: public, max-age=1209600
ETag: 13036835877489095579
Content-Type: text/javascript; charset=UTF-8
Age: 69494
images03.olx.ae/ui/11/34/65/1312393273_235772965_7-2010-Mercedes-Benz-GL-Class-GL450-4MATIC-.jpg
54.73.156.4301 Moved Permanently 185 B URL HTTP/1.1 images03.olx.ae/ui/11/34/65/1312393273_235772965_7-2010-Mercedes-Benz-GL-Class-GL450-4MATIC-.jpg
IP 54.73.156.4:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 38fada5025635988510e23fd2b8a036a
1547f7f057ca2af4e943166647a124b44d60c809
4812383d1a294a8164a06ea5dcb7dfd66886f41e70f44b507475ec166e9da3fc
GET /ui/11/34/65/1312393273_235772965_7-2010-Mercedes-Benz-GL-Class-GL450-4MATIC-.jpg HTTP/1.1
Host: images03.olx.ae
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://agfagto-festival-news.blogspot.com/
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
Date: Sat, 10 Dec 2022 02:21:00 GMT
Location: http://www.dubizzle.com/
Server: nginx/1.16.1
Content-Length: 185
Connection: keep-alive
www.oldclassiccar.co.uk/classic-car-images/vauxhall-ten.jpg
217.160.0.4301 Moved Permanently 275 B URL HTTP/1.1 www.oldclassiccar.co.uk/classic-car-images/vauxhall-ten.jpg
IP 217.160.0.4:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 0659800396aa53afef8dbf902c22f02a
7e1926ced90c0613b64630521ecf467d799df674
bf8c1902824df5aab90ffcae0bc0887eac00ffdffc834631bae06508e8c768d3
GET /classic-car-images/vauxhall-ten.jpg HTTP/1.1
Host: www.oldclassiccar.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://agfagto-festival-news.blogspot.com/
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=iso-8859-1
Content-Length: 275
Connection: keep-alive
Keep-Alive: timeout=15
Date: Sat, 10 Dec 2022 02:21:00 GMT
Server: Apache
Location: https://www.oldclassiccar.co.uk/classic-car-images/vauxhall-ten.jpg
www.blogger.com/img/share_buttons_20_3.png
142.250.74.41200 OK 5.1 kB URL HTTP/2 www.blogger.com/img/share_buttons_20_3.png
IP 142.250.74.41:0
File type PNG image data, 120 x 60, 8-bit/color RGBA, non-interlaced\012- data
Hash ad9999106d5f550920b586e8e1704e5a
93fd02c51166402a41f96509cd0ca3fb917877dd
3829a5b2ade7cfc416c80b8f3df71e49e68672875f025d525223978f5cee3fd3
GET /img/share_buttons_20_3.png HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/static/v1/widgets/55013136-widget_css_bundle.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 5080
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Dec 2022 17:28:13 GMT
expires: Tue, 13 Dec 2022 17:28:13 GMT
cache-control: public, max-age=604800
last-modified: Tue, 06 Dec 2022 04:51:45 GMT
content-type: image/png
age: 291167
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.blog-note.com/images/200804/20080430c_peugeot_605_jean_marie_le_pen.jpg
213.186.33.4301 Moved Permanently 291 B URL HTTP/1.1 www.blog-note.com/images/200804/20080430c_peugeot_605_jean_marie_le_pen.jpg
IP 213.186.33.4:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 1df7ce929dacdb39384d0d2f9edaa520
85302202eb3bcbf3d8c820a4726d155ab22f9d77
e1a9bb9418cdf929f4d1e4f186792072da4d2fbd0716dd2c7b8e9714ea5637e1
GET /images/200804/20080430c_peugeot_605_jean_marie_le_pen.jpg HTTP/1.1
Host: www.blog-note.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://agfagto-festival-news.blogspot.com/
HTTP/1.1 301 Moved Permanently
date: Sat, 10 Dec 2022 02:21:00 GMT
content-type: text/html; charset=iso-8859-1
content-length: 291
server: Apache
location: https://www.blog-note.com/images/200804/20080430c_peugeot_605_jean_marie_le_pen.jpg
x-iplb-request-id: 5B5A2A9A:0964_D5BA2104:0050_6393ED0C_D194:1F4A9
x-iplb-instance: 31947
www.cartype.com/pics/7600/full/porsche_718_w-rs_spyder_sm_62_05.jpg
45.79.0.147302 Found 335 B URL HTTP/1.1 www.cartype.com/pics/7600/full/porsche_718_w-rs_spyder_sm_62_05.jpg
IP 45.79.0.147:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 0518a93ecea65473e807b2f6f068a282
3932a0a7a274c50d77525158a4ff7a8b27d7ecb1
20799010bf1a9c719a39ee50f29cbc1fce4f578d9d1a39177f864e7ef76d0f5c
GET /pics/7600/full/porsche_718_w-rs_spyder_sm_62_05.jpg HTTP/1.1
Host: www.cartype.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://agfagto-festival-news.blogspot.com/
HTTP/1.1 302 Found
Date: Sat, 10 Dec 2022 02:21:00 GMT
Server: Apache/2.4.7 (Ubuntu)
Strict-Transport-Security: max-age=15552001;
Location: https://cartype.com/pics/7600/full/porsche_718_w-rs_spyder_sm_62_05.jpg
Content-Length: 335
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
www1.clikpic.com/ken36363/images/Old_Rusty_Cars.jpg
54.230.111.59200 OK 160 kB URL HTTP/1.1 www1.clikpic.com/ken36363/images/Old_Rusty_Cars.jpg
IP 54.230.111.59:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 600x400, components 3\012- data
Size 160 kB (160538 bytes)
Hash 0228b40e0516d3ef319d4fc1eaa3f691
c8422f6910a47b41270a442bb91382a806983ccb
79030829e48f6cf0655f4611253b0e83b99d43ce90b8c3bf1770db6b29004c86
GET /ken36363/images/Old_Rusty_Cars.jpg HTTP/1.1
Host: www1.clikpic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://agfagto-festival-news.blogspot.com/
HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 160538
Connection: keep-alive
Last-Modified: Wed, 09 Mar 2016 22:43:32 GMT
Accept-Ranges: bytes
Server: AmazonS3
Date: Sat, 10 Dec 2022 02:21:01 GMT
ETag: "0228b40e0516d3ef319d4fc1eaa3f691"
X-Cache: RefreshHit from cloudfront
Via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: qZeiUBDFQHOknAb9RkvewkoCO2T-Y9agjYIdrEZU0AN-KXPtRKl-Yw==
www.japanesesportcars.com/photos/d/65277-2/tuned-scion-tc.JPG
143.204.55.93301 Found 0 B URL HTTP/1.1 www.japanesesportcars.com/photos/d/65277-2/tuned-scion-tc.JPG
IP 143.204.55.93:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /photos/d/65277-2/tuned-scion-tc.JPG HTTP/1.1
Host: www.japanesesportcars.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://agfagto-festival-news.blogspot.com/
HTTP/1.1 301 Found
Content-Length: 0
Connection: keep-alive
Server: CloudFront
Date: Sat, 10 Dec 2022 02:21:00 GMT
Location: https://www.edmunds.com/car-news/
X-Cache: LambdaGeneratedResponse from cloudfront
Via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: NvU887Jp7FnJRw9rjJDDM1cU0qr3imGZ5boMp9Iakl-QP3AMCR7TEw==
push.services.mozilla.com/
35.82.221.194101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.82.221.194:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: twsCzeYWaJ4f41XqClunlA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: cDCW9GrKHDbppJySsBZLrNJkEJU=
carsmedia.ign.com/cars/image/article/713/713871/nismo-r-tune-altima--20060621045630403.jpg
151.101.129.135200 OK 32 kB URL HTTP/1.1 carsmedia.ign.com/cars/image/article/713/713871/nismo-r-tune-altima--20060621045630403.jpg
IP 151.101.129.135:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 460x277, components 3\012- data
Hash 1abe5bc87cd507e982a1af5b369bd4e0
c9181c74e6691cd3980b04fbeffafa33d9957d39
2bf2c63c48626bc0d33abf79fb3675d0df736f0d369a3d7fc9a9489ad4952925
GET /cars/image/article/713/713871/nismo-r-tune-altima--20060621045630403.jpg HTTP/1.1
Host: carsmedia.ign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://agfagto-festival-news.blogspot.com/
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 31524
Content-Type: image/jpeg
Etag: "rrmxWPUEnYLHNt/PCYwAUoEZpmYE52cojGNhzV7eJuc"
Fastly-Io-Info: ifsz=131229 idim=460x277 ifmt=jpeg ofsz=31524 odim=460x277 ofmt=jpeg
Fastly-Stats: io=1
Server: AmazonS3
X-Amz-Id-2: BgIm5rxVLrhJ8tjJ3qn/g7uVQBGjPDOwjzLRZBTUmVuYnSKoXmOPSrhGBwOZRT3nPEmHdXGRzQ0=
X-Amz-Request-Id: G5JBMD6XN621YHYX
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Sat, 10 Dec 2022 02:21:00 GMT
Age: 1357370
X-Served-By: cache-iad-kiad7000120-IAD, cache-bma1626-BMA
X-Cache: HIT, MISS
X-Cache-Hits: 7, 0
X-Timer: S1670638861.600608,VS0,VE134
Cache-Control: max-age=86400
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5496e18a30e039b44989d9a0e932d4bc
c5bfb1b9ce711e38d69e78486017f07cc47fe04a
26a3ad286e479cdabfcbb5a9d3fada211c73650628a35c80944b0e7e8aad27e0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 02:21:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 6c076be28fb3f21069b94f764b8098e1
0fd150ec27b65389ec1c482bdc2f52be1e24829a
858b98ebc77a7ce3083a3c31b2256383bf80e6344d0d3001950e0262eacfca6d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 02:21:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lostwebtracker.com/?if=1&scr_w=1280&scr_h=1024&blog=http%3A//agfagto-festival-news.blogspot.com/search/label/car%2520tuned&ref=&l=cars
81.17.29.147200 OK 604 B URL HTTP/1.1 lostwebtracker.com/?if=1&scr_w=1280&scr_h=1024&blog=http%3A//agfagto-festival-news.blogspot.com/search/label/car%2520tuned&ref=&l=cars
IP 81.17.29.147:0
ASN #51852 Private Layer INC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (604), with no line terminators
Hash b2c4f867b25deab9911803a18fcc9ce0
842e6c1753bc227b669e1e1436ee9653d06d1181
a6a48c2891df7d3868ac058f8c3ad32d5138cc8e20cbfc988f55bc89eef1dd8a
GET /?if=1&scr_w=1280&scr_h=1024&blog=http%3A//agfagto-festival-news.blogspot.com/search/label/car%2520tuned&ref=&l=cars HTTP/1.1
Host: lostwebtracker.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://agfagto-festival-news.blogspot.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
accept-ch: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 604
content-type: text/html; charset=utf-8
date: Sat, 10 Dec 2022 02:21:00 GMT
server: nginx
set-cookie: sid=49f1b7b0-7831-11ed-9572-61007b0fd01b; path=/; domain=.lostwebtracker.com; expires=Thu, 28 Dec 2090 05:35:07 GMT; max-age=2147483647; HttpOnly
foreignautosalvage.com/carlist/cars/photos/e877-5.jpg
216.116.16.45404 Not Found 348 B URL HTTP/1.1 foreignautosalvage.com/carlist/cars/photos/e877-5.jpg
IP 216.116.16.45:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 0f407a03011964c38f25eee3080f6db3
1cad9d4832759edc92305a8c61ab0ab273248f1b
ab17620981a82901efc45ed604d0d532f6d98be2901c1e63f2a0378f281beac1
GET /carlist/cars/photos/e877-5.jpg HTTP/1.1
Host: foreignautosalvage.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://agfagto-festival-news.blogspot.com/
HTTP/1.1 404 Not Found
Date: Sat, 10 Dec 2022 02:21:01 GMT
Server: Apache
Content-Length: 348
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
www.mdiecast.com/pictures/_users/1221_Volodymyr/14650_1960Porsche718F2-5s.jpg
51.161.13.8301 Moved Permanently 293 B URL HTTP/1.1 www.mdiecast.com/pictures/_users/1221_Volodymyr/14650_1960Porsche718F2-5s.jpg
IP 51.161.13.8:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 7b78bced745b5b8da4816f9fcd124cab
e41ad6c186fd563ebf88e6c0a5ec9d796bb950c9
adb335cc1b46ab9b19aacb2cb411a163d80f13bc001d1f3158c0a1f9a97f8272
GET /pictures/_users/1221_Volodymyr/14650_1960Porsche718F2-5s.jpg HTTP/1.1
Host: www.mdiecast.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://agfagto-festival-news.blogspot.com/
HTTP/1.1 301 Moved Permanently
Date: Sat, 10 Dec 2022 02:21:00 GMT
Server: Apache
Location: https://www.mdiecast.com/pictures/_users/1221_Volodymyr/14650_1960Porsche718F2-5s.jpg
Content-Length: 293
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
www.ultimatecarpage.com/images/large/3480/Porsche-718-RS-60-Spyder_6.jpg
52.117.207.40301 Moved Permanently 288 B URL HTTP/1.1 www.ultimatecarpage.com/images/large/3480/Porsche-718-RS-60-Spyder_6.jpg
IP 52.117.207.40:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash c7ad592ad4bdf6656603ca320a66d29e
edee9ade9691458095b0512799dcb2401ef57c8d
d38e86440be15e352cdbc88eda72d358c07dcfd9c84e6a67a4784081828ddb61
GET /images/large/3480/Porsche-718-RS-60-Spyder_6.jpg HTTP/1.1
Host: www.ultimatecarpage.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://agfagto-festival-news.blogspot.com/
HTTP/1.1 301 Moved Permanently
Date: Sat, 10 Dec 2022 02:21:00 GMT
Server: Apache
Location: https://www.ultimatecarpage.com/images/large/3480/Porsche-718-RS-60-Spyder_6.jpg
Content-Length: 288
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
fancytuning.com/wp-content/uploads/2008/05/lithuanian_bmw_6_series_5.jpg
184.75.248.35301 Moved Permanently 707 B URL HTTP/1.1 fancytuning.com/wp-content/uploads/2008/05/lithuanian_bmw_6_series_5.jpg
IP 184.75.248.35:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
GET /wp-content/uploads/2008/05/lithuanian_bmw_6_series_5.jpg HTTP/1.1
Host: fancytuning.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://agfagto-festival-news.blogspot.com/
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 10 Dec 2022 02:21:00 GMT
Content-Type: text/html
Content-Length: 707
location: https://fancytuning.com/wp-content/uploads/2008/05/lithuanian_bmw_6_series_5.jpg
x-turbo-charged-by: LiteSpeed
www.caranddriver.com/var/ezflow_site/storage/images/reviews/comparisons/archive/1975_chevrolet_monza_2_2_vs._ford_mustang_ii-archived_comparison/gallery/1975_ford_mustang_ii_mach_i_and_chevrolet_monza_2_2b2_photo_21/3530652-1-eng-US/1975_ford_mustang_ii_mach_i_and_chevrolet_monza_2_2b2_1_cd_gallery.jpg
151.101.64.155404 Not Found 56 B URL HTTP/2 www.caranddriver.com/var/ezflow_site/storage/images/reviews/comparisons/archive/1975_chevrolet_monza_2_2_vs._ford_mustang_ii-archived_comparison/gallery/1975_ford_mustang_ii_mach_i_and_chevrolet_monza_2_2b2_photo_21/3530652-1-eng-US/1975_ford_mustang_ii_mach_i_and_chevrolet_monza_2_2b2_1_cd_gallery.jpg
IP 151.101.64.155:0
File type ASCII text, with no line terminators
Hash 9d7a655d29b2ae9ab2ec8888e8a13216
67cb59441c08f961fab9001346ed82960a7c40c0
d8c78171cc8572cbef05e97492e60d6457810466d775c3e31aa3d1406d179da6
GET /var/ezflow_site/storage/images/reviews/comparisons/archive/1975_chevrolet_monza_2_2_vs._ford_mustang_ii-archived_comparison/gallery/1975_ford_mustang_ii_mach_i_and_chevrolet_monza_2_2b2_photo_21/3530652-1-eng-US/1975_ford_mustang_ii_mach_i_and_chevrolet_monza_2_2b2_1_cd_gallery.jpg HTTP/1.1
