firefox.settings.services.mozilla.com/v1/
143.204.55.36200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 28 Sep 2022 02:15:37 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: KbaGLeQQUkmCQE8v2CvST9gHzGEc5-vOwaVMogtK8W8jjszd2eBWDA==
Age: 2209
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7fb7c70f7f4e2cee27eb0e7d875931f7
98fca3817a551b1daecebae103a48e718b8b5a53
2a40f957a6b1734aa3f87cff51b673f0536732db15b09033dd604879692df349
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A40F957A6B1734AA3F87CFF51B673F0536732DB15B09033DD604879692DF349"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4248
Expires: Wed, 28 Sep 2022 04:03:14 GMT
Date: Wed, 28 Sep 2022 02:52:26 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.25200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.25:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 27 Sep 2022 09:24:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 80d21802b1b80c40e55ccf83433b8eac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: pYMX103-orv_amJkHuLIM9vDCNO4075g4YPS5leEDAookPhpURgl8Q==
age: 62893
X-Firefox-Spdy: h2
awesomew4llpapers.blogspot.com/search/label/Cute%20rabbit%20photos
142.250.74.161200 OK 14 kB URL HTTP/1.1 awesomew4llpapers.blogspot.com/search/label/Cute%20rabbit%20photos
IP 142.250.74.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (10082)
Hash c778a67a950dd24b8801e41f2e3981af
fe9319a0323ad123b7794e951f2f1d880fdc5a39
5743d9202e88014e6b458e578e8398d2c431ebb6c5b3b3229205d47a7a88e6c9
Analyzer Verdict Alert fortinet Malware
GET /search/label/Cute%20rabbit%20photos HTTP/1.1
Host: awesomew4llpapers.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Expires: Wed, 28 Sep 2022 02:52:26 GMT
Date: Wed, 28 Sep 2022 02:52:26 GMT
Cache-Control: private, max-age=0
Last-Modified: Mon, 06 Dec 2021 07:31:43 GMT
ETag: W/"76f19a0de4a7196f1f7327bbbea5a2b1cd36c5dee94cb710afb1646b98ba8735"
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 13738
Server: GSE
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 02:52:26 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
awesomew4llpapers.blogspot.com/js/cookienotice.js
142.250.74.161200 OK 2.0 kB URL HTTP/1.1 awesomew4llpapers.blogspot.com/js/cookienotice.js
IP 142.250.74.161:0
Hash c4e1ed83d89245089b8a1203be20a377
f3940e1215b89300ef97d57a25993f25243b8688
afa801a129ff6fc98533118275db8a7d4a38fc91f8ab55ed4c19b864255e68d2
Analyzer Verdict Alert fortinet Malware
GET /js/cookienotice.js HTTP/1.1
Host: awesomew4llpapers.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://awesomew4llpapers.blogspot.com/search/label/Cute%20rabbit%20photos
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 2026
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 27 Sep 2022 02:54:56 GMT
Expires: Tue, 04 Oct 2022 02:54:56 GMT
Cache-Control: public, max-age=604800
Last-Modified: Mon, 26 Sep 2022 15:52:20 GMT
Content-Type: text/javascript
Age: 86250
fonts.googleapis.com/css?family=Cagliostro|Nova+Square
142.250.74.10200 OK 329 B URL HTTP/1.1 fonts.googleapis.com/css?family=Cagliostro|Nova+Square
IP 142.250.74.10:0
Hash bbd14e06c33a22b0438d1d347d265d1b
66fbaddd2d9af19d4772945be98237850f096263
e85a99d1928288cfb6305b6088c858d4eda7345303f3f4292c82eee5a75f25c8
GET /css?family=Cagliostro|Nova+Square HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://awesomew4llpapers.blogspot.com/
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Wed, 28 Sep 2022 02:52:26 GMT
Date: Wed, 28 Sep 2022 02:52:26 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Opener-Policy: same-origin-allow-popups
Cross-Origin-Resource-Policy: cross-origin
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
ajax.googleapis.com/ajax/libs/jquery/1.3.2/jquery.min.js
142.250.74.74200 OK 20 kB URL HTTP/1.1 ajax.googleapis.com/ajax/libs/jquery/1.3.2/jquery.min.js
IP 142.250.74.74:0
File type ASCII text, with very long lines (39660)
Hash 6ad9e9100f68042a634e403e56e3744a
3d148af6eb9f86b03d5a815f4fb3a49c7b2df356
72bbdea3217793991ab87a6c7cb165d267551810d3d88b5fd2fd489748d04b7a
GET /ajax/libs/jquery/1.3.2/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://awesomew4llpapers.blogspot.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="hosted-libraries-pushers"
Report-To: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Timing-Allow-Origin: *
Content-Length: 19926
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Sun, 25 Sep 2022 10:08:47 GMT
Expires: Mon, 25 Sep 2023 10:08:47 GMT
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
Content-Type: text/javascript; charset=UTF-8
Age: 233019
ajax.googleapis.com/ajax/libs/jquery/1.6.2/jquery.min.js
142.250.74.74200 OK 32 kB URL HTTP/1.1 ajax.googleapis.com/ajax/libs/jquery/1.6.2/jquery.min.js
IP 142.250.74.74:0
File type HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (32764)
Hash 548260b20981c0be2d9dcf8d01c08c24
84230120f8f1bd559eca3fb2fec6acf6cffbf4e7
2f8a612a714e5c928525fdb193f8ec12f7965a6c0d63dd8e58ccae239358c8bb
GET /ajax/libs/jquery/1.6.2/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://awesomew4llpapers.blogspot.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="hosted-libraries-pushers"
Report-To: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Timing-Allow-Origin: *
Content-Length: 32245
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Mon, 26 Sep 2022 14:42:26 GMT
Expires: Tue, 26 Sep 2023 14:42:26 GMT
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Age: 130200
Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
Content-Type: text/javascript; charset=UTF-8
ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js
142.250.74.74200 OK 34 kB URL HTTP/1.1 ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js
IP 142.250.74.74:0
File type HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (32769)
Hash d989f35706c62ce4a5c561586c55566e
d32e7958e5765609bf08dcdefd0b2c2a8714ce34
375dfe942a03ee024b5cc827b3efda5550d13df7530281f50862ce3b33fcb716
GET /ajax/libs/jquery/1.7.2/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://awesomew4llpapers.blogspot.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="hosted-libraries-pushers"
Report-To: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Timing-Allow-Origin: *
Content-Length: 33845
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Mon, 26 Sep 2022 09:36:57 GMT
Expires: Tue, 26 Sep 2023 09:36:57 GMT
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
Content-Type: text/javascript; charset=UTF-8
Age: 148529
cuerosb.googlecode.com/files/cueros%20-lazyload.js
209.85.233.82404 Not Found 1.6 kB URL HTTP/1.1 cuerosb.googlecode.com/files/cueros%20-lazyload.js
IP 209.85.233.82:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1136)
Hash 422b4a3f70457a4389dd72b5fe861008
b2bd412908e6c54224f88d0c2535d83213893bd6
fd64c4b6163ec431cdad562ebd9990811aae15f14e46bc6b26d85bae7bbf1645
GET /files/cueros%20-lazyload.js HTTP/1.1
Host: cuerosb.googlecode.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://awesomew4llpapers.blogspot.com/
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=UTF-8
Referrer-Policy: no-referrer
Content-Length: 1588
Date: Wed, 28 Sep 2022 02:52:26 GMT
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 0a0edcf53e9bc7064278d4daebb194cd
310fdf6be08f800af78f74e3bab477a064693d66
850467eec85c53e9fa299d3d97a9fc134a1418cd979dc1bbb013793faaa21f3e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 02:52:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 0a0edcf53e9bc7064278d4daebb194cd
310fdf6be08f800af78f74e3bab477a064693d66
850467eec85c53e9fa299d3d97a9fc134a1418cd979dc1bbb013793faaa21f3e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 02:52:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
4.bp.blogspot.com/-PgLNEBT6jNk/Ta22d_vvNYI/AAAAAAAABms/170t0FRWAEo/w72-h72-p-k-no-nu/900.jpg
142.250.74.161200 OK 3.2 kB URL HTTP/1.1 4.bp.blogspot.com/-PgLNEBT6jNk/Ta22d_vvNYI/AAAAAAAABms/170t0FRWAEo/w72-h72-p-k-no-nu/900.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash b22efa14c58af0e4c626531091a4dafb
00d9783ac128aba61d88644b63f61b74f299161b
4428b35883bd650fcb8d718a2012b0e91521807386f1b75c7387318d643d35ed
GET /-PgLNEBT6jNk/Ta22d_vvNYI/AAAAAAAABms/170t0FRWAEo/w72-h72-p-k-no-nu/900.jpg HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://awesomew4llpapers.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="900.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 3175
X-XSS-Protection: 0
Date: Wed, 28 Sep 2022 01:55:03 GMT
Expires: Wed, 28 Sep 2022 02:54:57 GMT
Cache-Control: public, max-age=86400, no-transform
Age: 3443
ETag: "v66b"
Content-Type: image/jpeg
3.bp.blogspot.com/-G4IGug2B34A/T-sPOfkxrMI/AAAAAAAAEtQ/fKkGoq_Gagc/w72-h72-p-k-no-nu/jism-2-2a.jpg
142.250.74.161200 OK 2.6 kB URL HTTP/1.1 3.bp.blogspot.com/-G4IGug2B34A/T-sPOfkxrMI/AAAAAAAAEtQ/fKkGoq_Gagc/w72-h72-p-k-no-nu/jism-2-2a.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash c6e1ebc1c467e808de705ff3807f3746
8d4db09481c6d79c76b859ff635e1489414b92db
acb12764fee79c7cb197c966ddf1c3eab822d1e390c522ee9439e63705d5ec91
GET /-G4IGug2B34A/T-sPOfkxrMI/AAAAAAAAEtQ/fKkGoq_Gagc/w72-h72-p-k-no-nu/jism-2-2a.jpg HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://awesomew4llpapers.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="jism-2-2a.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 2584
X-XSS-Protection: 0
Date: Wed, 28 Sep 2022 01:55:03 GMT
Expires: Wed, 28 Sep 2022 02:54:57 GMT
Cache-Control: public, max-age=86400, no-transform
Age: 3443
ETag: "v12d4"
Content-Type: image/jpeg
3.bp.blogspot.com/-ECTNoakfWH4/TcRKPv2iJ9I/AAAAAAAACBA/vqLMKb2fi28/w72-h72-p-k-no-nu/i-miss-you-love-9264842-1024-768.jpg
142.250.74.161200 OK 3.2 kB URL HTTP/1.1 3.bp.blogspot.com/-ECTNoakfWH4/TcRKPv2iJ9I/AAAAAAAACBA/vqLMKb2fi28/w72-h72-p-k-no-nu/i-miss-you-love-9264842-1024-768.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 91b278736017f277559a5697a2b7ab75
9bad3308b703a6db9dde82c3e3bf0797da8bf368
21606c632862a924af7d478ddc02c08705838dfd9955289ba945c2490be9fa9f
GET /-ECTNoakfWH4/TcRKPv2iJ9I/AAAAAAAACBA/vqLMKb2fi28/w72-h72-p-k-no-nu/i-miss-you-love-9264842-1024-768.jpg HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://awesomew4llpapers.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="i-miss-you-love-9264842-1024-768.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 3182
X-XSS-Protection: 0
Date: Wed, 28 Sep 2022 01:55:03 GMT
Expires: Wed, 28 Sep 2022 02:54:57 GMT
Cache-Control: public, max-age=86400, no-transform
Age: 3443
ETag: "v810"
Content-Type: image/jpeg
4.bp.blogspot.com/-tuk_1wh50CA/Tm9wp2tpvLI/AAAAAAAAAO0/ysNCYM5p7i8/w72-h72-p-k-no-nu/69-windows_7_wallpapers_1920x1200-19.jpg
142.250.74.161200 OK 4.5 kB URL HTTP/1.1 4.bp.blogspot.com/-tuk_1wh50CA/Tm9wp2tpvLI/AAAAAAAAAO0/ysNCYM5p7i8/w72-h72-p-k-no-nu/69-windows_7_wallpapers_1920x1200-19.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 9cdc6a314cb2744ddf714c1944c463b4
6f01c058e54222a9631a5d52ad60101419d2a474
e0da738a09428db59d062d7dc11437dfd64ffe2930df980a577b0c6428edfb57
GET /-tuk_1wh50CA/Tm9wp2tpvLI/AAAAAAAAAO0/ysNCYM5p7i8/w72-h72-p-k-no-nu/69-windows_7_wallpapers_1920x1200-19.jpg HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://awesomew4llpapers.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="69-windows_7_wallpapers_1920x1200-19.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 4515
X-XSS-Protection: 0
Date: Wed, 28 Sep 2022 01:55:03 GMT
Expires: Wed, 28 Sep 2022 02:54:57 GMT
Cache-Control: public, max-age=86400, no-transform
Age: 3443
ETag: "ved"
Content-Type: image/jpeg
3.bp.blogspot.com/-vCb4hBdxnD4/T0eoHtcsAII/AAAAAAAAAoU/ebP1Zsq5em0/w72-h72-p-k-no-nu/BlueMazeWp-long+goodbye.png
142.250.74.161200 OK 11 kB URL HTTP/1.1 3.bp.blogspot.com/-vCb4hBdxnD4/T0eoHtcsAII/AAAAAAAAAoU/ebP1Zsq5em0/w72-h72-p-k-no-nu/BlueMazeWp-long+goodbye.png
