firefox.settings.services.mozilla.com/v1/
143.204.55.36200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 1b3053fa528e28810f8a2cc9284cc921
cca9eb471d941881a6b9a1793aecb6c281908f6a
a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Thu, 22 Sep 2022 16:14:01 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: uo5CMBh7aNBHhGEwibd0bq8ypzhwxikNgBUmTH5uQXfV36jbmrodCg==
Age: 3153
bisnismaskeer.blogspot.com/2022/09/jambers-jambers-10-jaar-later-fragment.html
142.250.74.161301 Moved Permanently 213 B URL HTTP/1.1 bisnismaskeer.blogspot.com/2022/09/jambers-jambers-10-jaar-later-fragment.html
IP 142.250.74.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 33e5f4a872ef3d00192ae3be99cf07df
f0772b05400a4a619aea9d4d28d0056febfbe0a0
8286601eb9f66cb3b623194ba6bb67f8644b798dd6aefe14ca03655d2858a2f8
GET /2022/09/jambers-jambers-10-jaar-later-fragment.html HTTP/1.1
Host: bisnismaskeer.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Location: https://bisnismaskeer.blogspot.com/2022/09/jambers-jambers-10-jaar-later-fragment.html
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Thu, 22 Sep 2022 17:06:34 GMT
Expires: Thu, 22 Sep 2022 17:06:34 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 213
Server: GSE
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a26d0784548ecab22f417f3d689daf23
8893b79366bbadeb5c8d587b8f023e310694df1c
35baaae7b3ce3110ebb2b075881cfab55ecf3eab57d834283fd18ac691b41fa2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35BAAAE7B3CE3110EBB2B075881CFAB55ECF3EAB57D834283FD18AC691B41FA2"
Last-Modified: Tue, 20 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15700
Expires: Thu, 22 Sep 2022 21:28:15 GMT
Date: Thu, 22 Sep 2022 17:06:35 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.49200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.49:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Thu, 22 Sep 2022 04:35:15 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: BWik-tTuI2j5tSkRnwZKlr0V86ZcwnLgcTAUdGMXkecYfXR2bmIqUg==
age: 45081
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 0e6f7ad30af48f5591742a9a6dd1d992
82fb60705b705a4f98998ac514836669e09fea79
687c9c8105a92f6f31713916b4b626a01a7374180d81d513c7b01dd64fc02c67
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 17:06:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 17:06:35 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.36200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Thu, 22 Sep 2022 17:03:22 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Thu, 22 Sep 2022 17:10:14 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: huadikX2sQYJnkdBmSM3uSotufMb7RoaAeNYYKfG7o60nKoh3ecV3w==
Age: 193
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 0e6f7ad30af48f5591742a9a6dd1d992
82fb60705b705a4f98998ac514836669e09fea79
687c9c8105a92f6f31713916b4b626a01a7374180d81d513c7b01dd64fc02c67
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 17:06:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 86624f45fb3b7126dbe002f69c94dd86
30bcf274db5037122f989fb25dbf1e72c9ec417b
2cc9600578cf057dc499835773fb495caa60ac154c4945f0fc1f2b31d43f5502
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1134
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 17:06:35 GMT
Last-Modified: Thu, 22 Sep 2022 16:47:41 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 017b35db8b7a44fb09d592e4f01e6221
52b62eda95cb2dc0fd4bb767f336dbeb0755071d
cf55ac8ca259aaa5113a2eb7bfdedc82cee487381dfe970f258503b55a996ffe
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 17:06:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
bisnismaskeer.blogspot.com/2022/09/jambers-jambers-10-jaar-later-fragment.html
142.250.74.161200 OK 70 kB URL HTTP/2 bisnismaskeer.blogspot.com/2022/09/jambers-jambers-10-jaar-later-fragment.html
IP 142.250.74.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (55235)
Hash 52d90b9353defee2cafd2e2c35a7caf5
571ec10a3eb97b6fca0aabe3977fe423acc30456
12edd4a6df43908f7dd74574182a62123af8fcf8cdf02b17887a190429ebec62
GET /2022/09/jambers-jambers-10-jaar-later-fragment.html HTTP/1.1
Host: bisnismaskeer.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
expires: Thu, 22 Sep 2022 17:06:35 GMT
date: Thu, 22 Sep 2022 17:06:35 GMT
cache-control: private, max-age=0
last-modified: Thu, 22 Sep 2022 12:46:20 GMT
etag: W/"2c54c00067931912111f6f58c993f74bb594daf879557e912e6d8ca8e47f701c"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 70331
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
i1.wp.com/i.ytimg.com/vi/VswXBNMtWDY/hqdefault.jpg
192.0.77.2302 Found 138 B URL HTTP/2 i1.wp.com/i.ytimg.com/vi/VswXBNMtWDY/hqdefault.jpg
IP 192.0.77.2:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash aff950cab4c0265e21d401db15f1026d
f03e18461817f7a6546c8bf8fa8d686d7e30aca0
753e0dd54f28c4f7009b9c0b18a68aed175416bd8b7d134858264586eaac56f0
GET /i.ytimg.com/vi/VswXBNMtWDY/hqdefault.jpg HTTP/1.1
Host: i1.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bisnismaskeer.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx
date: Thu, 22 Sep 2022 17:06:35 GMT
content-type: text/html
content-length: 138
location: https://i.ytimg.com/vi/VswXBNMtWDY/hqdefault.jpg
x-nc: MISS arn 5
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i1.wp.com/i.ytimg.com/vi/Qe-DZQPh6tE/mqdefault.jpg
192.0.77.2302 Found 138 B URL HTTP/2 i1.wp.com/i.ytimg.com/vi/Qe-DZQPh6tE/mqdefault.jpg
IP 192.0.77.2:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash aff950cab4c0265e21d401db15f1026d
f03e18461817f7a6546c8bf8fa8d686d7e30aca0
753e0dd54f28c4f7009b9c0b18a68aed175416bd8b7d134858264586eaac56f0
GET /i.ytimg.com/vi/Qe-DZQPh6tE/mqdefault.jpg HTTP/1.1
Host: i1.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bisnismaskeer.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Thu, 22 Sep 2022 17:06:35 GMT
content-type: text/html
content-length: 138
location: https://i.ytimg.com/vi/Qe-DZQPh6tE/mqdefault.jpg
x-nc: MISS arn 7
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4797d6fd00b4884a9a2bd74ed01e2d1d
8d5e48550c7eb8c2f81ab8c126d452257e4d98ed
4c6fb508b26b7fc8be67672a70d2d0b73ae0cee68c0969350751823c49bf4a9e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 17:06:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.blogger.com/static/v1/widgets/1416043673-widgets.js
216.58.207.201200 OK 57 kB URL HTTP/2 www.blogger.com/static/v1/widgets/1416043673-widgets.js
IP 216.58.207.201:0
File type ASCII text, with very long lines (2221)
Hash c6aef9cbd2abf926a23970b70f8a24c2
78972b4f41a7d2580c383da41e3a472c4cfc647a
111111066b8f3fddcd24cedce8c4e8b93a1d9e9b8e3f5f2959172da5adda14b6
GET /static/v1/widgets/1416043673-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bisnismaskeer.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 56913
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 02:21:33 GMT
expires: Thu, 21 Sep 2023 02:21:33 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 21 Sep 2022 00:51:51 GMT
content-type: text/javascript
age: 139502
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15736, version 1.0\012- data
Hash 479970ffb74f2117317f9d24d9e317fe
81c796737cbe44d4a719777f0aff14b73a3efb1e
48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3
GET /s/roboto/v20/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://bisnismaskeer.blogspot.com
Connection: keep-alive
Referer: https://bisnismaskeer.blogspot.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15736
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 15:48:02 GMT
expires: Thu, 21 Sep 2023 15:48:02 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 24 Jul 2019 01:18:36 GMT
content-type: font/woff2
age: 91113
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4797d6fd00b4884a9a2bd74ed01e2d1d
8d5e48550c7eb8c2f81ab8c126d452257e4d98ed
4c6fb508b26b7fc8be67672a70d2d0b73ae0cee68c0969350751823c49bf4a9e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 17:06:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 31dee602cf981b72cb225fe18ddc89b4
611ced99c4802df1b4a5cae459d50d84c7486e79
5d37667cd66d7e7a20738e5b35a5a91eba5b86451a84a12b1e71077efc3f439e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 17:06:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i0.wp.com/pbs.twimg.com/profile_images/1369714919709548549/I2unKCIN_400x400.jpg
192.0.77.2200 OK 30 kB URL HTTP/2 i0.wp.com/pbs.twimg.com/profile_images/1369714919709548549/I2unKCIN_400x400.jpg
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 399x399, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 151f4abe1f37de97c1fa9ed1ae1f212c
e3769bf3a184e1ebdeb83454bd51cf53bc652e3f
4d3857a52c94cd7a1a7ef8ed9ab4d79a31b1b3c9c59e1ab54c1a906c7cd70d0c
GET /pbs.twimg.com/profile_images/1369714919709548549/I2unKCIN_400x400.jpg HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bisnismaskeer.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 17:06:35 GMT