Host: www.caranddriver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://agfagto-festival-news.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
content-type: text/html; charset=utf-8
etag: W/"28-YJlERIRrMPpRSJdK5OipkN1Q0ZA"
content-encoding: gzip
accept-ranges: bytes
date: Sat, 10 Dec 2022 02:21:00 GMT
age: 0
x-cache: MISS, MISS
vary: Accept-Encoding
set-cookie: _perhip=; expires=Fri, 10 Dec 2021 02:21:00 GMT; path=/;
_HFID=; httponly; expires=Fri, 10 Dec 2021 02:21:00 GMT; secure; path=/;
_HFID=; expires=Fri, 10 Dec 2021 02:21:00 GMT; secure; path=/;
location_data={"country_code":"NO","postal_code":"0168"}; path=/;
x-robots-tag: all
strict-transport-security: max-age=31557600
x-country: NO
link: <https://googletagservices.com>; rel=preconnect, <https://api.backfires.caranddriver.com>; rel=preconnect, <https://securepubads.g.doubleclick.net>; rel=preconnect, <https://cdn.optimizely.com>; rel=preconnect, <https://adservice.google.com>; rel=preconnect, <https://connect.facebook.net>; rel=preconnect, <https://logx.optimizely.com>; rel=preconnect, <https://www.facebook.com>; rel=preconnect, <https://h.nexac.com>; rel=preconnect, <https://gtrk.s3.amazonaws.com>; rel=preconnect, <https://graph.facebook.com>; rel=preconnect, <https://hips.hearstapps.com>; rel=preconnect, <https://nexus.ensighten.com>; rel=preconnect, <https://www.google-analytics.com>; rel=preconnect, <https://www.googletagmanager.com>; rel=preconnect, <https://stats.g.doubleclick.net>; rel=preconnect, <https://www.google.com>; rel=preconnect, <https://tpc.googlesyndication.com>; rel=preconnect, <https://fonts.googleapis.com>; rel=preconnect, <https://img.vast.com>; rel=preconnect, <https://z.moatads.com>; rel=preconnect
cache-control: no-store, private
content-length: 56
X-Firefox-Spdy: h2
amglifestyle.com/wp-content/uploads/2011/05/mb_slrstirling5.jpg
162.241.225.204301 Moved Permanently 279 B URL HTTP/1.1 amglifestyle.com/wp-content/uploads/2011/05/mb_slrstirling5.jpg
IP 162.241.225.204:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 2a10bb0e3cac495579a04ec89e92d2dc
b6c5a4bd8a4b3158509c4b5a6ad2aa727ca869aa
c68f157c9c9ca8a80d5b67c4c09b19fb1a0bb530652a5a4087de30a91c2eba25
GET /wp-content/uploads/2011/05/mb_slrstirling5.jpg HTTP/1.1
Host: amglifestyle.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://agfagto-festival-news.blogspot.com/
HTTP/1.1 301 Moved Permanently
Date: Sat, 10 Dec 2022 02:21:00 GMT
Server: Apache
Location: https://amglifestyle.com/wp-content/uploads/2011/05/mb_slrstirling5.jpg
Content-Length: 279
Keep-Alive: timeout=5, max=75
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
www.globalmotors.net/wp-content/uploads/2009/01/mercedes-slr-stirling-moss-2.jpg
199.59.243.222200 OK 1.0 kB URL HTTP/1.1 www.globalmotors.net/wp-content/uploads/2009/01/mercedes-slr-stirling-moss-2.jpg
IP 199.59.243.222:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1468), with no line terminators
Hash 0586c156d0494e3e2a86607e0c504452
fd8a8ae1cf8e92318de03c02aab21e693bc04ad1
559b941bda1405c82429d87281e9903a4cdbd70a508c8b8af33569fbbc9254dc
GET /wp-content/uploads/2009/01/mercedes-slr-stirling-moss-2.jpg HTTP/1.1
Host: www.globalmotors.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://agfagto-festival-news.blogspot.com/
HTTP/1.1 200 OK
Server: openresty
Date: Sat, 10 Dec 2022 02:21:00 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: parking_session=050267df-5153-8c07-c964-30805019749a; expires=Sat, 10-Dec-2022 02:36:00 GMT; Max-Age=900; path=/; HttpOnly
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_vrkzIO11DvGJHJg8vFRwTQ6QwzZCGKBf5640pu4vy2CKBscueRi9bYy3LMieQy84vDlE7Pq0G5zmRihttm0ESg==
Accept-CH: sec-ch-prefers-color-scheme
Critical-CH: sec-ch-prefers-color-scheme
Vary: sec-ch-prefers-color-scheme
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Encoding: gzip
www.olx.com/ui/1/51/93/5004893_2.jpg
95.101.10.145301 Moved Permanently 162 B URL HTTP/1.1 www.olx.com/ui/1/51/93/5004893_2.jpg
IP 95.101.10.145:0
ASN #20940 Akamai International B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /ui/1/51/93/5004893_2.jpg HTTP/1.1
Host: www.olx.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://agfagto-festival-news.blogspot.com/
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Server: nginx
Content-Type: text/html
Content-Length: 162
Location: https://www.olx.com/ui/1/51/93/5004893_2.jpg
Accept-Ranges: bytes
Strict-Transport-Security: max-age=31536000
Expires: Sat, 10 Dec 2022 02:21:00 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sat, 10 Dec 2022 02:21:00 GMT
Connection: keep-alive
www.seriouswheels.com/pics-1970-1979/1975-Ford-Mustang-Cobra-II-1280x960.jpg
69.163.228.170301 Moved Permanently 288 B URL HTTP/1.1 www.seriouswheels.com/pics-1970-1979/1975-Ford-Mustang-Cobra-II-1280x960.jpg
IP 69.163.228.170:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 40cefaed47a4ceb3fe0b8d064fd6874f
ebb17943b4f2e79b7a090528287c3e45b70016ee
e6f47a032332540f2e22a5b00f1b909d4f9de957935e4ced9ac31d20f087c1b8
GET /pics-1970-1979/1975-Ford-Mustang-Cobra-II-1280x960.jpg HTTP/1.1
Host: www.seriouswheels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://agfagto-festival-news.blogspot.com/
HTTP/1.1 301 Moved Permanently
Date: Sat, 10 Dec 2022 02:21:00 GMT
Server: Apache
Location: https://seriouswheels.com/pics-1970-1979/1975-Ford-Mustang-Cobra-II-1280x960.jpg
Content-Length: 288
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
www.wallpaper.com/galleryimages/17050224/gallery/testuser5_jan2008_01_mc1_g_fba46i_xba46i.jpg
151.101.66.114404 Not Found 182 B URL HTTP/2 www.wallpaper.com/galleryimages/17050224/gallery/testuser5_jan2008_01_mc1_g_fba46i_xba46i.jpg
IP 151.101.66.114:0
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash dc908dcc04f019ae14e555a942cc9448
a7644d9e0b8276aca4e561fc75ecea342562f1c4
8046abeabe93b1030f1ed2030f036a752078276b41b863cc5dfcef950efcfd62
GET /galleryimages/17050224/gallery/testuser5_jan2008_01_mc1_g_fba46i_xba46i.jpg HTTP/1.1
Host: www.wallpaper.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://agfagto-festival-news.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
content-type: text/html; charset=utf-8
content-encoding: gzip
x-ftr-buildid: 3_08/Dec/2022:02:07:55.665_/galleryimages/17050224/gallery/testuser5_jan2008_01_mc1_g_fba46i_xba46i.jpg_:V2:H2:R:V3:H3:O
x-ftr-cache-status: HIT
x-ftr-trace: V2:H2:R:V3:
x-ftr-expires: Thu, 08 Dec 2022 02:11:23 GMT
x-cache-control:
x-age: 0
x-ftr-request-id: 00000000000000000000FFFF9D34457F:DFAE_00000000000000000000FFFFB9711938:01BB_63914753_7CEF6F:1AC9DF
x-ftr-balancer: vanilla-mochi-http-haproxy-prod-2
x-ftr-backend: varnish-panther
x-ftr-backend-server: fte-varnish-prod-panther-3.uk-lon.srv-front.future.net.uk, fte-varnish-prod-panther-2
via: 1.1 varnish, 1.1 varnish
x-resp-is-stale: true
set-cookie: FTR_Country_Code=SE; path=/; domain=www.wallpaper.com
FTR_Cache_Status=HIT-STALE-CLUSTER; path=/; domain=www.wallpaper.com
FTR_Country_Code=NO; path=/; domain=www.wallpaper.com
FTR_Cache_Status=MISS-CLUSTER; path=/; domain=www.wallpaper.com
accept-ranges: bytes
date: Sat, 10 Dec 2022 02:21:01 GMT
age: 0
x-served-by: cache-lon4234-LON, cache-bma1649-BMA
x-cache-hits: 1, 0
x-timer: S1670638861.021013,VS0,VE33
vary: Accept-Encoding
x-country-code: US
x-country-code-real: NO
strict-transport-security: max-age=300
x-cache: MISS-CLUSTER
content-length: 182
X-Firefox-Spdy: h2
www.dubizzle.com/
45.60.242.176301 Moved Permanently 0 B IP 45.60.242.176:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: www.dubizzle.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://agfagto-festival-news.blogspot.com/
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Location: https://www.dubizzle.com/
Content-Length: 0
Connection: close
www.blogger.com/img/logo-16.png
142.250.74.41200 OK 279 B URL HTTP/1.1 www.blogger.com/img/logo-16.png
IP 142.250.74.41:0
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 5ffecab6c722bb0adc3fce8d83b27993
0e59b05d3da526e82bb4f5d47c5d94e2a318dafb
cca664ca16fde285160e80eae6ba4501c27b1dd1ce09aec1e84caa74b5baff53
GET /img/logo-16.png HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://agfagto-festival-news.blogspot.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 279
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 06 Dec 2022 07:09:35 GMT
Expires: Tue, 13 Dec 2022 07:09:35 GMT
Cache-Control: public, max-age=604800
Last-Modified: Mon, 05 Dec 2022 06:50:28 GMT
Content-Type: image/png
Age: 328286
www.team-bhp.com/forum/attachments/pre-war/386486d1278943562-1933-chevrolet-master-phaeton-calcutta-bumpu-sircar-dsc01555.jpg
104.26.12.127301 Moved Permanently 0 B URL HTTP/1.1 www.team-bhp.com/forum/attachments/pre-war/386486d1278943562-1933-chevrolet-master-phaeton-calcutta-bumpu-sircar-dsc01555.jpg
IP 104.26.12.127:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /forum/attachments/pre-war/386486d1278943562-1933-chevrolet-master-phaeton-calcutta-bumpu-sircar-dsc01555.jpg HTTP/1.1
Host: www.team-bhp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://agfagto-festival-news.blogspot.com/
HTTP/1.1 301 Moved Permanently
Date: Sat, 10 Dec 2022 02:21:01 GMT
Content-Length: 0
Connection: keep-alive
Location: https://www.team-bhp.com/forum/attachments/pre-war/386486d1278943562-1933-chevrolet-master-phaeton-calcutta-bumpu-sircar-dsc01555.jpg
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YWBGx5beUnltS4TcxOcY7wMv9CDFxX6UCWbkGEMwGiFhq0IRV75Ek8ZWmE5wOnEHEkkio0WxG2yqXIH9mzfYSxlANnE10dtqQz3FQAm0OMOrjsTAaiuoFqEBIZVITmCX3KQ%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7772812eab3a0b65-OSL
alt-svc: h2=":443"; ma=60
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 8fe57ce59d8a5a012378596aecf1949e
0475dba9db77d2adb6fa9ce615433e5797c41bc6
1b1dcc7062f8bf29fcd68acb94814c92a236f0b130774400ab7d40d776232870
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2604
Cache-Control: max-age=171707
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 02:21:01 GMT
Etag: "6393de9c-1d7"
Expires: Mon, 12 Dec 2022 02:02:48 GMT
Last-Modified: Sat, 10 Dec 2022 01:19:24 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471
www.oneillvintageford.co.uk/acatalog/phaeton-banner.jpg
213.246.101.166301 Moved Permanently 271 B URL HTTP/1.1 www.oneillvintageford.co.uk/acatalog/phaeton-banner.jpg
IP 213.246.101.166:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash ecdc0d9208003e56f48535acb1e40070
3e06185193f352b3a4873dc3e576fdd56ec3eede
0c24188ec3617996fded6670f54faf36c3951288df21f4e08473ddd455ff5c30
GET /acatalog/phaeton-banner.jpg HTTP/1.1
Host: www.oneillvintageford.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://agfagto-festival-news.blogspot.com/
HTTP/1.1 301 Moved Permanently
Date: Sat, 10 Dec 2022 02:21:01 GMT
Server: Apache
Location: https://www.oneillvintageford.co.uk/acatalog/phaeton-banner.jpg
Content-Length: 271
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
autotraderca.files.wordpress.com/2009/10/1975-ford-mustang-ii.jpg
192.0.72.20200 OK 115 kB URL HTTP/2 autotraderca.files.wordpress.com/2009/10/1975-ford-mustang-ii.jpg
IP 192.0.72.20:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1], baseline, precision 8, 613x345, components 3\012- data
Size 115 kB (115359 bytes)
Hash e5afc22a6ef6ab6bbbeb968b6be21a4a
1b6dc657cbbaa1fa7fbc60e6a8fcb43bd123f976
6824491445d3779d8227930033be63367e3b82fd2752b9b3f5de8e77c449c4e3
GET /2009/10/1975-ford-mustang-ii.jpg HTTP/1.1
Host: autotraderca.files.wordpress.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://agfagto-festival-news.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 10 Dec 2022 02:21:01 GMT
content-type: image/jpeg
content-length: 115359
last-modified: Fri, 09 Oct 2009 20:10:55 GMT
expires: Mon, 09 Jan 2023 20:56:40 GMT
x-orig-src: 01_mogdir
accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-origin: https://autotraderca.wordpress.com
vary: Origin
x-nc: MISS arn 20 np
x-content-type-options: nosniff
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3e35d29c5a989020338a29dd0f94b92b
e57470ebd4c1d7d143dcd15061d18d85400cb39f
3f87bcaa2958fea80a89eee5ba6b75e2f9aeaf4ee046b5a50383944f79881db7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3F87BCAA2958FEA80A89EEE5BA6B75E2F9AEAF4EE046B5A50383944F79881DB7"
Last-Modified: Thu, 08 Dec 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21532
Expires: Sat, 10 Dec 2022 08:19:53 GMT
Date: Sat, 10 Dec 2022 02:21:01 GMT
Connection: keep-alive
www.blogger.com/dyn-css/authorization.css?targetBlogID=388472680755448017&zx=0203ddd8-38a1-4aaa-8dec-beb9e0d22901
142.250.74.41200 OK 21 B URL HTTP/2 www.blogger.com/dyn-css/authorization.css?targetBlogID=388472680755448017&zx=0203ddd8-38a1-4aaa-8dec-beb9e0d22901
IP 142.250.74.41:0
File type very short file (no magic)
Hash a62e4d501434033d5d177e67d3aafdd0
34f7300c9ed47334cf10826d57af785321e3138b
b0cabcbfed4b1830ab1956efbd2eec32289a968323cb854a47ef98360ed0f522
GET /dyn-css/authorization.css?targetBlogID=388472680755448017&zx=0203ddd8-38a1-4aaa-8dec-beb9e0d22901 HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://agfagto-festival-news.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 10 Dec 2022 02:21:01 GMT
last-modified: Sat, 10 Dec 2022 02:21:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-length: 21