IP 142.250.74.161:0
File type PNG image data, 72 x 72, 8-bit/color RGB, non-interlaced\012- data
Hash c0085c06e873f186dab3b30e4d6a2644
9085ddbc1218d4f589ceaa8ae57f5d96d8c796b0
16edeb9ca63488a53d089feabd7561a41cd058d40bdfc38fa11469d7db64d80b
GET /-vCb4hBdxnD4/T0eoHtcsAII/AAAAAAAAAoU/ebP1Zsq5em0/w72-h72-p-k-no-nu/BlueMazeWp-long+goodbye.png HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://awesomew4llpapers.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="BlueMazeWp-long goodbye.png"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 10798
X-XSS-Protection: 0
Date: Wed, 28 Sep 2022 01:55:03 GMT
Expires: Wed, 28 Sep 2022 02:54:57 GMT
Cache-Control: public, max-age=86400, no-transform
Age: 3443
ETag: "v285"
Content-Type: image/png
www.blogger.com/static/v1/widgets/4150139458-widgets.js
142.250.74.105200 OK 57 kB URL HTTP/2 www.blogger.com/static/v1/widgets/4150139458-widgets.js
IP 142.250.74.105:0
File type ASCII text, with very long lines (2221)
Hash b318be2224a9b91139a7a4b41f2e4b6e
4bcae447ce5bb3cb36a74745bcca9b72ba419c9f
bc5c92978c40e36f3da25045761d139de3a8a333c5290ccd233273af73bd7f4b
GET /static/v1/widgets/4150139458-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://awesomew4llpapers.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 56826
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 25 Sep 2022 15:56:30 GMT
expires: Mon, 25 Sep 2023 15:56:30 GMT
cache-control: public, max-age=31536000
last-modified: Sun, 25 Sep 2022 08:50:22 GMT
content-type: text/javascript
age: 212156
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.blogger.com/static/v1/widgets/55013136-widget_css_bundle.css
6.6 kB URL www.blogger.com/static/v1/widgets/55013136-widget_css_bundle.css
IP :0
File type gzip compressed data, max compression\012- data
Hash 6f46e6f68353c7911fe34f31faa1518f
ea4dbfa2f87c18e9c51c59a32dfa9afb9c2c3472
0be7e26374fcff6f423b88e5f2a05d1cfdcb56abb4a78fa125e391989782ae0f
GET /static/v1/widgets/55013136-widget_css_bundle.css HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://awesomew4llpapers.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 0a0edcf53e9bc7064278d4daebb194cd
310fdf6be08f800af78f74e3bab477a064693d66
850467eec85c53e9fa299d3d97a9fc134a1418cd979dc1bbb013793faaa21f3e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 02:52:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cuerosb.googlecode.com/files/cueros%20-lazyload.js
209.85.233.82404 Not Found 1.6 kB URL HTTP/1.1 cuerosb.googlecode.com/files/cueros%20-lazyload.js
IP 209.85.233.82:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1136)
Hash 422b4a3f70457a4389dd72b5fe861008
b2bd412908e6c54224f88d0c2535d83213893bd6
fd64c4b6163ec431cdad562ebd9990811aae15f14e46bc6b26d85bae7bbf1645
GET /files/cueros%20-lazyload.js HTTP/1.1
Host: cuerosb.googlecode.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://awesomew4llpapers.blogspot.com/
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=UTF-8
Referrer-Policy: no-referrer
Content-Length: 1588
Date: Wed, 28 Sep 2022 02:52:26 GMT
4.bp.blogspot.com/-YjRFMUDYQ_s/To4RFHvlfdI/AAAAAAAAAQo/WzsdCmtVuZs/s400/Cute+rabbit+photos1.gif
142.250.74.161200 OK 79 kB URL HTTP/1.1 4.bp.blogspot.com/-YjRFMUDYQ_s/To4RFHvlfdI/AAAAAAAAAQo/WzsdCmtVuZs/s400/Cute+rabbit+photos1.gif
IP 142.250.74.161:0
File type GIF image data, version 89a, 400 x 300\012- data
Hash 1628147d71d5d9884e3bbb79afd0bc62
3a312cd9f82203db37fea7624d5087f9fb327a85
21e55791dbecd11d43358b3d204a06b11b3f22f17c879f171eec1e89f76c6e70
GET /-YjRFMUDYQ_s/To4RFHvlfdI/AAAAAAAAAQo/WzsdCmtVuZs/s400/Cute+rabbit+photos1.gif HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://awesomew4llpapers.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v506"
Expires: Thu, 29 Sep 2022 02:52:26 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="Cute rabbit photos1.gif"
Content-Type: image/gif
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Wed, 28 Sep 2022 02:52:26 GMT
Server: fife
Content-Length: 79224
X-XSS-Protection: 0
fonts.gstatic.com/s/novasquare/v20/RrQUbo9-9DV7b06QHgSWsahHT4I.woff2
142.250.74.163200 OK 15 kB URL HTTP/1.1 fonts.gstatic.com/s/novasquare/v20/RrQUbo9-9DV7b06QHgSWsahHT4I.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 14660, version 1.0\012- data
Hash 348313676f6899edf1ec0f5ab1d7a309
38f4a6a8b6c4176551b1e3016c3c18cef0bef32b
3e9f9e979097ba64a89b010514cae4d8a984790f7beef6cdd91484822f76f85c
GET /s/novasquare/v20/RrQUbo9-9DV7b06QHgSWsahHT4I.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://awesomew4llpapers.blogspot.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 14660
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 27 Sep 2022 02:54:57 GMT
Expires: Wed, 27 Sep 2023 02:54:57 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Mon, 09 May 2022 19:25:41 GMT
Content-Type: font/woff2
Age: 86249
fonts.gstatic.com/s/cagliostro/v21/ZgNWjP5HM73BV5amnX-TvGLOMg.woff2
142.250.74.163200 OK 14 kB URL HTTP/1.1 fonts.gstatic.com/s/cagliostro/v21/ZgNWjP5HM73BV5amnX-TvGLOMg.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 13844, version 1.0\012- data
Hash e66d751ed714f38e5cf994c035f30fe8
b01b71bf6127dec6db145927cc7386dba16e6cc2
6416fe13344d50a660b4e234892f03e1eed5b0cb8dc712280901ed2d1f719ecc
GET /s/cagliostro/v21/ZgNWjP5HM73BV5amnX-TvGLOMg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://awesomew4llpapers.blogspot.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 13844
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Sun, 25 Sep 2022 17:13:59 GMT
Expires: Mon, 25 Sep 2023 17:13:59 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Thu, 21 Apr 2022 16:45:05 GMT
Content-Type: font/woff2
Age: 207507
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.36200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Wed, 28 Sep 2022 02:10:46 GMT
Expires: Wed, 28 Sep 2022 02:12:27 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 43HMNeR-gatYm5GKxcYPS5zDoMn7u9ccQqmvE7hv2jiu6yizfzUF1A==
Age: 2500
lh4.googleusercontent.com/-STOfzSHYYek/UR74y0CyMII/AAAAAAAAAi4/u7jDiFAcafc/s1600/main-bg-pattern.png
142.250.74.33404 Not Found 832 B URL HTTP/1.1 lh4.googleusercontent.com/-STOfzSHYYek/UR74y0CyMII/AAAAAAAAAi4/u7jDiFAcafc/s1600/main-bg-pattern.png
IP 142.250.74.33:0
File type PNG image data, 200 x 200, 8-bit colormap, non-interlaced\012- data
Hash 596246739a83bb45e30e13437e0810d9
203d99f5cb1f2c816d6f9974cc5a73cf412892a6
94aa7bf7f0d9660bb348ed4ed7faaa42c63f1a40f591dab32ce5046765df3615
GET /-STOfzSHYYek/UR74y0CyMII/AAAAAAAAAi4/u7jDiFAcafc/s1600/main-bg-pattern.png HTTP/1.1
Host: lh4.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://awesomew4llpapers.blogspot.com/
HTTP/1.1 404 Not Found
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Type: image/png
X-Content-Type-Options: nosniff
Date: Wed, 28 Sep 2022 02:52:26 GMT
Server: fife
Content-Length: 832
X-XSS-Protection: 0
3.bp.blogspot.com/-SQNz1lSLyGA/To4RGPaFMgI/AAAAAAAAAQs/8LdnH-_Zb2I/s400/Cute+rabbit+photos2.jpg
142.250.74.161200 OK 16 kB URL HTTP/1.1 3.bp.blogspot.com/-SQNz1lSLyGA/To4RGPaFMgI/AAAAAAAAAQs/8LdnH-_Zb2I/s400/Cute+rabbit+photos2.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 370x369, components 3\012- data
Hash 2690bde11a1d368e52fd8ecb93259e32
266a723f02bd9f035982d5be9eb9adaf6f848c07
1f3e848043876d59c1677c681c9faa17e2d88ae0003c8e77f03735f84a68f0ea
GET /-SQNz1lSLyGA/To4RGPaFMgI/AAAAAAAAAQs/8LdnH-_Zb2I/s400/Cute+rabbit+photos2.jpg HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://awesomew4llpapers.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v10b"
Expires: Thu, 29 Sep 2022 02:52:26 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="Cute rabbit photos2.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Wed, 28 Sep 2022 02:52:26 GMT
Server: fife
Content-Length: 15789
X-XSS-Protection: 0
4.bp.blogspot.com/-XT1gJ1n8aPk/To4RDqeSWnI/AAAAAAAAAQk/MhLOIU9yLys/s400/Cute+rabbit+photos.jpeg
142.250.74.161200 OK 12 kB URL HTTP/1.1 4.bp.blogspot.com/-XT1gJ1n8aPk/To4RDqeSWnI/AAAAAAAAAQk/MhLOIU9yLys/s400/Cute+rabbit+photos.jpeg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 266x190, components 3\012- data
Hash f5bc0d3cc7ceb5f82ab83a9190e85f35
031783182c8bfbafb75f0fbf926df9ea70619c8d
3c54a21dc15a91ec952032e117952930dd09a055c70b1993588b3bccd64c3b25
GET /-XT1gJ1n8aPk/To4RDqeSWnI/AAAAAAAAAQk/MhLOIU9yLys/s400/Cute+rabbit+photos.jpeg HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://awesomew4llpapers.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v109"
Expires: Thu, 29 Sep 2022 02:52:27 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="Cute rabbit photos.jpeg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Wed, 28 Sep 2022 02:52:27 GMT
Server: fife
Content-Length: 12254
X-XSS-Protection: 0
4.bp.blogspot.com/-XT1gJ1n8aPk/To4RDqeSWnI/AAAAAAAAAQk/MhLOIU9yLys/s72-c/Cute+rabbit+photos.jpeg
142.250.74.161200 OK 2.8 kB URL HTTP/1.1 4.bp.blogspot.com/-XT1gJ1n8aPk/To4RDqeSWnI/AAAAAAAAAQk/MhLOIU9yLys/s72-c/Cute+rabbit+photos.jpeg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash dbe2a077d3c72367a413372643be034f
835dd0c652677cc0f2fcc83875a24f939e943908
a5a7174fe0960be5bebf028525df9e911cffb4b4b0ced9e9a448d05d6e7a2ea9
GET /-XT1gJ1n8aPk/To4RDqeSWnI/AAAAAAAAAQk/MhLOIU9yLys/s72-c/Cute+rabbit+photos.jpeg HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://awesomew4llpapers.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v109"
Expires: Thu, 29 Sep 2022 02:52:27 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="Cute rabbit photos.jpeg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Wed, 28 Sep 2022 02:52:27 GMT
Server: fife
Content-Length: 2812
X-XSS-Protection: 0
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash c18823050f86339eaa73ddb1bf80d64c
ac4ee81f59f706cee8a74458d498bbc20d8d351a
9a505647517bd02d8ff994fd4ad98dc2f4b519916145b0c327691420c1084c46
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6224
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 02:52:27 GMT
Last-Modified: Wed, 28 Sep 2022 01:08:43 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
awesomew4llpapers.blogspot.com/favicon.ico
142.250.74.161200 OK 412 B URL HTTP/1.1 awesomew4llpapers.blogspot.com/favicon.ico
IP 142.250.74.161:0
File type MS Windows icon resource - 2 icons, 32x32, 8 bits/pixel, 16x16, 8 bits/pixel\012- data
Hash 501c61a70f5c41181aa050d9110909ca
5b985d5671a7caf686fdfb1df13488c4407f6c9f
c4aaf001607ee331f6871b4dbbf45942b1e197726714fd106e46d70cc10ee97e
GET /favicon.ico HTTP/1.1
Host: awesomew4llpapers.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://awesomew4llpapers.blogspot.com/search/label/Cute%20rabbit%20photos
HTTP/1.1 200 OK
Content-Type: image/x-icon
Expires: Wed, 28 Sep 2022 02:52:27 GMT
Date: Wed, 28 Sep 2022 02:52:27 GMT
Cache-Control: private, max-age=86400
Last-Modified: Mon, 06 Dec 2021 07:31:43 GMT
ETag: W/"76f19a0de4a7196f1f7327bbbea5a2b1cd36c5dee94cb710afb1646b98ba8735"
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 412
Server: GSE
push.services.mozilla.com/
35.160.97.225101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.160.97.225:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: +7+gvVX7MaqkN4trCuhn1Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: w4UOq+ive7W7DnzEBGtknNbL+KA=
edoses.blogspot.com/2012/01/mortgage-loan-rates.html
142.250.74.161404 Not Found 12 kB URL HTTP/1.1 edoses.blogspot.com/2012/01/mortgage-loan-rates.html
IP 142.250.74.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (4028)
Hash b5a7ff071cc77ac8ab4c64027054ee5c
25135d4dad713d7052a25c6b84b528699afc453a
663ee5153be5fe42c0dde092bcf66b443766c94c6f869c5727f881b99a8ace03
GET /2012/01/mortgage-loan-rates.html HTTP/1.1
Host: edoses.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://awesomew4llpapers.blogspot.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=UTF-8