content-type: image/webp
content-length: 29774
last-modified: Thu, 22 Sep 2022 17:06:35 GMT
expires: Sun, 22 Sep 2024 05:06:35 GMT
cache-control: public, max-age=63115200
link: <http://pbs.twimg.com/profile_images/1369714919709548549/I2unKCIN_400x400.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "c2afde1aedb71f46"
vary: Accept
x-nc: MISS arn 6
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15816, version 1.0\012- data
Hash 2735a3a69b509faf3577afd25bdf552e
8621aff863b67040010ccc183da5b9079ce6fd1d
b4d07892cde715d50bb69c1982df496385d1dfd8f9d1867c31f19a3c8634cfae
GET /s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://bisnismaskeer.blogspot.com
Connection: keep-alive
Referer: https://bisnismaskeer.blogspot.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15816
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 20 Sep 2022 06:03:08 GMT
expires: Wed, 20 Sep 2023 06:03:08 GMT
cache-control: public, max-age=31536000
age: 212607
last-modified: Wed, 24 Jul 2019 01:19:00 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash a66068824c8bed97e895f8f292ef0623
704bb22deb8b53f64e199eea05e680cf93f1192a
2e7f65288c12ebae7ed8e7616377045016d8ea89017d7429b68d8ded3a90c633
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 17:06:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
apis.google.com/js/platform.js
142.250.74.174200 OK 20 kB URL HTTP/2 apis.google.com/js/platform.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1277)
Hash b5a31516be83fe4f962609045d824f88
939a49a9858bf23561279f9ca2d1941d3256c66f
edb661aa461800e97e3847608a8b2d81cfe345f69a6f84abaa001d8a60500328
GET /js/platform.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bisnismaskeer.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 20361
date: Thu, 22 Sep 2022 17:06:35 GMT
expires: Thu, 22 Sep 2022 17:06:35 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "40c22a9ccbd70870"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
i0.wp.com/images0.persgroep.net/rcs/yH71ugyzyiGCDPCSIg6NvQQSyOY/diocontent/215032807/_fitwidth/426?appId=038a353bad43ac27fd436dc5419c256b&quality=0.8
192.0.77.2403 Forbidden 537 B URL HTTP/2 i0.wp.com/images0.persgroep.net/rcs/yH71ugyzyiGCDPCSIg6NvQQSyOY/diocontent/215032807/_fitwidth/426?appId=038a353bad43ac27fd436dc5419c256b&quality=0.8
IP 192.0.77.2:0
Hash a101bc60de8f2b1fb7e9855d346d2281
229771b5e1ab04710fe06b05b7a0168095476e59
3191570b5de60d4c98c9ee64fcb0cad28245771e8505b116ba6b745476b218bb
GET /images0.persgroep.net/rcs/yH71ugyzyiGCDPCSIg6NvQQSyOY/diocontent/215032807/_fitwidth/426?appId=038a353bad43ac27fd436dc5419c256b&quality=0.8 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bisnismaskeer.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
server: nginx
date: Thu, 22 Sep 2022 17:06:35 GMT
content-type: text/html; charset=utf-8
x-nc: MISS arn 6
X-Firefox-Spdy: h2
i1.wp.com/assets.lastdodo.com/image/ld_large/plain/assets/catalog/assets/2020/10/11/8/2/1/pdf_821f8cbe-0ba7-11eb-85fd-2b741a28dbe4.jpg
192.0.77.2200 OK 43 kB URL HTTP/2 i1.wp.com/assets.lastdodo.com/image/ld_large/plain/assets/catalog/assets/2020/10/11/8/2/1/pdf_821f8cbe-0ba7-11eb-85fd-2b741a28dbe4.jpg
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 429x545, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 08cb9e5179d7ce0232954b68593db363
f7cc89752c1f5573c863f1ee5d880dfd6f42615f
ef79490e2cf95fb86efee5ecdb8cdd4c13e6a57210909d5452fa79770a0bfdb1
GET /assets.lastdodo.com/image/ld_large/plain/assets/catalog/assets/2020/10/11/8/2/1/pdf_821f8cbe-0ba7-11eb-85fd-2b741a28dbe4.jpg HTTP/1.1
Host: i1.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bisnismaskeer.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 17:06:36 GMT
content-type: image/webp
content-length: 42730
last-modified: Thu, 22 Sep 2022 17:06:36 GMT
expires: Sun, 22 Sep 2024 05:06:36 GMT
cache-control: public, max-age=63115200
link: <http://assets.lastdodo.com/image/ld_large/plain/assets/catalog/assets/2020/10/11/8/2/1/pdf_821f8cbe-0ba7-11eb-85fd-2b741a28dbe4.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "43cdbbfa2972508b"
vary: Accept
x-nc: MISS arn 8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash f85caa32cfc5c68ae9d37dac5075d086
d98cb95e042dfdf7fcfe0bef3d83624a970ee7ab
c1d5882e2ccbee35dfb5d42d78ef6fd843882cbbbe5653cd686ff768e697ac84
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 17:06:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 869888e1890c222872a5ff515e402f71
871286989c0d3639dba0a84b8e43b8f29414024a
0b4c15ba6ed6d9dc0b6a64ef4f9935061a66ff1dadf1827b202933b62b04f680
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 17:06:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
52.27.12.161101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.27.12.161:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: YN4yvt/jxnLJb7GIx7diaA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: +no82uR0YOTa3ZLuHwsHOhOmQlY=
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.z9QjrzsHcOc.O/m=gapi_iframes,gapi_iframes_style_bubble/exm=profile/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/cb=gapi.loaded_1?le=scs
142.250.74.174200 OK 5.6 kB URL HTTP/2 apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.z9QjrzsHcOc.O/m=gapi_iframes,gapi_iframes_style_bubble/exm=profile/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/cb=gapi.loaded_1?le=scs
IP 142.250.74.174:0
File type ASCII text, with very long lines (3295)
Hash add1c094467a85397dd1dcba79647c16
0c10daefd2c177b97572b707d64e262ece9de222
e7b42344ded3823cfd449cbeafe5f885022b6e883dad06c56ffb84a6f389c0fb
GET /_/scs/abc-static/_/js/k=gapi.lb.en.z9QjrzsHcOc.O/m=gapi_iframes,gapi_iframes_style_bubble/exm=profile/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/cb=gapi.loaded_1?le=scs HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bisnismaskeer.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 5608
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 22 Sep 2022 09:11:19 GMT
expires: Fri, 22 Sep 2023 09:11:19 GMT
cache-control: public, max-age=31536000
last-modified: Sat, 30 Jul 2022 15:17:53 GMT
content-type: text/javascript; charset=UTF-8
age: 28517
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 869888e1890c222872a5ff515e402f71
871286989c0d3639dba0a84b8e43b8f29414024a
0b4c15ba6ed6d9dc0b6a64ef4f9935061a66ff1dadf1827b202933b62b04f680
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 17:06:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.z9QjrzsHcOc.O/m=profile/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/cb=gapi.loaded_0?le=scs
142.250.74.174200 OK 64 kB URL HTTP/2 apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.z9QjrzsHcOc.O/m=profile/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/cb=gapi.loaded_0?le=scs
IP 142.250.74.174:0
File type ASCII text, with very long lines (580)
Hash 68ad53bc8ffceaff0e27d07690609326
2ee4ea5dcef485ec718acf208b54d4cd371ea2b7
9ce1a6286c578c295fca51a75dfa9246c18534699119d4bf23c349a22a8deff1
GET /_/scs/abc-static/_/js/k=gapi.lb.en.z9QjrzsHcOc.O/m=profile/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/cb=gapi.loaded_0?le=scs HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bisnismaskeer.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 64328
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 06:55:24 GMT
expires: Thu, 21 Sep 2023 06:55:24 GMT
cache-control: public, max-age=31536000
age: 123072
last-modified: Sat, 30 Jul 2022 15:17:53 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e6561e23e9d181a4b18c7174cb89a590
221a300522f62c4bde7dd23420609a12ae3bd5b6
a66e6d4e834dfd29d86921222d86c7f8ac5d11a4e0c83ab40ff150629f2b9cec
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 17:06:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i.ytimg.com/vi/Qe-DZQPh6tE/mqdefault.jpg
142.250.74.150200 OK 10 kB URL HTTP/2 i.ytimg.com/vi/Qe-DZQPh6tE/mqdefault.jpg
IP 142.250.74.150:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 320x180, components 3\012- data
Hash f7480d50335b01e4adfc8f9e21e1780d
f77f731b20f658cb2f10703798b222440d945be3
565b19f6217e76a7b3eeff5b34033bf0331b56c1da4566a4376db2ec080b2311
GET /vi/Qe-DZQPh6tE/mqdefault.jpg HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bisnismaskeer.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 10471
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 22 Sep 2022 17:06:36 GMT
expires: Thu, 22 Sep 2022 19:06:36 GMT
cache-control: public, max-age=7200
etag: "1621104598"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/js/google_top_exp.js
142.250.74.66200 OK 67 B URL HTTP/2 pagead2.googlesyndication.com/pagead/js/google_top_exp.js
IP 142.250.74.66:0
Hash 9bbc3ca32ec951a484589ce0e6b4db73
753d6f6183b33b2dee5dde2208fca91c17f5bb13
b8f16a16d2a7ea39a9cc079fdbe3af7d31393d62a853668bdd549e0a0311cb3c