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.blogger.com/navbar.g?targetBlogID=388472680755448017&blogName=Luca%27s+blog&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=BLUE&layoutType=LAYOUTS&searchRoot=https://agfagto-festival-news.blogspot.com/search&blogLocale=es&v=2&homepageUrl=http://agfagto-festival-news.blogspot.com/&vt=-588893238103613070&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.geaHZXF2-fw.O%2Fd%3D1%2Frs%3DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ%2Fm%3D__features__
142.250.74.41200 OK 2.6 kB URL HTTP/2 www.blogger.com/navbar.g?targetBlogID=388472680755448017&blogName=Luca%27s+blog&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=BLUE&layoutType=LAYOUTS&searchRoot=https://agfagto-festival-news.blogspot.com/search&blogLocale=es&v=2&homepageUrl=http://agfagto-festival-news.blogspot.com/&vt=-588893238103613070&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.geaHZXF2-fw.O%2Fd%3D1%2Frs%3DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ%2Fm%3D__features__
IP 142.250.74.41:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (3172)
Hash c96572a0069311dd46d077ded6b9fc89
e21e13fabf9f818106ffbe26632179d7917a9b4e
c5a9af5a8098d15fa7c97ce254767224e9ee4d41eeb14620895697afc4b25ee6
GET /navbar.g?targetBlogID=388472680755448017&blogName=Luca%27s+blog&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=BLUE&layoutType=LAYOUTS&searchRoot=https://agfagto-festival-news.blogspot.com/search&blogLocale=es&v=2&homepageUrl=http://agfagto-festival-news.blogspot.com/&vt=-588893238103613070&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.geaHZXF2-fw.O%2Fd%3D1%2Frs%3DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ%2Fm%3D__features__ HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://agfagto-festival-news.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 10 Dec 2022 02:21:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 2594
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.allfordmustangs.com/attachments/2007_0213stripes0001-jpg.31967/
104.16.173.102200 OK 70 kB URL HTTP/2 www.allfordmustangs.com/attachments/2007_0213stripes0001-jpg.31967/
IP 104.16.173.102:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 640x480, components 3\012- data
Hash 636f52b3dad3cca5ace391ce5cb3d0c0
38b04adb90259264af12228572fd1555bac5e6c9
bd6de0de2d9719bec1788cb8a75d0389202e028f2c77029f501769064966c6a4
GET /attachments/2007_0213stripes0001-jpg.31967/ HTTP/1.1
Host: www.allfordmustangs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://agfagto-festival-news.blogspot.com/
Connection: keep-alive
Cookie: __cf_bm=WIEGZD6kcH95163dbTnllQy1wXsnBv0JA.VQPmJ.W4g-1670638861-0-Acd+znvomrFY5Ev3PkDe6cIJ4GhlRbgFfOH00FcPbYYDeXa94xE2fFuuEmjNn4YKEMCwwHdOUKkI+Eq56d694Zy/mColj4Jd31CLH+StR5Th
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 02:21:01 GMT
content-type: image/jpeg
content-length: 69662
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: imgq:100,h2pri
cf-polished: origSize=73833, status=webp_bigger
via: 1.1 google
cache-control: public, max-age=31536000
content-disposition: inline; filename="2007_0213Stripes0001.JPG"
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' https://data-labeling.platforum.cloud/
expires: Thu, 19 Nov 1981 08:52:00 GMT
last-modified: Tue, 06 Dec 2022 13:25:59 GMT
x-cluster-node: xenforo-659f3cf7-68957ddcd5-ncl7z
x-content-type-options: nosniff
x-envoy-upstream-service-time: 52
x-frame-options: SAMEORIGIN
x-ua-compatible: IE=Edge,chrome=1
cf-cache-status: HIT
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7772813239db0b69-OSL
X-Firefox-Spdy: h2
www.mbcar.ru/pictures/100_407-1.jpg
142.132.220.55404 Not Found 162 B URL HTTP/2 www.mbcar.ru/pictures/100_407-1.jpg
IP 142.132.220.55:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 70461da8b94c6ca5d2fda3260c5a8c3b
994bc667720c21257500e29038c1a5f61e25da1e
f33c27745f2bd87344be790465ef984a972fd539dc83bd4f61d4242c607ef1ee
GET /pictures/100_407-1.jpg HTTP/1.1
Host: www.mbcar.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://agfagto-festival-news.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Sat, 10 Dec 2022 02:21:01 GMT
content-type: text/html; charset=UTF-8
content-length: 162
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 9dc1cac993fe9e84319cb61602d7d91a
a80ee91e036f15ba270e3997ea1d6053958d3846
41b1d4dc6625c6e6c828326de20692b516e4c8efde9b16f98f29c0ea013194ac
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=154331
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 02:21:01 GMT
Etag: "6393a4e8-117"
Expires: Sun, 11 Dec 2022 21:13:12 GMT
Last-Modified: Fri, 09 Dec 2022 21:13:12 GMT
Server: nginx
Content-Length: 279
bigbuck98.files.wordpress.com/2011/05/texaco21.png%3Fw%3D640%26h%3D255
192.0.72.28200 OK 21 kB URL HTTP/2 bigbuck98.files.wordpress.com/2011/05/texaco21.png%3Fw%3D640%26h%3D255
IP 192.0.72.28:0
File type gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT)\012- data
Hash d38f9d16065c09d51a6043b803687d52
4f75ca14fbda9606e27a631d6d2b3f7311576038
e4d72a27c1a455df255ced0cf236d72d1f94f7626bcd726678cd604c662dd97d
GET /2011/05/texaco21.png%3Fw%3D640%26h%3D255 HTTP/1.1
Host: bigbuck98.files.wordpress.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://agfagto-festival-news.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 10 Dec 2022 02:21:01 GMT
content-type: image/png
content-length: 217337
last-modified: Tue, 10 May 2011 19:54:37 GMT
expires: Wed, 04 Jan 2023 08:22:18 GMT
x-orig-src: 01_mogdir
accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-origin: https://bigbuck98.wordpress.com
vary: Origin
x-nc: MISS arn 28 np
x-content-type-options: nosniff
X-Firefox-Spdy: h2
www.worksopguardian.co.uk/webimage/nrtg_07_07_11_spo_etypes_tracking_1_3549828!image/2317459056.jpg_gen/derivatives/landscape_595/2317459056.jpg
172.64.151.70404 Not Found 9 B URL HTTP/2 www.worksopguardian.co.uk/webimage/nrtg_07_07_11_spo_etypes_tracking_1_3549828!image/2317459056.jpg_gen/derivatives/landscape_595/2317459056.jpg
IP 172.64.151.70:0
File type ASCII text, with no line terminators
Hash 9d1ead73e678fa2f51a70a933b0bf017
d205cbd6783332a212c5ae92d73c77178c2d2f28
0019dfc4b32d63c1392aa264aed2253c1e0c2fb09216f8e2cc269bbfb8bb49b5
GET /webimage/nrtg_07_07_11_spo_etypes_tracking_1_3549828!image/2317459056.jpg_gen/derivatives/landscape_595/2317459056.jpg HTTP/1.1
Host: www.worksopguardian.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://agfagto-festival-news.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
date: Sat, 10 Dec 2022 02:21:01 GMT
content-type: text/plain;charset=UTF-8
content-length: 9
cache-control: public, max-age=60, s-maxage=300
set-cookie: __cf_bm=Ekc4wJC2OgqfuMV362FOFDuL5ot.eOwgqg0N3nc2soI-1670638861-0-AXftHWCpNLWMkl7TWMazoJj03PQtn5pgOiD/yVOwnm0eY7YYlh1/VkDKw6nOH7cSfPtBNVfm9xG3fubmGbmvPYI=; path=/; expires=Sat, 10-Dec-22 02:51:01 GMT; domain=.www.worksopguardian.co.uk; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 777281334eafb50b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2-photos.ebizautos.com/used-1995-dodge-viper-rt10-5973-4849537-6-640.jpg
54.230.111.105200 OK 54 kB URL HTTP/1.1 2-photos.ebizautos.com/used-1995-dodge-viper-rt10-5973-4849537-6-640.jpg
IP 54.230.111.105:0
File type JPEG image data, baseline, precision 8, 640x480, components 3\012- data
Hash cdd682a60255d35b823eb30cc1527e29
51565784e5e0367ec1e37641a798a65b71063700
36679093716de54ed53214db9f70b53510c2192d6266c75207d4d786ced050de
GET /used-1995-dodge-viper-rt10-5973-4849537-6-640.jpg HTTP/1.1
Host: 2-photos.ebizautos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://agfagto-festival-news.blogspot.com/
HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 54075
Connection: keep-alive
Date: Sat, 10 Dec 2022 02:21:01 GMT
x-amzn-RequestId: 034ed533-0c4c-474b-a504-6fc6df7a8899
Last-Modified: Sat, 04 Apr 2020 13:06:44 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Content-Type, Authorization
x-amz-apigw-id: c6H6CGgdoAMF_tw=
Cache-Control: public, max-age=1800
Access-Control-Allow-Methods: GET
X-Amzn-Trace-Id: Root=1-6393ed0c-6734fe54295bd9305056d355;Sampled=0
Access-Control-Allow-Credentials: true
X-Cache: Miss from cloudfront
Via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: ad5UQYT1O1kFbJOuoUzskpB1z_5fKkh9dWTGZWVyXswKw403Uuobgg==
X-XSS-Protection: 0
Referrer-Policy: no-referrer-when-downgrade
X-Content-Type-Options: nosniff
content-security-policy-report-only: upgrade-insecure-requests; default-src 'self' https://*.motorcar.com https://*.ebizautos.media; img-src *; script-src 'self' 'unsafe-inline' *; font-src *; media-src *; frame-src *; manifest-src 'self'; style-src 'self' 'unsafe-inline' *; connect-src https://*; object-src 'none'; worker-src 'none'; base-uri 'self'; report-uri https://ebizautos.report-uri.com/r/t/csp/reportOnly;
expect-ct: max-age=3600, report-uri="https://ebizautos.report-uri.com/r/t/ct/enforce"
permissions-policy: camera=(), fullscreen=*, geolocation=*, microphone=()
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://ebizautos.report-uri.com/a/t/g"}],"include_subdomains":true}
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 45759a3799e2fedc1632f042c57e13b2
ae2f4ef1347bf46470e320cf08639f023401e993
fda440fd065c00e5d5df4e2d924b37911dd382f22ef9d16a184524a95f53c207
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FDA440FD065C00E5D5DF4E2D924B37911DD382F22EF9D16A184524A95F53C207"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19382
Expires: Sat, 10 Dec 2022 07:44:03 GMT
Date: Sat, 10 Dec 2022 02:21:01 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 997c1b9f3821719652c96b1778622809
95fd246f8d281f1c60585fdb2a130605d85258f6
d03876db6a1c1c582149db8c26998a737dc1bbe7dad32a473dfdcbb21fbe1234
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=130941
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 02:21:01 GMT
Etag: "6393498a-117"
Expires: Sun, 11 Dec 2022 14:43:22 GMT
Last-Modified: Fri, 09 Dec 2022 14:43:22 GMT
Server: nginx
Content-Length: 279
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash 4c827673c5d7730abcd6ecae6436d466
a67be583fa14234be0d900bb944712b265611cb9
7124482e074cee62829b973d2a7a6cff4d623817c44e8bfce4e26ff8f2349ef9
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Sat, 10 Dec 2022 02:21:01 GMT
Etag: "63935ff5-1d7"
Server: ECS (dcb/7F3A)
X-Cache: Miss from cloudfront
Via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: _sN9spIc-S0ZZcKjoe6XjMXTiChE5xnuqasJWc1JjYfB_DwooCUZDw==
www.olx.com/ui/1/51/93/5004893_2.jpg
95.101.10.145404 Not Found 146 B URL HTTP/1.1 www.olx.com/ui/1/51/93/5004893_2.jpg
IP 95.101.10.145:0
ASN #20940 Akamai International B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /ui/1/51/93/5004893_2.jpg HTTP/1.1
Host: www.olx.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://agfagto-festival-news.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 404 Not Found
Server: nginx
Content-Type: text/html
Content-Length: 146
Expires: Sat, 10 Dec 2022 02:21:01 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sat, 10 Dec 2022 02:21:01 GMT
Connection: keep-alive
www.blogger.com/followers.g?blogID=388472680755448017&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMzMzMzMzMiByMwMDAwMDAqByNmZmZmZmYyByMwMDAwMDA6ByMzMzMzMzNCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50&pageSize=21&origin=http://agfagto-festival-news.blogspot.com/&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.geaHZXF2-fw.O%2Fd%3D1%2Frs%3DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ%2Fm%3D__features__
142.250.74.41302 Found 527 B URL HTTP/2 www.blogger.com/followers.g?blogID=388472680755448017&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMzMzMzMzMiByMwMDAwMDAqByNmZmZmZmYyByMwMDAwMDA6ByMzMzMzMzNCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50&pageSize=21&origin=http://agfagto-festival-news.blogspot.com/&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.geaHZXF2-fw.O%2Fd%3D1%2Frs%3DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ%2Fm%3D__features__
IP 142.250.74.41:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (1038)
Hash 8e4d32e181249fbf82a27e7e92a09d2d
ce11c6fa2185b13cb326d13acf109a95671e12fd
f0af88014123f5aec693ef756469b444d2510594e97b8853b495c654900eb08d
GET /followers.g?blogID=388472680755448017&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMzMzMzMzMiByMwMDAwMDAqByNmZmZmZmYyByMwMDAwMDA6ByMzMzMzMzNCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50&pageSize=21&origin=http://agfagto-festival-news.blogspot.com/&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.geaHZXF2-fw.O%2Fd%3D1%2Frs%3DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ%2Fm%3D__features__ HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://agfagto-festival-news.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
location: https://accounts.google.com/ServiceLogin?passive=true&continue=https://www.blogger.com/followers.g?blogID%3D388472680755448017%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMzMzMzMzMiByMwMDAwMDAqByNmZmZmZmYyByMwMDAwMDA6ByMzMzMzMzNCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50%26pageSize%3D21%26origin%3Dhttp://agfagto-festival-news.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.geaHZXF2-fw.O/d%253D1/rs%253DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/m%253D__features__%26bpli%3D1&followup=https://www.blogger.com/followers.g?blogID%3D388472680755448017%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMzMzMzMzMiByMwMDAwMDAqByNmZmZmZmYyByMwMDAwMDA6ByMzMzMzMzNCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50%26pageSize%3D21%26origin%3Dhttp://agfagto-festival-news.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.geaHZXF2-fw.O/d%253D1/rs%253DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/m%253D__features__%26bpli%3D1&go=true