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Date: Wed, 28 Sep 2022 02:52:27 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 11866
Server: GSE
cuerosb.googlecode.com/files/cueros%20-lazyload.js
209.85.233.82404 Not Found 1.6 kB URL HTTP/1.1 cuerosb.googlecode.com/files/cueros%20-lazyload.js
IP 209.85.233.82:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1136)
Hash 422b4a3f70457a4389dd72b5fe861008
b2bd412908e6c54224f88d0c2535d83213893bd6
fd64c4b6163ec431cdad562ebd9990811aae15f14e46bc6b26d85bae7bbf1645
GET /files/cueros%20-lazyload.js HTTP/1.1
Host: cuerosb.googlecode.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://edoses.blogspot.com/
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=UTF-8
Referrer-Policy: no-referrer
Content-Length: 1588
Date: Wed, 28 Sep 2022 02:52:27 GMT
3.bp.blogspot.com/-ZD72uG5BMTo/Uhxa-_pqIPI/AAAAAAAAARo/vOx2bwRyQkw/s72-c/synopsis.jpg
142.250.74.161200 OK 4.2 kB URL HTTP/1.1 3.bp.blogspot.com/-ZD72uG5BMTo/Uhxa-_pqIPI/AAAAAAAAARo/vOx2bwRyQkw/s72-c/synopsis.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 72x72, components 3\012- data
Hash 3990f8435bbc9acd22924a4fc39d342e
43a8e0fec92aa5c432ec0c03495ec2196e8d089a
81e62fa15123d8d89c2fed7d0a97c086c9d52d9178accf9b5cb4a1e555868104
GET /-ZD72uG5BMTo/Uhxa-_pqIPI/AAAAAAAAARo/vOx2bwRyQkw/s72-c/synopsis.jpg HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://edoses.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="synopsis.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 4150
X-XSS-Protection: 0
Date: Wed, 28 Sep 2022 01:55:04 GMT
Expires: Tue, 27 Sep 2022 14:15:32 GMT
Cache-Control: public, max-age=86400, no-transform
Age: 3443
ETag: "v11b"
Content-Type: image/jpeg
4.bp.blogspot.com/-jfga54zfVyE/UiMuQiiQPdI/AAAAAAAADoM/2XfeM5BTx2U/s72-c/Screen+Shot+2013-09-01+at+10.04.26+PM.png
142.250.74.161200 OK 11 kB URL HTTP/1.1 4.bp.blogspot.com/-jfga54zfVyE/UiMuQiiQPdI/AAAAAAAADoM/2XfeM5BTx2U/s72-c/Screen+Shot+2013-09-01+at+10.04.26+PM.png
IP 142.250.74.161:0
File type PNG image data, 72 x 72, 8-bit/color RGB, non-interlaced\012- data
Hash 6d4594a56caa86996a8371d909bf0361
3fc4524db5cc562715b1af075f8818669caa12f1
274a60372856ae3a3a4d81321cf16986187e5ae12b642465ca87b723daf9d80c
GET /-jfga54zfVyE/UiMuQiiQPdI/AAAAAAAADoM/2XfeM5BTx2U/s72-c/Screen+Shot+2013-09-01+at+10.04.26+PM.png HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://edoses.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="Screen Shot 2013-09-01 at 10.04.26 PM.png"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 10612
X-XSS-Protection: 0
Date: Wed, 28 Sep 2022 01:55:04 GMT
Expires: Sat, 24 Sep 2022 03:43:16 GMT
Cache-Control: public, max-age=86400, no-transform
Age: 3443
ETag: "ve85"
Content-Type: image/png
edoses.blogspot.com/js/cookienotice.js
142.250.74.161200 OK 2.0 kB URL HTTP/1.1 edoses.blogspot.com/js/cookienotice.js
IP 142.250.74.161:0
Hash c4e1ed83d89245089b8a1203be20a377
f3940e1215b89300ef97d57a25993f25243b8688
afa801a129ff6fc98533118275db8a7d4a38fc91f8ab55ed4c19b864255e68d2
GET /js/cookienotice.js HTTP/1.1
Host: edoses.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://edoses.blogspot.com/2012/01/mortgage-loan-rates.html
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 2026
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Mon, 26 Sep 2022 14:15:32 GMT
Expires: Mon, 03 Oct 2022 14:15:32 GMT
Cache-Control: public, max-age=604800
Last-Modified: Mon, 26 Sep 2022 10:50:30 GMT
Content-Type: text/javascript
Age: 131815
1.bp.blogspot.com/-ewoesXDJ34g/UhinqKujEAI/AAAAAAAADiU/4Lyq91pHPS0/s72-c/Screen+Shot+2013-08-24+at+10.29.48+PM.png
142.250.74.161200 OK 8.3 kB URL HTTP/1.1 1.bp.blogspot.com/-ewoesXDJ34g/UhinqKujEAI/AAAAAAAADiU/4Lyq91pHPS0/s72-c/Screen+Shot+2013-08-24+at+10.29.48+PM.png
IP 142.250.74.161:0
File type PNG image data, 72 x 72, 8-bit/color RGB, non-interlaced\012- data
Hash 19e24d43c6527034ebeb2f4599ee1f88
1760b869891848b7d6785786aaabb73bfdc7f471
d9613572858543c7bcb703367e2b8bf0caa2c11c1407dfd25123679f1b148095
GET /-ewoesXDJ34g/UhinqKujEAI/AAAAAAAADiU/4Lyq91pHPS0/s72-c/Screen+Shot+2013-08-24+at+10.29.48+PM.png HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://edoses.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="Screen Shot 2013-08-24 at 10.29.48 PM.png"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 8291
X-XSS-Protection: 0
Date: Wed, 28 Sep 2022 01:55:03 GMT
Expires: Tue, 27 Sep 2022 14:15:32 GMT
Cache-Control: public, max-age=86400, no-transform
Age: 3444
ETag: "ve26"
Content-Type: image/png
2.bp.blogspot.com/-7ClhWWxtkdI/UiL2BJBY5aI/AAAAAAAADms/--M-npbmDq4/s72-c/Screen+Shot+2013-09-01+at+6.06.22+PM.png
142.250.74.161200 OK 8.8 kB URL HTTP/1.1 2.bp.blogspot.com/-7ClhWWxtkdI/UiL2BJBY5aI/AAAAAAAADms/--M-npbmDq4/s72-c/Screen+Shot+2013-09-01+at+6.06.22+PM.png
IP 142.250.74.161:0
File type PNG image data, 72 x 72, 8-bit/color RGB, non-interlaced\012- data
Hash 233d3dbef1d645ec9bbf32bd02a768fa
b10bc5629dcb6928b6156ec161331e4cc0868d09
90a35d97bf59ceaf1e391a0a923da243bff60d9d615a8fe62eabeabe8c6ab109
GET /-7ClhWWxtkdI/UiL2BJBY5aI/AAAAAAAADms/--M-npbmDq4/s72-c/Screen+Shot+2013-09-01+at+6.06.22+PM.png HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://edoses.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="Screen Shot 2013-09-01 at 6.06.22 PM.png"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 8780
X-XSS-Protection: 0
Date: Wed, 28 Sep 2022 01:55:03 GMT
Expires: Tue, 27 Sep 2022 14:15:32 GMT
Cache-Control: public, max-age=86400, no-transform
Age: 3444
ETag: "ve6e"
Content-Type: image/png
2.bp.blogspot.com/-zafkIpF0NeM/UhcNYwBeRNI/AAAAAAAADfc/9Rf6QZg1IoM/s72-c/photo+(60).PNG
142.250.74.161200 OK 3.8 kB URL HTTP/1.1 2.bp.blogspot.com/-zafkIpF0NeM/UhcNYwBeRNI/AAAAAAAADfc/9Rf6QZg1IoM/s72-c/photo+(60).PNG
IP 142.250.74.161:0
File type PNG image data, 72 x 72, 8-bit/color RGB, non-interlaced\012- data
Hash b0fac2688d7367a15d637a3b91385768
c58b0f22b78792da6dc71b290dd7935194d7999f
0ce33572a06ba62f0d2e0f41885a3cb4e332b55471a375a5da89b25c19b599d3
GET /-zafkIpF0NeM/UhcNYwBeRNI/AAAAAAAADfc/9Rf6QZg1IoM/s72-c/photo+(60).PNG HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://edoses.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="photo (60).PNG"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 3808
X-XSS-Protection: 0
Date: Wed, 28 Sep 2022 01:55:03 GMT
Expires: Tue, 27 Sep 2022 14:15:32 GMT
Cache-Control: public, max-age=86400, no-transform
Age: 3444
ETag: "vdf8"
Content-Type: image/png
resources.infolinks.com/js/infolinks_main.js
172.66.42.247200 OK 2.1 kB URL HTTP/1.1 resources.infolinks.com/js/infolinks_main.js
IP 172.66.42.247:0
File type ASCII text, with very long lines (3506)
Hash b2aafe70eecdf862b2de393264220a93
a3a2c7734e7088c6792a36c4da8e4523d7f9cbe3
46e843d4aa213e4fdfa6dd36c19424275192b0d44813a7788b22b4a44cdb1a07
GET /js/infolinks_main.js HTTP/1.1
Host: resources.infolinks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://edoses.blogspot.com/
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 02:52:27 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 26 Sep 2022 13:11:59 GMT
ETag: W/"db3-5e99445d6610e"
Cache-Control: max-age=3600
Expires: Wed, 28 Sep 2022 02:29:25 GMT
Via: 1.1 google
CF-Cache-Status: HIT
Age: 4982
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75192ee239e0b51b-OSL
Content-Encoding: gzip
yllix.com/popup.php?section=General&pub=442632&ga=g&show=5
185.66.200.224301 Moved Permanently 162 B URL HTTP/1.1 yllix.com/popup.php?section=General&pub=442632&ga=g&show=5
IP 185.66.200.224:0
ASN #201702 skHosting.eu s.r.o.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /popup.php?section=General&pub=442632&ga=g&show=5 HTTP/1.1
Host: yllix.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://edoses.blogspot.com/
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 28 Sep 2022 02:52:27 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://yllix.com/popup.php?section=General&pub=442632&ga=g&show=5
yllix.com/banner_show.php?section=General&pub=442632&format=468x60&ga=g
185.66.200.224301 Moved Permanently 162 B URL HTTP/1.1 yllix.com/banner_show.php?section=General&pub=442632&format=468x60&ga=g
IP 185.66.200.224:0
ASN #201702 skHosting.eu s.r.o.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /banner_show.php?section=General&pub=442632&format=468x60&ga=g HTTP/1.1
Host: yllix.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://edoses.blogspot.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 28 Sep 2022 02:52:27 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://yllix.com/banner_show.php?section=General&pub=442632&format=468x60&ga=g
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 538692a0cbeb2e09cd3af235e5553123
5a9231ebcec9889cf5b5e2450349ed4aee56fcbc
819ff8e41d20d247d0f4eaa714d072ad1a68e37eaba6fd663edea3ad1364998d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 02:52:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
apis.google.com/js/platform.js
142.250.74.174200 OK 20 kB URL HTTP/2 apis.google.com/js/platform.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1277)
Hash b5a31516be83fe4f962609045d824f88
939a49a9858bf23561279f9ca2d1941d3256c66f
edb661aa461800e97e3847608a8b2d81cfe345f69a6f84abaa001d8a60500328
GET /js/platform.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://edoses.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 20361
date: Wed, 28 Sep 2022 02:52:27 GMT
expires: Wed, 28 Sep 2022 02:52:27 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "40c22a9ccbd70870"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash be52dbe2d47697a7f007d69c486b77b4
fe445ea87749e97423e7865bc559ad78f672a62d
65d16df2b3095c658d2bdf39b06d57486967bba7b43c43108e5025d7af5b7ab6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 02:52:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
1.bp.blogspot.com/-MfAOwGE815s/UjXQbFF29_I/AAAAAAAAABU/G9QJPk-TIQU/s1600/sidebar21.png
142.250.74.161404 Not Found 832 B URL HTTP/1.1 1.bp.blogspot.com/-MfAOwGE815s/UjXQbFF29_I/AAAAAAAAABU/G9QJPk-TIQU/s1600/sidebar21.png
IP 142.250.74.161:0
File type PNG image data, 200 x 200, 8-bit colormap, non-interlaced\012- data
Hash 596246739a83bb45e30e13437e0810d9
203d99f5cb1f2c816d6f9974cc5a73cf412892a6
94aa7bf7f0d9660bb348ed4ed7faaa42c63f1a40f591dab32ce5046765df3615
GET /-MfAOwGE815s/UjXQbFF29_I/AAAAAAAAABU/G9QJPk-TIQU/s1600/sidebar21.png HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://edoses.blogspot.com/
HTTP/1.1 404 Not Found
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Type: image/png
X-Content-Type-Options: nosniff
Date: Wed, 28 Sep 2022 02:52:28 GMT
Server: fife
Content-Length: 832
X-XSS-Protection: 0
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 17a491e3e9fd8e8d7f59df7428283eea
9af52451772c9a2a73bd9f1bd8c5bc01a50c79ee
efcc61af4acd5272843b8889ba1676b1c906df3475a0826c92bf9896e2ea2a0c
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 02:52:28 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 27 Sep 2022 21:35:58 GMT
Expires: Tue, 04 Oct 2022 21:35:57 GMT
Etag: "9af52451772c9a2a73bd9f1bd8c5bc01a50c79ee"
Cache-Control: max-age=585208,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75192ee30be50b39-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 17a491e3e9fd8e8d7f59df7428283eea
9af52451772c9a2a73bd9f1bd8c5bc01a50c79ee
efcc61af4acd5272843b8889ba1676b1c906df3475a0826c92bf9896e2ea2a0c
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 02:52:28 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 27 Sep 2022 21:35:58 GMT
Expires: Tue, 04 Oct 2022 21:35:57 GMT
Etag: "9af52451772c9a2a73bd9f1bd8c5bc01a50c79ee"
Cache-Control: max-age=585208,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75192ee31ceeb51e-OSL