GET /pagead/js/google_top_exp.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bisnismaskeer.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 67
x-xss-protection: 0
date: Wed, 21 Sep 2022 20:42:43 GMT
expires: Wed, 05 Oct 2022 20:42:43 GMT
cache-control: public, max-age=1209600
age: 73433
etag: 13036835877489095579
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
i.ytimg.com/vi/VswXBNMtWDY/hqdefault.jpg
142.250.74.150200 OK 18 kB URL HTTP/2 i.ytimg.com/vi/VswXBNMtWDY/hqdefault.jpg
IP 142.250.74.150:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x360, components 3\012- data
Hash c6cce487a9897730550730cc1d3b6ab4
8cbeaff54398568f3c7463524b088f7316797c32
5a36f4ad1bac0d6e4026bfdec8c549672c111fd98f0af94884c0deed34201305
GET /vi/VswXBNMtWDY/hqdefault.jpg HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bisnismaskeer.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/jpeg
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 17531
date: Thu, 22 Sep 2022 17:06:36 GMT
expires: Thu, 22 Sep 2022 19:06:36 GMT
cache-control: public, max-age=7200
etag: "0"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 77f9b5e468180a8976a641e40dceedbf
9873db160721dc9f41d3ff2d711db700d6f5d4d7
cae6929c00ed37fc097432c9ac1d6800244479d3877b17662c67bafeeff23aba
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 17:06:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pop.dojo.cc/4301.js
172.66.40.196200 OK 4.6 kB IP 172.66.40.196:0
File type HTML document, ASCII text, with very long lines (6050)
Hash 0c1c72c737e3ed974e2b6f2a95eda2a7
d621c02b435ab94e1f2a9b0fecec285294ac855a
a4a1d5e35cf9073f67091fce66af7951070dc07b0284edde995ba2a815839b66
GET /4301.js HTTP/1.1
Host: pop.dojo.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bisnismaskeer.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 22 Sep 2022 17:06:36 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cache-control: no-cache, private
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qbQgm64SQRgKs74Lvv%2FgSRJAjKuyjjPFeYz3jEs8mXsQPR%2FtcTvkOW%2B7SHI7FKJKIvuE1WAeiv5M8Ah8%2BdwmhC2ZhkBuuAgmU6XxNrdi5qVVOOPTw3dh6NAclXyfqg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74eca1ceba8ab511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
i0.wp.com/images0.persgroep.net/rcs/40BS4BP9-y6Nbqsn_2fIdurYDBo/diocontent/155476940/_fitwidth/694/?appId=21791a8992982cd8da851550a453bd7f&quality=0.8
192.0.77.2403 Forbidden 2.7 kB URL HTTP/2 i0.wp.com/images0.persgroep.net/rcs/40BS4BP9-y6Nbqsn_2fIdurYDBo/diocontent/155476940/_fitwidth/694/?appId=21791a8992982cd8da851550a453bd7f&quality=0.8
IP 192.0.77.2:0
Hash 95a2a51f0f126072ca051750b072e501
31766cdb2edc2321296317625a80aa915475d258
8e4598ae7d703117eb827661b1fe350295506ca72fed2e208b60ecba22ffe64a
GET /images0.persgroep.net/rcs/40BS4BP9-y6Nbqsn_2fIdurYDBo/diocontent/155476940/_fitwidth/694/?appId=21791a8992982cd8da851550a453bd7f&quality=0.8 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bisnismaskeer.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
server: nginx
date: Thu, 22 Sep 2022 17:06:35 GMT
content-type: text/html; charset=utf-8
x-nc: MISS arn 6
X-Firefox-Spdy: h2
i1.wp.com/encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcShAHeEpkG6Knvd2LXbQqWnbIjaoeLJK_6zjQ&usqp=CAU
192.0.77.2404 Not Found 43 kB URL HTTP/2 i1.wp.com/encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcShAHeEpkG6Knvd2LXbQqWnbIjaoeLJK_6zjQ&usqp=CAU
IP 192.0.77.2:0
Hash 7d83e4d648475176348fe0003d609644
1c8f2de0f413e26bbbaba40c4a909327abe7b1eb
dd5e3ebd3272d343efe91bde84bff4836605ccddaaddd9e9e6d285bdc2e8f637
GET /encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcShAHeEpkG6Knvd2LXbQqWnbIjaoeLJK_6zjQ&usqp=CAU HTTP/1.1
Host: i1.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bisnismaskeer.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Thu, 22 Sep 2022 17:06:36 GMT
content-type: text/html; charset=utf-8
x-nc: MISS arn 8
X-Firefox-Spdy: h2
www.blogger.com/dyn-css/authorization.css?targetBlogID=8531791191947329915&zx=db560a73-ecc1-423b-867f-70563c1cc2dd
216.58.207.201200 OK 21 B URL HTTP/2 www.blogger.com/dyn-css/authorization.css?targetBlogID=8531791191947329915&zx=db560a73-ecc1-423b-867f-70563c1cc2dd
IP 216.58.207.201:0
File type very short file (no magic)
Hash a62e4d501434033d5d177e67d3aafdd0
34f7300c9ed47334cf10826d57af785321e3138b
b0cabcbfed4b1830ab1956efbd2eec32289a968323cb854a47ef98360ed0f522
GET /dyn-css/authorization.css?targetBlogID=8531791191947329915&zx=db560a73-ecc1-423b-867f-70563c1cc2dd HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bisnismaskeer.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 22 Sep 2022 17:06:36 GMT
last-modified: Thu, 22 Sep 2022 17:06:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-length: 21
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e7c433426f3ad0efc2564c79804dff88
6205dbc072fd5cb494a37ff891859fed42f9de3e
33d487f303e86ab3bb3c20dc6ca7fd41b0941a784c2730bca519660e1d611433
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "33D487F303E86AB3BB3C20DC6CA7FD41B0941A784C2730BCA519660E1D611433"
Last-Modified: Wed, 21 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12877
Expires: Thu, 22 Sep 2022 20:41:13 GMT
Date: Thu, 22 Sep 2022 17:06:36 GMT
Connection: keep-alive
i0.wp.com/encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcRx6Zp1VeH2lDP-VoVdX97Vkpd23chNQSm4ajmLgSHxZ7DLq8GFZ5JLdHc8dHVJBjjx5T4&usqp=CAU
192.0.77.2404 Not Found 9.9 kB URL HTTP/2 i0.wp.com/encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcRx6Zp1VeH2lDP-VoVdX97Vkpd23chNQSm4ajmLgSHxZ7DLq8GFZ5JLdHc8dHVJBjjx5T4&usqp=CAU
IP 192.0.77.2:0
Hash 39faae5b5107fcbba7c3d7bcbc8e7757
b56cfef47f39f68629ca5ea3e42c3928f14c685c
5c2337a24908d1a0dcf354e9d2463e0b66911d306bc25e44f8e8afe0b0dcfb56
GET /encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcRx6Zp1VeH2lDP-VoVdX97Vkpd23chNQSm4ajmLgSHxZ7DLq8GFZ5JLdHc8dHVJBjjx5T4&usqp=CAU HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bisnismaskeer.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Thu, 22 Sep 2022 17:06:36 GMT
content-type: text/html; charset=utf-8
x-nc: MISS arn 8
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.39200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.39:0
Hash 389994a7455c8c61e967ada2ec63a895
cc36df56270f6896aeafa490b1078679c818ee0b
39f2483a1b6bc748449a6c432e657e51e0a1af2704bc35490955f0c9d110eb8a
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 22 Sep 2022 17:06:37 GMT
Last-Modified: Thu, 22 Sep 2022 15:41:54 GMT
Server: ECS (nyb/1D16)
X-Cache: Miss from cloudfront
Via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: yOZVYTj2IBRhsg_xTo5y128fX6-8Hqk_T60j_bLtk64jOcLDF8bgdA==
Age: 5083
simplewebanalysis.com/stats
3.64.106.196200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 3.64.106.196:0
File type ASCII text, with no line terminators
Hash f1ffd7ef1344f456b92735d0beec02b8
fb4e55502a8c8019f85a11405a67581912225fd3
e8bbb481b033218956a64b5d36b521eaa72d0ce42acfcd311a23393381b35d70
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bisnismaskeer.blogspot.com
Connection: keep-alive
Referer: https://bisnismaskeer.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 22 Sep 2022 17:06:37 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://bisnismaskeer.blogspot.com
access-control-allow-credentials: true
set-cookie: uid_id2=43c6ab0b-e939-4eca-85de-6ea79efa63ea:3:1; expires=Sun, 19 Sep 2032 17:06:37 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18425
Expires: Thu, 22 Sep 2022 22:13:42 GMT
Date: Thu, 22 Sep 2022 17:06:37 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18425
Expires: Thu, 22 Sep 2022 22:13:42 GMT
Date: Thu, 22 Sep 2022 17:06:37 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18425
Expires: Thu, 22 Sep 2022 22:13:42 GMT
Date: Thu, 22 Sep 2022 17:06:37 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18425
Expires: Thu, 22 Sep 2022 22:13:42 GMT
Date: Thu, 22 Sep 2022 17:06:37 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf89a4b3-f586-4870-ab26-efb054f637fd.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf89a4b3-f586-4870-ab26-efb054f637fd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 91c56f0b9810bfdd84e10a626b89e389
15d83e44d568938b6c9c87201e898cedb3edec0a
942de9764e1c408f7512759774aab0479db201e6fae15ccc39e653adae4cb86f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf89a4b3-f586-4870-ab26-efb054f637fd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8678
x-amzn-requestid: c671a9ab-c5d0-4743-b13e-cc9a47e3d2fe
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y1F0vEThIAMFSwQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632b8351-17ed13811d3833ea00a34423;Sampled=0
x-amzn-remapped-date: Wed, 21 Sep 2022 21:34:09 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: hp-WIGb9M8tEmNGOVjx6UQKx9E4-1oJmka0a6seG7inahqYByPmRAg==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 21:34:22 GMT
age: 70335