content-type: text/html; charset=UTF-8
content-encoding: gzip
date: Sat, 10 Dec 2022 02:21:01 GMT
expires: Sat, 10 Dec 2022 02:21:01 GMT
cache-control: private, max-age=0
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 527
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.oldclassiccar.co.uk/classic-car-images/vauxhall-ten.jpg
217.160.0.4200 OK 68 kB URL HTTP/2 www.oldclassiccar.co.uk/classic-car-images/vauxhall-ten.jpg
IP 217.160.0.4:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, progressive, precision 8, 700x472, components 3\012- data
Hash 2060e43e4d58b130a7fadc11669df9e2
dd1ebfedc074e89dfced296827d6f7ef9415d0cc
4c36d461de377f3ab9f9741ce6d44a1734bb29879d3e774be86851418d4a1916
GET /classic-car-images/vauxhall-ten.jpg HTTP/1.1
Host: www.oldclassiccar.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://agfagto-festival-news.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/jpeg
content-length: 68438
date: Sat, 10 Dec 2022 02:21:01 GMT
server: Apache
last-modified: Thu, 10 Sep 2009 08:42:52 GMT
etag: "10b56-473352f5e1b00"
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 185bed54d48fc2c38351738fbf607745
f27768810d3cb547befc6baf06c977c9cee44261
65d8aeb2accf80fb72f5c7d0bfce6144e287b522a3070adc294ae4c5abdb5c07
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "65D8AEB2ACCF80FB72F5C7D0BFCE6144E287B522A3070ADC294AE4C5ABDB5C07"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Sat, 10 Dec 2022 08:21:01 GMT
Date: Sat, 10 Dec 2022 02:21:01 GMT
Connection: keep-alive
i181.photobucket.com/albums/x320/FearFactor_photos/S1031756.jpg
143.204.55.54200 OK 72 kB URL HTTP/2 i181.photobucket.com/albums/x320/FearFactor_photos/S1031756.jpg
IP 143.204.55.54:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 89a02e3167ed9f447cd06a3d10e82470
504fc2159cc54e958cb99dcbc454d4068a4a5356
064a161d99baee432fb1e49cc11581eba89e249ea1a168aa0351ab9ea2a634c6
GET /albums/x320/FearFactor_photos/S1031756.jpg HTTP/1.1
Host: i181.photobucket.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://agfagto-festival-news.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/webp
content-length: 71740
date: Sat, 10 Dec 2022 02:21:01 GMT
cache-control: max-age=31536000, public
content-disposition: inline; filename="S1031756.webp"
expires: Sun, 10 Dec 2023 02:21:01 GMT
server: photobucket
x-amzn-trace-id: Root=1-6393ed0c-33cdbccb0d9049c1693b6fea
x-request-id: V6NC8TKEi4vbPMjh36oND
x-cache: Miss from cloudfront
via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: JKA47mw4WPWB0KUkB9wGN0f6EK4t4ER4OumX9aOLJ_wZYw9HwnHyxw==
vary: Accept, Origin
X-Firefox-Spdy: h2
www.forum-peugeot.com/Forum/mesimages/24497/Dsc01022.jpg
37.187.249.157200 OK 50 kB URL HTTP/1.1 www.forum-peugeot.com/Forum/mesimages/24497/Dsc01022.jpg
IP 37.187.249.157:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 640x480, components 3\012- data
Hash 092abc5036ec4c3b22207237a91f7eb6
5f2bbbbaa875e768004fa3c437db19ad928c42ce
aefdf1434fc98f6d9bffcd1737657c457ab560ee50de74647af0405939525d3c
GET /Forum/mesimages/24497/Dsc01022.jpg HTTP/1.1
Host: www.forum-peugeot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://agfagto-festival-news.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 10 Dec 2022 02:21:01 GMT
Server: Apache
Strict-Transport-Security: max-age=15768000
Last-Modified: Sat, 12 May 2018 11:04:29 GMT
ETag: "c146-56c0037694940"
Accept-Ranges: bytes
Content-Length: 49478
Cache-Control: max-age=3600
Expires: Sat, 10 Dec 2022 03:21:01 GMT
Referrer-Policy:
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/jpeg
www.mdiecast.com/pictures/_users/1221_Volodymyr/14650_1960Porsche718F2-5s.jpg
51.161.13.8200 OK 88 kB URL HTTP/1.1 www.mdiecast.com/pictures/_users/1221_Volodymyr/14650_1960Porsche718F2-5s.jpg
IP 51.161.13.8:0
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=10, manufacturer=Canon, model=Canon EOS 350D DIGITAL, orientation=upper-left, xresolution=163, yresolution=171, resolutionunit=2, software=Adobe Photoshop CS2 Windows, datetime=2009:07:24 02:00:44], baseline, precision 8, 800x421, components 3\012- data
Hash 5b34b6f24dd806a69fbfd094b4a8b3cd
287505ab2c472dce7fe001babfcff7e461b4b3ee
24855e689ccb78f17b74f494195532820000a3f962de1588cd8934488582ff27
GET /pictures/_users/1221_Volodymyr/14650_1960Porsche718F2-5s.jpg HTTP/1.1
Host: www.mdiecast.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://agfagto-festival-news.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 10 Dec 2022 02:21:01 GMT
Server: Apache
Last-Modified: Thu, 26 Nov 2020 04:32:35 GMT
Accept-Ranges: bytes
Content-Length: 88497
Expires: Tue, 8 January 2019 20:00:00 GMT
Cache-Control: max-age=31449600, public
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/jpeg
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a64d690280d2238c23e0428812a15595
ae04c10576ff690f87f5d0435323f1edc2aca281
c715cd1f86a41516eba50a4e9dcf907a98684bc871095b77849ff3b0f78b6247
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C715CD1F86A41516EBA50A4E9DCF907A98684BC871095B77849FF3B0F78B6247"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Sat, 10 Dec 2022 08:21:01 GMT
Date: Sat, 10 Dec 2022 02:21:01 GMT
Connection: keep-alive
images.doctissimo.fr/1/famille/fiat-sathonay-octobre/photo/hd/0453967045/2942493750/fiat-sathonay-octobre-ancienne-jaguar-big.jpg
143.204.55.89301 Moved Permanently 305 B URL HTTP/2 images.doctissimo.fr/1/famille/fiat-sathonay-octobre/photo/hd/0453967045/2942493750/fiat-sathonay-octobre-ancienne-jaguar-big.jpg
IP 143.204.55.89:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 0577cdb0cefca5e567f276f9de947617
2c0573334a412adcaadc456e1d2ed729cbe7ef58
f793abdc40c4965e6b296932fda3724f86e1bd03e38e97bcbf9645ff52e02c50
GET /1/famille/fiat-sathonay-octobre/photo/hd/0453967045/2942493750/fiat-sathonay-octobre-ancienne-jaguar-big.jpg HTTP/1.1
Host: images.doctissimo.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://agfagto-festival-news.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
content-type: text/html; charset=iso-8859-1
content-length: 305
location: https://club.doctissimo.fr/widget/missing_image.php?id=2942493&type=photos&thumb_name=big
cache-control: max-age=1
date: Sat, 10 Dec 2022 02:21:01 GMT
expires: Sat, 10 Dec 2022 02:21:02 GMT
server: Apache
via: 1.1 varnish (Varnish/6.0), 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: sA2v85GgHU26CRRJIwkqZ88GM3IcESiLBcef0vqpiUKDjoyf7yCnbQ==
age: 0
X-Firefox-Spdy: h2
www.blog-note.com/images/200804/20080430c_peugeot_605_jean_marie_le_pen.jpg
213.186.33.4200 OK 51 kB URL HTTP/2 www.blog-note.com/images/200804/20080430c_peugeot_605_jean_marie_le_pen.jpg
IP 213.186.33.4:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 500x375, components 3\012- data
Hash 62dd4e39a4c9d8c0452b365b0250ed7a
4dd369ccc3883da5b06545f459ff4b9aa513a617
1670b60c69c20a65afa27ed7ac5c171587468e04fc69d0f598467e33c2364bea
GET /images/200804/20080430c_peugeot_605_jean_marie_le_pen.jpg HTTP/1.1
Host: www.blog-note.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://agfagto-festival-news.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 10 Dec 2022 02:21:01 GMT
content-type: image/jpeg
content-length: 51003
server: Apache
last-modified: Mon, 22 Feb 2010 20:06:16 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Sat, 10 Dec 2022 02:36:01 GMT
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3589dc9de8fc7cfafc8b3c461bc701ac
03d71fa6001cfee8d5bbcf8ac2b2a462a5a5dbf2
bb05fac77028194e6eb7703a031bff577f6f88191f56c0f34d96e4ff1138ff7d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BB05FAC77028194E6EB7703A031BFF577F6F88191F56C0F34D96E4FF1138FF7D"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10025
Expires: Sat, 10 Dec 2022 05:08:06 GMT
Date: Sat, 10 Dec 2022 02:21:01 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 48c90992f0837a58e0a36118a27dae6a
3d238fed35e6d247bddbba92864e6b92e6aed9b6
cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13557
Expires: Sat, 10 Dec 2022 06:06:58 GMT
Date: Sat, 10 Dec 2022 02:21:01 GMT
Connection: keep-alive
lostwebtracker.com/?blog=http%3A%2F%2Fagfagto-festival-news.blogspot.com%2Fsearch%2Flabel%2Fcar%2520tuned&ch=1&if=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY3MDY0NjA2MCwiaWF0IjoxNjcwNjM4ODYwLCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIyc25rcWNhNDlxcG41cTljdjQwbm9tcW8iLCJuYmYiOjE2NzA2Mzg4NjAsInRzIjoxNjcwNjM4ODYwNzcyNDE5fQ.Qf2r8YDKw8PUfrHS9kV-3HA1KHJv7ZDbIHHgRRZrMMo&l=cars&ref=&scr_h=1024&scr_w=1280&sid=49f1b7b0-7831-11ed-9572-61007b0fd01b
81.17.29.147302 Found 11 B URL HTTP/1.1 lostwebtracker.com/?blog=http%3A%2F%2Fagfagto-festival-news.blogspot.com%2Fsearch%2Flabel%2Fcar%2520tuned&ch=1&if=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY3MDY0NjA2MCwiaWF0IjoxNjcwNjM4ODYwLCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIyc25rcWNhNDlxcG41cTljdjQwbm9tcW8iLCJuYmYiOjE2NzA2Mzg4NjAsInRzIjoxNjcwNjM4ODYwNzcyNDE5fQ.Qf2r8YDKw8PUfrHS9kV-3HA1KHJv7ZDbIHHgRRZrMMo&l=cars&ref=&scr_h=1024&scr_w=1280&sid=49f1b7b0-7831-11ed-9572-61007b0fd01b
IP 81.17.29.147:0
ASN #51852 Private Layer INC
File type ASCII text, with no line terminators
Hash 32682312d17c7cbf18e73594f5570319
60e22121bdd0bc71cdb2bae2a3aa577006b2eae9
e55fb1a1d731153e943b68844af12dcce8bfac917c98ffdea64c80da0607dd47
GET /?blog=http%3A%2F%2Fagfagto-festival-news.blogspot.com%2Fsearch%2Flabel%2Fcar%2520tuned&ch=1&if=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY3MDY0NjA2MCwiaWF0IjoxNjcwNjM4ODYwLCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIyc25rcWNhNDlxcG41cTljdjQwbm9tcW8iLCJuYmYiOjE2NzA2Mzg4NjAsInRzIjoxNjcwNjM4ODYwNzcyNDE5fQ.Qf2r8YDKw8PUfrHS9kV-3HA1KHJv7ZDbIHHgRRZrMMo&l=cars&ref=&scr_h=1024&scr_w=1280&sid=49f1b7b0-7831-11ed-9572-61007b0fd01b HTTP/1.1
Host: lostwebtracker.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://lostwebtracker.com/?if=1&scr_w=1280&scr_h=1024&blog=http%3A//agfagto-festival-news.blogspot.com/search/label/car%2520tuned&ref=&l=cars
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 11
date: Sat, 10 Dec 2022 02:21:00 GMT
location: http://ww1.lostwebtracker.com
server: nginx
set-cookie: sid=49f1b7b0-7831-11ed-9572-61007b0fd01b; path=/; domain=.lostwebtracker.com; expires=Thu, 28 Dec 2090 05:35:08 GMT; max-age=2147483647; HttpOnly
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbc287dc2-d769-4627-972b-c4304963fead.jpeg
34.120.237.76200 OK 3.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbc287dc2-d769-4627-972b-c4304963fead.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a164807db41edd8da259af2cec18b328
99f89631065869ff2f25762feb2f39af108b5ed8
400c635040d3d141ec35237e64380b7cd1ba02016a90e36e8376afc41a14cb0f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbc287dc2-d769-4627-972b-c4304963fead.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3357
x-amzn-requestid: 860c993a-e391-474a-b306-064c0faabc67
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c5eLwFaSoAMFwfw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6393aa4b-30dcd029382c1d825f2a0791;Sampled=0
x-amzn-remapped-date: Fri, 09 Dec 2022 21:36:11 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: -MI_dPaTXZPndQzYo2R9p-UiDQNyRh76-XU2fhwjXyKiTVRLjNc3fQ==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 22:04:04 GMT
age: 15417
etag: "99f89631065869ff2f25762feb2f39af108b5ed8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 4320d30dd6ea03f636df00ff68c3dbe0
3f7294f5a89f44b14a03b399337eaec2c267f129
f57c6bd18a6e2636d59dd9034857296fd2097a2d44635b67553ef6b02acc48cc
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 02:21:01 GMT
Etag: "639288bc-118"
Server: ECS (amb/6BA4)
Content-Length: 280
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d00d08-ec53-4c7b-a2ef-5901b64cdefd.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d00d08-ec53-4c7b-a2ef-5901b64cdefd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5de5d319f43d9c9c641419d96655541f
cde4c7fa0145d3645af17e34c83c63c08f76a076
fdb114eb142f035c7a54195d16af51b5b423642c312f4bccc0f407d8fcc245aa
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d00d08-ec53-4c7b-a2ef-5901b64cdefd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7557
x-amzn-requestid: 09204b5e-8af5-4d4b-8186-628443866e0f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ctlz5EISoAMFdWw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638ee9b2-357cd4f921c592e1319098dd;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 07:05:22 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 3KZwQ5HqXa_-tUyDHA5m-65OprogFpFgbbKpEJ65k-Yy3lwoCg8M5w==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 07:13:15 GMT
age: 68866
etag: "cde4c7fa0145d3645af17e34c83c63c08f76a076"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1618f8bc-582d-4a89-9fdb-2bf8a448f429.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1618f8bc-582d-4a89-9fdb-2bf8a448f429.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2e8e86712ca485e90f958dc16ec8dbff
78de6033ca9bca46953483801f19591c2ff47bbe
2984d8b533e095654d5e1c5fa826dc93cbd16ac8bdb5d974fd2d283a86f44874
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1618f8bc-582d-4a89-9fdb-2bf8a448f429.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9084
x-amzn-requestid: 80dfc074-73f4-4b47-95fb-57169d32cf6f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c5eNbHhYoAMF2Kw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6393aa55-6f54d0bf6d9246cd48d44352;Sampled=0
x-amzn-remapped-date: Fri, 09 Dec 2022 21:36:21 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 8aHbgs9DELCrVY_4QHSKpScXzzCW7bdBlNh_YEUGaas-bJTd9nsSVg==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 21:53:07 GMT