yllix.com/popup.php?section=General&pub=442632&ga=g&show=5
185.66.200.224301 Moved Permanently 162 B URL HTTP/2 yllix.com/popup.php?section=General&pub=442632&ga=g&show=5
IP 185.66.200.224:0
ASN #201702 skHosting.eu s.r.o.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /popup.php?section=General&pub=442632&ga=g&show=5 HTTP/1.1
Host: yllix.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://edoses.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Wed, 28 Sep 2022 02:52:28 GMT
content-type: text/html
content-length: 162
location: https://yllix.com/warn.php?section=General&pub=442632&ga=g&show=5
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
yllix.com/banner_show.php?section=General&pub=442632&format=468x60&ga=g
185.66.200.224301 Moved Permanently 162 B URL HTTP/2 yllix.com/banner_show.php?section=General&pub=442632&format=468x60&ga=g
IP 185.66.200.224:0
ASN #201702 skHosting.eu s.r.o.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /banner_show.php?section=General&pub=442632&format=468x60&ga=g HTTP/1.1
Host: yllix.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://edoses.blogspot.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Wed, 28 Sep 2022 02:52:28 GMT
content-type: text/html
content-length: 162
location: https://yllix.com/warn.php?section=General&pub=442632&format=468x60&ga=g
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
yllix.com/warn.php?section=General&pub=442632&ga=g&show=5
185.66.200.224200 OK 214 B URL HTTP/2 yllix.com/warn.php?section=General&pub=442632&ga=g&show=5
IP 185.66.200.224:0
ASN #201702 skHosting.eu s.r.o.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 97e24965f60f5d0630d000ea54f865e4
c6da5e6a026df2e240b07bab210860fb722e2755
ee71f1b5bdff21b03edd419f88d7cda4bc742be1b97ef24617d90fb0fb6f0fa2
GET /warn.php?section=General&pub=442632&ga=g&show=5 HTTP/1.1
Host: yllix.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://edoses.blogspot.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 02:52:28 GMT
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
resources.infolinks.com/js/1826.004-3.025/ice.js
172.66.42.247200 OK 57 kB URL HTTP/1.1 resources.infolinks.com/js/1826.004-3.025/ice.js
IP 172.66.42.247:0
File type ASCII text, with very long lines (32082)
Hash 680f173d963417c498b94c62c60574dd
62ec06827bb1b9d713087ad4791cd141eee79509
491a0310789b9f8dd69da150a005bc0151893ddc94cbd86d5ec9ee9f39910f03
GET /js/1826.004-3.025/ice.js HTTP/1.1
Host: resources.infolinks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://edoses.blogspot.com/
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 02:52:28 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 26 Sep 2022 10:00:04 GMT
ETag: W/"2d126-5e9919773e9da"
Cache-Control: max-age=2592000
Expires: Thu, 27 Oct 2022 23:11:03 GMT
Via: 1.1 google
CF-Cache-Status: HIT
Age: 13285
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75192ee50b4fb51b-OSL
Content-Encoding: gzip
yllix.com/banner_show.php?section=General&pub=442632&format=300x250&ga=g
185.66.200.224301 Moved Permanently 162 B URL HTTP/2 yllix.com/banner_show.php?section=General&pub=442632&format=300x250&ga=g
IP 185.66.200.224:0
ASN #201702 skHosting.eu s.r.o.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /banner_show.php?section=General&pub=442632&format=300x250&ga=g HTTP/1.1
Host: yllix.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://edoses.blogspot.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
server: nginx
date: Wed, 28 Sep 2022 02:52:28 GMT
content-type: text/html
content-length: 162
location: https://yllix.com/warn.php?section=General&pub=442632&format=300x250&ga=g
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
yllix.com/warn.php?section=General&pub=442632&format=468x60&ga=g
185.66.200.224200 OK 574 B URL HTTP/2 yllix.com/warn.php?section=General&pub=442632&format=468x60&ga=g
IP 185.66.200.224:0
ASN #201702 skHosting.eu s.r.o.
Hash 7f01fc7671cf1b72cd1f203fc5fbc823
b5950b92362ce15c536bf59b6fac276feab36f9f
7f539b47f6010fc344e219f5ae78189fe05b1b751f02c05abf554db706e51176
GET /warn.php?section=General&pub=442632&format=468x60&ga=g HTTP/1.1
Host: yllix.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://edoses.blogspot.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 02:52:28 GMT
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2535
Expires: Wed, 28 Sep 2022 03:34:43 GMT
Date: Wed, 28 Sep 2022 02:52:28 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2535
Expires: Wed, 28 Sep 2022 03:34:43 GMT
Date: Wed, 28 Sep 2022 02:52:28 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2535
Expires: Wed, 28 Sep 2022 03:34:43 GMT
Date: Wed, 28 Sep 2022 02:52:28 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 173fcd5342ac62d5ae47a58bd4efec45
43e7bee3ae2630f431eb71277b0cda738068e2b6
e61014e02aa1c046c3a0f552e0fd2aade3d31714a63cfcd8d08eda3fb40c59cc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 02:52:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5653a1a-a7d7-4b1e-a27e-4eb6b032901d.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5653a1a-a7d7-4b1e-a27e-4eb6b032901d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ee83d08d024d127fad5918e1ffacb78b
8ad289a77705358ab660b6123e9d90de991b6c13
aaab3590ef3777ce8b7a9a34f18866fa20ecaa554cbcdcdb3f1fa3c34c88ceb4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5653a1a-a7d7-4b1e-a27e-4eb6b032901d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11314
x-amzn-requestid: 9f410158-cd1a-45a9-9e86-4005b25577e4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3e4Hw7oAMFpAg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c5f-70683c681f22a3b6103fcb4a;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:34:23 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: l9IinQYCcQV_iymSArIEnOWgbmLlmVqz94402zcsmga5Bp3Sty7QRg==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:40:49 GMT
age: 18699
etag: "8ad289a77705358ab660b6123e9d90de991b6c13"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ffa6dde-b51e-43f8-bfcb-3f442d674928.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ffa6dde-b51e-43f8-bfcb-3f442d674928.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6139c878a7d2bd32c61fc8287996eb5b
9c4692ea64832895fbd107d91f879728b6a440c7
3839df92f0a10c1433d5b576df50c9f7953912ae4f425012262f08ee8a59ce2e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ffa6dde-b51e-43f8-bfcb-3f442d674928.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8500
x-amzn-requestid: af82c8d6-950c-4933-87e3-7bbb15cb1ac8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3e3HOaoAMFoPQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c5e-77e0ecc522de575e40f429b3;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:34:22 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: rD5LsVDLQkaomG1nCGZGihbdlWKMCjUYNC2kRyAjJesJEOEBSj8Q3A==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:47:03 GMT
age: 18325
etag: "9c4692ea64832895fbd107d91f879728b6a440c7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F02722822-e024-44b9-8ec1-48ec9500ca58.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F02722822-e024-44b9-8ec1-48ec9500ca58.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f3e1fd3401c5e635a8dbeec5f78b721d
2142075b27d0d355c51231ab06fea46e25eb9c59
2e17a43985b624e6b6592d402c36dd45b915cd6e1ac84e187c18c46420eb9a1d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F02722822-e024-44b9-8ec1-48ec9500ca58.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9733
x-amzn-requestid: fff8214b-48f7-4b45-bd91-69ea4db871d6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCAWhG9HIAMFloQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330adc3-1cffa63711378c525e49e11d;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 19:36:35 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Vak91l2UKRnX0Go62y1yPwJ8E-Af7XBurmQATw5MSZXBqhUJrIgOCQ==
via: 1.1 0dc4feb22bb4657ce2bb95fd05ec7122.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 04:55:01 GMT
age: 79047
etag: "2142075b27d0d355c51231ab06fea46e25eb9c59"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffb17f4e8-cf01-41dc-8d4d-247daf3e0160.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffb17f4e8-cf01-41dc-8d4d-247daf3e0160.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d039db0b842a4cbbaefdaab98bc6722b
78b1a603c4f7f2d6fbad15d7a4cd1397554339e9
65a3c7b0515cfd2a723f3bc3147cb98f3dd75ce1ecfce915c7c8e9ba5ae0bf2d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffb17f4e8-cf01-41dc-8d4d-247daf3e0160.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14018
x-amzn-requestid: fb0f02e7-1ce0-4861-9446-13d60df06f24
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3xSEhCIAMFWkQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336cd4-79f482493d204a1208fad00f;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:36:20 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: ZAov4fpWAjIBhHfeYEwu39wJTG58HnW7ebekpIoNSgA7PLIs5b7sSg==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 22:09:19 GMT
age: 16989
etag: "78b1a603c4f7f2d6fbad15d7a4cd1397554339e9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c254fe7-b89c-4a2c-a79c-4a6a0fe2d17c.jpeg
34.120.237.76200 OK 7.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c254fe7-b89c-4a2c-a79c-4a6a0fe2d17c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ccfb4931d41ca01aa55b4b8e9ef6b4e1
2351d2547f4bd0aac45bb21a5aa8277e80ef15f2
89de9954ee2874b476c907810189812efe13234a46910180f34f68082429260f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c254fe7-b89c-4a2c-a79c-4a6a0fe2d17c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7020
x-amzn-requestid: 1258ee7b-987a-4454-8963-e76b7c1470f3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3e4EVxIAMFrmA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c5f-7a1fbaa251600686757f9583;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:34:23 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: VLZucSrpwv4p9vPso373WdFZsbrj-savmu1WPx7nkUuTDaZJ6NWzwg==
via: 1.1 d0387b833e3ca8cb748a1296b4b4bf2a.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:47:03 GMT
age: 18325
etag: "2351d2547f4bd0aac45bb21a5aa8277e80ef15f2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc40456fc-e6ad-484b-8754-8b2b0e7abc7c.jpeg
34.120.237.76200 OK 5.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc40456fc-e6ad-484b-8754-8b2b0e7abc7c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1fa8cb4f4be5057788cd1a2a4d0e76d6
1aec1d67a36867bee8069a144fb1b0d95ff2cb54
5193131db8040ef254554d59109002ec7b8cfc2eab1e872b63e5f65db7cf5105
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc40456fc-e6ad-484b-8754-8b2b0e7abc7c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5944
x-amzn-requestid: 040b4452-4120-4ae5-9ad2-c5b341abbb13
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI34BFdmIAMFmew=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336cff-103adde82b57535e4f3fb16a;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:37:04 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: q03mXCSikJcsTBGqk1Xq7452EiDz4t9PFbp5Qj4xwobiFgqtPwGCBw==
via: 1.1 d2575afea3774df33dcf5e5ff475025e.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 23:06:54 GMT
age: 13534
etag: "1aec1d67a36867bee8069a144fb1b0d95ff2cb54"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