etag: "15d83e44d568938b6c9c87201e898cedb3edec0a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd0f33332-2080-459e-ab54-a452b2278994.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd0f33332-2080-459e-ab54-a452b2278994.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 888247c1153f8770b880395734749107
7c27c02029eb49e726a076679be2c793da696e45
515852e0d38cdaf86bce45fa5e0df453d08ca36cf6ecfa0c4b868c2143afe333
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd0f33332-2080-459e-ab54-a452b2278994.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8748
x-amzn-requestid: 83c28267-4d10-476d-8b11-08b48b046985
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YzG6CGtroAMFyqA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632ab840-1167c5285b6837d311bfe2a9;Sampled=0
x-amzn-remapped-date: Wed, 21 Sep 2022 07:07:44 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: xo0ilY8z0C3rDISFOM5EixEK7HAelSut4hgNNwGYAVQIfPP8C6pUCg==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 04:17:18 GMT
age: 46159
etag: "7c27c02029eb49e726a076679be2c793da696e45"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dee9427-1c1b-4ddc-9f89-8c6e254bd0f1.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dee9427-1c1b-4ddc-9f89-8c6e254bd0f1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 62818de3c50f957b2e5680851a1768c9
80e48c9ae48c89598780736b089c98e22d58df9a
16f2c2d23e8641a3f297a175730343d11120a228c0fe846c0fdf1e39212c522c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dee9427-1c1b-4ddc-9f89-8c6e254bd0f1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8549
x-amzn-requestid: 6d44626b-16c6-4f19-ae52-d5350065b390
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y1GwPHJJoAMFdfA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632b84ce-46ebc35612eb7a4473b36189;Sampled=0
x-amzn-remapped-date: Wed, 21 Sep 2022 21:40:30 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: e5m6NaDUH_3GPDkxbk6iKhffSJzyYMA97Illy7mtg9um3jcYBR6TXQ==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 22:11:23 GMT
etag: "80e48c9ae48c89598780736b089c98e22d58df9a"
content-type: image/jpeg
age: 68114
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0788498f-41db-4d62-b749-e01caddb7f8d.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0788498f-41db-4d62-b749-e01caddb7f8d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash af5773255351157d72c28a670a355c60
c803e5866edbe6c9baec14e93677f610bdf09bff
3229b4aa1c698647ad96d114174782549ad240f1b2c4ba8c268165a16afc84f0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0788498f-41db-4d62-b749-e01caddb7f8d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10754
x-amzn-requestid: 2d03531d-6055-477f-9cb6-9ea9fa27eeb9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y1F0vHJ4IAMF42Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632b8351-692620e80d5b2efe1d0e3a82;Sampled=0
x-amzn-remapped-date: Wed, 21 Sep 2022 21:34:09 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: -3bQG5Av1EDxj7_3i8MktwjlPSEU8WDdxt5M6TsrWaodLWgSf3vdEA==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 21:34:22 GMT
age: 70335
etag: "c803e5866edbe6c9baec14e93677f610bdf09bff"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc2f739db-1c27-4929-8aff-997c0f66b2ed.jpeg
34.120.237.76200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc2f739db-1c27-4929-8aff-997c0f66b2ed.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a5edcd9aee78a6cacc9241b47cbce598
f95b843029e84dbb188427a8c2ff8c9f32740465
6a56c3d0eb1d641e565d3d7d31b42be03bdad30beb20b994ffc9a6f2aaceee1e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc2f739db-1c27-4929-8aff-997c0f66b2ed.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5650
x-amzn-requestid: 41ceb886-c038-4ba0-9e3a-a27879cf48ce
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y1GwjFVjoAMFWNQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632b84d0-3f4f6a367c893c7a0669dffe;Sampled=0
x-amzn-remapped-date: Wed, 21 Sep 2022 21:40:32 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: d8Kelwi2OY0jt17q80szh8-ErN3ZQM1hhl3HZeNQvlKijygQIJtNww==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 22:16:00 GMT
etag: "f95b843029e84dbb188427a8c2ff8c9f32740465"
content-type: image/jpeg
age: 67837
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F32d94aa1-e164-4f98-8fe2-beb3868db074.jpeg
34.120.237.76200 OK 5.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F32d94aa1-e164-4f98-8fe2-beb3868db074.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5f4438521bfdc6871ae384abcb7da547
a17fc7a7c30999b8789011c2064f5a8704b00eee
2e40ac154724af625c4858b09b90fa3f6a600b70c9e5e959598f0cdb05a78847
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F32d94aa1-e164-4f98-8fe2-beb3868db074.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5402
x-amzn-requestid: 56e3a080-a8df-4385-ab3e-20e1f822083f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YYvaLH1-IAMFbgA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63202c40-28f492196d5699066cb53d39;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 07:07:45 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: QJVjyx5R1h8EqiP1Utg85VU9JTO9ubMbY3DaHaM6KC66d72039Mo_w==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 13:11:04 GMT
age: 14133
etag: "a17fc7a7c30999b8789011c2064f5a8704b00eee"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
i0.wp.com/www.saddlers.co.uk/contentassets/5e3903e7ff42401586c7d60ac16dc238/bolton-macron-stadium-1600x900250-3511414_1600x900
192.0.77.2200 OK 261 kB URL HTTP/2 i0.wp.com/www.saddlers.co.uk/contentassets/5e3903e7ff42401586c7d60ac16dc238/bolton-macron-stadium-1600x900250-3511414_1600x900
IP 192.0.77.2:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 1600x900, components 3\012- data
Size 261 kB (260980 bytes)
Hash edf483ae02502f0893ac042b26538f30
f4a5f22ddd11c05ea20a36319e754b1ab4397451
0a177661cb9916cbb590813e16f21fd4c19ddfba5198878ff25f8907775f7d90
GET /www.saddlers.co.uk/contentassets/5e3903e7ff42401586c7d60ac16dc238/bolton-macron-stadium-1600x900250-3511414_1600x900 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bisnismaskeer.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 17:06:37 GMT
content-type: image/jpeg
content-length: 260980
last-modified: Thu, 22 Sep 2022 17:06:37 GMT
expires: Sun, 22 Sep 2024 05:06:37 GMT
cache-control: public, max-age=63115200
link: <http://www.saddlers.co.uk/contentassets/5e3903e7ff42401586c7d60ac16dc238/bolton-macron-stadium-1600x900250-3511414_1600x900>; rel="canonical"
x-content-type-options: nosniff
etag: "cd53b3759c2454de"
x-bytes-saved: 11012
vary: Accept
x-nc: MISS arn 3
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/img.thedailybeast.com/image/upload/c_crop,d_placeholder_euli9k,h_1439,w_2560,x_0,y_0/dpr_1.5/c_limit,w_1044/fl_lossy,q_auto/v1492194975/articles/2014/10/05/george-washington-the-first-vaxxer/141004-Shachtman-washington-tease2_lne76v
192.0.77.2200 OK 122 kB URL HTTP/2 i0.wp.com/img.thedailybeast.com/image/upload/c_crop,d_placeholder_euli9k,h_1439,w_2560,x_0,y_0/dpr_1.5/c_limit,w_1044/fl_lossy,q_auto/v1492194975/articles/2014/10/05/george-washington-the-first-vaxxer/141004-Shachtman-washington-tease2_lne76v
IP 192.0.77.2:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1566x880, components 3\012- data
Size 122 kB (121552 bytes)
Hash 4ad4dc886bbd5522ad8da8587df790f1
2ef0e22bfb323c0abe3bb0fee4482b0cac609b66
e189f9e9f5f01f03979a5bee92c9a4d6398527b3a13c810a8be9d6526bb3310b
GET /img.thedailybeast.com/image/upload/c_crop,d_placeholder_euli9k,h_1439,w_2560,x_0,y_0/dpr_1.5/c_limit,w_1044/fl_lossy,q_auto/v1492194975/articles/2014/10/05/george-washington-the-first-vaxxer/141004-Shachtman-washington-tease2_lne76v HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bisnismaskeer.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 17:06:37 GMT
content-type: image/jpeg
content-length: 121552
last-modified: Thu, 22 Sep 2022 17:06:37 GMT
expires: Sun, 22 Sep 2024 05:06:37 GMT
cache-control: public, max-age=63115200
link: <http://img.thedailybeast.com/image/upload/c_crop,d_placeholder_euli9k,h_1439,w_2560,x_0,y_0/dpr_1.5/c_limit,w_1044/fl_lossy,q_auto/v1492194975/articles/2014/10/05/george-washington-the-first-vaxxer/141004-Shachtman-washington-tease2_lne76v>; rel="canonical"
x-content-type-options: nosniff
etag: "7e7d13603cce2dcb"
x-bytes-saved: 808
vary: Accept
x-nc: MISS arn 5
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash accf2161d5845360d814fc8d07bf549a
e0974b36d1c43a30fcf4d07c046993e0768c1962
29c3d1fbabcba821be3f0b681d83be8ea33c7d05abd364099de679df38755943
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "29C3D1FBABCBA821BE3F0B681D83BE8EA33C7D05ABD364099DE679DF38755943"
Last-Modified: Thu, 22 Sep 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9074
Expires: Thu, 22 Sep 2022 19:37:51 GMT