age: 16074
etag: "78de6033ca9bca46953483801f19591c2ff47bbe"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c3a6c54-dd12-46c8-8acb-7c425ab40af5.jpeg
34.120.237.76200 OK 7.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c3a6c54-dd12-46c8-8acb-7c425ab40af5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 052b61a3bd1c839e1f5ce37834cad817
1fbbf8fb328a1406904d6346004e2c89c6ba2419
96dcb266eaec98f6305071598df3b49ca93234e0e8b1c8c9801a1a99d7f5c817
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c3a6c54-dd12-46c8-8acb-7c425ab40af5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7811
x-amzn-requestid: dc97f86e-a29c-4139-887a-e775a0327280
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c5eK4EH_oAMFYqw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6393aa45-3a38086160ac180b3f8cf5d8;Sampled=0
x-amzn-remapped-date: Fri, 09 Dec 2022 21:36:05 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: TM_0Q_GmJDuXth6JpRvm_JAZXwT-xFZEjzuMeIzfzBu1J5jQ_Tng9A==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 22:15:38 GMT
etag: "1fbbf8fb328a1406904d6346004e2c89c6ba2419"
content-type: image/jpeg
age: 14723
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F094ce903-cac7-46b7-be05-7e4a1cdbc3f1.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F094ce903-cac7-46b7-be05-7e4a1cdbc3f1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash bbe6ec119849c495696bd0e089da34f6
abcdc845003590406330a2b68b70a355088b8753
2a4ab4c12396d054c1179d70f8e00495eade32568c5c3da0935c6bc4e04a212e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F094ce903-cac7-46b7-be05-7e4a1cdbc3f1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7622
x-amzn-requestid: 8be361ae-1434-4be7-a099-6409c7463bf6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c5eK5HCXoAMF2oQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6393aa45-13b9a3da49de83b951ea6390;Sampled=0
x-amzn-remapped-date: Fri, 09 Dec 2022 21:36:05 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: HAvNE3PFHEqduPw7tyjRhQsdBp5wKTj3j_HjQxo3gOCJTQPyMpyxGg==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 22:28:45 GMT
age: 13936
etag: "abcdc845003590406330a2b68b70a355088b8753"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8eba44f9-82c7-4919-bc2f-4f847f621994.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8eba44f9-82c7-4919-bc2f-4f847f621994.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e8a5e9d0cddf26cf3a1478d2942f2478
e8a228a857a414f04108c84670ed7bc74534407c
3a15851f412000f1647057745348bc6f6e2f0cfe481ca7a72f6e94fab8d5e52e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8eba44f9-82c7-4919-bc2f-4f847f621994.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12990
x-amzn-requestid: 2e4f71f3-b81d-4822-a13a-e8367a76aa20
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c5eMREp3IAMFRJw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6393aa4e-447650995616ab6a09780380;Sampled=0
x-amzn-remapped-date: Fri, 09 Dec 2022 21:36:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: DVOvH3hkkdKdQNGQSrJ90yGPigdD8UysVImEu_pMe_H69RagreIKsg==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 21:53:07 GMT
age: 16074
etag: "e8a228a857a414f04108c84670ed7bc74534407c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash f92a2bb000cce48c9e3a15eabdf68598
df678017f0fc38151632727222b2cbf413563692
6472df82d6bea9408d3738f8aa43d368f4914c4b24b7627c4eea82a3d441f862
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 02:21:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 71005398a02800151ea50a4abff06c63
04e579b9ca55233413362567dcc672c2b490a100
26ccdb0907010b141fdbe15f3ed2d7a17b591c324d9a4ce18af358577ddc0ef5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "26CCDB0907010B141FDBE15F3ED2D7A17B591C324D9A4CE18AF358577DDC0EF5"
Last-Modified: Wed, 07 Dec 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21552
Expires: Sat, 10 Dec 2022 08:20:13 GMT
Date: Sat, 10 Dec 2022 02:21:01 GMT
Connection: keep-alive
accounts.google.com/ServiceLogin?passive=true&continue=https://www.blogger.com/followers.g?blogID%3D388472680755448017%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMzMzMzMzMiByMwMDAwMDAqByNmZmZmZmYyByMwMDAwMDA6ByMzMzMzMzNCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50%26pageSize%3D21%26origin%3Dhttp://agfagto-festival-news.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.geaHZXF2-fw.O/d%253D1/rs%253DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/m%253D__features__%26bpli%3D1&followup=https://www.blogger.com/followers.g?blogID%3D388472680755448017%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMzMzMzMzMiByMwMDAwMDAqByNmZmZmZmYyByMwMDAwMDA6ByMzMzMzMzNCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50%26pageSize%3D21%26origin%3Dhttp://agfagto-festival-news.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.geaHZXF2-fw.O/d%253D1/rs%253DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/m%253D__features__%26bpli%3D1&go=true
142.250.74.109302 Found 470 B URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https://www.blogger.com/followers.g?blogID%3D388472680755448017%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMzMzMzMzMiByMwMDAwMDAqByNmZmZmZmYyByMwMDAwMDA6ByMzMzMzMzNCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50%26pageSize%3D21%26origin%3Dhttp://agfagto-festival-news.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.geaHZXF2-fw.O/d%253D1/rs%253DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/m%253D__features__%26bpli%3D1&followup=https://www.blogger.com/followers.g?blogID%3D388472680755448017%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMzMzMzMzMiByMwMDAwMDAqByNmZmZmZmYyByMwMDAwMDA6ByMzMzMzMzNCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50%26pageSize%3D21%26origin%3Dhttp://agfagto-festival-news.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.geaHZXF2-fw.O/d%253D1/rs%253DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/m%253D__features__%26bpli%3D1&go=true
IP 142.250.74.109:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (512)
Hash e0024525e34d5c06ee4c393f52359380
ccb4f2fd94c525ad29648f47eb811ee1a327e2ec
e372fed354a530427c5d9868ebc8c10b579271fa3e94a059710bac9d182879ee
GET /ServiceLogin?passive=true&continue=https://www.blogger.com/followers.g?blogID%3D388472680755448017%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMzMzMzMzMiByMwMDAwMDAqByNmZmZmZmYyByMwMDAwMDA6ByMzMzMzMzNCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50%26pageSize%3D21%26origin%3Dhttp://agfagto-festival-news.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.geaHZXF2-fw.O/d%253D1/rs%253DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/m%253D__features__%26bpli%3D1&followup=https://www.blogger.com/followers.g?blogID%3D388472680755448017%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMzMzMzMzMiByMwMDAwMDAqByNmZmZmZmYyByMwMDAwMDA6ByMzMzMzMzNCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50%26pageSize%3D21%26origin%3Dhttp://agfagto-festival-news.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.geaHZXF2-fw.O/d%253D1/rs%253DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/m%253D__features__%26bpli%3D1&go=true HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://agfagto-festival-news.blogspot.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 10 Dec 2022 02:21:01 GMT
location: https://www.blogger.com/followers.g?blogID=388472680755448017&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMzMzMzMzMiByMwMDAwMDAqByNmZmZmZmYyByMwMDAwMDA6ByMzMzMzMzNCByMwMDAwMDBKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50&pageSize=21&origin=http%3A%2F%2Fagfagto-festival-news.blogspot.com%2F&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.geaHZXF2-fw.O%2Fd%3D1%2Frs%3DAHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ%2Fm%3D__features__&bpli=1
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-5yZx-WdmBy4BWMPgFYcfDw' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 470
server: GSE
set-cookie: __Host-GAPS=1:A-b9mSvSUtsVZGDTE-YRuZI8W84kXQ:aanPduWjjY3qynNO;Path=/;Expires=Mon, 09-Dec-2024 02:21:01 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 9dc1cac993fe9e84319cb61602d7d91a
a80ee91e036f15ba270e3997ea1d6053958d3846
41b1d4dc6625c6e6c828326de20692b516e4c8efde9b16f98f29c0ea013194ac
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=154331
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 02:21:01 GMT
Etag: "6393a4e8-117"
Expires: Sun, 11 Dec 2022 21:13:12 GMT
Last-Modified: Fri, 09 Dec 2022 21:13:12 GMT
Server: nginx
Content-Length: 279
club.doctissimo.fr/widget/missing_image.php?id=2942493&type=photos&thumb_name=big
143.204.55.89301 Moved Permanently 20 B URL HTTP/2 club.doctissimo.fr/widget/missing_image.php?id=2942493&type=photos&thumb_name=big
IP 143.204.55.89:0
Hash 7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
GET /widget/missing_image.php?id=2942493&type=photos&thumb_name=big HTTP/1.1
Host: club.doctissimo.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://agfagto-festival-news.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
content-type: text/html; charset=utf-8
content-length: 20
location: https://aws-cf.imdoc.fr/prod/photos/0/4/5/3967045/2942493/big-2942493750.jpg?v=5
content-encoding: gzip
date: Sat, 10 Dec 2022 02:21:01 GMT
server: Apache
strict-transport-security: max-age=31536000;
vary: Accept-Encoding,
via: 1.1 varnish (Varnish/6.0), 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
x-xss-protection: 1
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 4ijLLvcwmcWnCntLHL-eids_bIjJPrpFHBQ4jnb32OOqOIpPvU36HA==
age: 0
X-Firefox-Spdy: h2
img541.imageshack.us/img541/2373/230720100002183619102la.jpg
38.99.77.17404 Not Found 168 B URL HTTP/1.1 img541.imageshack.us/img541/2373/230720100002183619102la.jpg
IP 38.99.77.17:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 341d15013ba4391483b2d5e34cbc5c5c
986399b390a9aaa9a33e459099aaf9f1dbc227ab
376f5045e4dd8bf68ac9e374518a01c18b2fdf76344f2cc08cac143acc4f3cb8
GET /img541/2373/230720100002183619102la.jpg HTTP/1.1
Host: img541.imageshack.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://agfagto-festival-news.blogspot.com/
HTTP/1.1 404 Not Found
Server: nginx/1.2.8
Date: Sat, 10 Dec 2022 02:21:01 GMT
Content-Type: text/html
Content-Length: 168
Connection: keep-alive
fancytuning.com/wp-content/uploads/2008/05/lithuanian_bmw_6_series_5.jpg
184.75.248.35301 Moved Permanently 0 B URL HTTP/2 fancytuning.com/wp-content/uploads/2008/05/lithuanian_bmw_6_series_5.jpg
IP 184.75.248.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /wp-content/uploads/2008/05/lithuanian_bmw_6_series_5.jpg HTTP/1.1
Host: fancytuning.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://agfagto-festival-news.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Sat, 10 Dec 2022 02:21:01 GMT
content-type: text/html; charset=UTF-8
content-length: 0
x-powered-by: PHP/7.4.33
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
x-redirect-by: WordPress
location: https://fancytuning.com
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
momentsbymoser.zenfolio.com/img/v20/p502276849-3.jpg
199.181.197.10200 OK 178 kB URL HTTP/2 momentsbymoser.zenfolio.com/img/v20/p502276849-3.jpg
IP 199.181.197.10:0
ASN #209242 Cloudflare London, LLC
File type JPEG image data, baseline, precision 8, 580x387, components 3\012- data
Size 178 kB (178358 bytes)
Hash 56133a87c789e28e2702cf72f72dd7ec
02a69f53f1c1f2472544d9b4c0a1e0ab1746319e
3ff1c895ec4a3feff52df446893181a83fcda63a8b3991482c8566838ab12d5f
GET /img/v20/p502276849-3.jpg HTTP/1.1
Host: momentsbymoser.zenfolio.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://agfagto-festival-news.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 10 Dec 2022 02:21:01 GMT
content-type: image/jpeg
content-length: 178358
cf-ray: 77728131390b0b41-OSL
accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=14400
expires: Sat, 10 Dec 2022 06:21:01 GMT
last-modified: Sun, 29 Dec 2019 21:30:51 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
cf-cache-status: MISS
edge-control: no-store
x-content-type-options: nosniff
set-cookie: __cf_bm=niV37mZicvysFQhen7RD6h1.DyrNjP..NcNQN_eqkWM-1670638861-0-AUeQGKVozX7g2IZ35KwJnOHSB+0PHaPH+yS0WU/vbFKWyHhtQK8UWn6j7OujdADMV1yLLIQ+SRmPD4OmB1MlWzk=; path=/; expires=Sat, 10-Dec-22 02:51:01 GMT; domain=.zenfolio.com; HttpOnly; Secure; SameSite=None
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash d1802a5666699603a01c71663f5764c6
b7dd20c5809d625750e7afe07796bb9f91ceff02
46b8b09d49705904502a7b7bc951469e87f1c9a19c3b3403718d9f8dee5619d1
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 10 Dec 2022 02:21:01 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 08 Dec 2022 08:47:49 GMT
Expires: Thu, 15 Dec 2022 08:47:48 GMT
Etag: "b7dd20c5809d625750e7afe07796bb9f91ceff02"
Cache-Control: max-age=454606,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7772813409690b31-OSL
seriouswheels.com/pics-1970-1979/1975-Ford-Mustang-Cobra-II-1280x960.jpg
69.163.228.170404 Not Found 315 B URL HTTP/2 seriouswheels.com/pics-1970-1979/1975-Ford-Mustang-Cobra-II-1280x960.jpg
IP 69.163.228.170:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
GET /pics-1970-1979/1975-Ford-Mustang-Cobra-II-1280x960.jpg HTTP/1.1
Host: seriouswheels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://agfagto-festival-news.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
date: Sat, 10 Dec 2022 02:21:01 GMT
server: Apache
content-length: 315
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2
fancytuning.com/