accounts.google.com/ServiceLogin?passive=true&continue=https://www.blogger.com/followers.g?blogID%3D5450608990018187715%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMzMzMzMzMiByM1NTg4YWEqByNmZmZmZmYyByNjYzAwMDA6ByMzMzMzMzNCByM1NTg4YWFKByNlZWVlZWVSByM1NTg4YWFaC3RyYW5zcGFyZW50%26pageSize%3D21%26origin%3Dhttp://edoses.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.z9QjrzsHcOc.O/d%253D1/rs%253DAHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/m%253D__features__%26bpli%3D1&followup=https://www.blogger.com/followers.g?blogID%3D5450608990018187715%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMzMzMzMzMiByM1NTg4YWEqByNmZmZmZmYyByNjYzAwMDA6ByMzMzMzMzNCByM1NTg4YWFKByNlZWVlZWVSByM1NTg4YWFaC3RyYW5zcGFyZW50%26pageSize%3D21%26origin%3Dhttp://edoses.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.z9QjrzsHcOc.O/d%253D1/rs%253DAHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/m%253D__features__%26bpli%3D1&go=true
216.58.207.237302 Found 465 B URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https://www.blogger.com/followers.g?blogID%3D5450608990018187715%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMzMzMzMzMiByM1NTg4YWEqByNmZmZmZmYyByNjYzAwMDA6ByMzMzMzMzNCByM1NTg4YWFKByNlZWVlZWVSByM1NTg4YWFaC3RyYW5zcGFyZW50%26pageSize%3D21%26origin%3Dhttp://edoses.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.z9QjrzsHcOc.O/d%253D1/rs%253DAHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/m%253D__features__%26bpli%3D1&followup=https://www.blogger.com/followers.g?blogID%3D5450608990018187715%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMzMzMzMzMiByM1NTg4YWEqByNmZmZmZmYyByNjYzAwMDA6ByMzMzMzMzNCByM1NTg4YWFKByNlZWVlZWVSByM1NTg4YWFaC3RyYW5zcGFyZW50%26pageSize%3D21%26origin%3Dhttp://edoses.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.z9QjrzsHcOc.O/d%253D1/rs%253DAHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/m%253D__features__%26bpli%3D1&go=true
IP 216.58.207.237:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (498)
Hash fba3e78d274c784786fced426c48a018
d8489364e69dbed30375a822220a20c16b3fa6ce
c188237a536bde05c856eb76b41b1940793fc71e7488e907c9bf0925623fa760
GET /ServiceLogin?passive=true&continue=https://www.blogger.com/followers.g?blogID%3D5450608990018187715%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMzMzMzMzMiByM1NTg4YWEqByNmZmZmZmYyByNjYzAwMDA6ByMzMzMzMzNCByM1NTg4YWFKByNlZWVlZWVSByM1NTg4YWFaC3RyYW5zcGFyZW50%26pageSize%3D21%26origin%3Dhttp://edoses.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.z9QjrzsHcOc.O/d%253D1/rs%253DAHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/m%253D__features__%26bpli%3D1&followup=https://www.blogger.com/followers.g?blogID%3D5450608990018187715%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMzMzMzMzMiByM1NTg4YWEqByNmZmZmZmYyByNjYzAwMDA6ByMzMzMzMzNCByM1NTg4YWFKByNlZWVlZWVSByM1NTg4YWFaC3RyYW5zcGFyZW50%26pageSize%3D21%26origin%3Dhttp://edoses.blogspot.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.z9QjrzsHcOc.O/d%253D1/rs%253DAHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/m%253D__features__%26bpli%3D1&go=true HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://edoses.blogspot.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 28 Sep 2022 02:52:28 GMT
location: https://www.blogger.com/followers.g?blogID=5450608990018187715&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByMzMzMzMzMiByM1NTg4YWEqByNmZmZmZmYyByNjYzAwMDA6ByMzMzMzMzNCByM1NTg4YWFKByNlZWVlZWVSByM1NTg4YWFaC3RyYW5zcGFyZW50&pageSize=21&origin=http%3A%2F%2Fedoses.blogspot.com%2F&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.z9QjrzsHcOc.O%2Fd%3D1%2Frs%3DAHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA%2Fm%3D__features__&bpli=1
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-BJrVPvjLMLZF3c8exDEh2Q' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 465
server: GSE
set-cookie: __Host-GAPS=1:fwUrzK__T-ULK0iXa9U4CwpoxaoMug:bsgFru4fI8r-kX2f;Path=/;Expires=Fri, 27-Sep-2024 02:52:28 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
yllix.com/warn.php?section=General&pub=442632&format=300x250&ga=g
185.66.200.224200 OK 332 B URL HTTP/2 yllix.com/warn.php?section=General&pub=442632&format=300x250&ga=g
IP 185.66.200.224:0
ASN #201702 skHosting.eu s.r.o.
Hash 094651c69b148ec3fc77c1a355c26e87
ef688dbfce877cc60a6f7dc998825425a9021192
df65c967ba2bfb2f2b683a9cbe269456bbe6cace44a905d53603fce6a31e22cb
GET /warn.php?section=General&pub=442632&format=300x250&ga=g HTTP/1.1
Host: yllix.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://edoses.blogspot.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 02:52:28 GMT
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
cs.media.net/cksync?cs=41&ovsid=setstatuscode&type=inf&redirect=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fmnet-usync%3Fuid%3D%3Cvsid%3E
23.38.200.22302 Moved Temporarily 154 B URL HTTP/1.1 cs.media.net/cksync?cs=41&ovsid=setstatuscode&type=inf&redirect=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fmnet-usync%3Fuid%3D%3Cvsid%3E
IP 23.38.200.22:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 52558d05355ee6e9d14ff3cf8a5a3ef0
52cfd7dd3859dc0578849a7b1c91bb8f91ad84c2
bac5546ea0f819f461c9023592ec2398a45a6c3aab78e55fed8b7c908dce6060
GET /cksync?cs=41&ovsid=setstatuscode&type=inf&redirect=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fmnet-usync%3Fuid%3D%3Cvsid%3E HTTP/1.1
Host: cs.media.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://router.infolinks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Server: Apache
Content-Length: 154
Content-Type: text/html
Location: https://router.infolinks.com/dyn/mnet-usync?uid=0000EEA
Set-Cookie: data-inf=setstatuscode~~41;Expires=Tue, 27 Dec 2022 02:52:28 GMT;path=/;domain=.media.net;
P3P: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
X-MNET-HL2: E
Expires: Wed, 28 Sep 2022 02:52:28 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Wed, 28 Sep 2022 02:52:28 GMT
Connection: keep-alive
ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D
104.18.18.126302 Found 0 B URL HTTP/2 ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D
IP 104.18.18.126:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D HTTP/1.1
Host: ssum-sec.casalemedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://router.infolinks.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Wed, 28 Sep 2022 02:52:28 GMT
content-length: 0
location: /usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
cf-ray: 75192ee8f88c0af6-OSL
cache-control: no-cache
expires: 0
cf-cache-status: DYNAMIC
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
set-cookie: CMID=YzO27FoHgxifiLKbP2vMmgAA; Path=/; Domain=casalemedia.com; Expires=Thu, 28 Sep 2023 02:52:28 GMT; Max-Age=31536000; Secure; SameSite=None
CMPS=4431; Path=/; Domain=casalemedia.com; Expires=Tue, 27 Dec 2022 02:52:28 GMT; Max-Age=7776000; Secure; SameSite=None
CMPRO=4431; Path=/; Domain=casalemedia.com; Expires=Tue, 27 Dec 2022 02:52:28 GMT; Max-Age=7776000; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FKSsxFk8%2BHV1UIypPqioy%2FytsJX1T3I8DswK%2FFeYjo2ypvsfBAJVgCbsgfBoQF3XBD%2BSqK8rM6VUqcOBfOT79XFJHrkiV3NbRTO5sRkkLMMKU3P3wCVfJugVoL5O9o21XAzngJhqnC%2BBJw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
status.geotrust.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 94ae113a430c2ae4b199aeca1f969224
1994a8cde662c4209fa0edfd2ae3775d9a7ee10d
ba7b276ba2fc9e6a2e3aa00d377a85ae5054668c425b414fe76b84f7fcc090f1
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3359
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 02:52:29 GMT
Last-Modified: Wed, 28 Sep 2022 01:56:30 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
u.openx.net/w/1.0/cm?id=9b5994f2-035d-46de-8c12-bc0e9a4e66c2&r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fox-usync%3Fuid%3D
34.98.64.218200 OK 56 B URL HTTP/2 u.openx.net/w/1.0/cm?id=9b5994f2-035d-46de-8c12-bc0e9a4e66c2&r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fox-usync%3Fuid%3D
IP 34.98.64.218:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 15669dda86db3cbff7835fa202dc0b16
ce788cab9c1aa7e458a3971a59702c410b37e64d
5cc3f958039a8885c4e9526e22d454da47d579b9a02861e7a60b41fa0ba910df
GET /w/1.0/cm?id=9b5994f2-035d-46de-8c12-bc0e9a4e66c2&r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fox-usync%3Fuid%3D HTTP/1.1
Host: u.openx.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://router.infolinks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept, Accept-Encoding
server: OXGW/0.0.0
pragma: no-cache
p3p: CP="CUR ADM OUR NOR STA NID"
expires: Mon, 26 Jul 1997 05:00:00 GMT
date: Wed, 28 Sep 2022 02:52:29 GMT
content-type: text/html
content-length: 56
content-encoding: gzip
cache-control: private, max-age=0, no-cache
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 05f425aca667d158b6127b5e20dc055c
ca80a10b0b26c616cd9db4387e56298bf6f250c7
ec79528ff692fda775f1232c95fcc3a6d76a3a959ace2e5756e490e13e154326
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 531
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 02:52:29 GMT
Last-Modified: Wed, 28 Sep 2022 02:43:38 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash c904a77ce3d6cf601ad8fe0272a62451
91502e4eabf4935c7e4f1d0463e9396ff71284fa
6883d453cfce1d16b05deb590fe0d26a9113b3df51db6c4776da3b3f4f8f5ba4
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 02:52:29 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 28 Sep 2022 01:55:57 GMT
Expires: Wed, 05 Oct 2022 01:55:56 GMT
Etag: "91502e4eabf4935c7e4f1d0463e9396ff71284fa"
Cache-Control: max-age=600806,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75192ee998e8b51e-OSL
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 15daca568370ea4fe5bae7dd0063b492
9398d93f4b980e9ed8d009e12e35471d6b63f0a4
9ba07c0ed0a5aab71e5f0b3c471ed52bb2c69011af536ac556b19bfc1c1ce5b3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3212
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 02:52:29 GMT
Last-Modified: Wed, 28 Sep 2022 01:58:57 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 930427b414587ed73306ba2e90f68cf2
deca7c02789e77a2d474da6ad8aaeed8d6430b85
5b00a9f80538ff4ec34feed2003b7fce790acca013b52122980fc82a04224911
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2605
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 02:52:29 GMT
Last-Modified: Wed, 28 Sep 2022 02:09:04 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
router.infolinks.com/dyn/iq-usync
172.66.42.247200 OK 0 B URL HTTP/2 router.infolinks.com/dyn/iq-usync
IP 172.66.42.247:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /dyn/iq-usync HTTP/1.1
Host: router.infolinks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://router.infolinks.com/usync/manage?pid=1875257&wsid=0&pdom=edoses.blogspot.com&purl=http%3A%2F%2Fedoses.blogspot.com%2F2012%2F01%2Fmortgage-loan-rates.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 02:52:29 GMT
content-length: 0
cache-control: no-store
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 75192ee8cdb40b69-OSL
X-Firefox-Spdy: h2
image8.pubmatic.com/AdServer/ImgSync?p=156872&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fpbm-usync%253Fuid%253D%2523PMUID
185.64.190.79200 OK 0 B URL HTTP/2 image8.pubmatic.com/AdServer/ImgSync?p=156872&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fpbm-usync%253Fuid%253D%2523PMUID
IP 185.64.190.79:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /AdServer/ImgSync?p=156872&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fpbm-usync%253Fuid%253D%2523PMUID HTTP/1.1
Host: image8.pubmatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://router.infolinks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 28 Sep 2022 02:52:29 GMT
content-length: 0
X-Firefox-Spdy: h2
router.infolinks.com/dyn/mnet-usync?uid=0000EEA
172.66.42.247200 OK 35 B URL HTTP/2 router.infolinks.com/dyn/mnet-usync?uid=0000EEA
IP 172.66.42.247:0
File type GIF image data, version 87a, 1 x 1\012- data
Hash c0a97b478925284bd94e3271f6197c08
543e1556715b858c654397c62c0894dd6f294703
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d
GET /dyn/mnet-usync?uid=0000EEA HTTP/1.1
Host: router.infolinks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://router.infolinks.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 02:52:29 GMT