Date: Thu, 22 Sep 2022 17:06:37 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash accf2161d5845360d814fc8d07bf549a
e0974b36d1c43a30fcf4d07c046993e0768c1962
29c3d1fbabcba821be3f0b681d83be8ea33c7d05abd364099de679df38755943
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "29C3D1FBABCBA821BE3F0B681D83BE8EA33C7D05ABD364099DE679DF38755943"
Last-Modified: Thu, 22 Sep 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9074
Expires: Thu, 22 Sep 2022 19:37:51 GMT
Date: Thu, 22 Sep 2022 17:06:37 GMT
Connection: keep-alive
i1.wp.com/www.tiktok.com/api/img/?itemId=6924050426241355009&location=0&aid=1988
192.0.77.2400 Bad Request 155 kB URL HTTP/2 i1.wp.com/www.tiktok.com/api/img/?itemId=6924050426241355009&location=0&aid=1988
IP 192.0.77.2:0
Size 155 kB (154895 bytes)
Hash acdf269ca880bc236962784fa8cb203b
4f33f1765c53193d7c9c3d94bd7f6794dcb2085a
bb97d30f1fbe050f84cd0b288a06a4f3306e3db488924c30ca61617b8334ff07
GET /www.tiktok.com/api/img/?itemId=6924050426241355009&location=0&aid=1988 HTTP/1.1
Host: i1.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bisnismaskeer.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 400 Bad Request
server: nginx
date: Thu, 22 Sep 2022 17:06:36 GMT
content-type: text/html; charset=utf-8
x-nc: EXPIRED arn 4
X-Firefox-Spdy: h2
i1.wp.com/belgium.postsen.com/content/uploads/2022/09/06/a1fd25f80d.jpg
192.0.77.2200 OK 39 kB URL HTTP/2 i1.wp.com/belgium.postsen.com/content/uploads/2022/09/06/a1fd25f80d.jpg
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 763x509, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 05d5db2f67c91534a8f2f64449946e50
cea373887e9e988a83ec6d8dff99a6da419dabc1
ae1f24bac71830851aa4fbfb72c50eae2b6ef7ca354468de33aab93d3a474709
GET /belgium.postsen.com/content/uploads/2022/09/06/a1fd25f80d.jpg HTTP/1.1
Host: i1.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bisnismaskeer.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 17:06:37 GMT
content-type: image/webp
content-length: 39274
last-modified: Thu, 22 Sep 2022 17:06:37 GMT
expires: Sun, 22 Sep 2024 05:06:37 GMT
cache-control: public, max-age=63115200
link: <http://belgium.postsen.com/content/uploads/2022/09/06/a1fd25f80d.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "cee61c0703991e35"
vary: Accept
x-nc: MISS arn 8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
incomprehensibleacrid.com/watch.506024065918.js?key=bc8d59f796233b632b8846bc72a15192&kw=%5B%22jambers%22%2C%22-%22%2C%22jambers%22%2C%2210%22%2C%22jaar%22%2C%22later%22%2C%22fragment%22%2C%222002%22%2C%22youtube%22%2C%22-%22%2C%22bisnis%22%2C%22masker%22%5D&refer=https%3A%2F%2Fbisnismaskeer.blogspot.com%2F2022%2F09%2Fjambers-jambers-10-jaar-later-fragment.html&tz=0&dev=r&res=12.31&uuid=43c6ab0b-e939-4eca-85de-6ea79efa63ea%3A3%3A1
173.233.137.44307 Temporary Redirect 0 B URL HTTP/1.1 incomprehensibleacrid.com/watch.506024065918.js?key=bc8d59f796233b632b8846bc72a15192&kw=%5B%22jambers%22%2C%22-%22%2C%22jambers%22%2C%2210%22%2C%22jaar%22%2C%22later%22%2C%22fragment%22%2C%222002%22%2C%22youtube%22%2C%22-%22%2C%22bisnis%22%2C%22masker%22%5D&refer=https%3A%2F%2Fbisnismaskeer.blogspot.com%2F2022%2F09%2Fjambers-jambers-10-jaar-later-fragment.html&tz=0&dev=r&res=12.31&uuid=43c6ab0b-e939-4eca-85de-6ea79efa63ea%3A3%3A1
IP 173.233.137.44:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.506024065918.js?key=bc8d59f796233b632b8846bc72a15192&kw=%5B%22jambers%22%2C%22-%22%2C%22jambers%22%2C%2210%22%2C%22jaar%22%2C%22later%22%2C%22fragment%22%2C%222002%22%2C%22youtube%22%2C%22-%22%2C%22bisnis%22%2C%22masker%22%5D&refer=https%3A%2F%2Fbisnismaskeer.blogspot.com%2F2022%2F09%2Fjambers-jambers-10-jaar-later-fragment.html&tz=0&dev=r&res=12.31&uuid=43c6ab0b-e939-4eca-85de-6ea79efa63ea%3A3%3A1 HTTP/1.1
Host: incomprehensibleacrid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bisnismaskeer.blogspot.com
Connection: keep-alive
Referer: https://bisnismaskeer.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Thu, 22 Sep 2022 17:06:37 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://bisnismaskeer.blogspot.com
Access-Control-Allow-Origin: https://bisnismaskeer.blogspot.com
Access-Control-Allow-Credentials: true
Location: https://incomprehensibleacrid.com/watch.506024065918.js?key=bc8d59f796233b632b8846bc72a15192&kw=%5B%22jambers%22%2C%22-%22%2C%22jambers%22%2C%2210%22%2C%22jaar%22%2C%22later%22%2C%22fragment%22%2C%222002%22%2C%22youtube%22%2C%22-%22%2C%22bisnis%22%2C%22masker%22%5D&refer=https%3A%2F%2Fbisnismaskeer.blogspot.com%2F2022%2F09%2Fjambers-jambers-10-jaar-later-fragment.html&tz=0&dev=r&res=12.31&uuid=43c6ab0b-e939-4eca-85de-6ea79efa63ea%3A3%3A1&shu=daeace059cc4fb8a23063acb51e1421a72f20edc27843e53e6501af05676254fa30cc7c5d5009f96737775331349ebe2c5cbb208c4f29d45ec375e3b10ed892540a2d7d78f92cefae4ee3bc94199af75672f42c3236ab40060bac92c7ea8&pst=1663866457&rmtc=t
Set-Cookie: u_pl=15928454; expires=Fri, 23 Sep 2022 17:06:37 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNTkyODQ1NCwiayI6ImJjOGQ1OWY3OTYyMzNiNjMyYjg4NDZiYzcyYTE1MTkyIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxMzY2MzI0LCJwaWQiOjEzODg5NiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyMCwiYWlkIjo1LCJwdCI6NCwicGsiOiJrZWQwanFuaXN6IiwiY3BrcyI6eyAiMjgiOiI0NDEwOGQxODA1NTc2OTQ3NjAxNWY0MjQyY2Y3ZDIyZCIsIjI5IjoiZGFjZTg4N2QwMzlmMDg4YWUwZDk5NTJhOGI4Y2IwNjAifSwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjc5OTU0MTk2LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjExNjY3MCwiYm4iOiJGaXJlZm94IiwiYnYiOiI5Ni4wIiwid3YiOmZhbHNlLCJlIjpmYWxzZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL2Jpc25pc21hc2tlZXIuYmxvZ3Nwb3QuY29tLzIwMjIvMDkvamFtYmVycy1qYW1iZXJzLTEwLWphYXItbGF0ZXItZnJhZ21lbnQuaHRtbCJ9fQ.s32xHP11oRemNU9ky92g365XTBeZ5giMc6fqgINg3_0; expires=Thu, 22 Sep 2022 17:07:37 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 28088f31881804ae129a42cf021d07a2
Strict-Transport-Security: max-age=0; includeSubdomains
i0.wp.com/encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcRC6uEUmr6RCGe2iGj3VoF9LtL4aAOmx1Uarg&usqp=CAU
192.0.77.2404 Not Found 14 kB URL HTTP/2 i0.wp.com/encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcRC6uEUmr6RCGe2iGj3VoF9LtL4aAOmx1Uarg&usqp=CAU
IP 192.0.77.2:0
Hash dc75f2c73292714156f2ef17a3276a17
3c2d333da637b524965350e8142aecffb37154f8
04625cb105dbadeae1586acee82d9a3f7725df87c80671a509a2a35252c51d0c
GET /encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcRC6uEUmr6RCGe2iGj3VoF9LtL4aAOmx1Uarg&usqp=CAU HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bisnismaskeer.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Thu, 22 Sep 2022 17:06:36 GMT
content-type: text/html; charset=utf-8
x-nc: MISS arn 8
X-Firefox-Spdy: h2
incomprehensibleacrid.com/watch.506024065918.js?key=bc8d59f796233b632b8846bc72a15192&kw=%5B%22jambers%22%2C%22-%22%2C%22jambers%22%2C%2210%22%2C%22jaar%22%2C%22later%22%2C%22fragment%22%2C%222002%22%2C%22youtube%22%2C%22-%22%2C%22bisnis%22%2C%22masker%22%5D&refer=https%3A%2F%2Fbisnismaskeer.blogspot.com%2F2022%2F09%2Fjambers-jambers-10-jaar-later-fragment.html&tz=0&dev=r&res=12.31&uuid=43c6ab0b-e939-4eca-85de-6ea79efa63ea%3A3%3A1&shu=daeace059cc4fb8a23063acb51e1421a72f20edc27843e53e6501af05676254fa30cc7c5d5009f96737775331349ebe2c5cbb208c4f29d45ec375e3b10ed892540a2d7d78f92cefae4ee3bc94199af75672f42c3236ab40060bac92c7ea8&pst=1663866457&rmtc=t
173.233.137.44200 OK 2.1 kB URL HTTP/1.1 incomprehensibleacrid.com/watch.506024065918.js?key=bc8d59f796233b632b8846bc72a15192&kw=%5B%22jambers%22%2C%22-%22%2C%22jambers%22%2C%2210%22%2C%22jaar%22%2C%22later%22%2C%22fragment%22%2C%222002%22%2C%22youtube%22%2C%22-%22%2C%22bisnis%22%2C%22masker%22%5D&refer=https%3A%2F%2Fbisnismaskeer.blogspot.com%2F2022%2F09%2Fjambers-jambers-10-jaar-later-fragment.html&tz=0&dev=r&res=12.31&uuid=43c6ab0b-e939-4eca-85de-6ea79efa63ea%3A3%3A1&shu=daeace059cc4fb8a23063acb51e1421a72f20edc27843e53e6501af05676254fa30cc7c5d5009f96737775331349ebe2c5cbb208c4f29d45ec375e3b10ed892540a2d7d78f92cefae4ee3bc94199af75672f42c3236ab40060bac92c7ea8&pst=1663866457&rmtc=t
IP 173.233.137.44:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (2641)
Hash 70feea7ef283e9a8934e4b95d06a4057
f5480e400bd3fe60ee25ab42d5d17e412313f014
29d77d1876197219b976c15bbb6e33f70cf57d830db6a4bc7aaa2bd725e6fd76
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.506024065918.js?key=bc8d59f796233b632b8846bc72a15192&kw=%5B%22jambers%22%2C%22-%22%2C%22jambers%22%2C%2210%22%2C%22jaar%22%2C%22later%22%2C%22fragment%22%2C%222002%22%2C%22youtube%22%2C%22-%22%2C%22bisnis%22%2C%22masker%22%5D&refer=https%3A%2F%2Fbisnismaskeer.blogspot.com%2F2022%2F09%2Fjambers-jambers-10-jaar-later-fragment.html&tz=0&dev=r&res=12.31&uuid=43c6ab0b-e939-4eca-85de-6ea79efa63ea%3A3%3A1&shu=daeace059cc4fb8a23063acb51e1421a72f20edc27843e53e6501af05676254fa30cc7c5d5009f96737775331349ebe2c5cbb208c4f29d45ec375e3b10ed892540a2d7d78f92cefae4ee3bc94199af75672f42c3236ab40060bac92c7ea8&pst=1663866457&rmtc=t HTTP/1.1