184.75.248.35200 OK 14 kB IP 184.75.248.35:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (60354)
Hash 7065c13ca9cb93c90ff809cc532669dd
8fa12a7433b73c046c504bbe5f9cc974188f4528
798e09d349446a4f5f68dbc3a1faa09cad5148e7a3b3d6e93f5f60a7ed36c686
GET / HTTP/1.1
Host: fancytuning.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://agfagto-festival-news.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 10 Dec 2022 02:21:01 GMT
content-type: text/html; charset=UTF-8
content-length: 13535
x-powered-by: PHP/7.4.33
last-modified: Mon, 07 Nov 2022 18:44:42 GMT
content-encoding: br
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.oneillvintageford.co.uk/acatalog/phaeton-banner.jpg
213.246.101.166404 Not Found 75 kB URL HTTP/1.1 www.oneillvintageford.co.uk/acatalog/phaeton-banner.jpg
IP 213.246.101.166:0
Hash 3df1df44b0ffe354f061f72ead5da56c
92d0ecc4cdbef060d4f685ab8d36f9da208af9d1
6aee92b67285de97c9a28e42f7affa44ee8431f6c1242195c37657a0b11300fd
GET /acatalog/phaeton-banner.jpg HTTP/1.1
Host: www.oneillvintageford.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://agfagto-festival-news.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 404 Not Found
Date: Sat, 10 Dec 2022 02:21:01 GMT
Server: Apache
Last-Modified: Thu, 08 Dec 2022 12:45:40 GMT
ETag: "148b6-5ef506a1efe1e"
Accept-Ranges: bytes
Content-Length: 84150
X-Powered-By: PleskLin
Cache-Control: max-age=60, private, proxy-revalidate
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 997c1b9f3821719652c96b1778622809
95fd246f8d281f1c60585fdb2a130605d85258f6
d03876db6a1c1c582149db8c26998a737dc1bbe7dad32a473dfdcbb21fbe1234
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 02:21:01 GMT
Etag: "6391f801-117"
Server: ECS (amb/6BC1)
Content-Length: 279
ww1.lostwebtracker.com/
199.59.243.222200 OK 1.1 kB IP 199.59.243.222:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1500), with no line terminators
Hash 6b9a663553d547cfd56fec06b460c3b9
fc3f450f70b22f3eb6bc899a39877366050d7c77
c2440654be2ebb5a425369517c3453bf3f5b4eeb5d653438a3d31a8004b9d7fa
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: ww1.lostwebtracker.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://lostwebtracker.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: openresty
Date: Sat, 10 Dec 2022 02:21:01 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: parking_session=d581cb59-e559-93c1-833e-9565f72fea61; expires=Sat, 10-Dec-2022 02:36:01 GMT; Max-Age=900; path=/; HttpOnly
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_BTQ6cSsBQzLx3zBKetgSI8dHJVb2L9mBW1+HHXyOs7F+LjgjF6WXL5MdfkDCqaVLcplk0r1fWKREvuM8z2Q0qQ==
Accept-CH: sec-ch-prefers-color-scheme
Critical-CH: sec-ch-prefers-color-scheme
Vary: sec-ch-prefers-color-scheme
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Encoding: gzip
www.carztune.com/wp-content/uploads/2010/04/honda-civic-si-tuning.jpg
96.127.149.186200 OK 250 kB URL HTTP/2 www.carztune.com/wp-content/uploads/2010/04/honda-civic-si-tuning.jpg
IP 96.127.149.186:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 100x100, segment length 16, baseline, precision 8, 450x338, components 3\012- data
Size 250 kB (250085 bytes)
Hash 73f8f1a455fa8abce42bd3696790733e
9964c15306aeea999387e052b3133be1a217ae8e
f86b7333d142bb0952e3794116978fef4917159e4795f1e388554300b2c23021
GET /wp-content/uploads/2010/04/honda-civic-si-tuning.jpg HTTP/1.1
Host: www.carztune.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://agfagto-festival-news.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=1333600, public
expires: Sat, 17 Dec 2022 02:21:01 GMT
content-type: image/jpeg
last-modified: Thu, 04 Oct 2018 10:09:39 GMT
etag: "05bb5e6e3-0;;;"
accept-ranges: bytes
content-length: 250085
date: Sat, 10 Dec 2022 02:21:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
vary: User-Agent
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash a36f8a25c09a4eafa56fd77004c0cb40
fc6f8807fe39e7f3becae6e25cdf6b6335b0370a
2db60d8e49c7cb19165b9ba425cf1f46bd4698d6d56da0aebf5eec04c1aa1c5b
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=158663
Date: Sat, 10 Dec 2022 02:21:01 GMT
Etag: "6393b5d4-1d7"
Expires: Sun, 11 Dec 2022 22:25:24 GMT
Last-Modified: Fri, 09 Dec 2022 22:25:24 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: vly8iiLt_2-wSB3HhQQldAQkKxUosKJlNp4veZizQhRxMc89I4kyiw==
cartype.com/pics/7600/full/porsche_718_w-rs_spyder_sm_62_05.jpg
45.79.0.147200 OK 107 kB URL HTTP/1.1 cartype.com/pics/7600/full/porsche_718_w-rs_spyder_sm_62_05.jpg
IP 45.79.0.147:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 1100x733, components 3\012- data
Size 107 kB (107064 bytes)
Hash fb56bce00459e15739908da523d96c6f
82d5b798c7af83540d6ae0a7e76f0f007b3285d9
11c10b6c09606ac5c961827c45c1aace1ad76d37e56f5b727a56cc3614514169
GET /pics/7600/full/porsche_718_w-rs_spyder_sm_62_05.jpg HTTP/1.1
Host: cartype.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://agfagto-festival-news.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 10 Dec 2022 02:21:01 GMT
Server: Apache/2.4.7 (Ubuntu)
Strict-Transport-Security: max-age=15552001;
Last-Modified: Fri, 07 Dec 2012 00:13:00 GMT
ETag: "1a238-4d038140d3b00"
Accept-Ranges: bytes
Content-Length: 107064
Cache-Control: max-age=31449600, public
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
Content-Type: image/jpeg
www.ultimatecarpage.com/images/large/3480/Porsche-718-RS-60-Spyder_6.jpg
52.117.207.40200 OK 128 kB URL HTTP/1.1 www.ultimatecarpage.com/images/large/3480/Porsche-718-RS-60-Spyder_6.jpg
IP 52.117.207.40:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, progressive, precision 8, 1024x768, components 3\012- data
Size 128 kB (127545 bytes)
Hash db2189d7d42d0ae5d15e17e9f2b9d53f
22f3588dc977e334c8c3f9d21f51448ed79d35d4
ed65453f723d81dc88c2b24873a686b9e8f0094ffbb2a3ae97e3010dcc7afe36
GET /images/large/3480/Porsche-718-RS-60-Spyder_6.jpg HTTP/1.1
Host: www.ultimatecarpage.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://agfagto-festival-news.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 10 Dec 2022 02:21:01 GMT
Server: Apache
Last-Modified: Wed, 28 Nov 2007 12:00:24 GMT
Accept-Ranges: bytes
Content-Length: 127545
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/jpeg
ww1.lostwebtracker.com/js/parking.2.100.2.js
199.59.243.222200 OK 22 kB URL HTTP/1.1 ww1.lostwebtracker.com/js/parking.2.100.2.js
IP 199.59.243.222:0
File type HTML document, ASCII text, with very long lines (65536), with no line terminators
Hash 239c79e8ead12ade233b4b98f3a1d68d
ebb33fbc73ffa07c517270874bef61576c7aecf6
148cf1738ec4c4800fa6e1fa02ea75d6cc76c5d0096b11dc1af4b47ffbcf2d0b
Analyzer Verdict Alert fortinet Phishing
GET /js/parking.2.100.2.js HTTP/1.1
Host: ww1.lostwebtracker.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww1.lostwebtracker.com/
HTTP/1.1 200 OK
Server: openresty
Date: Sat, 10 Dec 2022 02:21:02 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Mon, 14 Nov 2022 17:45:48 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Encoding: gzip
www.ssrfanatic.com/attachments/111-jpg.104303/
104.16.173.102200 OK 597 kB URL HTTP/2 www.ssrfanatic.com/attachments/111-jpg.104303/
IP 104.16.173.102:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 180x180, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=11, manufacturer=Canon, model=Canon PowerShot A530, orientation=upper-left, xresolution=2234, yresolution=2242, resolutionunit=2, software=Microsoft Windows Photo Gallery 6.0.6001.18000, datetime=2010:10:28 18:31:34], baseline, precision 8, 1588x1243, components 3\012- data
Size 597 kB (596631 bytes)
Hash 83c73bc8ef698b99106c0563f0869b13
b24e99288a576cec97eb8755675a41cfa1010d0e
8af0abb811d2b0249bf683869ad858015897333b63533f8af4219875871e890f
GET /attachments/111-jpg.104303/ HTTP/1.1
Host: www.ssrfanatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://agfagto-festival-news.blogspot.com/
Connection: keep-alive
Cookie: __cf_bm=eQUY1.YOT.BinMm9W1w3bIJg8unKwG3gFbZ6rPD2itU-1670638861-0-AVYVsnFdOToOTs5cRAc+svce3p3/VDE0y6mybSuU860J7+AC6ey65+vrcSC7d1eqjIrublW/CCEj47+z5nMvrMZx0vHcFXAiwnGHgWsnE7cr
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Dec 2022 02:21:02 GMT
content-type: image/jpeg
content-length: 596631
x-frame-options: SAMEORIGIN
cache-control: public, max-age=31536000
x-content-type-options: nosniff
last-modified: Sat, 10 Dec 2022 02:21:01 GMT
content-disposition: inline; filename="111.jpg"
expires: Thu, 19 Nov 1981 08:52:00 GMT
x-cluster-node: xenforo-0e196b46-6b8c4f75fb-5ldm6
x-ua-compatible: IE=Edge,chrome=1
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' https://data-labeling.platforum.cloud/
x-envoy-upstream-service-time: 58
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: BYPASS
set-cookie: isInTestGroup_sidebarMiddleAd9010=1; expires=Mon, 09-Dec-2024 02:21:01 GMT; Max-Age=63072000; path=/; HttpOnly
experiment_sidebarMiddleAd9010=original; expires=Mon, 09-Dec-2024 02:21:01 GMT; Max-Age=63072000; path=/; HttpOnly
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 777281363e960b51-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash a49ab5ecc317aa7e4724050053737549
3ffff77715bf8c5dbcbb5e17abbbc2c683c36f60
844f25237f9906c3fb977d58259e132c41dacbbe546adc8b45e9992e6ee711c0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 02:21:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ww1.lostwebtracker.com/_fd
199.59.243.222200 OK 2.7 kB URL HTTP/1.1 ww1.lostwebtracker.com/_fd
IP 199.59.243.222:0
File type ASCII text, with very long lines (5369), with no line terminators
Hash b8d5daaee64cc57d416e64588bbc7c29
dc50a20ad22e3870055bf948c28cbd69861d9a5f
bc42a9ced44b113839a408d6f09512c544d85fc1af5e77f5722f0d0e9ff6c552
Analyzer Verdict Alert fortinet Phishing
POST /_fd HTTP/1.1
Host: ww1.lostwebtracker.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww1.lostwebtracker.com/
Content-Type: application/json
Origin: http://ww1.lostwebtracker.com
Connection: keep-alive
Content-Length: 0
HTTP/1.1 200 OK
Server: openresty
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Date: Sat, 10 Dec 2022 02:21:02 GMT
X-Version: 2.100.2
Set-Cookie: parking_session=e873abab-2569-4fed-9af8-78bff48c9786; expires=Sat, 10-Dec-2022 02:36:02 GMT; Max-Age=900; path=/; httponly
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Encoding: gzip
ww1.lostwebtracker.com/px.gif?ch=1&rn=10.014536973400626
199.59.243.222200 OK 42 B URL HTTP/1.1 ww1.lostwebtracker.com/px.gif?ch=1&rn=10.014536973400626
IP 199.59.243.222:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /px.gif?ch=1&rn=10.014536973400626 HTTP/1.1
Host: ww1.lostwebtracker.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww1.lostwebtracker.com/
HTTP/1.1 200 OK
Server: openresty
Date: Sat, 10 Dec 2022 02:21:02 GMT
Content-Type: image/gif
Content-Length: 42
Last-Modified: Wed, 15 Sep 2021 19:38:30 GMT
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Accept-Ranges: bytes
ww1.lostwebtracker.com/px.gif?ch=2&rn=10.014536973400626
199.59.243.222200 OK 42 B URL HTTP/1.1 ww1.lostwebtracker.com/px.gif?ch=2&rn=10.014536973400626
IP 199.59.243.222:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /px.gif?ch=2&rn=10.014536973400626 HTTP/1.1
Host: ww1.lostwebtracker.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww1.lostwebtracker.com/
HTTP/1.1 200 OK
Server: openresty
Date: Sat, 10 Dec 2022 02:21:02 GMT
Content-Type: image/gif
Content-Length: 42
Last-Modified: Wed, 15 Sep 2021 19:38:30 GMT
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Accept-Ranges: bytes
amglifestyle.com/wp-content/uploads/2011/05/mb_slrstirling5.jpg
162.241.225.204301 Moved Permanently 0 B URL HTTP/2 amglifestyle.com/wp-content/uploads/2011/05/mb_slrstirling5.jpg
IP 162.241.225.204:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /wp-content/uploads/2011/05/mb_slrstirling5.jpg HTTP/1.1
Host: amglifestyle.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://agfagto-festival-news.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
location: https://www.amglifestyle.com/wp-content/uploads/2011/05/mb_slrstirling5.jpg
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 10 Dec 2022 02:21:01 GMT
server: Apache
X-Firefox-Spdy: h2
aws-cf.imdoc.fr/prod/photos/0/4/5/3967045/2942493/big-2942493750.jpg?v=5
54.230.111.15200 OK 1.2 MB URL HTTP/2 aws-cf.imdoc.fr/prod/photos/0/4/5/3967045/2942493/big-2942493750.jpg?v=5
IP 54.230.111.15:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 2848x2134, components 3\012- data
Size 1.2 MB (1154048 bytes)
Hash 3ca73ebab75a9df997e55907462c839c
acdf0f1352499aca082d36786ca79d1d2e885090
ec19f3eee64c0056f857f5d1cf406f40df64cecb6183f44ed4d52e984567e0de
GET /prod/photos/0/4/5/3967045/2942493/big-2942493750.jpg?v=5 HTTP/1.1
Host: aws-cf.imdoc.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://agfagto-festival-news.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/jpeg
content-length: 1154048
date: Sat, 10 Dec 2022 02:21:03 GMT
last-modified: Fri, 11 Jan 2019 07:27:19 GMT
etag: "3ca73ebab75a9df997e55907462c839c"
cache-control: public, max-age=1296000
x-amz-version-id: F6Opsulyo2CrB9sxrAoS92CQ_QYGPU4c
accept-ranges: bytes
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: c_EiwzcR6WMsKhd9QpFyT_P0jCvGCkC-Iq-QxOEx63geSl6Vynq7Aw==
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash b658d05e796c732572cbbb288f9dbd7a
66c489a55cdfda30f31c88dd4fbedf1ee138229f
f34d9a993edb309ed27889ac25679317ac691d7ca129aaf0732033013478df0c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 02:21:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash b658d05e796c732572cbbb288f9dbd7a
66c489a55cdfda30f31c88dd4fbedf1ee138229f