content-type: image/gif
content-length: 35
cache-control: no-store, no-cache, private
set-cookie: MNETUSERCOOKIE=0000EEA; Domain=infolinks.com; Expires=Tue, 27-Dec-2022 02:52:29 GMT; Path=/; SameSite=None; Secure
pragma: no-cache
expires: Tue, 28 Sep 2021 02:52:29 GMT
p3p: CP="NON DSP NID OUR COR"
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 75192ee93dd20b69-OSL
X-Firefox-Spdy: h2
image8.pubmatic.com/AdServer/ImgSync?p=60809&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D60809%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fusersync%253Fpmuservalue%253D%2523PMUID
185.64.190.79200 OK 0 B URL HTTP/2 image8.pubmatic.com/AdServer/ImgSync?p=60809&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D60809%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fusersync%253Fpmuservalue%253D%2523PMUID
IP 185.64.190.79:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /AdServer/ImgSync?p=60809&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D60809%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fusersync%253Fpmuservalue%253D%2523PMUID HTTP/1.1
Host: image8.pubmatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://router.infolinks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 28 Sep 2022 02:52:27 GMT
content-length: 0
X-Firefox-Spdy: h2
onetag-sys.com/usync/?pubId=598ce3ddaee8c90
51.75.86.98204 No Content 0 B URL HTTP/2 onetag-sys.com/usync/?pubId=598ce3ddaee8c90
IP 51.75.86.98:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /usync/?pubId=598ce3ddaee8c90 HTTP/1.1
Host: onetag-sys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://router.infolinks.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
cache-control: no-store
strict-transport-security: max-age=15552000
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 008ed0337ca33123a2dde4dfe97b1799
0d686c156a9578ae72c0bd0b8f77dfa0b634a6ec
0d1c8a51545d4af71da63d439312ddd0948436cb003587f7b4f7d2a85129ec17
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 28 Sep 2022 02:52:29 GMT
Last-Modified: Wed, 28 Sep 2022 01:16:35 GMT
Server: ECS (bsa/EB23)
X-Cache: Miss from cloudfront
Via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ifwmq7nebi_JyVo-QMVavTsgYUqdZKEJbyTWLY97mmEVHNxRFugmUg==
Age: 5754
cms.quantserve.com/pixel/p-u1vdacBMXAcfT.gif?idmatch=0
91.228.74.200302 Found 0 B URL HTTP/2 cms.quantserve.com/pixel/p-u1vdacBMXAcfT.gif?idmatch=0
IP 91.228.74.200:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel/p-u1vdacBMXAcfT.gif?idmatch=0 HTTP/1.1
Host: cms.quantserve.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://router.infolinks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Wed, 28 Sep 2022 02:52:29 GMT
content-length: 0
cache-control: private, no-cache, no-store, proxy-revalidate
expires: Fri, 04 Aug 1978 12:00:00 GMT
location: https://router.infolinks.com/dyn/qc-usync?&uid=8YOz8aWG5abqgeWg8tOtof-Js_vq1bH68ISZuhhW
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma: no-cache
set-cookie: d=EEQBDQGaJ82aswA; expires=Tue, 27-Dec-2022 02:52:29 GMT; path=/; domain=.quantserve.com
mc=6333b6ed-1eb5c-c8939-e1874; expires=Sun, 29-Oct-2023 02:52:29 GMT; path=/; domain=.quantserve.com
X-Firefox-Spdy: h2
ib.adnxs.com/getuid?https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fapn-usync%3Fuser_id%3D%24UID
185.89.210.82307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/getuid?https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fapn-usync%3Fuser_id%3D%24UID
IP 185.89.210.82:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /getuid?https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fapn-usync%3Fuser_id%3D%24UID HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://router.infolinks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Wed, 28 Sep 2022 02:52:29 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fapn-usync%253Fuser_id%253D%2524UID
AN-X-Request-Uuid: 1e210d7e-88d4-4766-af3d-d40f1a4fd304
Set-Cookie: uuid2=703766313853248295; SameSite=None; Path=/; Max-Age=7776000; Expires=Tue, 27-Dec-2022 02:52:29 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ib.adnxs.com/getuid?https://s.cpx.to/ca.png?ref=http%253A%252F%252Fedoses.blogspot.com%252F2012%252F01%252Fmortgage-loan-rates.html&pid=12306&adnxs_uid=$UID
185.89.210.82307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/getuid?https://s.cpx.to/ca.png?ref=http%253A%252F%252Fedoses.blogspot.com%252F2012%252F01%252Fmortgage-loan-rates.html&pid=12306&adnxs_uid=$UID
IP 185.89.210.82:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /getuid?https://s.cpx.to/ca.png?ref=http%253A%252F%252Fedoses.blogspot.com%252F2012%252F01%252Fmortgage-loan-rates.html&pid=12306&adnxs_uid=$UID HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://router.infolinks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Wed, 28 Sep 2022 02:52:29 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.cpx.to%2Fca.png%3Fref%3Dhttp%25253A%25252F%25252Fedoses.blogspot.com%25252F2012%25252F01%25252Fmortgage-loan-rates.html%26pid%3D12306%26adnxs_uid%3D%24UID
AN-X-Request-Uuid: 612f2836-152e-4550-9e81-165e80021488
Set-Cookie: uuid2=1486271660406574475; SameSite=None; Path=/; Max-Age=7776000; Expires=Tue, 27-Dec-2022 02:52:29 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
status.geotrust.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 94ae113a430c2ae4b199aeca1f969224
1994a8cde662c4209fa0edfd2ae3775d9a7ee10d
ba7b276ba2fc9e6a2e3aa00d377a85ae5054668c425b414fe76b84f7fcc090f1
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3566
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 02:52:29 GMT
Last-Modified: Wed, 28 Sep 2022 01:53:03 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 2ba1ae9823379b8b020b450a59b28cac
db5c41a61b7c44796de909363e744b9302c91a0e
8936f57046f729a4dca764c41a055a260f8a1deec6e561527d8e5db9dbb69610
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 28 Sep 2022 02:52:29 GMT
Last-Modified: Wed, 28 Sep 2022 01:45:19 GMT
Server: ECS (bsa/EB12)
X-Cache: Miss from cloudfront
Via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: cIkv088thvcjrhDM36Sz4RG6WbwW3aNI5z6_BE1YV4cn_TxrvmV76w==
Age: 4030
router.infolinks.com/usync/manage?pid=1875257&wsid=0&pdom=edoses.blogspot.com&purl=http%3A%2F%2Fedoses.blogspot.com%2F2012%2F01%2Fmortgage-loan-rates.html
172.66.42.247200 OK 2.0 kB URL HTTP/2 router.infolinks.com/usync/manage?pid=1875257&wsid=0&pdom=edoses.blogspot.com&purl=http%3A%2F%2Fedoses.blogspot.com%2F2012%2F01%2Fmortgage-loan-rates.html
IP 172.66.42.247:0
Hash 182b7fec46545351f243df3049112ea2
0ca06849659e008f807853dfee33ed679fe72e7e
660f27334133886aa366950a479787966715c6e4aa480b02173b22a8beceb585
GET /usync/manage?pid=1875257&wsid=0&pdom=edoses.blogspot.com&purl=http%3A%2F%2Fedoses.blogspot.com%2F2012%2F01%2Fmortgage-loan-rates.html HTTP/1.1
Host: router.infolinks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://edoses.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 28 Sep 2022 02:52:28 GMT
content-type: text/html;charset=UTF-8
cache-control: no-store
p3p: CP="NON DSP NID OUR COR"
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 75192ee7cd600b69-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash a87f07c71852c59bd38b896626f53405
f860c7cf4a361250caa496ff32876773018d1447
7622b7ac77e16d47d6590cc8282ea0a49813ac8dbe806afdfbdfd3eff995c363
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 02:52:29 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 28 Sep 2022 02:15:47 GMT
Expires: Wed, 05 Oct 2022 02:15:46 GMT
Etag: "f860c7cf4a361250caa496ff32876773018d1447"
Cache-Control: max-age=601996,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75192eea0922b51e-OSL
ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fapn-usync%253Fuser_id%253D%2524UID
185.89.210.82302 Found 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fapn-usync%253Fuser_id%253D%2524UID
IP 185.89.210.82:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fgetuid%3Fhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fapn-usync%253Fuser_id%253D%2524UID HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://router.infolinks.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.21.3
Date: Wed, 28 Sep 2022 02:52:29 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://router.infolinks.com/dyn/apn-usync?user_id=0
AN-X-Request-Uuid: ac674def-695e-4b55-9178-de55056098b6
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
router.infolinks.com/dyn/ix-usync?uid=0
172.66.42.247200 OK 35 B URL HTTP/2 router.infolinks.com/dyn/ix-usync?uid=0
IP 172.66.42.247:0
File type GIF image data, version 87a, 1 x 1\012- data
Hash c0a97b478925284bd94e3271f6197c08
543e1556715b858c654397c62c0894dd6f294703
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d
GET /dyn/ix-usync?uid=0 HTTP/1.1
Host: router.infolinks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ssum-sec.casalemedia.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 02:52:29 GMT
content-type: image/gif
content-length: 35
cache-control: no-store
p3p: CP="NON DSP NID OUR COR"
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 75192ee99e000b69-OSL
X-Firefox-Spdy: h2
ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.cpx.to%2Fca.png%3Fref%3Dhttp%25253A%25252F%25252Fedoses.blogspot.com%25252F2012%25252F01%25252Fmortgage-loan-rates.html%26pid%3D12306%26adnxs_uid%3D%24UID
185.89.210.82302 Found 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.cpx.to%2Fca.png%3Fref%3Dhttp%25253A%25252F%25252Fedoses.blogspot.com%25252F2012%25252F01%25252Fmortgage-loan-rates.html%26pid%3D12306%26adnxs_uid%3D%24UID
IP 185.89.210.82:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.cpx.to%2Fca.png%3Fref%3Dhttp%25253A%25252F%25252Fedoses.blogspot.com%25252F2012%25252F01%25252Fmortgage-loan-rates.html%26pid%3D12306%26adnxs_uid%3D%24UID HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://router.infolinks.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.21.3
Date: Wed, 28 Sep 2022 02:52:29 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://s.cpx.to/ca.png?ref=http%3A%2F%2Fedoses.blogspot.com%2F2012%2F01%2Fmortgage-loan-rates.html&pid=12306&adnxs_uid=0
AN-X-Request-Uuid: a4d2e88d-af37-4c99-ae13-5e5ab70c6cf2
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash c067ae3bfe41d378d669a126e47d82eb
d0847ca664868e4550dd8518ca28da264716ae90
369ee3c832cfd2461b588ae1da2e360b6c23deeb821d51190707a8be88c9a847
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 189
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 02:52:29 GMT
Last-Modified: Wed, 28 Sep 2022 02:49:20 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
p.rfihub.com/cm?pub=43153&in=1
193.0.160.128302 Found 0 B URL HTTP/1.1 p.rfihub.com/cm?pub=43153&in=1
IP 193.0.160.128:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cm?pub=43153&in=1 HTTP/1.1
Host: p.rfihub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://router.infolinks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Date: Wed, 28 Sep 2022 02:52:29 GMT
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie: ruds=H4sIAAAAAAAA_-MSNjU0MTQyNLAwMrQwMDc2NDE1NhfiM9RNLLTwNDTNNitIj4wAAAplPVolAAAA; Path=/; Domain=.rfihub.com; Secure; SameSite=None
eud=H4sIAAAAAAAA_1slzmtoZmZibGxsamJpaGkCADBdtrkQAAAA; Path=/; Domain=.rfihub.com; Expires=Mon, 23 Oct 2023 02:52:29 GMT; Secure; SameSite=None
rud=H4sIAAAAAAAA_-MSNjU0MTQyNLAwMrQwMDc2NDE1NhfiM9RNLLTwNDTNNitIj4wAAAplPVolAAAA; Path=/; Domain=.rfihub.com; Expires=Mon, 23 Oct 2023 02:52:29 GMT; Secure; SameSite=None
Location: https://router.infolinks.com/dyn/zeta-usync?uid=5141210821807314537
Content-Length: 0
Server: Jetty(9.3.29.v20201019)
ad.360yield.com/server_match?r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fimd-usync%3Fuser_id%3D%7BPUB_USER_ID%7D%26partner_id%3D1531