Host: incomprehensibleacrid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bisnismaskeer.blogspot.com
Referer: https://bisnismaskeer.blogspot.com/
Connection: keep-alive
Cookie: u_pl=15928454; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNTkyODQ1NCwiayI6ImJjOGQ1OWY3OTYyMzNiNjMyYjg4NDZiYzcyYTE1MTkyIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxMzY2MzI0LCJwaWQiOjEzODg5NiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyMCwiYWlkIjo1LCJwdCI6NCwicGsiOiJrZWQwanFuaXN6IiwiY3BrcyI6eyAiMjgiOiI0NDEwOGQxODA1NTc2OTQ3NjAxNWY0MjQyY2Y3ZDIyZCIsIjI5IjoiZGFjZTg4N2QwMzlmMDg4YWUwZDk5NTJhOGI4Y2IwNjAifSwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjc5OTU0MTk2LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjExNjY3MCwiYm4iOiJGaXJlZm94IiwiYnYiOiI5Ni4wIiwid3YiOmZhbHNlLCJlIjpmYWxzZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL2Jpc25pc21hc2tlZXIuYmxvZ3Nwb3QuY29tLzIwMjIvMDkvamFtYmVycy1qYW1iZXJzLTEwLWphYXItbGF0ZXItZnJhZ21lbnQuaHRtbCJ9fQ.s32xHP11oRemNU9ky92g365XTBeZ5giMc6fqgINg3_0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 22 Sep 2022 17:06:37 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://bisnismaskeer.blogspot.com
Access-Control-Allow-Origin: https://bisnismaskeer.blogspot.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=43c6ab0b-e939-4eca-85de-6ea79efa63ea:3:1; expires=Thu, 29 Sep 2022 17:06:37 GMT; secure; SameSite=None
iprc4b6e61e5ad3d7e361e23be79da9db492=3569806; expires=Thu, 22 Sep 2022 21:06:37 GMT; secure; SameSite=None
pdhtkv=true; expires=Fri, 23 Sep 2022 17:06:37 GMT; secure; SameSite=None
uncs=1; expires=Fri, 23 Sep 2022 17:06:37 GMT; secure; SameSite=None
pdhtkv5=true; expires=Fri, 23 Sep 2022 17:06:37 GMT; secure; SameSite=None
uncs5=1; expires=Fri, 23 Sep 2022 17:06:37 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: c61081afe38b430851ac9e505944898b
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 5be5f96cdc159a82d25fd190b830cb49
9d801b69b3806fc114246cef063df0d1bfed05a2
7ed655f34f2ae711e0f7e980edf5cc0d51873782cd9dd84b8097b3f5dc04992f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3525
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 17:06:37 GMT
Last-Modified: Thu, 22 Sep 2022 16:07:52 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 279
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 278111c3c7bd20522fd84097d44186e3
d0748bb5754c07e168a734b7a198ea2cbbd8197b
4d8a7cd202a14451e01acbf38d7e91ff3d55a560604c94c5fe3183365af874eb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4D8A7CD202A14451E01ACBF38D7E91FF3D55A560604C94C5FE3183365AF874EB"
Last-Modified: Wed, 21 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2311
Expires: Thu, 22 Sep 2022 17:45:08 GMT
Date: Thu, 22 Sep 2022 17:06:37 GMT
Connection: keep-alive
cdn.cloudimagesb.com/cti/7d/00/a0/7d00a008556ebc4e68d1de531274e928/1658920033.png
45.133.44.9200 OK 144 kB URL HTTP/2 cdn.cloudimagesb.com/cti/7d/00/a0/7d00a008556ebc4e68d1de531274e928/1658920033.png
IP 45.133.44.9:0
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 300 x 250, 8-bit/color RGBA, non-interlaced\012- data
Size 144 kB (144379 bytes)
Hash 33c304429dc1a4408a96e6a74ffa2feb
c45fa8e65528d1bb2b46bf8a28af9eeaa1903d04
dbed482e5948ead5587d30a22306a5b611305f704de940bd22c76daf90e0a314
GET /cti/7d/00/a0/7d00a008556ebc4e68d1de531274e928/1658920033.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 22 Sep 2022 17:06:37 GMT
content-type: image/png
content-length: 144379
server: nginx/1.17.6
last-modified: Wed, 27 Jul 2022 11:07:21 GMT
etag: "62e11c69-233fb"
expires: Sat, 24 Sep 2022 17:06:37 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
i1.wp.com/pbs.twimg.com/media/C3863xnUYAAUxm4.jpg
192.0.77.2200 OK 295 kB URL HTTP/2 i1.wp.com/pbs.twimg.com/media/C3863xnUYAAUxm4.jpg
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1200x900, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size 295 kB (295418 bytes)
Hash 1a935123f1e4d4d462122f85f52730cd
418cfbc8077e7654f1db17953ad8f10aeec7f9df
a6ec2ed3785190bb756a9798b7d17be15857a4941226778a2457545602ec52c9
GET /pbs.twimg.com/media/C3863xnUYAAUxm4.jpg HTTP/1.1
Host: i1.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bisnismaskeer.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 17:06:37 GMT
content-type: image/webp
content-length: 295418
last-modified: Thu, 22 Sep 2022 17:06:37 GMT
expires: Sun, 22 Sep 2024 05:06:37 GMT
cache-control: public, max-age=63115200
link: <http://pbs.twimg.com/media/C3863xnUYAAUxm4.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "acb2a64b74593371"
vary: Accept
x-nc: MISS arn 2
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
creepingbrings.com/sfp.js
172.64.105.16200 OK 23 kB URL HTTP/2 creepingbrings.com/sfp.js
IP 172.64.105.16:0
File type Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Hash 8528e6e216d265dd667e25d003ad6729
11bccebd454ce962333cbbbad09088b4a923bcbb
15a3cc64710971813dd4294a0d256d4d34f2b17bcaadd1dd2d717c9cc2b08a24
GET /sfp.js HTTP/1.1
Host: creepingbrings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bisnismaskeer.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 22 Sep 2022 17:06:37 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 92c5b7948fca7e6ce192511b178406d9
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Thu, 22 Sep 2022 17:06:37 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rxRfyuvoUvLZQ3XpuvQCvhJJMDgh%2B6MKQ0zCypleIY85uJ6ICzF1zXktWkNkpsjcouBzlQRYw99Bt3ZITOmEFcIrmarYTJk3QwVjCb5ixAS40KGsZ5TAd11BCi3ngZOcdIpI2Wo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74eca1d9fa74406c-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
i0.wp.com/encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcShAHeEpkG6Knvd2LXbQqWnbIjaoeLJK_6zjQ&usqp=CAU
192.0.77.2404 Not Found 346 kB URL HTTP/2 i0.wp.com/encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcShAHeEpkG6Knvd2LXbQqWnbIjaoeLJK_6zjQ&usqp=CAU
IP 192.0.77.2:0
Size 346 kB (346314 bytes)
Hash 73606314f4c38ad01b9814a89b10d95f
c81d36772d9593a93d239bb96e7fb040e1d8f99e
019f8b08ef0fb2df8286effb99dfa3df856dd77747d40d7a7a08c4d9a0281995
GET /encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcShAHeEpkG6Knvd2LXbQqWnbIjaoeLJK_6zjQ&usqp=CAU HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bisnismaskeer.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Thu, 22 Sep 2022 17:06:36 GMT
content-type: text/html; charset=utf-8
x-nc: HIT arn 8
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6d4edf416a0f41468a7429c575bad6e5
3adb4571fc16ca78dbe97d3816dd51ee70d3c140
2ee5044f5cbe123faaec6042411582dc59a51000999035cabcfb3bfff5eb41f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2EE5044F5CBE123FAAEC6042411582DC59A51000999035CABCFB3BFFF5EB41F3"
Last-Modified: Wed, 21 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4287
Expires: Thu, 22 Sep 2022 18:18:05 GMT
Date: Thu, 22 Sep 2022 17:06:38 GMT
Connection: keep-alive
s10.histats.com/js15_as.js
46.105.201.240200 OK 4.4 kB URL HTTP/2 s10.histats.com/js15_as.js
IP 46.105.201.240:0
File type HTML document, ASCII text, with very long lines (11440), with no line terminators
Hash ed192092c129db6123a3397855f42619
067e9b8e26cf6246eb84c6b9cf3da0c192ce7b3e
998fff486a7fb38b6ed445edc36c9b317b70950cd39efcf4012ca641312fcee1
GET /js15_as.js HTTP/1.1
Host: s10.histats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bisnismaskeer.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 22 Sep 2022 17:04:42 GMT
etag: "-375139978"
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
x-request-id: 825099024
content-type: application/javascript; charset=UTF-8
content-encoding: br
x-cdn-pop: rbx1
x-cdn-pop-ip: 51.254.41.128/25
x-cacheable: Matched cache
accept-ranges: bytes
content-length: 4364
X-Firefox-Spdy: h2
s4.histats.com/stats/0.php?4575567&@f16&@g1&@h1&@i1&@j1663866397819&@k0&@l1&@mJambers%20-%20Jambers%2010%20Jaar%20Later%20Fragment%202002%20Youtube%20-%20Bisnis%20Masker&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:983836&@b3:1663866398&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fbisnismaskeer.blogspot.com%2F2022%2F09%2Fjambers-jambers-10-jaar-later-fragment.html&@w
192.99.8.28200 OK 48 B URL HTTP/1.1 s4.histats.com/stats/0.php?4575567&@f16&@g1&@h1&@i1&@j1663866397819&@k0&@l1&@mJambers%20-%20Jambers%2010%20Jaar%20Later%20Fragment%202002%20Youtube%20-%20Bisnis%20Masker&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:983836&@b3:1663866398&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fbisnismaskeer.blogspot.com%2F2022%2F09%2Fjambers-jambers-10-jaar-later-fragment.html&@w
IP 192.99.8.28:0
File type ASCII text, with no line terminators
Hash 3c847adf9be39d752f27ca7eb758d70c
e123de21d0d0c316b3a394275ff5254070bb4275
4ac0dc6db4035706a64bc070d10945b2f5ba37ea3459c330351f43fc4886428e