f34d9a993edb309ed27889ac25679317ac691d7ca129aaf0732033013478df0c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 02:21:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash edac2b4e678c48b1fc3be3a06793bfcb
23f1f41a2194536d77a2497d7255b13747fd9af0
e6b36b71f3633bd9d2b80043967f9579820f0ef1d5f66e5c401806de13cbe2a1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 02:21:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/search.svg?c=%2302198b
142.250.74.97200 OK 272 B URL HTTP/2 afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/search.svg?c=%2302198b
IP 142.250.74.97:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (390)
Hash ab1acb76dd408583614a7a6cedf41866
e2d2d7074479023d37474ab62755b658d22d4ab1
8622edbe2503910e3cbeecef073a09e662fd2507436c3aabf885d155afd96565
GET /ad_icons/standard/publisher_icon_image/search.svg?c=%2302198b HTTP/1.1
Host: afs.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers"
report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-length: 272
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
date: Fri, 09 Dec 2022 13:18:21 GMT
expires: Sat, 10 Dec 2022 12:18:21 GMT
cache-control: public, max-age=82800
age: 46961
last-modified: Thu, 19 Dec 2019 14:15:00 GMT
content-type: image/svg+xml
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/call_to_action_arrow.svg?c=%23ffffff
142.250.74.97200 OK 278 B URL HTTP/2 afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/call_to_action_arrow.svg?c=%23ffffff
IP 142.250.74.97:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (306)
Hash bb7fc36f627255dd4783f849dca0932e
80e89ef8f3c2c8ee982523757fce214ea7323a69
735f48c2876099e6a731c65fc46ec1ec133c316e0997d04eb0ee246741bee647
GET /ad_icons/standard/publisher_icon_image/call_to_action_arrow.svg?c=%23ffffff HTTP/1.1
Host: afs.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers"
report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-length: 278
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
date: Fri, 09 Dec 2022 06:17:47 GMT
expires: Sat, 10 Dec 2022 05:17:47 GMT
cache-control: public, max-age=82800
age: 72195
last-modified: Tue, 09 Feb 2021 14:15:00 GMT
content-type: image/svg+xml
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
farm3.static.flickr.com/2090/5772666383_fa236282f7.jpg
143.204.48.75301 Moved Permanently 167 B URL HTTP/1.1 farm3.static.flickr.com/2090/5772666383_fa236282f7.jpg
IP 143.204.48.75:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash f5d40b7259645010f9a248858ad14178
b3051d17a6ec8c9e166bf09a62b48261ab86957b
7f5007068d2b56ea9735e2490d60cff2e72cae312024ac1f6c91158eba47d05d
GET /2090/5772666383_fa236282f7.jpg HTTP/1.1
Host: farm3.static.flickr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://agfagto-festival-news.blogspot.com/
HTTP/1.1 301 Moved Permanently
Server: CloudFront
Date: Sat, 10 Dec 2022 02:21:02 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Location: https://farm3.static.flickr.com/2090/5772666383_fa236282f7.jpg
X-Cache: Redirect from cloudfront
Via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: -io8X-WikMR_Vu7zjmpPJiLoiFJi05vp5nFYY0px17nKiyDnpmm4pw==
pzrservices.typepad.com/vintageadvertising/images/2008/04/02/50f2big.gif
104.18.139.190301 Moved Permanently 0 B URL HTTP/1.1 pzrservices.typepad.com/vintageadvertising/images/2008/04/02/50f2big.gif
IP 104.18.139.190:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /vintageadvertising/images/2008/04/02/50f2big.gif HTTP/1.1
Host: pzrservices.typepad.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://agfagto-festival-news.blogspot.com/
HTTP/1.1 301 Moved Permanently
Date: Sat, 10 Dec 2022 02:21:02 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sat, 10 Dec 2022 03:21:02 GMT
Location: https://pzrservices.typepad.com/vintageadvertising/images/2008/04/02/50f2big.gif
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7772813bac09b512-OSL
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash b658d05e796c732572cbbb288f9dbd7a
66c489a55cdfda30f31c88dd4fbedf1ee138229f
f34d9a993edb309ed27889ac25679317ac691d7ca129aaf0732033013478df0c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 02:21:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash edac2b4e678c48b1fc3be3a06793bfcb
23f1f41a2194536d77a2497d7255b13747fd9af0
e6b36b71f3633bd9d2b80043967f9579820f0ef1d5f66e5c401806de13cbe2a1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 02:21:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash f8c74552d6c1efadbb0b8e363da7188c
5949b44e92350953126759864eed6baa3490b2e9
84abb71b3acbdd7ac88363e19770f4bf0e340d58745cd74b55c8f6f9d6d416c5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3483
Cache-Control: max-age=140874
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 02:21:02 GMT
Etag: "639362bd-117"
Expires: Sun, 11 Dec 2022 17:28:56 GMT
Last-Modified: Fri, 09 Dec 2022 16:30:53 GMT
Server: ECS (amb/6B98)
X-Cache: HIT
Content-Length: 279
ww1.lostwebtracker.com/
199.59.243.222200 OK 1.1 kB IP 199.59.243.222:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1504), with no line terminators
Hash 513271685fc87f055c54142184100213
bd2264f0b5513c5fec93f531807550511b40b7ae
92685a24a2f7152d97fd8761ed3d0c4979304ef497bbc5b4d8aa4e2e57b111fe
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: ww1.lostwebtracker.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww1.lostwebtracker.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: openresty
Date: Sat, 10 Dec 2022 02:21:02 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: parking_session=63c56ad4-c2c6-e432-4b92-b3746414a2ac; expires=Sat, 10-Dec-2022 02:36:02 GMT; Max-Age=900; path=/; HttpOnly
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_BTQ6cSsBQzLx3zBKetgSI8dHJVb2L9mBW1+HHXyOs7F+LjgjF6WXL5MdfkDCqaVLcplk0r1fWKREvuM8z2Q0qQ==
Accept-CH: sec-ch-prefers-color-scheme
Critical-CH: sec-ch-prefers-color-scheme
Vary: sec-ch-prefers-color-scheme
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Encoding: gzip
ww1.lostwebtracker.com/js/parking.2.100.2.js
199.59.243.222200 OK 22 kB URL HTTP/1.1 ww1.lostwebtracker.com/js/parking.2.100.2.js
IP 199.59.243.222:0
File type HTML document, ASCII text, with very long lines (65536), with no line terminators
Hash 239c79e8ead12ade233b4b98f3a1d68d
ebb33fbc73ffa07c517270874bef61576c7aecf6
148cf1738ec4c4800fa6e1fa02ea75d6cc76c5d0096b11dc1af4b47ffbcf2d0b
Analyzer Verdict Alert fortinet Phishing
GET /js/parking.2.100.2.js HTTP/1.1
Host: ww1.lostwebtracker.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww1.lostwebtracker.com/
Cookie: parking_session=63c56ad4-c2c6-e432-4b92-b3746414a2ac
HTTP/1.1 200 OK
Server: openresty
Date: Sat, 10 Dec 2022 02:21:03 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Mon, 14 Nov 2022 17:46:19 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Encoding: gzip
ww1.lostwebtracker.com/_fd
199.59.243.222200 OK 2.1 kB URL HTTP/1.1 ww1.lostwebtracker.com/_fd
IP 199.59.243.222:0
File type ASCII text, with very long lines (4109), with no line terminators
Hash 2b92d234526b5e473742bbfd6ced61ec
098d430bdf7a3fa5965a3427638003b8122e699e
a02694bcf121324543c778aa458b7c49e66cebe09d43e480644c55243958469a
Analyzer Verdict Alert fortinet Phishing
POST /_fd HTTP/1.1
Host: ww1.lostwebtracker.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww1.lostwebtracker.com/
Content-Type: application/json
Origin: http://ww1.lostwebtracker.com
Connection: keep-alive
Cookie: parking_session=63c56ad4-c2c6-e432-4b92-b3746414a2ac
Content-Length: 0
HTTP/1.1 200 OK
Server: openresty
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Date: Sat, 10 Dec 2022 02:21:03 GMT
X-Version: 2.100.2
Set-Cookie: parking_session=63c56ad4-c2c6-e432-4b92-b3746414a2ac; expires=Sat, 10-Dec-2022 02:36:03 GMT; Max-Age=900; path=/; httponly
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Encoding: gzip
ww1.lostwebtracker.com/px.gif?ch=1&rn=6.927160425915205
199.59.243.222200 OK 42 B URL HTTP/1.1 ww1.lostwebtracker.com/px.gif?ch=1&rn=6.927160425915205
IP 199.59.243.222:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /px.gif?ch=1&rn=6.927160425915205 HTTP/1.1
Host: ww1.lostwebtracker.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww1.lostwebtracker.com/
Cookie: parking_session=63c56ad4-c2c6-e432-4b92-b3746414a2ac
HTTP/1.1 200 OK
Server: openresty
Date: Sat, 10 Dec 2022 02:21:03 GMT
Content-Type: image/gif
Content-Length: 42
Last-Modified: Wed, 15 Sep 2021 19:38:30 GMT
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Accept-Ranges: bytes
ww1.lostwebtracker.com/px.gif?ch=2&rn=6.927160425915205
199.59.243.222200 OK 42 B URL HTTP/1.1 ww1.lostwebtracker.com/px.gif?ch=2&rn=6.927160425915205
IP 199.59.243.222:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /px.gif?ch=2&rn=6.927160425915205 HTTP/1.1
Host: ww1.lostwebtracker.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww1.lostwebtracker.com/
Cookie: parking_session=63c56ad4-c2c6-e432-4b92-b3746414a2ac
HTTP/1.1 200 OK
Server: openresty
Date: Sat, 10 Dec 2022 02:21:03 GMT
Content-Type: image/gif
Content-Length: 42
Last-Modified: Wed, 15 Sep 2021 19:38:30 GMT
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash a49ab5ecc317aa7e4724050053737549
3ffff77715bf8c5dbcbb5e17abbbc2c683c36f60
844f25237f9906c3fb977d58259e132c41dacbbe546adc8b45e9992e6ee711c0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 02:21:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ww1.lostwebtracker.com/favicon.ico
199.59.243.222200 OK 0 B URL HTTP/1.1 ww1.lostwebtracker.com/favicon.ico
IP 199.59.243.222:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: ww1.lostwebtracker.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww1.lostwebtracker.com/
Cookie: parking_session=63c56ad4-c2c6-e432-4b92-b3746414a2ac
HTTP/1.1 200 OK
Server: openresty
Date: Sat, 10 Dec 2022 02:21:03 GMT
Content-Type: image/x-icon
Content-Length: 0
Last-Modified: Wed, 15 Sep 2021 19:38:30 GMT
Connection: keep-alive
ETag: "61424bb6-0"
x-backend-server: ip-10-201-16-121.ec2.internal
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 5c47323f3c87a762f10eefa6428fd9a0
cb77a70e53cc19c8c8b1a2862bad8f4e59fca6a4
4445ce383fa1c8372d5251b5ff0233375270a379c3292c2f73589232e86f25b4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 02:21:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/adsense/domains/caf.js
216.58.207.228200 OK 54 kB URL HTTP/2 www.google.com/adsense/domains/caf.js
IP 216.58.207.228:0
File type ASCII text, with very long lines (1885)
Hash cb0d91e1ff3f0fdcd571ad352f522c64
ac9a9afd29999bee0e0fb2bd0ff32900ec0b3c2b
98c2ed1089f62178287f7785804a7a202e6a0241a1c22101a5cdd758ba32bb1d
GET /adsense/domains/caf.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ww1.lostwebtracker.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
date: Sat, 10 Dec 2022 02:21:03 GMT
expires: Sat, 10 Dec 2022 02:21:03 GMT
cache-control: private, max-age=3600
etag: "14181701328128387770"
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 5c47323f3c87a762f10eefa6428fd9a0
cb77a70e53cc19c8c8b1a2862bad8f4e59fca6a4
4445ce383fa1c8372d5251b5ff0233375270a379c3292c2f73589232e86f25b4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 02:21:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash edac2b4e678c48b1fc3be3a06793bfcb
23f1f41a2194536d77a2497d7255b13747fd9af0
e6b36b71f3633bd9d2b80043967f9579820f0ef1d5f66e5c401806de13cbe2a1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 02:21:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash b658d05e796c732572cbbb288f9dbd7a
66c489a55cdfda30f31c88dd4fbedf1ee138229f
f34d9a993edb309ed27889ac25679317ac691d7ca129aaf0732033013478df0c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 02:21:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash b658d05e796c732572cbbb288f9dbd7a
66c489a55cdfda30f31c88dd4fbedf1ee138229f
f34d9a993edb309ed27889ac25679317ac691d7ca129aaf0732033013478df0c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 02:21:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash e4f546e102d986faf1029509d599b730
cc045a705fd6758b7b575fde5dfb79facc9c3546
ef492301b2b30e5076f7dffa07973e65e9a200ba9ef4d3568a527d3f973f3349
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 02:21:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/call_to_action_arrow.svg?c=%23ffffff
142.250.74.97200 OK 278 B URL HTTP/2 afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/call_to_action_arrow.svg?c=%23ffffff
IP 142.250.74.97:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (306)
Hash bb7fc36f627255dd4783f849dca0932e
80e89ef8f3c2c8ee982523757fce214ea7323a69
735f48c2876099e6a731c65fc46ec1ec133c316e0997d04eb0ee246741bee647
GET /ad_icons/standard/publisher_icon_image/call_to_action_arrow.svg?c=%23ffffff HTTP/1.1
Host: afs.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers"
report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-length: 278
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
date: Fri, 09 Dec 2022 06:17:47 GMT
expires: Sat, 10 Dec 2022 05:17:47 GMT
cache-control: public, max-age=82800
age: 72196
last-modified: Tue, 09 Feb 2021 14:15:00 GMT
content-type: image/svg+xml
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Michroma&display=swap
142.250.74.106200 OK 552 B URL HTTP/2 fonts.googleapis.com/css?family=Michroma&display=swap
IP 142.250.74.106:0
File type ASCII text, with very long lines (390)
Hash 3ae821533645aa6e503e21990703c050
7f98fde15e93e75afad6c3b8738e9d6ae7e53e46
2cad3d8109f565218b15713f3c3992b8301f949fc73dd8b28b8bb2a41887350f
GET /css?family=Michroma&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 10 Dec 2022 02:21:03 GMT