18.193.24.105302 Found 0 B URL HTTP/2 ad.360yield.com/server_match?r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fimd-usync%3Fuser_id%3D%7BPUB_USER_ID%7D%26partner_id%3D1531
IP 18.193.24.105:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /server_match?r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fimd-usync%3Fuser_id%3D%7BPUB_USER_ID%7D%26partner_id%3D1531 HTTP/1.1
Host: ad.360yield.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://router.infolinks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Wed, 28 Sep 2022 02:52:29 GMT
content-type: text/plain
content-length: 0
location: https://ad.360yield.com/ul_cb/server_match?r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fimd-usync%3Fuser_id%3D%7BPUB_USER_ID%7D%26partner_id%3D1531
set-cookie: tuuid=6bce0d68-fb7c-4dba-84b9-be0bfa053ca3; Expires=Tue, 27 Dec 2022 02:52:29 GMT; Domain=.360yield.com; Path=/; SameSite=None; Secure
tuuid_lu=1664333549; Expires=Tue, 27 Dec 2022 02:52:29 GMT; Domain=.360yield.com; Path=/; SameSite=None; Secure
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Firefox-Spdy: h2
sync.1rx.io/usersync2/rmpssp?sub=infolinks&zcc=1&cb=1664333549109
213.19.147.44302 Found 471 B URL HTTP/2 sync.1rx.io/usersync2/rmpssp?sub=infolinks&zcc=1&cb=1664333549109
IP 213.19.147.44:0
Hash 760e203f71319bb8eeec0cb73938f531
42230e136a99d87c331c83b02daf34464d5378df
c2d89cadc71b65a36bc991d5fde1efbb2f68236161b4f6fad07967846c4c4130
GET /usersync2/rmpssp?sub=infolinks&zcc=1&cb=1664333549109 HTTP/1.1
Host: sync.1rx.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://router.infolinks.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Wed, 28 Sep 2022 02:52:29 GMT
content-type: text/html
cache-control: no-store, no-cache, must-revalidate
expires: 0
pragma: no-cache
location: https://router.infolinks.com/dyn/ur-usync?uid=OPTOUT
etag: OPTOUT
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash c904a77ce3d6cf601ad8fe0272a62451
91502e4eabf4935c7e4f1d0463e9396ff71284fa
6883d453cfce1d16b05deb590fe0d26a9113b3df51db6c4776da3b3f4f8f5ba4
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 02:52:29 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 28 Sep 2022 01:55:57 GMT
Expires: Wed, 05 Oct 2022 01:55:56 GMT
Etag: "91502e4eabf4935c7e4f1d0463e9396ff71284fa"
Cache-Control: max-age=600806,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75192ee98e760b39-OSL
ocsp.godaddy.com/
192.124.249.24200 OK 1.8 kB IP 192.124.249.24:0
Hash 047e96796ab8871d0b0708c3d6aaa501
d4834f564ce695aa123d6586a3f4009922d7a15f
e7445ace11020eeb734982ce1199c28e920e9ec31eef5e942de8bfae7b2ec35f
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Wed, 28 Sep 2022 02:52:29 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19024
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Tue, 27 Sep 2022 22:16:12 GMT
Expires: Wed, 28 Sep 2022 22:16:12 GMT
ETag: "d4834f564ce695aa123d6586a3f4009922d7a15f"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ad.360yield.com/ul_cb/server_match?r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fimd-usync%3Fuser_id%3D%7BPUB_USER_ID%7D%26partner_id%3D1531
18.193.24.105200 OK 43 B URL HTTP/2 ad.360yield.com/ul_cb/server_match?r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fimd-usync%3Fuser_id%3D%7BPUB_USER_ID%7D%26partner_id%3D1531
IP 18.193.24.105:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /ul_cb/server_match?r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fimd-usync%3Fuser_id%3D%7BPUB_USER_ID%7D%26partner_id%3D1531 HTTP/1.1
Host: ad.360yield.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://router.infolinks.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 02:52:29 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Firefox-Spdy: h2
router.infolinks.com/dyn/qc-usync?&uid=8YOz8aWG5abqgeWg8tOtof-Js_vq1bH68ISZuhhW
172.66.42.247200 OK 35 B URL HTTP/2 router.infolinks.com/dyn/qc-usync?&uid=8YOz8aWG5abqgeWg8tOtof-Js_vq1bH68ISZuhhW
IP 172.66.42.247:0
File type GIF image data, version 87a, 1 x 1\012- data
Hash c0a97b478925284bd94e3271f6197c08
543e1556715b858c654397c62c0894dd6f294703
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d
GET /dyn/qc-usync?&uid=8YOz8aWG5abqgeWg8tOtof-Js_vq1bH68ISZuhhW HTTP/1.1
Host: router.infolinks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://router.infolinks.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 02:52:29 GMT
content-type: image/gif
content-length: 35
cache-control: no-store, no-cache, private
set-cookie: QCUSERCOOKIE=8YOz8aWG5abqgeWg8tOtof-Js_vq1bH68ISZuhhW; Domain=infolinks.com; Expires=Tue, 27-Dec-2022 02:52:29 GMT; Path=/; SameSite=None; Secure
pragma: no-cache
expires: Tue, 28 Sep 2021 02:52:29 GMT
p3p: CP="NON DSP NID OUR COR"
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 75192eea3e300b69-OSL
X-Firefox-Spdy: h2
router.infolinks.com/dyn/ur-usync?uid=OPTOUT
172.66.42.247200 OK 35 B URL HTTP/2 router.infolinks.com/dyn/ur-usync?uid=OPTOUT
IP 172.66.42.247:0
File type GIF image data, version 87a, 1 x 1\012- data
Hash c0a97b478925284bd94e3271f6197c08
543e1556715b858c654397c62c0894dd6f294703
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d
GET /dyn/ur-usync?uid=OPTOUT HTTP/1.1
Host: router.infolinks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://router.infolinks.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 02:52:29 GMT
content-type: image/gif
content-length: 35
cache-control: no-store, no-cache, private
set-cookie: URUSERCOOKIE=OPTOUT; Domain=infolinks.com; Expires=Tue, 27-Dec-2022 02:52:29 GMT; Path=/; SameSite=None; Secure
pragma: no-cache
expires: Tue, 28 Sep 2021 02:52:29 GMT
p3p: CP="NON DSP NID OUR COR"
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 75192eea4e340b69-OSL
X-Firefox-Spdy: h2
ap.lijit.com/pixel?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsovrn-usync%3Fuid%3D%24UID
216.52.2.48204 No Content 0 B URL HTTP/1.1 ap.lijit.com/pixel?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsovrn-usync%3Fuid%3D%24UID
IP 216.52.2.48:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsovrn-usync%3Fuid%3D%24UID HTTP/1.1
Host: ap.lijit.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://router.infolinks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
date: Wed, 28 Sep 2022 02:52:29 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
pod: X-Sovrn-Pod: ad_ap5ams1
ocsp.godaddy.com/
192.124.249.24200 OK 1.8 kB IP 192.124.249.24:0
Hash f310dc31ce3bd4d558a55fbe8a62f859
7c120b054c02da783365fa4f8af0719a5a3fec5e
cfb7c318d4121306c31c26455c91f0f362bf0609ac732d67c5c974cda413082f
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Wed, 28 Sep 2022 02:52:29 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19024
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Wed, 28 Sep 2022 01:50:01 GMT
Expires: Thu, 29 Sep 2022 01:50:01 GMT
ETag: "7c120b054c02da783365fa4f8af0719a5a3fec5e"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ba63dc0bf08777b33b8a8fe58b859bf2
c0aca269bb05195bcd1b48da46f1f2ed6d47d93f
094c8a08f6570707f3dc1885a9e8902ef8fdd644eaf79b5d38054ceea74efca2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4113
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 02:52:29 GMT
Last-Modified: Wed, 28 Sep 2022 01:43:56 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 27c471f045be7dd17912ca68fb26c55b
16aee79abcf78017b18af2014f2d556a74c737f3
1548c04358a72f01fdfbe18190bf4b3476d00fda9acf24e788e51f361dbf6a26
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4732
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 02:52:29 GMT
Last-Modified: Wed, 28 Sep 2022 01:33:37 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
router.infolinks.com/dyn/zeta-usync?uid=5141210821807314537
172.66.42.247200 OK 35 B URL HTTP/2 router.infolinks.com/dyn/zeta-usync?uid=5141210821807314537
IP 172.66.42.247:0
File type GIF image data, version 87a, 1 x 1\012- data
Hash c0a97b478925284bd94e3271f6197c08
543e1556715b858c654397c62c0894dd6f294703
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d
GET /dyn/zeta-usync?uid=5141210821807314537 HTTP/1.1
Host: router.infolinks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://router.infolinks.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 02:52:29 GMT
content-type: image/gif
content-length: 35
cache-control: no-store, no-cache, private
set-cookie: ZTUSERCOOKIE=5141210821807314537; Domain=infolinks.com; Expires=Tue, 27-Dec-2022 02:52:29 GMT; Path=/; SameSite=None; Secure
pragma: no-cache
expires: Tue, 28 Sep 2021 02:52:29 GMT
p3p: CP="NON DSP NID OUR COR"
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 75192eea9e460b69-OSL
X-Firefox-Spdy: h2
de.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV
67.202.105.34200 OK 75 B URL HTTP/2 de.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV
IP 67.202.105.34:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Hash 1ca09ed98f39d2adb7fab3878d13c0cb
da2a6f2431a34dfcc99b6f4500833f783f149d19
e170d20dbbd5a22f50118e25fa2eefb1e85d2ad780e5477ed3a9643186090442
GET /deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV HTTP/1.1
Host: de.tynt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://router.infolinks.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=86400
expires: Thu, 29 Sep 2022 02:52:29 GMT
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
referrer-policy: unsafe-url
content-type: text/html
content-length: 75
date: Wed, 28 Sep 2022 02:52:28 GMT
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
ups.analytics.yahoo.com/ups/58422/occ
18.156.0.31302 Found 0 B URL HTTP/2 ups.analytics.yahoo.com/ups/58422/occ
IP 18.156.0.31:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ups/58422/occ HTTP/1.1
Host: ups.analytics.yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://router.infolinks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Wed, 28 Sep 2022 02:52:29 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
location: https://ups.analytics.yahoo.com/ups/58422/occ?verify=true
age: 0
server: ATS/9.1.10.25
set-cookie: A3=d=AQABBO22M2MCEAVEIPMd0tyHb3pF9qixmNQFEgEBAQEINWM9YwAAAAAA_eMAAA&S=AQAAAkEnGcD6GdMG_hoa-aFL9xg; Expires=Thu, 28 Sep 2023 08:52:29 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
pixel.advertising.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true
18.184.125.137302 Found 0 B URL HTTP/2 pixel.advertising.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true
IP 18.184.125.137:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ups/58237/sync?&gdpr=&gdpr_consent=&redir=true HTTP/1.1
Host: pixel.advertising.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://router.infolinks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Wed, 28 Sep 2022 02:52:29 GMT
content-length: 0
location: https://ups.analytics.yahoo.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
X-Firefox-Spdy: h2
router.infolinks.com/dyn/apn-usync?user_id=0
172.66.42.247200 OK 35 B URL HTTP/2 router.infolinks.com/dyn/apn-usync?user_id=0
IP 172.66.42.247:0
File type GIF image data, version 87a, 1 x 1\012- data
Hash c0a97b478925284bd94e3271f6197c08
543e1556715b858c654397c62c0894dd6f294703
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d
GET /dyn/apn-usync?user_id=0 HTTP/1.1
Host: router.infolinks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://router.infolinks.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 02:52:29 GMT
content-type: image/gif
content-length: 35
cache-control: no-store
p3p: CP="NON DSP NID OUR COR"
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 75192eea6e3b0b69-OSL
X-Firefox-Spdy: h2
b1sync.zemanta.com/usersync/infolinks/?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fzmn-usync%3Fuid%3D__ZUID__