GET /stats/0.php?4575567&@f16&@g1&@h1&@i1&@j1663866397819&@k0&@l1&@mJambers%20-%20Jambers%2010%20Jaar%20Later%20Fragment%202002%20Youtube%20-%20Bisnis%20Masker&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:983836&@b3:1663866398&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fbisnismaskeer.blogspot.com%2F2022%2F09%2Fjambers-jambers-10-jaar-later-fragment.html&@w HTTP/1.1
Host: s4.histats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bisnismaskeer.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 22 Sep 2022 17:06:38 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 48
Connection: close
i0.wp.com/media.nu.nl/m/jh1x1w6a9dki_xwd640.jpg
192.0.77.2200 OK 18 kB URL HTTP/2 i0.wp.com/media.nu.nl/m/jh1x1w6a9dki_xwd640.jpg
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x320, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash d62a745b884b46e52879d35046de8880
5c09624c9599568827fe7ebc40579181edf11525
1156f68c989aa06ba4e44f5a889b797ece3d8823a7fd14ec4b8010beb5c1e5ba
GET /media.nu.nl/m/jh1x1w6a9dki_xwd640.jpg HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bisnismaskeer.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 22 Sep 2022 17:06:39 GMT
content-type: image/webp
content-length: 18166
last-modified: Thu, 22 Sep 2022 17:06:39 GMT
expires: Sun, 22 Sep 2024 05:06:39 GMT
cache-control: public, max-age=63115200
link: <http://media.nu.nl/m/jh1x1w6a9dki_xwd640.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "2979b09c3e700771"
vary: Accept
x-nc: MISS arn 5
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 431d8d975ae7d9cf373357abfd09ab5d
cb817c99081218faa2f2ec8106a0541d9e6199b2
2bc4b2e524eab80d264ce69097ab7a797ef44469821c4e77b1980023c6fcc519
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 17:06:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 431d8d975ae7d9cf373357abfd09ab5d
cb817c99081218faa2f2ec8106a0541d9e6199b2
2bc4b2e524eab80d264ce69097ab7a797ef44469821c4e77b1980023c6fcc519
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 17:06:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 431d8d975ae7d9cf373357abfd09ab5d
cb817c99081218faa2f2ec8106a0541d9e6199b2
2bc4b2e524eab80d264ce69097ab7a797ef44469821c4e77b1980023c6fcc519
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 17:06:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 431d8d975ae7d9cf373357abfd09ab5d
cb817c99081218faa2f2ec8106a0541d9e6199b2
2bc4b2e524eab80d264ce69097ab7a797ef44469821c4e77b1980023c6fcc519
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 17:06:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 431d8d975ae7d9cf373357abfd09ab5d
cb817c99081218faa2f2ec8106a0541d9e6199b2
2bc4b2e524eab80d264ce69097ab7a797ef44469821c4e77b1980023c6fcc519
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 17:06:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 679fd1f8530a7b1865edf8da266c527a
c9321ff8b9ae0de2aa96b95590d851220225bf30
082a60873ed6db1331e1718e81355e1d4952f03ac0d27e078f7ec76567b69894
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "082A60873ED6DB1331E1718E81355E1D4952F03AC0D27E078F7EC76567B69894"
Last-Modified: Wed, 21 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8143
Expires: Thu, 22 Sep 2022 19:22:22 GMT
Date: Thu, 22 Sep 2022 17:06:39 GMT
Connection: keep-alive
lh3.googleusercontent.com/blogger_img_proxy/ANbyha1q0fwHSDLFvhPyXZ5MdahFitZHL42KDFtBclQyLsMP_zHQc4Gl-w4rGrvn6oLqB7NCFJWOgEI7avXTEvmNLa7EJtbmJBRpmFwB2Ez6SZoY_-_nXA5J94so3FqfV8TfZasebqfiindYaqjIZ8oQzb-Z5wX4-5WQAg=w80-h80-p-k-no-nu
142.250.74.1200 OK 3.5 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha1q0fwHSDLFvhPyXZ5MdahFitZHL42KDFtBclQyLsMP_zHQc4Gl-w4rGrvn6oLqB7NCFJWOgEI7avXTEvmNLa7EJtbmJBRpmFwB2Ez6SZoY_-_nXA5J94so3FqfV8TfZasebqfiindYaqjIZ8oQzb-Z5wX4-5WQAg=w80-h80-p-k-no-nu
IP 142.250.74.1:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 80x80, components 3\012- data
Hash 9eb27726da7c8fd66d2e3a95b2f3adbb
a87d0187e1c9ed2049b5e2b675a82be1e07adcbd
b763287e849b77dde797bde08fd32c1a6e112e49f3c06eb363ed7e0183c38ec1
GET /blogger_img_proxy/ANbyha1q0fwHSDLFvhPyXZ5MdahFitZHL42KDFtBclQyLsMP_zHQc4Gl-w4rGrvn6oLqB7NCFJWOgEI7avXTEvmNLa7EJtbmJBRpmFwB2Ez6SZoY_-_nXA5J94so3FqfV8TfZasebqfiindYaqjIZ8oQzb-Z5wX4-5WQAg=w80-h80-p-k-no-nu HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bisnismaskeer.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
expires: Fri, 23 Sep 2022 17:06:39 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Thu, 22 Sep 2022 17:06:39 GMT
server: fife
content-length: 3535
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 431d8d975ae7d9cf373357abfd09ab5d
cb817c99081218faa2f2ec8106a0541d9e6199b2
2bc4b2e524eab80d264ce69097ab7a797ef44469821c4e77b1980023c6fcc519
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 17:06:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
unseenreport.com/pxf.gif?uuid=43c6ab0b-e939-4eca-85de-6ea79efa63ea&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=0&pk=dace887d039f088ae0d9952a8b8cb060&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=17
192.243.61.227200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=43c6ab0b-e939-4eca-85de-6ea79efa63ea&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=0&pk=dace887d039f088ae0d9952a8b8cb060&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=17
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=43c6ab0b-e939-4eca-85de-6ea79efa63ea&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=0&pk=dace887d039f088ae0d9952a8b8cb060&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=17 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bisnismaskeer.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Thu, 22 Sep 2022 17:06:39 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 39fc4ae893fd3102a33581ec67c8fd6d
Strict-Transport-Security: max-age=0; includeSubdomains
lh3.googleusercontent.com/blogger_img_proxy/ANbyha0p-57lYSmyLrMJUAyDeQtza_rS3Ld7F7O7pXcIXDQYey-rT47pgccrw2dyGPcM8ySNGnw92wEJSyK4r49-I-nZWiBh3i71bvbRtnk0Biqnx1xIwySPdgMtPxcmMrqzP0rHBBZPbBn-qW2eiQGt=w80-h80-p-k-no-nu
142.250.74.1200 OK 4.9 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha0p-57lYSmyLrMJUAyDeQtza_rS3Ld7F7O7pXcIXDQYey-rT47pgccrw2dyGPcM8ySNGnw92wEJSyK4r49-I-nZWiBh3i71bvbRtnk0Biqnx1xIwySPdgMtPxcmMrqzP0rHBBZPbBn-qW2eiQGt=w80-h80-p-k-no-nu
IP 142.250.74.1:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 80x80, components 3\012- data
Hash 6516ed931fc28e8f14179283a4b4c3c8
2f4f151d8a041e90954b99e851faf8c5fdeea5fe
832650108622e2fa39e6f269eda8d20be0709621f92f7a1c49fe8b5c6886d88e
GET /blogger_img_proxy/ANbyha0p-57lYSmyLrMJUAyDeQtza_rS3Ld7F7O7pXcIXDQYey-rT47pgccrw2dyGPcM8ySNGnw92wEJSyK4r49-I-nZWiBh3i71bvbRtnk0Biqnx1xIwySPdgMtPxcmMrqzP0rHBBZPbBn-qW2eiQGt=w80-h80-p-k-no-nu HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bisnismaskeer.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
expires: Fri, 23 Sep 2022 17:06:40 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Thu, 22 Sep 2022 17:06:40 GMT
server: fife
content-length: 4940
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/blogger_img_proxy/ANbyha0600MbVswU7OlOv_Lbkpvdjb4GwMXTSXkefPGcDWHNXACRZqAOVKfSwBC7bLoZrbeflWH6Z6Ja7U-X4DgXaqTRKxhHLlvES_NoylDAe_HIOe13ROp5kIFqlWXYglpFmZ4D7fQdF97JmgvdY3f-9Amvwf_lglKdXg=w80-h80-p-k-no-nu
142.250.74.1200 OK 4.5 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha0600MbVswU7OlOv_Lbkpvdjb4GwMXTSXkefPGcDWHNXACRZqAOVKfSwBC7bLoZrbeflWH6Z6Ja7U-X4DgXaqTRKxhHLlvES_NoylDAe_HIOe13ROp5kIFqlWXYglpFmZ4D7fQdF97JmgvdY3f-9Amvwf_lglKdXg=w80-h80-p-k-no-nu
IP 142.250.74.1:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 80x80, components 3\012- data
Hash 86718cb042aad5080487f03c7e391b7c
70d77a351e62a12a05f619796d932e8348275f9e
94bb9d2612a15e6b8f2ca7302cc2477b43a3a7a112d97a999ed0a8555a1e8b3a
GET /blogger_img_proxy/ANbyha0600MbVswU7OlOv_Lbkpvdjb4GwMXTSXkefPGcDWHNXACRZqAOVKfSwBC7bLoZrbeflWH6Z6Ja7U-X4DgXaqTRKxhHLlvES_NoylDAe_HIOe13ROp5kIFqlWXYglpFmZ4D7fQdF97JmgvdY3f-9Amvwf_lglKdXg=w80-h80-p-k-no-nu HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bisnismaskeer.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
expires: Fri, 23 Sep 2022 17:06:40 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Thu, 22 Sep 2022 17:06:40 GMT
server: fife
content-length: 4543
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/blogger_img_proxy/ANbyha1ly4NsCJYNhBNZ9jvp1Rcyh8bfgTrqfn4qOh2GH4wm4S9tez0u7edEbLxtWcILDkKrDADY8kx3nqGYQ4TmeXu8mtvvMiYiCtbyBJmDqwGjqWLjPmWxrYzuLr2RKG3eHNokWySIovcB32Ar5mFiN2akmJsjBggzl_x3x6UWFiukOEBhckAOD5tuW4iOAm0ERkGy4VdrRBd3amUa7AJP=w80-h80-p-k-no-nu
142.250.74.1200 OK 4.5 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/ANbyha1ly4NsCJYNhBNZ9jvp1Rcyh8bfgTrqfn4qOh2GH4wm4S9tez0u7edEbLxtWcILDkKrDADY8kx3nqGYQ4TmeXu8mtvvMiYiCtbyBJmDqwGjqWLjPmWxrYzuLr2RKG3eHNokWySIovcB32Ar5mFiN2akmJsjBggzl_x3x6UWFiukOEBhckAOD5tuW4iOAm0ERkGy4VdrRBd3amUa7AJP=w80-h80-p-k-no-nu
IP 142.250.74.1:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 80x80, components 3\012- data