date: Sat, 10 Dec 2022 02:21:03 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Quicksand
142.250.74.106200 OK 18 kB URL HTTP/2 fonts.googleapis.com/css?family=Quicksand
IP 142.250.74.106:0
Hash 0a79e109d1449fddc76542032874281c
13cb367c21d4f41306eff490027689e2b42b0a6d
050001ca18f5d593123d792c8fb0c4063186f96198ae25e1bfc5e063e458cf67
GET /css?family=Quicksand HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ww1.lostwebtracker.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 10 Dec 2022 02:21:02 GMT
date: Sat, 10 Dec 2022 02:21:02 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/adsense/domains/caf.js
216.58.207.228200 OK 54 kB URL HTTP/2 www.google.com/adsense/domains/caf.js
IP 216.58.207.228:0
Hash 3b0fbc3d301459d8c23803c440da8562
0c0e9b5602a30e01e0665f52124b9493e196540e
2fed295dc31c918a30ea76c4843ea071e61a2a8f8aecc8cbfd23808bf08c29ab
GET /adsense/domains/caf.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ww1.lostwebtracker.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
date: Sat, 10 Dec 2022 02:21:02 GMT
expires: Sat, 10 Dec 2022 02:21:02 GMT
cache-control: private, max-age=3600
etag: "9096543464630205400"
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/quicksand/v30/6xK-dSZaM9iE8KbpRA_LJ3z8mH9BOJvgkP8o58a-wg.woff2
142.250.74.35200 OK 14 kB URL HTTP/2 fonts.gstatic.com/s/quicksand/v30/6xK-dSZaM9iE8KbpRA_LJ3z8mH9BOJvgkP8o58a-wg.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 13888, version 1.0\012- data
Hash 099548fac114f5f6498c5c75b943581d
7505fcaf9f4fe36634352b322a9f5fed1256a9f6
e36165510050fc4ef1d87cc430dd4d1d0f6a705c5f4aa7b3a97493921884bb05
GET /s/quicksand/v30/6xK-dSZaM9iE8KbpRA_LJ3z8mH9BOJvgkP8o58a-wg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://ww1.lostwebtracker.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 13888
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 09 Dec 2022 13:33:19 GMT
expires: Sat, 09 Dec 2023 13:33:19 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 18 Jul 2022 19:12:09 GMT
content-type: font/woff2
age: 46064
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ww1.lostwebtracker.com/_tr
199.59.243.222200 OK 22 B URL HTTP/1.1 ww1.lostwebtracker.com/_tr
IP 199.59.243.222:0
File type ASCII text, with no line terminators
Hash 5cfde9b47de2d84bd26fc473632647c0
fd53c70631b6068328be57daec71bd94bf004d41
47fd05ef74fef5da03fa22483e63fc977cad8e026ae41dadbbcc3745907f306b
Analyzer Verdict Alert fortinet Phishing
POST /_tr HTTP/1.1
Host: ww1.lostwebtracker.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww1.lostwebtracker.com/
Content-Type: application/json
Origin: http://ww1.lostwebtracker.com
Content-Length: 2161
Connection: keep-alive
Cookie: parking_session=63c56ad4-c2c6-e432-4b92-b3746414a2ac; __gsas=ID=8284a1f224691bf4:T=1670638863:S=ALNI_MZn-hLKuLP0_0d6jDVY-Q-z2vOaCg
HTTP/1.1 200 OK
Server: openresty
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Date: Sat, 10 Dec 2022 02:21:03 GMT
X-Version: 2.100.2
Set-Cookie: parking_session=63c56ad4-c2c6-e432-4b92-b3746414a2ac; expires=Sat, 10-Dec-2022 02:36:03 GMT; Max-Age=900; path=/; httponly
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Encoding: gzip
fonts.googleapis.com/css?family=Michroma&display=swap
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Michroma&display=swap
IP 142.250.74.106:0
GET /css?family=Michroma&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 10 Dec 2022 02:21:02 GMT
date: Sat, 10 Dec 2022 02:21:02 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fm107.com/wrhm/wp-content/uploads/2010/11/jaclyn_north.jpg
34.205.242.146404 Not Found 0 B URL HTTP/1.0 fm107.com/wrhm/wp-content/uploads/2010/11/jaclyn_north.jpg
IP 34.205.242.146:0
GET /wrhm/wp-content/uploads/2010/11/jaclyn_north.jpg HTTP/1.1
Host: fm107.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://agfagto-festival-news.blogspot.com/
HTTP/1.0 404 Not Found
cache-control: no-cache
content-type: text/html
x-reason: MediaRequest
www.allfordmustangs.com/forums/attachments/mustang-ii-talk/31967d1187919039-my-1977-mustang-ii-has-new-stripes-2007_0213stripes0001.jpg
104.16.173.102301 Moved Permanently 0 B URL HTTP/2 www.allfordmustangs.com/forums/attachments/mustang-ii-talk/31967d1187919039-my-1977-mustang-ii-has-new-stripes-2007_0213stripes0001.jpg
IP 104.16.173.102:0
GET /forums/attachments/mustang-ii-talk/31967d1187919039-my-1977-mustang-ii-has-new-stripes-2007_0213stripes0001.jpg HTTP/1.1
Host: www.allfordmustangs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://agfagto-festival-news.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Sat, 10 Dec 2022 02:21:01 GMT
content-type: text/html; charset=utf-8
location: https://www.allfordmustangs.com/attachments/2007_0213stripes0001-jpg.31967/
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
last-modified: Sat, 10 Dec 2022 02:21:00 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: private, no-cache, max-age=0
vary: Accept-Encoding
x-cluster-node: xenforo-0e196b46-6b8c4f75fb-qkvn4
x-ua-compatible: IE=Edge,chrome=1
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' https://data-labeling.platforum.cloud/
x-envoy-upstream-service-time: 109
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: BYPASS
set-cookie: isInTestGroup_imageBanner=1; expires=Mon, 09-Dec-2024 02:21:01 GMT; Max-Age=63072000; path=/; HttpOnly
experiment_imageBanner=hidden; expires=Mon, 09-Dec-2024 02:21:01 GMT; Max-Age=63072000; path=/; HttpOnly
isInTestGroup_sidebarMiddleAd9010=1; expires=Mon, 09-Dec-2024 02:21:01 GMT; Max-Age=63072000; path=/; HttpOnly
experiment_sidebarMiddleAd9010=sidebarMiddleAdExp; expires=Mon, 09-Dec-2024 02:21:01 GMT; Max-Age=63072000; path=/; HttpOnly
xf_csrf=mRtKUcsE4QASZv8Y; path=/; secure
__cf_bm=WIEGZD6kcH95163dbTnllQy1wXsnBv0JA.VQPmJ.W4g-1670638861-0-Acd+znvomrFY5Ev3PkDe6cIJ4GhlRbgFfOH00FcPbYYDeXa94xE2fFuuEmjNn4YKEMCwwHdOUKkI+Eq56d694Zy/mColj4Jd31CLH+StR5Th; path=/; expires=Sat, 10-Dec-22 02:51:01 GMT; domain=.www.allfordmustangs.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 7772813079050b69-OSL
X-Firefox-Spdy: h2
www.edmunds.com/car-news/
104.84.152.49200 OK 0 B URL HTTP/2 www.edmunds.com/car-news/
IP 104.84.152.49:0
ASN #20940 Akamai International B.V.
GET /car-news/ HTTP/1.1
Host: www.edmunds.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://agfagto-festival-news.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-dns-prefetch-control: off
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-artifact-id: node-site-venom
x-artifact-version: 2.0.3249
x-container-id: ip-10-58-52-134.ec2.internal
x-instance-id: 561e01cada8a4e01a6546816f55c9eae-1714341083
x-az: us-east-1b
x-echo-amzn-trace-id: Self=1-6393ed0d-54cb8eca15b7a5835830640d;Root=1-6393ed0d-0f55b8366cb8b71c7af50fd8
referrer-policy: no-referrer-when-downgrade
content-encoding: gzip
x-edw-page-name: car_news_industry_article_index
x-edw-page-cat: car-news
x-session-id: 581331316186322700
x-visitor-id: 2fdef79a-8787-4c29-83a6-2a9cab72a284
x-response-time-ms: 94.916
server: ECD/PROD-11
date: Sat, 10 Dec 2022 02:21:01 GMT
vary: Accept-Encoding
set-cookie: feature-flags=j%3A%7B%7D; Max-Age=900; Path=/; Expires=Sat, 10 Dec 2022 02:36:01 GMT; HttpOnly; Secure; SameSite=Lax
visitor-id=2fdef79a-8787-4c29-83a6-2a9cab72a284; Max-Age=315360000; Domain=.edmunds.com; Path=/; Expires=Tue, 07 Dec 2032 02:21:01 GMT; HttpOnly; Secure; SameSite=None
edmunds=2fdef79a-8787-4c29-83a6-2a9cab72a284; Max-Age=31536000; Domain=.edmunds.com; Path=/; Expires=Sun, 10 Dec 2023 02:21:01 GMT; Secure; SameSite=None
session-id=581331316186322700; Max-Age=1800; Domain=.edmunds.com; Path=/; Expires=Sat, 10 Dec 2022 02:51:01 GMT; HttpOnly; Secure; SameSite=None
edw=581331316186322700; Max-Age=1800; Domain=.edmunds.com; Path=/; Expires=Sat, 10 Dec 2022 02:51:01 GMT; Secure; SameSite=None
usprivacy=1NNN; Max-Age=315360000; Domain=.edmunds.com; Path=/; Expires=Tue, 07 Dec 2032 02:21:01 GMT; HttpOnly; Secure; SameSite=Lax
location=j%3A%7B%22zipCode%22%3A%2258067%22%2C%22type%22%3A%22Standard%22%2C%22areaCode%22%3A%22701%22%2C%22timeZone%22%3A%22Central%22%2C%22gmtOffset%22%3A-6%2C%22dst%22%3A%221%22%2C%22latitude%22%3A46.054802%2C%22longitude%22%3A-97.502278%2C%22salesTax%22%3A0.05%2C%22dma%22%3A%22724%22%2C%22dmaRank%22%3A113%2C%22stateCode%22%3A%22ND%22%2C%22city%22%3A%22Rutland%22%2C%22county%22%3A%22Sargent%22%2C%22inPilotDMA%22%3Atrue%2C%22state%22%3A%22North%20Dakota%22%2C%22ipDma%22%3A%22724%22%2C%22ipStateCode%22%3A%22ND%22%2C%22ipZipCode%22%3A%2258067%22%2C%22userIP%22%3A%2291.90.42.154%22%2C%22userSet%22%3Anull%7D; Max-Age=1800; Domain=.edmunds.com; Path=/; Expires=Sat, 10 Dec 2022 02:51:01 GMT; HttpOnly; Secure; SameSite=Lax
EdmundsYear="&zip=58067&dma=724:IP&city=Rutland&state=ND&lat=46.054802&lon=-97.502278"; Max-Age=31536000; Domain=.edmunds.com; Path=/; Expires=Sun, 10 Dec 2023 02:21:01 GMT; HttpOnly; Secure; SameSite=Lax
entry_url=www.edmunds.com%2Fcar-news%2F; Max-Age=1800; Domain=.edmunds.com; Path=/; Expires=Sat, 10 Dec 2022 02:51:01 GMT; Secure; SameSite=Lax
entry_page=car_news_industry_article_index; Max-Age=1800; Domain=.edmunds.com; Path=/; Expires=Sat, 10 Dec 2022 02:51:01 GMT; Secure; SameSite=Lax
entry_url_params=%7B%7D; Max-Age=1800; Domain=.edmunds.com; Path=/; Expires=Sat, 10 Dec 2022 02:51:01 GMT; Secure; SameSite=Lax
device-characterization=false,false; path=/
content-targeting=NO,,OSLO,,10.75,59.92,; path=/
ak_bmsc=588BE51EC56341773889863F3E5D7AE7~000000000000000000000000000000~YAAQLZhUaOwkZ/CEAQAAGP3V+RKAwO9Knw1bLTzkN7BPqHIurWN8jYg/x1iQnzor8pU2AyBJKId+9B6p8cBG2AVkpqw8hCd90MhsDTkaew2m4yVKQwnpVspdRiargijGOgayQEXnVKHCELHYKKutj3qToAvTzIW8W5CtcQ81WLDqLteusqS19kaIvgveDyE9KZlZKGJZutVra2dEON1MLss8TdDhqPWofCAV1UukxrUMDT0f03gpGjofz+41dqf/bgVGJ+DzvnVlMhLJD7JWuPV4YrCzFgCi/rf1FviSoZkYzWW8UHGlcFbjc6XeBLI9qqS8ALGBl/b8BUa6I2KX7Ze3RV+4eEYXM+hQAUpT+7MAeBNy38MiaLbAdxPPD3B6u2bdgzhxVMUIUw==; Domain=.edmunds.com; Path=/; Expires=Sat, 10 Dec 2022 04:21:01 GMT; Max-Age=7200; HttpOnly
content-security-policy: frame-ancestors 'self' https://forums.edmunds.com/, upgrade-insecure-requests
X-Firefox-Spdy: h2
www.dubizzle.com/
45.60.242.176200 OK 0 B IP 45.60.242.176:0
GET / HTTP/1.1
Host: www.dubizzle.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://agfagto-festival-news.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 10 Dec 2022 02:21:01 GMT
content-type: text/html; charset=utf-8
x-xss-protection: 1; mode=block
content-language: en
vary: Accept-Language, Cookie
x-correlation-id: 9f847e5f72718ce4840958a738f246e3, 568f5c10-3de8-417c-801e-74091ed132c0
set-cookie: skybar_sess_False=1; Domain=.dubizzle.com; expires=Sun, 11 Dec 2022 02:21:01 GMT; Path=/
paabar_sess=; Domain=.dubizzle.com; expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Path=/
ias=0; Domain=.dubizzle.com; expires=Sat, 17-Dec-2022 02:21:01 GMT; Max-Age=604800; Path=/
sid=kcifs8qslxbditl5rb9v8djv8qxwdkrt; Domain=.dubizzle.com; expires=Sat, 17-Dec-2022 02:21:01 GMT; httponly; Max-Age=604800; Path=/; secure
nlbi_2413658=xNQbWVq55DN+4Hr6T83W0gAAAADqdNo/vlV25MpYNsS2DxXu; path=/; Domain=.dubizzle.com; Secure; SameSite=None
visid_incap_2413658=uttkCZTPT7Gd9UQq3mbxlg3tk2MAAAAAQUIPAAAAAAAx9k4oOOz8ikzppGz1dZ4k; expires=Sat, 09 Dec 2023 22:29:28 GMT; HttpOnly; path=/; Domain=.dubizzle.com; Secure; SameSite=None
incap_ses_723_2413658=vk+MfcaU0w0N4zTug50ICg3tk2MAAAAAdvuvKkrBGzw836PVQOjK/g==; path=/; Domain=.dubizzle.com; Secure; SameSite=None
content-encoding: gzip
x-envoy-upstream-service-time: 33
server: Dubizzle
x-content-type-options: nosniff
referrer-policy: origin-when-cross-origin
strict-transport-security: max-age=31536000
content-security-policy: frame-ancestors http://*.dubizzle.com https://*.dubizzle.com
x-frame-options: SAMEORIGIN
x-cdn: Imperva
x-country-code: NO
cache-control: max-age=0
x-iinfo: 14-114911638-114900791 2NNN RT(1670638861180 147) q(0 0 0 0) r(2 2)
X-Firefox-Spdy: h2
www.ssrfanatic.com/forum/attachments/f35/104303d1301050986-car-tuned-111.jpg
104.16.173.102301 Moved Permanently 0 B URL HTTP/2 www.ssrfanatic.com/forum/attachments/f35/104303d1301050986-car-tuned-111.jpg
IP 104.16.173.102:0
GET /forum/attachments/f35/104303d1301050986-car-tuned-111.jpg HTTP/1.1
Host: www.ssrfanatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://agfagto-festival-news.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Sat, 10 Dec 2022 02:21:01 GMT
content-type: text/html; charset=utf-8
location: https://www.ssrfanatic.com/attachments/111-jpg.104303/
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
last-modified: Sat, 10 Dec 2022 02:21:01 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: private, no-cache, max-age=0
vary: Accept-Encoding
x-cluster-node: xenforo-0e196b46-6b8c4f75fb-5ldm6
x-ua-compatible: IE=Edge,chrome=1
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' https://data-labeling.platforum.cloud/
x-envoy-upstream-service-time: 110
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: BYPASS
set-cookie: isInTestGroup_sidebarMiddleAd9010=1; expires=Mon, 09-Dec-2024 02:21:01 GMT; Max-Age=63072000; path=/; HttpOnly
experiment_sidebarMiddleAd9010=sidebarMiddleAdExp; expires=Mon, 09-Dec-2024 02:21:01 GMT; Max-Age=63072000; path=/; HttpOnly
xf_csrf=eTF_eYR1DYCa5xIm; path=/; secure
__cf_bm=eQUY1.YOT.BinMm9W1w3bIJg8unKwG3gFbZ6rPD2itU-1670638861-0-AVYVsnFdOToOTs5cRAc+svce3p3/VDE0y6mybSuU860J7+AC6ey65+vrcSC7d1eqjIrublW/CCEj47+z5nMvrMZx0vHcFXAiwnGHgWsnE7cr; path=/; expires=Sat, 10-Dec-22 02:51:01 GMT; domain=.www.ssrfanatic.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 77728133fde90b51-OSL
X-Firefox-Spdy: h2