50.31.142.223302 Found 70 B URL HTTP/1.1 b1sync.zemanta.com/usersync/infolinks/?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fzmn-usync%3Fuid%3D__ZUID__
IP 50.31.142.223:0
File type HTML document, ASCII text
Hash 16ccc9da763aca428789e4f469fc7ff1
4a873c523b8d9bdbc30b8c48189817413a19ee7a
5be7e833013b4b10333a904010b01217263df39c501a29b146d072110ceea4a1
GET /usersync/infolinks/?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fzmn-usync%3Fuid%3D__ZUID__ HTTP/1.1
Host: b1sync.zemanta.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://router.infolinks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Content-Type: text/html; charset=utf-8
Content-Length: 70
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Location: https://router.infolinks.com/dyn/zmn-usync?uid=
Pragma: no-cache
Date: Wed, 28 Sep 2022 02:52:29 GMT
ups.analytics.yahoo.com/ups/58422/occ?verify=true
18.156.0.31204 No Content 0 B URL HTTP/2 ups.analytics.yahoo.com/ups/58422/occ?verify=true
IP 18.156.0.31:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ups/58422/occ?verify=true HTTP/1.1
Host: ups.analytics.yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://router.infolinks.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Wed, 28 Sep 2022 02:52:29 GMT
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
strict-transport-security: max-age=31536000
age: 0
server: ATS/9.1.10.25
set-cookie: A3=d=AQABBO22M2MCEMsF0IKm3I3JQT1d8v80MbUFEgEBAQEINWM9YwAAAAAA_eMAAA&S=AQAAAgUoTnh3IhA-Juca2sUuNhs; Expires=Thu, 28 Sep 2023 08:52:29 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 62125384ce2deb5dae39229b86bc22ab
93f561a15087e2f3ffe5f2fc9db0cd4cc72e2d28
9756d06529330c80609608088b185951eea38c2f49eeecfaaf713141ee17a5e6
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 02:52:29 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 28 Sep 2022 01:57:50 GMT
Expires: Wed, 05 Oct 2022 01:57:49 GMT
Etag: "93f561a15087e2f3ffe5f2fc9db0cd4cc72e2d28"
Cache-Control: max-age=600919,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75192eea8c3eb506-OSL
ups.analytics.yahoo.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true
18.156.0.31302 Found 0 B URL HTTP/2 ups.analytics.yahoo.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true
IP 18.156.0.31:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ups/58237/sync?&gdpr=&gdpr_consent=&redir=true HTTP/1.1
Host: ups.analytics.yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://router.infolinks.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Wed, 28 Sep 2022 02:52:29 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
location: https://ups.analytics.yahoo.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
age: 0
server: ATS/9.1.10.25
set-cookie: A3=d=AQABBO22M2MCEBUJhvR-eYsf4n_Nurl_zj4FEgEBAQEINWM9YwAAAAAA_eMAAA&S=AQAAAuaaJr5Ib7cIzn_TakmETbg; Expires=Thu, 28 Sep 2023 08:52:29 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
sync.1rx.io/usersync2/infolinks?zcc=1&cb=1664333549248
213.19.147.44302 Found 35 B URL HTTP/2 sync.1rx.io/usersync2/infolinks?zcc=1&cb=1664333549248
IP 213.19.147.44:0
File type GIF image data, version 87a, 1 x 1\012- data
Hash c0a97b478925284bd94e3271f6197c08
543e1556715b858c654397c62c0894dd6f294703
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d
GET /usersync2/infolinks?zcc=1&cb=1664333549248 HTTP/1.1
Host: sync.1rx.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://router.infolinks.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Wed, 28 Sep 2022 02:52:29 GMT
content-type: text/html
cache-control: no-store, no-cache, must-revalidate
expires: 0
pragma: no-cache
location: https://router.infolinks.com/dyn/r1-usync?uid=OPTOUT
etag: OPTOUT
X-Firefox-Spdy: h2
ups.analytics.yahoo.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
18.156.0.31204 No Content 0 B URL HTTP/2 ups.analytics.yahoo.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
IP 18.156.0.31:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ups/58237/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP/1.1
Host: ups.analytics.yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://router.infolinks.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Wed, 28 Sep 2022 02:52:29 GMT
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
strict-transport-security: max-age=31536000
age: 0
server: ATS/9.1.10.25
set-cookie: A3=d=AQABBO22M2MCEO6RSnsr3yLe1V0WBa2kuSEFEgEBAQEINWM9YwAAAAAA_eMAAA&S=AQAAAqRTGmDctja4Br-smfOnFDQ; Expires=Thu, 28 Sep 2023 08:52:29 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
104.18.18.126200 OK 578 B URL HTTP/2 ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
IP 104.18.18.126:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with no line terminators
Hash ab9e2d4f50f461d6ae3386aacbaeac01
e47754e2f2fd444c41c1c8ba8d10d66042475cdc
ba35a551ed2ee5559c0934862a1125804090707f960388f1af19b8ce7823ab33
GET /usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1 HTTP/1.1
Host: ssum-sec.casalemedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://router.infolinks.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 02:52:29 GMT
content-type: text/html
cf-ray: 75192ee958b10af6-OSL
cache-control: no-cache
expires: 0
cf-cache-status: DYNAMIC
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xdEsv4ln8%2Byw0H%2BjG8%2BljxV8Eg24HMWvt6jnzKnDZ3Xa29hnnYeAqYI6H8GBmS%2Bm8MUWFVJRiUbyTWsknLsRbWOiPepezCC8W3Cwvel%2Bip3DKUvhZb9usA6exiJHabwCwt5BJNVRb2g%2BHA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ssc-cms.33across.com/ps/?ri=0010b00002CpYhEAAV&ru=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2F33a-usync%3Fuid%3D33XUSERID33X
67.202.105.22204 No Content 0 B URL HTTP/2 ssc-cms.33across.com/ps/?ri=0010b00002CpYhEAAV&ru=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2F33a-usync%3Fuid%3D33XUSERID33X
IP 67.202.105.22:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ps/?ri=0010b00002CpYhEAAV&ru=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2F33a-usync%3Fuid%3D33XUSERID33X HTTP/1.1
Host: ssc-cms.33across.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://router.infolinks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
x-33x-status: 2000208
server: 33XP004
date: Wed, 28 Sep 2022 02:52:28 GMT
X-Firefox-Spdy: h2
router.infolinks.com/dyn/zmn-usync?uid=
172.66.42.247200 OK 35 B URL HTTP/2 router.infolinks.com/dyn/zmn-usync?uid=
IP 172.66.42.247:0
File type GIF image data, version 87a, 1 x 1\012- data
Hash c0a97b478925284bd94e3271f6197c08
543e1556715b858c654397c62c0894dd6f294703
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d
GET /dyn/zmn-usync?uid= HTTP/1.1
Host: router.infolinks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://router.infolinks.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 02:52:29 GMT
content-type: image/gif
content-length: 35
cache-control: no-store
p3p: CP="NON DSP NID OUR COR"
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 75192eebae980b69-OSL
X-Firefox-Spdy: h2
s.cpx.to/ca.png?ref=http%3A%2F%2Fedoses.blogspot.com%2F2012%2F01%2Fmortgage-loan-rates.html&pid=12306&adnxs_uid=0
52.49.237.174200 OK 95 B URL HTTP/1.1 s.cpx.to/ca.png?ref=http%3A%2F%2Fedoses.blogspot.com%2F2012%2F01%2Fmortgage-loan-rates.html&pid=12306&adnxs_uid=0
IP 52.49.237.174:0
File type PNG image data, 1 x 1, 1-bit colormap, non-interlaced\012- data
Hash 9606fa62df0ffe87253f3baf418f0e42
fe8520ab0bf1622350513d685ece5faf70b4e8c1
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
GET /ca.png?ref=http%3A%2F%2Fedoses.blogspot.com%2F2012%2F01%2Fmortgage-loan-rates.html&pid=12306&adnxs_uid=0 HTTP/1.1
Host: s.cpx.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://router.infolinks.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-store, must-revalidate, private, max-age=0, no-store, must-revalidate, private, max-age=0
Content-Security-Policy: default-src 'self'
Content-Type: image/png
Date: Wed, 28 Sep 2022 02:52:29 GMT
Expires: Wed, 28 Sep 2022 02:52:29 UTC
P3P: CP="NOI DEV ADM"
Pragma: no-cache, no-cache
Set-Cookie: cpSess=5d68338029cb4667; Expires=Thu, 28 Sep 2023 02:52:29 GMT; Domain=.cpx.to; Path=/; Secure; HttpOnly; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Frame-Options: sameorigin
X-Permitted-Cross-Domain-Policies: none
Content-Length: 95
Connection: keep-alive
router.infolinks.com/dyn/sonobi-usync?uid=a605beb2-ed1e-4d14-a468-7786d9b3ed05
172.66.42.247200 OK 35 B URL HTTP/2 router.infolinks.com/dyn/sonobi-usync?uid=a605beb2-ed1e-4d14-a468-7786d9b3ed05
IP 172.66.42.247:0
File type GIF image data, version 87a, 1 x 1\012- data
Hash c0a97b478925284bd94e3271f6197c08
543e1556715b858c654397c62c0894dd6f294703
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d
GET /dyn/sonobi-usync?uid=a605beb2-ed1e-4d14-a468-7786d9b3ed05 HTTP/1.1
Host: router.infolinks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://router.infolinks.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 02:52:29 GMT
content-type: image/gif
content-length: 35
cache-control: no-store, no-cache, private
set-cookie: SONOBIUSERCOOKIE=a605beb2-ed1e-4d14-a468-7786d9b3ed05; Domain=infolinks.com; Expires=Tue, 27-Dec-2022 02:52:29 GMT; Path=/; SameSite=None; Secure
pragma: no-cache
expires: Tue, 28 Sep 2021 02:52:29 GMT
p3p: CP="NON DSP NID OUR COR"
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 75192eebcea10b69-OSL
X-Firefox-Spdy: h2
2.bp.blogspot.com/-zNJ0FPjnKA0/Uhxqa93YEXI/AAAAAAAAAR8/aP_Z-4VsYPE/s72-c/hs.jpg
142.250.74.161200 OK 0 B URL HTTP/1.1 2.bp.blogspot.com/-zNJ0FPjnKA0/Uhxqa93YEXI/AAAAAAAAAR8/aP_Z-4VsYPE/s72-c/hs.jpg
IP 142.250.74.161:0
GET /-zNJ0FPjnKA0/Uhxqa93YEXI/AAAAAAAAAR8/aP_Z-4VsYPE/s72-c/hs.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://edoses.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
Content-Disposition: inline;filename="hs.jpg"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Server: fife
Content-Length: 4519
X-XSS-Protection: 0
Date: Wed, 28 Sep 2022 01:55:03 GMT
Expires: Tue, 27 Sep 2022 14:15:32 GMT
Cache-Control: public, max-age=86400, no-transform
Age: 3444
ETag: "v11f"
Content-Type: image/jpeg
sync.1rx.io/usersync2/infolinks
213.19.147.44302 Found 0 B URL HTTP/2 sync.1rx.io/usersync2/infolinks
IP 213.19.147.44:0
GET /usersync2/infolinks HTTP/1.1
Host: sync.1rx.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://router.infolinks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Wed, 28 Sep 2022 02:52:29 GMT
content-type: text/html
cache-control: no-store, no-cache, must-revalidate
expires: 0
pragma: no-cache
set-cookie: _rxuuid=%7B%22rx_uuid%22%3A%22RX-083a17d3-aa08-437b-b1df-036a42b7addf-003%22%2C%22zdxidn%22%3A%222109%22%7D; path=/; expires=Thu, 28 Sep 2023 02:52:29 GMT; domain=.1rx.io; samesite=none; secure; httponly
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location: https://sync.1rx.io/usersync2/infolinks?zcc=1&cb=1664333549248
etag: RX083a17d3aa08437bb1df036a42b7addf003
X-Firefox-Spdy: h2
sync.1rx.io/usersync2/rmpssp?sub=infolinks
213.19.147.44302 Found 0 B URL HTTP/2 sync.1rx.io/usersync2/rmpssp?sub=infolinks
IP 213.19.147.44:0
GET /usersync2/rmpssp?sub=infolinks HTTP/1.1
Host: sync.1rx.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://router.infolinks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Wed, 28 Sep 2022 02:52:29 GMT
content-type: text/html
cache-control: no-store, no-cache, must-revalidate
expires: 0
pragma: no-cache
set-cookie: _rxuuid=%7B%22rx_uuid%22%3A%22RX-67ffe54f-9caf-426f-887e-7072005f92b7-003%22%2C%22zdxidn%22%3A%222069.56%22%7D; path=/; expires=Thu, 28 Sep 2023 02:52:29 GMT; domain=.1rx.io; samesite=none; secure; httponly
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location: https://sync.1rx.io/usersync2/rmpssp?sub=infolinks&zcc=1&cb=1664333549109
etag: RX67ffe54f9caf426f887e7072005f92b7003
X-Firefox-Spdy: h2