Hash 344c50a63330d2701074bb69ec004908
13b4094aaa4b26e6ac5f3e3319573ed4da3a9b69
842eca926c1a4a8873b7039bbb79ac1a7ebaec5f90148307a10c216e3fbab951
GET /blogger_img_proxy/ANbyha1ly4NsCJYNhBNZ9jvp1Rcyh8bfgTrqfn4qOh2GH4wm4S9tez0u7edEbLxtWcILDkKrDADY8kx3nqGYQ4TmeXu8mtvvMiYiCtbyBJmDqwGjqWLjPmWxrYzuLr2RKG3eHNokWySIovcB32Ar5mFiN2akmJsjBggzl_x3x6UWFiukOEBhckAOD5tuW4iOAm0ERkGy4VdrRBd3amUa7AJP=w80-h80-p-k-no-nu HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bisnismaskeer.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
expires: Fri, 23 Sep 2022 17:06:41 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Thu, 22 Sep 2022 17:06:41 GMT
server: fife
content-length: 4479
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1bc353a42617a3d27058f7581ae80d2e
a4d126aa03ca34802f777a7ceed4d8d00eaa608f
e533908710e9cd23d8e0d271845124d28df89700b281fa5bbcf8b834e60f78de
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E533908710E9CD23D8E0D271845124D28DF89700B281FA5BBCF8B834E60F78DE"
Last-Modified: Wed, 21 Sep 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11594
Expires: Thu, 22 Sep 2022 20:19:57 GMT
Date: Thu, 22 Sep 2022 17:06:43 GMT
Connection: keep-alive
refutationtiptoe.com/sbar.json?key=dace887d039f088ae0d9952a8b8cb060&uuid=43c6ab0b-e939-4eca-85de-6ea79efa63ea%3A3%3A1
173.233.137.36200 OK 3.9 kB URL HTTP/1.1 refutationtiptoe.com/sbar.json?key=dace887d039f088ae0d9952a8b8cb060&uuid=43c6ab0b-e939-4eca-85de-6ea79efa63ea%3A3%3A1
IP 173.233.137.36:0
File type JSON data\012- , ASCII text, with very long lines (5751), with no line terminators
Hash ff4871b1e58d00a6303f1eb68d224849
52e5882006085ee98648a77aa3532f4d8b7bf6cc
d01d9dee0320ed44a1e59bf2e70f2b9187b345d2cc0b87dbb33f70d2dade5b54
Analyzer Verdict Alert quad9 Sinkholed
GET /sbar.json?key=dace887d039f088ae0d9952a8b8cb060&uuid=43c6ab0b-e939-4eca-85de-6ea79efa63ea%3A3%3A1 HTTP/1.1
Host: refutationtiptoe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bisnismaskeer.blogspot.com
Connection: keep-alive
Referer: https://bisnismaskeer.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 22 Sep 2022 17:06:43 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://bisnismaskeer.blogspot.com
Access-Control-Allow-Origin: https://bisnismaskeer.blogspot.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=16032438; expires=Fri, 23 Sep 2022 17:06:43 GMT; secure; SameSite=None
uid_id2=43c6ab0b-e939-4eca-85de-6ea79efa63ea:3:1; expires=Thu, 29 Sep 2022 17:06:43 GMT; secure; SameSite=None
pdhtkv=true; expires=Fri, 23 Sep 2022 17:06:43 GMT; secure; SameSite=None
uncs=1; expires=Fri, 23 Sep 2022 17:06:43 GMT; secure; SameSite=None
pdhtkv29=true; expires=Fri, 23 Sep 2022 17:06:43 GMT; secure; SameSite=None
uncs29=1; expires=Fri, 23 Sep 2022 17:06:43 GMT; secure; SameSite=None
slecdace887d039f088ae0d9952a8b8cb060=[3364903]; expires=Thu, 22 Sep 2022 17:06:48 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 5f0c5da3ecb646f14731135f035e21be
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash d7ca55e5daf00e83baa4aecf66912f50
7bea98e8aef3994e343e65bb5710dc251f8dae84
725a51112765453ae553fadf82735c44e2a884f71d689d86dce10fa7165b14fa
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5811
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 22 Sep 2022 17:06:43 GMT
Last-Modified: Thu, 22 Sep 2022 15:29:52 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 279
refutationtiptoe.com/ren.gif?sid=H4sIAAAAAAAC%2F1SSvY8bRRjGZ%2B%2BuQKICXQMSkSWQACnn7Nq%2B9ZoUESEcisgXCYh0MDsztocb76zmw%2BtzdSIiSmka6r3HdzkFIgQSoiMgX6QUV8VULrj%2FAYGoKJCdE4a3ed93nqf46Zn37p4%2FISE8nV26qodSKXpusxpW3rgdRecrV2TmB5VBEn8SN85XTP%2BtVlwN36y8J9i2PlcLozCMwqiyJY1o68G5uQiZP2xF1VZYbdSq0WYDA%2FP%2F3foAlgbg%2FRPyIiSfrj0O1iHZBFnvu0vCbjudn3235xV12qDPDz%2FKtjNdZOgtx7YJ0M4OT93Q9unWI%2BjsYIEL3f%2FXmMopCZ48QpodnkIi7e8vOFMFkSHlz6PoTyDUBJJOwPQdSP6UAIzj2nVkvfvXtCnozjOVztUpWfvrD8hiStZ%2BW0fW%2B%2FaikoPKLa28kzqzGLRLyMEEsjNB7o%2FghiuQxRGY%2BxySE2S9EpLPXmvUWUzTMN0QrXproyEY3Ug2udiIBW22RJvGdUEXwUg5gWxPoMQI1K7C2wBeBvDtAD4P0OOzCouiqBlyRsOkxVidN0Ua8zCizXZEozBO4NmcfQSXj8DUCMzsIje72JYjGP8LbLeE5SuwbkqCD4bo8xKFICgsQUEJCklQOIKiXx5wZWu2vM%2BV9Wl02munvV6Otevs0QPtOiIje%2FkJeWER2p%2F4EdtiVuGUiSRp8rDeaodJQkXIW63NGk3ShKVhHMLKEtKugNoAQzkl67MGcjklK2dGSOkRrDoCk%2Bug%2FhXQYtyshaDdcSMJMcx%2Bdl3hM%2Bt0ntNUCS6o6%2FYo68pM2GomHLgukbs1uJ1gT52QlxZo9duvQ7DjC5%2BmV6e%2FP%2FgbzJTITYnP5GOCjro3vqkLsn9TF5Z8fz13sieHdP7Xtxx1YvXr98VOoQ2%2FfMmOHrzN5sJ8fPihsO4KzbjMOpZ8c1FyLsyWNkyQny7bj0V6w9vuRW8yn1%2B58c7W5V5uhLVSZxNQOSXkyTGYnJLnfjhYnPHLX9yFNBMYX6Lnj8lpQeojsHwXNl%2FyW70Ko5aeNA9Q%2BHJsaunyUUkCJZY7TUvY%2F%2Bzpct6z99AxZ0DdncX19k2JvipB1QjWr45dbo4v%2FFpfFFIVjFNlgv1UGfXls3CtnFWa9XpI49Zm1GxS0UwbtaQdR5zSWiOuxTGtw9kpO%2FvVq%2F8AAAD%2F%2FwEAAP%2F%2F%2Bp8gYpEEAAA%3D
173.233.137.36200 OK 7 B URL HTTP/1.1 refutationtiptoe.com/ren.gif?sid=H4sIAAAAAAAC%2F1SSvY8bRRjGZ%2B%2BuQKICXQMSkSWQACnn7Nq%2B9ZoUESEcisgXCYh0MDsztocb76zmw%2BtzdSIiSmka6r3HdzkFIgQSoiMgX6QUV8VULrj%2FAYGoKJCdE4a3ed93nqf46Zn37p4%2FISE8nV26qodSKXpusxpW3rgdRecrV2TmB5VBEn8SN85XTP%2BtVlwN36y8J9i2PlcLozCMwqiyJY1o68G5uQiZP2xF1VZYbdSq0WYDA%2FP%2F3foAlgbg%2FRPyIiSfrj0O1iHZBFnvu0vCbjudn3235xV12qDPDz%2FKtjNdZOgtx7YJ0M4OT93Q9unWI%2BjsYIEL3f%2FXmMopCZ48QpodnkIi7e8vOFMFkSHlz6PoTyDUBJJOwPQdSP6UAIzj2nVkvfvXtCnozjOVztUpWfvrD8hiStZ%2BW0fW%2B%2FaikoPKLa28kzqzGLRLyMEEsjNB7o%2FghiuQxRGY%2BxySE2S9EpLPXmvUWUzTMN0QrXproyEY3Ug2udiIBW22RJvGdUEXwUg5gWxPoMQI1K7C2wBeBvDtAD4P0OOzCouiqBlyRsOkxVidN0Ua8zCizXZEozBO4NmcfQSXj8DUCMzsIje72JYjGP8LbLeE5SuwbkqCD4bo8xKFICgsQUEJCklQOIKiXx5wZWu2vM%2BV9Wl02munvV6Otevs0QPtOiIje%2FkJeWER2p%2F4EdtiVuGUiSRp8rDeaodJQkXIW63NGk3ShKVhHMLKEtKugNoAQzkl67MGcjklK2dGSOkRrDoCk%2Bug%2FhXQYtyshaDdcSMJMcx%2Bdl3hM%2Bt0ntNUCS6o6%2FYo68pM2GomHLgukbs1uJ1gT52QlxZo9duvQ7DjC5%2BmV6e%2FP%2FgbzJTITYnP5GOCjro3vqkLsn9TF5Z8fz13sieHdP7Xtxx1YvXr98VOoQ2%2FfMmOHrzN5sJ8fPihsO4KzbjMOpZ8c1FyLsyWNkyQny7bj0V6w9vuRW8yn1%2B58c7W5V5uhLVSZxNQOSXkyTGYnJLnfjhYnPHLX9yFNBMYX6Lnj8lpQeojsHwXNl%2FyW70Ko5aeNA9Q%2BHJsaunyUUkCJZY7TUvY%2F%2Bzpct6z99AxZ0DdncX19k2JvipB1QjWr45dbo4v%2FFpfFFIVjFNlgv1UGfXls3CtnFWa9XpI49Zm1GxS0UwbtaQdR5zSWiOuxTGtw9kpO%2FvVq%2F8AAAD%2F%2FwEAAP%2F%2F%2Bp8gYpEEAAA%3D
IP 173.233.137.36:0
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1SSvY8bRRjGZ%2B%2BuQKICXQMSkSWQACnn7Nq%2B9ZoUESEcisgXCYh0MDsztocb76zmw%2BtzdSIiSmka6r3HdzkFIgQSoiMgX6QUV8VULrj%2FAYGoKJCdE4a3ed93nqf46Zn37p4%2FISE8nV26qodSKXpusxpW3rgdRecrV2TmB5VBEn8SN85XTP%2BtVlwN36y8J9i2PlcLozCMwqiyJY1o68G5uQiZP2xF1VZYbdSq0WYDA%2FP%2F3foAlgbg%2FRPyIiSfrj0O1iHZBFnvu0vCbjudn3235xV12qDPDz%2FKtjNdZOgtx7YJ0M4OT93Q9unWI%2BjsYIEL3f%2FXmMopCZ48QpodnkIi7e8vOFMFkSHlz6PoTyDUBJJOwPQdSP6UAIzj2nVkvfvXtCnozjOVztUpWfvrD8hiStZ%2BW0fW%2B%2FaikoPKLa28kzqzGLRLyMEEsjNB7o%2FghiuQxRGY%2BxySE2S9EpLPXmvUWUzTMN0QrXproyEY3Ug2udiIBW22RJvGdUEXwUg5gWxPoMQI1K7C2wBeBvDtAD4P0OOzCouiqBlyRsOkxVidN0Ua8zCizXZEozBO4NmcfQSXj8DUCMzsIje72JYjGP8LbLeE5SuwbkqCD4bo8xKFICgsQUEJCklQOIKiXx5wZWu2vM%2BV9Wl02munvV6Otevs0QPtOiIje%2FkJeWER2p%2F4EdtiVuGUiSRp8rDeaodJQkXIW63NGk3ShKVhHMLKEtKugNoAQzkl67MGcjklK2dGSOkRrDoCk%2Bug%2FhXQYtyshaDdcSMJMcx%2Bdl3hM%2Bt0ntNUCS6o6%2FYo68pM2GomHLgukbs1uJ1gT52QlxZo9duvQ7DjC5%2BmV6e%2FP%2FgbzJTITYnP5GOCjro3vqkLsn9TF5Z8fz13sieHdP7Xtxx1YvXr98VOoQ2%2FfMmOHrzN5sJ8fPihsO4KzbjMOpZ8c1FyLsyWNkyQny7bj0V6w9vuRW8yn1%2B58c7W5V5uhLVSZxNQOSXkyTGYnJLnfjhYnPHLX9yFNBMYX6Lnj8lpQeojsHwXNl%2FyW70Ko5aeNA9Q%2BHJsaunyUUkCJZY7TUvY%2F%2Bzpct6z99AxZ0DdncX19k2JvipB1QjWr45dbo4v%2FFpfFFIVjFNlgv1UGfXls3CtnFWa9XpI49Zm1GxS0UwbtaQdR5zSWiOuxTGtw9kpO%2FvVq%2F8AAAD%2F%2FwEAAP%2F%2F%2Bp8gYpEEAAA%3D HTTP/1.1
Host: refutationtiptoe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bisnismaskeer.blogspot.com/
Cookie: u_pl=16032438; uid_id2=43c6ab0b-e939-4eca-85de-6ea79efa63ea:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecdace887d039f088ae0d9952a8b8cb060=[3364903]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 22 Sep 2022 17:06:43 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 7f123633fd5d61655bbcb4c413d9e81c
Strict-Transport-Security: max-age=0; includeSubdomains
i0.wp.com/HERWIG%20VERGULT
192.0.77.2400 Bad Request 0 B URL HTTP/2 i0.wp.com/HERWIG%20VERGULT
IP 192.0.77.2:0
GET /HERWIG%20VERGULT HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bisnismaskeer.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 400 Bad Request
server: nginx
date: Thu, 22 Sep 2022 17:06:36 GMT
content-type: text/html; charset=utf-8
x-nc: MISS arn 1
X-Firefox-Spdy: h2
i1.wp.com/www.imago-images.com/bild/st/0084560244/w.jpg
192.0.77.2400 Bad Request 0 B URL HTTP/2 i1.wp.com/www.imago-images.com/bild/st/0084560244/w.jpg
IP 192.0.77.2:0
GET /www.imago-images.com/bild/st/0084560244/w.jpg HTTP/1.1
Host: i1.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bisnismaskeer.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 400 Bad Request
server: nginx
date: Thu, 22 Sep 2022 17:06:35 GMT
content-type: text/html; charset=utf-8
x-nc: MISS arn 2
X-Firefox-Spdy: h2